![]() Windows will then prompt you for a user that this workstation will use, select "ubuntu". You can then upgrade the samba packages on the AD DC, and then the join will work. With the affected samba AD DC version, the join should fail. Use Administrator for the user, and Passw0rd for the password. Type in the "example.samba" domain, and it should prompt you for credentials to join the domain. Then go to accounts, select connect with work or school account, and find the "join to active directory" link. ![]() In windows, change the DNS server to point at the samba AD DC IP. # Test the ubuntu user can obtain a ticketĪ) Join Windows 11 22H2 to the samba domain There should be no debconf prompts, since we have an /etc/nf already populated Samba-tool domain passwordsettings set -min-pwd-age=0 -complexity=off # relax the password settings to make it easier to test server-role=dc -use-rfc2307 -dns-backend= SAMBA_INTERNALĭns=$(resolvectl status | grep -E "^]*Current DNS Server:" | awk '," \Įcho "nameserver 127.0.0.1" > /etc/nfĮcho "search example.samba" > /etc/nf Install a samba AD DC server on the Ubuntu release under test, in a VM or bare metal (not lxc/lxd): And similarly, join a different windows system (for example, windows 10) to the same samba domain, to ensure it keeps working unaffected by the fix.įor all instances of this test, you need a samba AD DC. The test involves joining an up-to-date Windows 11 22H2 system to a Samba AD DC installation on the affected Ubuntu release being tested. Note that the fix is in the Heimdal Kerberos code, which is embedded inside Samba. This impacts joining such windows machines to a Samba Active Directory server, or even continued usage of already joined windows 11 22H2 machines. ![]() An updated Windows 11 22H2 system fails to obtain kerberos tickets from an affected Samba AD DC server.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |