On 14/11/2022 15:19, Rob Crittenden via FreeIPA-users wrote:
Microsoft addressed a number of CVEs last week which introduced some
authentication issues. After installation of these patches, user
authentication on Linux systems integrated in Active Directory no longer
works and new systems are unable to join an AD domain that is managed by
domain controllers where these patches have been applied.
For more details see https://access.redhat.com/solutions/6985061 (open
to the public).
rob
Thanks for the heads up! :)
I just tried a few tests against a patched domain controller (by
overriding setting /etc/krb.conf -> [realms] -> DOMAIN.EXAMPLE.COM ->
kdc). I'm able to use kinit to get a TGT and kvno to fetch some service
tickets.
Is that a valid test and/or have you got steps to reproduce the error
against a patched domain controller on your side?
Regards,
--
Sam Morris <https://robots.org.uk/>
PGP: rsa4096/CAAA AA1A CA69 A83A 892B 1855 D20B 4202 5CDA 27B9
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
