On Tue, 2015-02-10 at 22:13 +0000, Edgar Olougouna wrote: > Andrew, > I will take care of this case while my colleage (Obaid in cc) is out of > office. > Let's me review the issue and narrow the scope. I gather that you want to > determine whether there's any protocol effect resulting from KB2992611, and > the current lead you have been exploring are protected_storage, MS-BKRP, > DPAPI regarding the use of Credential manager connected to Samba's DC. > Please share any current information that may help me speed up investigation.
In particular, we now see more calls to BACKUPKEY_BACKUP_GUID, that is ServerWrap, vs the ClientWrap that we did have implemented. In the past, our failure to implement this had no user-visible impact, and happened only once per login, now it prevents operation of credentials manager and is repeated often. It looks like it has gone from a soft to a hard error in the client code, essentially. > I will follow-up as soon as I have an update. > > Regards, > Edgar > > -----Original Message----- > From: "Andrew Bartlett" <[email protected]> > Sent: Tuesday, February 10, 2015 12:56 AM > To: "Obaid Farooqi" <[email protected]> > Cc: "MSSolve Case Email" <[email protected]>; "[email protected]" > <[email protected]> > Subject: [REG:115012312316449] Re: [cifs-protocol] Protocol changes in > KB2992611 [115012312316449] > > On Fri, 2015-02-06 at 23:23 +1300, Andrew Bartlett wrote: > > On Wed, 2015-02-04 at 16:08 +0000, Obaid Farooqi wrote: > > > Hi Andrew: > > > I have a fully patched system, Windows 8.1 enterprise. I verified > that > > > the updates include kb2992611. I joined the machine to Samba domain > > > before patching though. > > > > Please do it the other way around. That would match our steps. It > > certainly appears to be an issue in new profiles, after the patches. > > > > It may be enough to create a new user after patching, but you suggest > > below that this doesn't help. > > > > > I still do not see the problem. I also created a new user using > active > > > directory users and computers from my Windows machine. No issues. > > > Logged in as the newly created user and tried credentials manger > but > > > still not issues. > > > > > > Is your setup on hyper-v virtual machines? Maybe you can send me > both the VHDs and I can just debug on my side to see what is happening? > > > > > > > I am not sure if opening credential manager generates any network > traffic from workstation to DC. I did not see any when I opened credentials > manager. > > > > > The issue when reproduced should show protected_storage traffic. You > > will see some during the first login in the unpatched case, and much > > more of it in the patched case, per the traces I included. > > > > I hope this is enough to help you reproduce. Otherwise, I'll see > what > > we can do. > > Are you still unable to reproduce, following these directions exactly? > > Thanks, > > Andrew Bartlett > -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba _______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
