enterprise-support team mailing list archive

[Launchpad Bug Tracker <2116098@xxxxxxxxxxxxxxxxxx>]

This bug was fixed in the package samba - 2:4.19.5+dfsg-4ubuntu9.3

---------------
samba (2:4.19.5+dfsg-4ubuntu9.3) noble; urgency=medium

  * Upcoming changes to Windows Server enforce security checks even on
    schannel secured NETLOGON connections causing winbind's netlogon dc
    discovery calls to fail. (LP: #2116098):
    - d/p/s3-winbindd-use-better-debug-messages-than-talloc_st.patch: use
      better debug messages than 'talloc_strdup failed'
    - d/p/s3-winbindd-avoid-using-any-netlogon-call-to-get-a-d.patch: avoid
      using any netlogon call to get a dc name
    - d/p/s3-winbindd-Fix-internal-winbind-dsgetdcname-calls-w.patch: Fix
      internal winbind dsgetdcname calls w.r.t. domain name
    - d/p/s3-libsmb-let-discover_dc_netbios-return-DOMAIN_CONT.patch: let
      discover_dc_netbios() return DOMAIN_CONTROLLER_NOT_FOUND
    - d/p/s3-libsmb-allow-store_cldap_reply-to-work-with-a-ipv.patch: allow
      store_cldap_reply() to work with a ipv6 response
    - d/p/s3-libsmb-dsgetdcname-use-NETLOGON_NT_VERSION_AVOID_.patch: use
      NETLOGON_NT_VERSION_AVOID_NT4EMUL

 -- Andreas Hasenack <andreas@xxxxxxxxxxxxx>  Mon, 21 Jul 2025 17:37:16
-0300

** Changed in: samba (Ubuntu Noble)
       Status: Fix Committed => Fix Released

** Changed in: samba (Ubuntu Jammy)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to samba in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/2116098

Title:
  Windows security hardening locks out schannel'ed netlogon dc calls

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/2116098/+subscriptions