UltraVNC icon indicating copy to clipboard operation
UltraVNC copied to clipboard

Published 20 hours ago verified publisher icon ultravnc

MSLogon problem after new Windows updates

Open adamcios opened this issue 1 year ago • 17 comments

Mslogon and MSlogonII stop working on 22h2 Windows 10 version after new windows Updates ( When i try to use MSLogonACL.exe and import file which i used in last years File to import mslogon_AD_default.ini mslogon_AD_default.ini allow 0x00000003 .\adminek allow 0x00000003 ..\VNCEdit allow 0x00000001 ..\VNCView

i get such info: "C:\Program Files\uvnc bvba\UltraVNC\MSLogonACL.exe" /i /o "C:\Program Files\uvnc bvba\UltraVNC\mslogon_AD_default.ini" Detected computername = KOMP3 account: KOMP3\adminek, mask: 3, type: allow Detected domain = XXXXX XXXXX\VNCEdit: SID not valid. Detected domain = XXXXX XXXXX\VNCView: SID not valid. RegSetValueEx passed deleting ACE_DATA linked lists

I try to check mslogon and mslogonII and i get such info in logs Password authentication accepted from 192.168.12.1 (Interactive) (ID:1) MSLogon authentication refused from 192.168.12.1 using XXXXX\vncadmin account (not authenticated) Password authentication accepted from 192.168.12.1 (Interactive) (ID:1) MSLogon authentication refused from 192.168.12.1 using [email protected] account (not authenticated)

I checked everything I could and the result is still the same. Any suggestions? oooo one more thing when i deinstall windows update KB5028244 KB5028166 KB5028412 KB5027937 If KB5028244 is not installed, uninstall KB5028166 In some cases, if that doesn't work, you need to uninstall KB5028412 , KB5027937 But this is not a solution

adamcios avatar Sep 10 '23 20:09 adamcios

@RudiDeVos: Have you seen the @adamcios ticket?

Neustradamus avatar Sep 11 '23 22:09 Neustradamus

Not a simple one..takes time

RudiDeVos avatar Sep 17 '23 19:09 RudiDeVos

What do you see when you open "configure MS Logon Groups" afbeelding

Doe you see the groups Are you able to set slect them

In my case, when i don't have ..\VNCEdit i get the same error (SID not valid)

RudiDeVos avatar Sep 17 '23 20:09 RudiDeVos

yes i can select groups and i see it but cant connect

adamcios avatar Sep 18 '23 13:09 adamcios

one more thing. after last patch thuesday from september KB5030211 put the same changes like patches before and this should be uninstalled either.

adamcios avatar Sep 19 '23 12:09 adamcios

settings AD server/client to be able to test, to see if i can repeat it

RudiDeVos avatar Sep 20 '23 17:09 RudiDeVos

afbeelding afbeelding

mslogon 21/09/2023 11:18:46 MSLogon authentication accepted from 127.0.0.1 using [email protected] account (ViewOnly) 21/09/2023 11:18:50 Client 127.0.0.1 using [email protected] account disconnected (ViewOnly) (ID:1) authSSP

First test on Windows Server 2022 Standard 21H2 seems to work, that was expected

RudiDeVos avatar Sep 21 '23 18:09 RudiDeVos

testing on a 22H Import works, connection works Thu Sep 21 11:48:47 2023

  • CUPSD2: Access is 1, user [email protected] is authenticated, access granted is 0x3 21/09/2023 11:48:47 MSLogon authentication accepted from 127.0.0.1 using [email protected] account (Interactive)

Need help...how do i get the updates installed while the PC and server say there is no update available. Can't repeat it

afbeelding afbeelding afbeelding

RudiDeVos avatar Sep 21 '23 18:09 RudiDeVos

Updating AD server, to KB5030216 to test again

RudiDeVos avatar Sep 21 '23 18:09 RudiDeVos

Last test, updated a win10 22H2 OS afbeelding

Updates afbeelding

Connection still working 23/09/2023 19:40:16 MSLogon authentication accepted from 127.0.0.1 using [email protected] account (Interactive)

Running out of test, can't repeat it

RudiDeVos avatar Sep 23 '23 17:09 RudiDeVos

its important that i have AD on SAMBA linux 4.17? And second it stop works on windows 10/11 workstation. We have more then 150 computers.

adamcios avatar Sep 25 '23 13:09 adamcios

ya... SAMBA you should have told this from te beginning. Samba and 22H2 is a hell a lot of nas server had problems with 22H2.

Make sure you have the latest samba server, was fixed or should be in 4.17.4.

RudiDeVos avatar Sep 25 '23 16:09 RudiDeVos

one server is Version 4.17.4-Debian i willl try to upgrade it to 4.17.10 version the newest in 4.17 but in other place i have Version 4.17.8-Debian

adamcios avatar Sep 26 '23 06:09 adamcios

@adamcios: look here:

  • https://wiki.samba.org/index.php/Samba_4.17_Features_added/changed
  • https://wiki.samba.org/index.php/Samba_Release_Planning#Discontinued_.28End_of_Life.29

Important to know that Microsoft has solved several vulnerabilities this summer and there were problems with very old Linux machines which are not up-to-date...

Neustradamus avatar Sep 26 '23 15:09 Neustradamus

@adamcios: Have you updated your machines?

Neustradamus avatar Oct 05 '23 11:10 Neustradamus

i can do it in service time. so i can check one entity probably in few days. now i have version 4.17.8

adamcios avatar Oct 19 '23 07:10 adamcios

@adamcios: Samba versions have somes fixes in:

  • 4.16.11 (EOL since 2023-09-04): https://www.samba.org/samba/history/samba-4.16.11.html
  • 4.17.10: https://www.samba.org/samba/history/samba-4.17.10.html
  • 4.18.5: https://www.samba.org/samba/history/samba-4.18.5.html

Can you try a good version?

Source:

  • https://bugzilla.samba.org/show_bug.cgi?id=15418

Debian ticket:

  • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041043

Samba+:

  • https://samba.plus/blog/detail/important-update-for-samba-4184-available

And you can see Debian packages for each Debian versions:

  • https://tracker.debian.org/pkg/samba
  • https://packages.debian.org/sid/samba

Note there are new versions since, at this time:

  • 4.17.12 (2023-10-10)
  • 4.18.8 (2023-10-10)
  • 4.19.2 (2023-10-16)

Samba latest news:

  • https://www.samba.org/samba/latest_news.html

Neustradamus avatar Oct 19 '23 11:10 Neustradamus