Andrew, I will take care of this case while my colleage (Obaid in cc) is out of office. Let's me review the issue and narrow the scope. I gather that you want to determine whether there's any protocol effect resulting from KB2992611, and the current lead you have been exploring are protected_storage, MS-BKRP, DPAPI regarding the use of Credential manager connected to Samba's DC. Please share any current information that may help me speed up investigation. I will follow-up as soon as I have an update.
Regards, Edgar -----Original Message----- From: "Andrew Bartlett" <[email protected]> Sent: Tuesday, February 10, 2015 12:56 AM To: "Obaid Farooqi" <[email protected]> Cc: "MSSolve Case Email" <[email protected]>; "[email protected]" <[email protected]> Subject: [REG:115012312316449] Re: [cifs-protocol] Protocol changes in KB2992611 [115012312316449] On Fri, 2015-02-06 at 23:23 +1300, Andrew Bartlett wrote: > On Wed, 2015-02-04 at 16:08 +0000, Obaid Farooqi wrote: > > Hi Andrew: > > I have a fully patched system, Windows 8.1 enterprise. I verified that > > the updates include kb2992611. I joined the machine to Samba domain > > before patching though. > > Please do it the other way around. That would match our steps. It > certainly appears to be an issue in new profiles, after the patches. > > It may be enough to create a new user after patching, but you suggest > below that this doesn't help. > > > I still do not see the problem. I also created a new user using active > > directory users and computers from my Windows machine. No issues. > > Logged in as the newly created user and tried credentials manger but > > still not issues. > > > > Is your setup on hyper-v virtual machines? Maybe you can send me both the VHDs and I can just debug on my side to see what is happening? > > > > I am not sure if opening credential manager generates any network traffic from workstation to DC. I did not see any when I opened credentials manager. > > The issue when reproduced should show protected_storage traffic. You > will see some during the first login in the unpatched case, and much > more of it in the patched case, per the traces I included. > > I hope this is enough to help you reproduce. Otherwise, I'll see what > we can do. Are you still unable to reproduce, following these directions exactly? Thanks, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba _______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
