The new Heimdal update appears to have broken PKINIT auditing (note that this did not have a good test framework, so this was not a supprise).
make test TESTS=samba4.blackbox.pkinit
hdb_samba4_audit: Unhandled hdb_auth_status=9 => INTERNAL_ERROR
Cases to handle KDC_AUTH_EVENT_VALIDATED_LONG_TERM_KEY and KDC_AUTH_EVENT_PREAUTH_SUCCEEDED were removed in:
Author: Stefan Metzmacher <email@example.com>
Date: Wed Mar 2 10:10:08 2022 +1300
s4:kdc: hdb_samba4_audit() is only called once per request
So I guess those cases just need to be put back.
This bug was referenced in samba master:
Created attachment 17223 [details]
HDB audit patch backport to 4.16
Pushed to autobuild-v4-16-test.
This bug was referenced in samba v4-16-test:
Closing out bug report.
This bug was referenced in samba v4-16-stable (Release samba-4.16.0):