Windows 10 + Samba as a Domain Controller

May 19, 2018 | Categories: Linux, Technical, Windows No Comments ↓

If you are running a Samba server as a Domain Controller for your network and a new Windows 10 client workstation prevents you from logging in via the following error:

We can't sign you in with this credential because your domain isn't available.  Make sure your device is 
connected to your organization's network and try again.  If you previously signed in on this device with 
another credential, you can sign in with that credential.

The fix is rather simple and a result of using an older configuration file (likely from years of upgrading) without applying the much needed configuration enhancements that come with the later releases. Add the following to your /etc/samba/smb.conf file and restart both smb and nmb processes:

server max protocol = NT1

Until the RedHat based distributions, including Fedora, are able to support the new Samba-DC implementation the NT4-style is still around for the near term.

The client workstation may need the following as well:

HKEY_LOCAL_MACHINE->System->CurrentControlSet->Services->LanmanWorkstation
DomainCompatibilityMode->DWORD:1
DNSNameResolutionRequired->DWORD:0

Source: http://www.coldandheartless.com/blog/2017/12/windows-10-in-my-samba-pdc/

You must be logged in to post a comment.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Leave a Reply