hello, I have some windows xp from which can’t change passowrd, in log.samba I find:
[2017/10/26 11:49:22.681147, 0, pid=8667] …/auth/gensec/gensec.c:241(gensec_verify_features)
Did not manage to negotiate mandatory feature SIGN
and on client machine a popup windows say: can not change your password now. intranet domain is unavailable (intranet is the local domain name)
i did try:
client ipc signing = auto
client signing = auto
but the problem persist.
Hey,
I don’t have a solution for you, and given XP’s status as being end of life I don’t think you can expect to really find one. You could simply configure the Password Self-Service and tell your users to use that one.
Kind regards,
mosu
Hello, just a follow-up. Still, no resolution. I’ve tried different combinations with “client ipc signing” without luck.
A traffic dump shows the problem as:
I’ve also tried fiddling with Local Security Policy registry values at the Win XP machine, but got nothing good out of it.
The problem appear only if the administrator force user to change password
net sam set pwdmustchangenow USERNAME yes
on the left a working config with a standard samba 4.6.8 on the right ucs 4.2.2…
