All,
It appears that this Nov 2022 AD DC patch does not directly break our
sssd-based AD integration. This was done in a test AD domain.
However, if the AD domain admin clicks the button to "use AES256 only" on
this test account it does break login.
Which led to further discovery.
Our
Really really appreciate the head's up on this Sumit!
We'd seen the notice yesterday, but from the brief description our
guess was that sssd was unaffected. Then your message showed up. So
timely!
We're coordinating with our AD team now.
Spike
Spike White
On Tue, Nov 15, 2022 at 12:07 AM