Windows Server Update Breaks Samba Compatibility

Unscheduled updates have been released for Samba version 4.22.3 and 4.21.7, addressing a critical problem that could affect the compatibility of Samba servers with an upcoming update from Windows Server. If the proposed corrective updates are not installed, Samba servers may not be able to function properly as members of Windows Active Directory domains, especially if the user mapping settings include ‘ad’.

Microsoft has announced plans to release updates for supported versions of Windows Server, including Windows Server 2008, to address security issues related to the Active Directory domain controller implementation. These updates will include changes to the Microsoft RPC Netlogon protocol, specifically adding additional access to certain RPC calls. Previously, these enhanced checks were only active in Windows Server 2025, but will now be extended to other versions.

These modifications may disrupt compatibility with Samba, causing issues when communicating with the Domain Controller. As a result, domain users could experience difficulties connecting to SMB services that rely on Samba and use the ‘ad’ backend.

/Reports, release notes, official announcements.