similar to: can't add user to security filter in a GPO

Hi everyone, I'm posting here because I'm facing a kerberos authentication problem after the 2:4.13.17~dfsg-0ubuntu1.20.04.4 samba upgrade. The clients, win10, win11, win2016 cannot login to AD anymore. On server logs the authentication succeeded but in the Event Viewer on the client I have this error: Security-Kerberos The Kerberos client received a KRB_AP_ERR_MODIFIED error from the

On 26/01/2023 07:20, Marco Querci via samba wrote: > Hi everyone, > > I'm posting here because I'm facing a kerberos authentication problem after > the 2:4.13.17~dfsg-0ubuntu1.20.04.4 samba upgrade. > The clients, win10, win11, win2016 cannot login to AD anymore. > On server logs the authentication succeeded but in the Event Viewer on the > client I have this error:

05.12.2023 17:21, Joachim Lindenberg via samba: > I just upgraded one of my DCs ununtu 20.04 -> 22.04 and samba 4.18 -> 4.19, but the Dc is not yet working again. > > systemctl status samba-ad-dc shows: > > Dec 05 12:48:39 cobra samba[749]: [2023/12/05 12:48:39.562920, 0] ../../source4/samba/service_task.c:36(task_server_terminate) > Dec 05 12:48:39 cobra samba[749]:

On 14/04/2023 09:23, Anderson Sampaio Mello via samba wrote: > Hello Samba Team, how are you? > > I'm joining linux clients in the company's environment and I would like to > apply GPOs to linux clients, I'm in the testing phase. > > I'm testing with ubuntu clients version 22.04 and the software I used to > join the samba AD was sssd. > Samba does not

Hello, I'm using samba 4.9.x compiled from source on centos 7.6 Today I ran into an unknown behaviour before, which I'm not sure if it's a bug, a feature or.. just "is". I realised, that I'm unable to edit particular GPOs, with "access denied"  error, when this criteria are met: - I have user "john" that is a member of "domain admins"

>How did you upgrade ? >If I remember correctly, both 20.04 and 22.04 come with 4.15.13 (latest Samba version available), so could it be that the upgrade from 20.04 to >22.04 managed to install unrequired packages ? I did a do-release-upgrade first to go from 20.04 to 22.04, and then updated my /etc/apt/sources.list.d/mjt.list to go from focal/samba-4.18 to jammy/samba-4.19. I also

Hello Samba Team, how are you? I'm joining linux clients in the company's environment and I would like to apply GPOs to linux clients, I'm in the testing phase. I'm testing with ubuntu clients version 22.04 and the software I used to join the samba AD was sssd. The 22.04 ubuntu client has joined and everything is working fine except for the GPOs for linux clients. I compiled

Hey Andre,? Sure, we already on the latest Patch Level on Ubuntu with 2:4.13.17~dfsg-0ubuntu1.20.04.4 Installer, but the issue still exist.? The only way to resolve the issue and to make a login possible again, was the workaround in my previous mail.? The Windows clients are Windows 10 22H2 with all updates installed. We also doesn't have any special settings in smb.conf. If you have any

On 31/05/17 22:26, Carlos A. P. Cunha wrote: > Hello! > > Thanks. > > I'm trying but still unsuccessful ..... Is this a computer or a user GPO? > > > Em 30-05-2017 16:05, Sebastian Arcus via samba escreveu: >> >> On 30/05/17 15:42, Carlos A. P. Cunha via samba wrote: >>> Hello! >>> >>> My Configuration: >>>

Last Year Microsoft has changed some things in the GPO Permissions. If you want to ad a group to the filter instead of "Authenticated Users" You must change the delegation-permission for the new GPO-Object. You must add "domain computers" with "read"-Permission to the "Delegation"-Tab. Then everything will work. Am 30.05.17 um 16:42 schrieb Carlos A. P.

On 30/05/17 15:42, Carlos A. P. Cunha via samba wrote: > Hello! > > My Configuration: > > lsb_release -a > > No LSB modules are available. > Distributor ID: Ubuntu > Description: Ubuntu 14.04.3 LTS > Release: 14.04 > Codename: trusty > > Version Samba: > > samba-tool -V > 4.4.4 > > My problem is, create a GPO with group

I just upgraded one of my DCs ununtu 20.04 -> 22.04 and samba 4.18 -> 4.19, but the Dc is not yet working again. systemctl status samba-ad-dc shows: Dec 05 12:48:39 cobra samba[749]: [2023/12/05 12:48:39.562920, 0] ../../source4/samba/service_task.c:36(task_server_terminate) Dec 05 12:48:39 cobra samba[749]: task_server_terminate: task_server_terminate: [winbindd child process

> My problem is, create a GPO with group Filtering, in case I want the > GPO to be applied only to a specific group. > When I do this (Filter) it does not load the GPO, only when I leave > the default (Authenticated User). > Is there something wrong with Samba or something different? For a GPO to work, Authenticated Users must have "Read" permission. Please note that

Greetings. I have provisioned a test AD domain (single DC initially), and joined a single workstation to it. When I use the "Default Domain Policy" that already exist on the newly domain tree, the user level policies are applied perfectly, but machine level policies don't. The "Default Domain Policy" includes "Authenticated Users" read and apply on the

Hello! My Configuration: lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 14.04.3 LTS Release: 14.04 Codename: trusty Version Samba: samba-tool -V 4.4.4 My problem is, create a GPO with group Filtering, in case I want the GPO to be applied only to a specific group. When I do this (Filter) it does not load the GPO, only when I leave the

Hello! A Sharing mapping GPO, which I only want to work when the user is in the X group. But it only works when I apply the filter with "Authenticated Users" (Default), when mute for user / group specific does not work. On windows with "gpresult / r" the gpo does not look as loaded. Regards Em 01-06-2017 08:05, Sebastian Arcus via samba escreveu: > On 31/05/17 22:26,

Hello! Thanks. I'm trying but still unsuccessful ..... Regards Em 30-05-2017 16:05, Sebastian Arcus via samba escreveu: > > On 30/05/17 15:42, Carlos A. P. Cunha via samba wrote: >> Hello! >> >> My Configuration: >> >> lsb_release -a >> >> No LSB modules are available. >> Distributor ID: Ubuntu >> Description: Ubuntu 14.04.3

Hello! My Configuration: lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 14.04.3 LTS Release: 14.04 Codename: trusty Version Samba: samba-tool -V 4.4.4 My problem is, create a GPO with group Filtering, in case I want the GPO to be applied only to a specific group. When I do this (Filter) it does not load the GPO, only when I leave the

On 4/14/23 2:23 AM, Anderson Sampaio Mello via samba wrote: > Hello Samba Team, how are you? > > I'm joining linux clients in the company's environment and I would like to > apply GPOs to linux clients, I'm in the testing phase. > > I'm testing with ubuntu clients version 22.04 and the software I used to > join the samba AD was sssd. > > The 22.04 ubuntu

We have the same issue with Samba 4.13.17. For Ubuntu 20.04 with Samba 4.13.17 there seems to be only a workaround to solve the login problem: Modifying the Local Security Policy -> Local Policies -> Security Options -> Network security: "Configure encryption types allowed for Kerberos" Check only DES_CBC_CRC, DES_CBC_MD5 and RC4_HMAC_MD5. ? This worked for us to login again. ?