Bug 15815 - client use krb5 netlogon is experimental and should not be used in production
Summary: client use krb5 netlogon is experimental and should not be used in production
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Winbind (show other bugs)
Version: 4.22.0rc3
Hardware: All All
: P5 regression (vote)
Target Milestone: ---
Assignee: Jule Anger
QA Contact: Samba QA Contact
URL: https://gitlab.com/samba-team/samba/-...
Keywords:
Depends on:
Blocks:
 
Reported: 2025-02-22 14:55 UTC by Stefan Metzmacher
Modified: 2025-02-27 13:05 UTC (History)
4 users (show)

See Also:

Attachments
WHATSNEW patch for 4.22 (1.07 KB, patch)
2025-02-22 16:21 UTC, Stefan Metzmacher 		janger: review+
Details
Patches for v4-22-test (4.20 KB, patch)
2025-02-24 14:16 UTC, Stefan Metzmacher 		vl: review+
slow: review+
janger: review+
Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Metzmacher 2025-02-22 14:55:01 UTC 
The NetrServerAuthenticateKerberos() functionality is relatively new
and has some bugs in the implementation in Windows Server 2025.

Because of this and various stability and other reasons,
as well as not much real world testing, we should make it very clear
that it should not be used in production yet (in 4.22.*)
Comment 1 Stefan Metzmacher 2025-02-22 16:21:43 UTC 
Created attachment 18581 [details]
WHATSNEW patch for 4.22
Comment 2 Samba QA Contact 2025-02-24 08:44:03 UTC 
This bug was referenced in samba master:

54514ad809ef2e70b772906a815b27a0950a5341
5fc5f90dee13ab5168c22fd53b89c582f3d582e9
154875244c5a349e04605cad1f66cb26aeaf86d7
Comment 3 Stefan Metzmacher 2025-02-24 14:16:18 UTC 
Created attachment 18582 [details]
Patches for v4-22-test
Comment 4 Jule Anger 2025-02-26 08:30:45 UTC 
Pushed to autobuild-v4-22-test.
Comment 5 Samba QA Contact 2025-02-26 10:10:03 UTC 
This bug was referenced in samba v4-22-test:

9fe35b7767dd6ccf31f4bfe0cf0f0089af075fad
6833384a1b89f2561493269dbce8c76d03a775c8
d589ae806b222c4009f12468c1ae133e7403927e
95099cef1573d4261d4e585a8ab49302c6083df6
Comment 6 Jule Anger 2025-02-26 12:42:24 UTC 
Closing out bug report.

Thanks!
Comment 7 Samba QA Contact 2025-02-27 13:05:26 UTC 
This bug was referenced in samba v4-22-stable (Release samba-4.22.0rc4):

9fe35b7767dd6ccf31f4bfe0cf0f0089af075fad
6833384a1b89f2561493269dbce8c76d03a775c8
d589ae806b222c4009f12468c1ae133e7403927e
95099cef1573d4261d4e585a8ab49302c6083df6