Hello, just a follow-up. Still, no resolution. I’ve tried different combinations with “client ipc signing” without luck.
A traffic dump shows the problem as:
- windows XP client sends a DCE/RPC SAMR command GetDomPwInfo
- samba responds with DCE/RPC Fault nca_proto_error
I’ve also tried fiddling with Local Security Policy registry values at the Win XP machine, but got nothing good out of it.
The problem appear only if the administrator force user to change password
net sam set pwdmustchangenow USERNAME yes
on the left a working config with a standard samba 4.6.8 on the right ucs 4.2.2…