Blog

(Last Update: July 8)

Please note: Updated packages are available

On July 8, Microsoft will release an important security update for Active Directory Domain Controllers for Windows Server versions prior to 2025.

This update modifies the Microsoft RPC Netlogon protocol to improve security by tightening access checks for a set of RPC requests. Samba running as domain members in these environments will be impacted by this change if a specific configuration is used. See below for details on the affected configurations.

Windows Server version 2025 is already equipped with these specific security hardenings. Microsoft plans to deploy them to all supported Windows Server versions down to Windows Server 2008. 

Who is affected?
Samba installations that act as member servers in Windows AD domains will be affected if they are configured to use the 'ad' idmapping backend. Samba servers that do not use this configuration will not be affected by the change – at least according to our current knowledge and understanding – and no further action is required.

However, current versions of Samba with the affected configuration will no longer function correctly once the Microsoft update has been applied. Users will not be able to connect to the SMB service provided by Samba for any domain that uses the ‘ad’ idmapping backend.

What is SerNet doing?
The SAMBA+ team at SerNet, along with other members of the international Samba team, has been collaborating with Microsoft. Changes to Samba are currently being developed and tested to ensure full compatibility between Samba and Microsoft products. The Samba team aims to release updated packages on Monday evening (UTC+2).

Updated SAMBA+ packages, which will restore full compatibility, are planned to be made available before Microsoft's rollout.

What you should do:

  • Check your configuration if you’re running Samba in a Windows AD environment.
  • Watch out for new SAMBA+ package updates early next week (starting July 7th) .
  • Apply the update before Microsoft’s rolls out the patch.

All SAMBA+ updates are included in active subscriptions.

If you do not yet have a subscription, visit the SAMBA+ shop (EUR) or SAMBA+ shop (USD) for access.

For any questions or individual support, feel free to contact us directly – our team is here to help.


The Samba Team at SerNet has just released SAMBA+ packages version 4.21.6 and 4.22.2. These new versions are now available for a wide range of platforms, including SUSE Linux Enterprise, openSUSE, Red Hat Enterprise Linux, Debian GNU/Linux, Ubuntu, and AIX.

Both versions – for the 4.22 release series starting with 4.22.1 – include a security-relevant fix for CVE-2025-0620:
https://www.samba.org/samba/security/CVE-2025-0620.html

In addition, the SAMBA+ 4.21.6 release includes several other important bugfixes and improvements. 

For a complete overview, please refer to the official release notes:

SAMBA+ packages are available as software subscriptions and can be purchased in the SAMBA+ shop. For more information regarding pricing, have a look at the SAMBA+ Shops

For any further questions or support requests, please feel free to contact our SAMBA+ team.


Following the official release of Red Hat Enterprise Linux (RHEL) 10 on May 20, 2025, the Samba team at SerNet swiftly released SAMBA+ 4.22 for RHEL 10. Subscribers can seamlessly access these latest packages.

Additionally, SAMBA+ 4.22 packages are immediately available for the following binary-compatible distributions:

  • AlmaLinux 10
  • CentOS Stream 10
  • Oracle Linux 10
  • Rocky Linux 10

SAMBA+ is particularly suitable for RHEL environments due to its optimized integration, robust performance, and consistent security updates. Built specifically with enterprise needs in mind, SAMBA+ ensures reliable interoperability between Linux/Unix servers and Windows-based clients. Moreover, regular, timely updates and comprehensive testing guarantee compatibility with RHEL's latest security enhancements and system improvements.

SAMBA+ 4.22 includes key enhancements such as SMB3 Directory Leases and SMB3 POSIX Extensions, further boosting performance, efficiency, and compatibility in enterprise scenarios.

For further details and to download your SAMBA+ packages, have a look at our version overview. More information and pricing can be found in the USD shop or the EUR shop. Existing subscriptions include access to the new packages.


The new SAMBA+ 4.22.1 release is now available. Packages are provided for various platforms including SUSE, Red Hat, Debian GNU/Linux, Ubuntu, and AIX.

This release addresses several known issues, detailed in the release notes. In addition, SAMBA+ 4.22.1 includes performance enhancements for AIX and extra patches that further improve the SMB3 POSIX extensions feature, which has been available since version 4.22.

The new SAMBA+ packages are available through a software subscription. More information and pricing can be found in the USD shop or the EUR shop. Existing subscriptions include access to the latest release.

For any questions or quote requests, feel free to contact the SAMBA+ team.


SAMBA+ packages version 4.21.5 and 4.20.8 have just been released by the Samba team at SerNet. Packages for variousS USE and Red Hat platforms as well as for Debian GNU/Linux, Ubuntu and AIX are available now. 

These packages address several issues, which are listed in the release notes: 

SAMBA+ packages are available as software subscriptions and can be purchased in the SAMBA+ shop. Detailed information and prices can be found at:

At SerNet, we remain focused on delivering high-quality solutions tailored to your business needs. Upgrade to SAMBA+ 4.20.7 today and take advantage of the latest improvements. The new SAMBA+ packages are included in the existing subscriptions.

For questions or support requests, please feel free to contact our SAMBA+ team. 


Contact us
Contact
Deutsch English Français