Hello All,
We have just received news of this microsoft change:
Important Change in Upcoming Microsoft Update
---------------------------------------------
On 8th of July, Microsoft will release an important security update for
Active Directory Domain Controllers for Windows Server versions prior to
2025.
This update includes a change to the Microsoft RPC Netlogon protocol,
which improves security by tightening access checks for a set of RPC
requests. Samba running as domain members in these environments will be
impacted by this change if a specific configuration is used, see below
for which configuration is affected.
Windows Server version 2025 is already equipped with these specific
security hardenings, and Microsoft is now planning to deploy them to all
supported Windows Server versions down to Windows Server 2008.
Who is affected?
Samba installations acting as member servers in Windows AD domains will
be affected if they are configured to use the 'ad' idmapping backend.
Samba servers not using this configuration will not be affected by the
change â€" at least to our current knowledge and understanding of the
change â€" and no further action is required.
I have checked our configurations and it would seem like we're going to lose the connection entirely and I don't know what to do, anyone here has worked out this issue?
I can see on our smb.conf
idmap config <domain> : backend = ad
our samba version is 4.18 at the moment
Thanks for your help!
------------------------------
Oscar Batista
------------------------------