Created attachment 15387 [details]
If you have an AD server, a Windows client and a Linux client. Both clients have been joined to the domain but the Linux client configures smbd as a standalone client with a guest share, then a user from the Windows client is not able to connect to the guest share if he uses the fqdn of the Linux client running smbd. The Windows client tries to auth with SPNEGO/NTLMSSP and smbd fails to authenticate the user.
The problem seems to be the client, which doesn't accept the authentication to be downgraded to guest.
I've seen that there are Windows 10 clients which have RequireSecuritySignature set to 1, so they don't allow guest connections at all. However my Windows 10 client has set it to 0.