UF_NO_AUTH_DATA_REQUIRED in Samba doesn't match the Windows 2019 behaviour, on a server it instead causes errors unless a PAC was requested by the client. Also, it is consulted on client accounts, where it should have no impact.
This bug was referenced in samba master: 92e8ce18a79e88c9b961dc20e39436c4cf653013 031a8287642e3c4b9d0b7c6b51f3b1d79b227542 cc3d27596b9e8a8a46e8ba9c3c1a445477d458cf 83a654a4efd39a6e792a6d49e0ecf586e9bc53ef
This bug was referenced in samba v4-15-test: 30b2a47af03c19f24deba07472f495e1e9c7aa73 19e770f04eafa09fca583130b01e97a331dd387d 54d9b9e04062079476555823806373a0c2ad42c7 a7dcff14bdd971bd4c9e3d178de15a0d505f28d8
This bug was referenced in samba v4-14-test: 5cdec75f8bceee0e4996682d09104ff076e241b3 2149108966f4159a218a901c19bea3921d68fa1e d8b9907d2a78fa06a0fd944eeee4a6bdd0e02614 716b2825791f64040ad69f88c5324ae045d108f7
This bug was referenced in samba v4-15-stable (Release samba-4.15.1): 30b2a47af03c19f24deba07472f495e1e9c7aa73 19e770f04eafa09fca583130b01e97a331dd387d 54d9b9e04062079476555823806373a0c2ad42c7 a7dcff14bdd971bd4c9e3d178de15a0d505f28d8
This bug was referenced in samba v4-14-stable (Release samba-4.14.9): 5cdec75f8bceee0e4996682d09104ff076e241b3 2149108966f4159a218a901c19bea3921d68fa1e d8b9907d2a78fa06a0fd944eeee4a6bdd0e02614 716b2825791f64040ad69f88c5324ae045d108f7
This bug was referenced in samba v4-13-test: 106dc4a049265e49f5b39c0bf0dbb3793aa34a61 3eb78cd43b6feb5fdee396881ca46e84371918f3 999208d3afa8f6fcb2e20ce3dd068d5f0c48cf86 e9b12d2def935050fb8be3f1d3e0ab6713807f32
This bug was referenced in samba v4-13-stable (Release samba-4.13.13): 106dc4a049265e49f5b39c0bf0dbb3793aa34a61 3eb78cd43b6feb5fdee396881ca46e84371918f3 999208d3afa8f6fcb2e20ce3dd068d5f0c48cf86 e9b12d2def935050fb8be3f1d3e0ab6713807f32
The description was incorrect. Samba would give an error for a target service with UF_NO_AUTH_DATA_REQUIRED unless KERB-PA-PAC-REQUEST was set to FALSE in the AS-REQ. The issue was we would return EINVAL, rather than stripping the PAC, only avoided if the PAC routines were not called at all.