The Samba-Bugzilla – Bug 13137
S4U2Proxy tickets from a Samba KDC don't pass PAC verification checks (authtime mismatch)
Last modified: 2017-12-13 12:45:11 UTC
The ticket authtime of a Samba generated S4U2Proxy ticket and the logon_time
in the PAC_LOGON_NAME mismatch, because the ticket authtime is not taken
from the additional ticket.
Created attachment 13865 [details]
Work in progress patch