Not completely true about Samba AD-DC.
If you're running a post Samba 4.8 server you're safe, even though the proof of concept code reports it as vulnerable (the PoC code only tries the logon, it doesn't actually try any of the activities that the default Samba setting of schannel required prohibits). Better to be safe though and upgrade to the version that removes the false positive from the PoC code.
More details here:
https://www.samba.org/samba/security/CVE-2020-1472.html
Biting the hand that feeds IT
