[Samba] Samba4 KDC - no such entry found in hdb
Dmitry Khromov
icechrome at gmail.com
Mon Oct 1 00:43:59 MDT 2012
Hello.
Samba 4.1.0pre1-GIT-aad669b, joined as a DC to an existing domain. At least 6 accounts behave like this:
Kerberos: AS-REQ techgroup at KLIN.KIFATO-MK.COM from ipv4:192.168.1.31:33822 for krbtgt/KLIN.KIFATO-MK.COM at KLIN.KIFATO-MK.COM
ldb: ldb_trace_request: SEARCH
dn: <rootDSE>
scope: sub
expr: (&(objectClass=user)(userPrincipalName=techgroup at KLIN.KIFATO-MK.COM))
control: 1.2.840.113556.1.4.1340 crit:1 data:yes
ldb: ldb_trace_request: (resolve_oids)->search
ldb: ldb_trace_next_request: (rootdse)->search
ldb: ldb_trace_next_request: (schema_load)->search
ldb: ldb_trace_next_request: (lazy_commit)->search
ldb: ldb_trace_next_request: (dirsync)->search
ldb: ldb_trace_next_request: (paged_results)->search
ldb: ldb_trace_next_request: (ranged_results)->search
ldb: ldb_trace_next_request: (anr)->search
ldb: ldb_trace_next_request: (server_sort)->search
ldb: ldb_trace_next_request: (asq)->search
ldb: ldb_trace_next_request: (extended_dn_in)->search
ldb: ldb_trace_next_request: (descriptor)->search
ldb: ldb_trace_next_request: (acl)->search
ldb: ldb_trace_next_request: (aclread)->search
ldb: ldb_trace_next_request: (operational)->search
ldb: ldb_trace_next_request: (rdn_name)->search
ldb: ldb_trace_next_request: (extended_dn_out_ldb)->search
ldb: ldb_trace_next_request: (show_deleted)->search
ldb: ldb_trace_next_request: (partition)->search
ldb: partition_request() -> (metadata partition)
ldb: ldb_trace_next_request: (tdb)->search
ldb: ldb_trace_next_request: (aclread)->search
ldb: ldb_trace_next_request: (operational)->search
ldb: ldb_trace_next_request: (rdn_name)->search
ldb: ldb_trace_next_request: (extended_dn_out_ldb)->search
ldb: ldb_trace_next_request: (show_deleted)->search
ldb: ldb_trace_next_request: (partition)->search
ldb: partition_request() -> (metadata partition)
ldb: ldb_trace_next_request: (tdb)->search
ldb: partition_request() -> (metadata partition)
ldb: ldb_trace_next_request: (schema_data)->search
ldb: ldb_trace_next_request: (tdb)->search
ldb: partition_request() -> (metadata partition)
ldb: ldb_trace_next_request: (tdb)->search
ldb: partition_request() -> (metadata partition)
ldb: ldb_trace_next_request: (tdb)->search
ldb: partition_request() -> (metadata partition)
ldb: ldb_trace_next_request: (tdb)->search
ldb: partition_request() -> (metadata partition)
ldb: ldb_trace_next_request: (tdb)->search
ldb: ldb_trace_response: ENTRY
dn: CN=Техническая поддержка,OU=IT,OU=Departments,DC=klin,DC=kifato-mk,DC=com
ldb: ldb_trace_response: DONE
error: 0
ldb: ldb_trace_request: SEARCH
dn: CN=Partitions,CN=Configuration,DC=klin,DC=kifato-mk,DC=com
scope: one
expr: (&(objectClass=crossRef)(dnsRoot=klin.kifato-mk.com)(systemFlags:1.2.840.113556.1.4.803:=2))
attr: ncName
attr: dnsRoot
control: <NONE>
ldb: ldb_trace_request: (resolve_oids)->search
ldb: ldb_trace_next_request: (rootdse)->search
ldb: ldb_trace_next_request: (schema_load)->search
ldb: ldb_trace_next_request: (lazy_commit)->search
ldb: ldb_trace_next_request: (dirsync)->search
ldb: ldb_trace_next_request: (paged_results)->search
ldb: ldb_trace_next_request: (ranged_results)->search
ldb: ldb_trace_next_request: (anr)->search
ldb: ldb_trace_next_request: (server_sort)->search
ldb: ldb_trace_next_request: (asq)->search
ldb: ldb_trace_next_request: (extended_dn_in)->search
ldb: ldb_trace_next_request: (descriptor)->search
ldb: ldb_trace_next_request: (acl)->search
ldb: ldb_trace_next_request: (aclread)->search
ldb: ldb_trace_next_request: (operational)->search
ldb: ldb_trace_next_request: (rdn_name)->search
ldb: ldb_trace_next_request: (extended_dn_out_ldb)->search
ldb: ldb_trace_next_request: (show_deleted)->search
ldb: ldb_trace_next_request: (partition)->search
ldb: partition_request() -> (metadata partition)
ldb: ldb_trace_next_request: (tdb)->search
ldb: ldb_trace_next_request: (aclread)->search
ldb: ldb_trace_next_request: (operational)->search
ldb: ldb_trace_next_request: (rdn_name)->search
ldb: ldb_trace_next_request: (extended_dn_out_ldb)->search
ldb: ldb_trace_next_request: (show_deleted)->search
ldb: ldb_trace_next_request: (partition)->search
ldb: partition_request() -> (metadata partition)
ldb: ldb_trace_next_request: (tdb)->search
ldb: ldb_trace_next_request: (show_deleted)->search
ldb: ldb_trace_next_request: (partition)->search
ldb: partition_request() -> (metadata partition)
ldb: ldb_trace_next_request: (tdb)->search
ldb: partition_request() -> (metadata partition)
ldb: ldb_trace_next_request: (schema_data)->search
ldb: ldb_trace_next_request: (tdb)->search
ldb: partition_request() -> (metadata partition)
ldb: ldb_trace_next_request: (tdb)->search
ldb: partition_request() -> (metadata partition)
ldb: ldb_trace_next_request: (tdb)->search
ldb: partition_request() -> (metadata partition)
ldb: ldb_trace_next_request: (tdb)->search
ldb: partition_request() -> (metadata partition)
ldb: ldb_trace_next_request: (tdb)->search
ldb: ldb_trace_response: ENTRY
dn: CN=MK_KLIN,CN=Partitions,CN=Configuration,DC=klin,DC=kifato-mk,DC=com
nCName: DC=klin,DC=kifato-mk,DC=com
dnsRoot: klin.kifato-mk.com
ldb: ldb_trace_response: DONE
error: 0
ldb: ldb_trace_request: SEARCH
dn: DC=klin,DC=kifato-mk,DC=com
scope: base
expr: (|(objectClass=*)(distinguishedName=*))
control: <NONE>
ldb: ldb_trace_request: (resolve_oids)->search
ldb: ldb_trace_next_request: (rootdse)->search
ldb: ldb_trace_next_request: (schema_load)->search
ldb: ldb_trace_next_request: (lazy_commit)->search
ldb: ldb_trace_next_request: (dirsync)->search
ldb: ldb_trace_next_request: (paged_results)->search
ldb: ldb_trace_next_request: (ranged_results)->search
ldb: ldb_trace_next_request: (anr)->search
ldb: ldb_trace_next_request: (server_sort)->search
ldb: ldb_trace_next_request: (asq)->search
ldb: ldb_trace_next_request: (extended_dn_in)->search
ldb: ldb_trace_next_request: (descriptor)->search
ldb: ldb_trace_next_request: (acl)->search
ldb: ldb_trace_next_request: (aclread)->search
ldb: ldb_trace_next_request: (operational)->search
ldb: ldb_trace_next_request: (rdn_name)->search
ldb: ldb_trace_next_request: (extended_dn_out_ldb)->search
ldb: ldb_trace_next_request: (show_deleted)->search
ldb: ldb_trace_next_request: (partition)->search
ldb: partition_request() -> (metadata partition)
ldb: ldb_trace_next_request: (tdb)->search
ldb: ldb_trace_next_request: (aclread)->search
ldb: ldb_trace_next_request: (operational)->search
ldb: ldb_trace_next_request: (rdn_name)->search
ldb: ldb_trace_next_request: (extended_dn_out_ldb)->search
ldb: ldb_trace_next_request: (show_deleted)->search
ldb: ldb_trace_next_request: (partition)->search
ldb: partition_request() -> (metadata partition)
ldb: ldb_trace_next_request: (tdb)->search
ldb: ldb_trace_response: ENTRY
dn: DC=klin,DC=kifato-mk,DC=com
ldb: ldb_trace_response: DONE
error: 0
gendb_search_v: DC=klin,DC=kifato-mk,DC=com NULL -> 1
ldb: ldb_trace_request: SEARCH
dn: CN=Техническая поддержка,OU=IT,OU=Departments,DC=klin,DC=kifato-mk,DC=com
scope: base
expr: (objectClass=*)
attr: objectClass
attr: sAMAccountName
attr: userPrincipalName
attr: servicePrincipalName
attr: msDS-KeyVersionNumber
attr: msDS-SecondaryKrbTgtNumber
attr: msDS-SupportedEncryptionTypes
attr: supplementalCredentials
attr: msDS-AllowedToDelegateTo
attr: dBCSPwd
attr: unicodePwd
attr: userAccountControl
attr: objectSid
attr: pwdLastSet
attr: accountExpires
attr: logonHours
attr: userWorkstations
attr: displayName
attr: scriptPath
attr: profilePath
attr: homeDirectory
attr: homeDrive
attr: lastLogon
attr: lastLogoff
attr: accountExpires
attr: badPwdCount
attr: logonCount
attr: primaryGroupID
attr: memberOf
control: 1.3.6.1.4.1.7165.4.3.17 crit:0 data:no
control: 1.2.840.113556.1.4.529 crit:1 data:yes
ldb: ldb_trace_request: (resolve_oids)->search
ldb: ldb_trace_next_request: (rootdse)->search
ldb: ldb_trace_next_request: (schema_load)->search
ldb: ldb_trace_next_request: (lazy_commit)->search
ldb: ldb_trace_next_request: (dirsync)->search
ldb: ldb_trace_next_request: (paged_results)->search
ldb: ldb_trace_next_request: (ranged_results)->search
ldb: ldb_trace_next_request: (anr)->search
ldb: ldb_trace_next_request: (server_sort)->search
ldb: ldb_trace_next_request: (asq)->search
ldb: ldb_trace_next_request: (extended_dn_in)->search
ldb: ldb_trace_next_request: (descriptor)->search
ldb: ldb_trace_next_request: (acl)->search
ldb: ldb_trace_next_request: (aclread)->search
ldb: ldb_trace_next_request: (operational)->search
ldb: ldb_trace_next_request: (rdn_name)->search
ldb: ldb_trace_next_request: (extended_dn_out_ldb)->search
ldb: ldb_trace_next_request: (show_deleted)->search
ldb: ldb_trace_next_request: (partition)->search
ldb: partition_request() -> (metadata partition)
ldb: ldb_trace_next_request: (tdb)->search
ldb: ldb_trace_next_request: (aclread)->search
ldb: ldb_trace_next_request: (operational)->search
ldb: ldb_trace_next_request: (rdn_name)->search
ldb: ldb_trace_next_request: (extended_dn_out_ldb)->search
ldb: ldb_trace_next_request: (show_deleted)->search
ldb: ldb_trace_next_request: (partition)->search
ldb: partition_request() -> (metadata partition)
ldb: ldb_trace_next_request: (tdb)->search
ldb: ldb_trace_response: ENTRY
dn: <GUID=314022f9-1f59-418a-a1d2-7ada0f2f6e60>;<SID=S-1-5-21-98486140-92642785-846719952-1283>;CN=Техническая поддержка,OU=IT,OU=Departments,DC=klin,DC=kifato-mk,DC=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
displayName:: 0KLQtdGF0L3QuNGH0LXRgdC60LDRjyDQv9C+0LTQtNC10YDQttC60LA=
userAccountControl: 512
# dBCSPwd::: REDACTED SECRET ATTRIBUTElogonHours:: ////////////////////////////
# unicodePwd::: REDACTED SECRET ATTRIBUTEpwdLastSet: 129069970834375000
primaryGroupID: 513
# supplementalCredentials::: REDACTED SECRET ATTRIBUTEobjectSid: S-1-5-21-98486140-92642785-846719952-1283
accountExpires: 0
sAMAccountName: techgroup
userPrincipalName: techgroup at klin.kifato-mk.com
memberOf: <GUID=7ee0eccc-f4cf-4df5-bb6f-39be7d8d695f>;<SID=S-1-5-21-98486140-9
2642785-846719952-63836>;CN=vlan332,OU=VLANs,OU=Organizational,DC=klin,DC=kif
ato-mk,DC=com
memberOf:: PEdVSUQ9ZjdkZmUwYjItNzQwNC00Yzc4LWI5ZjAtMDdjOGU2NmY4M2ZiPjs8U0lEPVM
tMS01LTIxLTk4NDg2MTQwLTkyNjQyNzg1LTg0NjcxOTk1Mi02MzgzMj47Q0490JvQvtC60LDQu9GM
0L3Ri9C1INCw0LTQvNC40L3QuNGB0YLRgNCw0YLQvtGA0YssT1U9SVQsT1U9RGVwYXJ0bWVudHMsR
EM9a2xpbixEQz1raWZhdG8tbWssREM9Y29t
memberOf: <GUID=ffd72e00-9c15-4b46-bcce-f232c7a772b4>;<SID=S-1-5-21-98486140-9
2642785-846719952-63819>;CN=Plant B,OU=Locations,OU=Organizational,DC=klin,DC
=kifato-mk,DC=com
msDS-KeyVersionNumber: 3
ldb: ldb_trace_response: DONE
error: 0
ldb: ldb_trace_request: SEARCH
dn: DC=klin,DC=kifato-mk,DC=com
scope: base
expr: (|(objectClass=*)(distinguishedName=*))
attr: maxPwdAge
control: <NONE>
ldb: ldb_trace_request: (resolve_oids)->search
ldb: ldb_trace_next_request: (rootdse)->search
ldb: ldb_trace_next_request: (schema_load)->search
ldb: ldb_trace_next_request: (lazy_commit)->search
ldb: ldb_trace_next_request: (dirsync)->search
ldb: ldb_trace_next_request: (paged_results)->search
ldb: ldb_trace_next_request: (ranged_results)->search
ldb: ldb_trace_next_request: (anr)->search
ldb: ldb_trace_next_request: (server_sort)->search
ldb: ldb_trace_next_request: (asq)->search
ldb: ldb_trace_next_request: (extended_dn_in)->search
ldb: ldb_trace_next_request: (descriptor)->search
ldb: ldb_trace_next_request: (acl)->search
ldb: ldb_trace_next_request: (aclread)->search
ldb: ldb_trace_next_request: (operational)->search
ldb: ldb_trace_next_request: (rdn_name)->search
ldb: ldb_trace_next_request: (extended_dn_out_ldb)->search
ldb: ldb_trace_next_request: (show_deleted)->search
ldb: ldb_trace_next_request: (partition)->search
ldb: partition_request() -> (metadata partition)
ldb: ldb_trace_next_request: (tdb)->search
ldb: ldb_trace_next_request: (aclread)->search
ldb: ldb_trace_next_request: (operational)->search
ldb: ldb_trace_next_request: (rdn_name)->search
ldb: ldb_trace_next_request: (extended_dn_out_ldb)->search
ldb: ldb_trace_next_request: (show_deleted)->search
ldb: ldb_trace_next_request: (partition)->search
ldb: partition_request() -> (metadata partition)
ldb: ldb_trace_next_request: (tdb)->search
ldb: ldb_trace_response: ENTRY
dn: DC=klin,DC=kifato-mk,DC=com
maxPwdAge: -9223372036854775808
ldb: ldb_trace_response: DONE
error: 0
gendb_search_v: DC=klin,DC=kifato-mk,DC=com NULL -> 1
ndr_pull_error(11): Pull bytes 2 (../librpc/ndr/ndr_basic.c:103)
[0000] 00 00 00 00 62 00 00 00 00 00 00 00 20 00 20 00 ....b... .... . .
[0010] 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 . . . . . . . .
[0020] 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 . . . . . . . .
[0030] 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 . . . . . . . .
[0040] 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 . . . . . . . .
[0050] 20 00 20 00 20 00 20 00 20 00 20 00 20 00 20 00 . . . . . . . .
[0060] 20 00 20 00 20 00 20 00 20 00 20 00 50 00 00 . . . . . .P..
Kerberos: UNKNOWN -- techgroup at KLIN.KIFATO-MK.COM: no such entry found in hdb
What's wrong with them?
--
Best regards,
Dmitry Khromov
More information about the samba
mailing list