Also no PDC found

Haynes, Andrew J (DPR) haynesaj at bp.com
Mon Feb 9 16:15:38 GMT 1998


I am new to SAMBA and this mail list, my background being entirely in NT.
Forgive me if this is nothing to do with your problem, but from this last
e-mail it looks like a NetBIOS name resolution issue. 

In a purely NT network, this error is indicative of a name resolution
problem, if it was a password/account issue the NT server normally returns
an error code of c0000022 which is "STATUS_ACCESS_DENIED". If the
Workstation or server trust accounts are wrong (COMPUTERNAME$), then the
secure channel setup would fail with that error code.

Does the SAMBA server implement the required NetBIOS names for PDC and
PDC/BDC location?. These would be the DOMAIN[1B] (unique) name and the
DOMAIN[1C] (group) name. For ordinary secure channel setup, the workstation
would query for DOMAIN[1C], either broadcast or via MS WINS and try every
server on the list until it gets a response.

If the workstation needed to find the PDC, then it queries for the
DOMAIN[1B] name, the workstation normally only tries to find the PDC
whenever a password needs to be updated, or the accounts database needs to
be managed. I think the workstation sends a NetGetDCname command to the PDC
(via DOMAIN[1B] NetBIOS) and the PDC then returns its server name. The
workstation then queries for the PDC[20] (server service) name and then a
connection to IPC$ is made.

Typically when DNS is used for name resolution, rather than normal MS
methods, the workstation sends a NetBIOS Adapter Status Message to the
target system to obtain a copy of its local NetBIOS name table. The
workstation would then check that table to see whether the [1B] or [1C]
names have been registered by that system.

Any comments ?, am I way off target here?.

Cheers

Andrew




> -----Original Message-----
> From:	Michel [SMTP:michel at nijenrode.nl]
> Sent:	09 February 1998 14:26
> To:	Multiple recipients of list
> Subject:	Re: Also no PDC found 
> 
> > 
> > You do need it. I think Luke took out the line saying you didn't
> > need to do it.
> > 
> > HOSTNAME$:uid:LMHASH:NTHASH:80
> > with the password set to "hostname" in lower case.
> 
> [snip]
> 
> Well I did that, and modified it too :0080: as well... Still no luck
> (unable to locate the domain controller for this domain).
> Then, rather than using the system's tcpdump, I used tcpdump-smb.
> Then something frightning happened:
> 
> The NT Wks queries for the PDC of the domain (or at least I think so),
> and then samba replies with:
> 
> 15:04:27.265907 elzas.nijenrode.nl.netbios-ns >
> quebec.nijenrode.nl.netbios-ns:
> >>> NBT UDP PACKET(137): QUERY; NEGATIVE; RESPONSE; UNICAST
> TrnID=0x83A8
> OpCode=0
> NmFlags=0x58
> Rcode=3
> QueryCount=0
> AnswerCount=1
> AuthorityCount=0
> AddressRecCount=0
> 
> ResourceRecords:
> Name=BLUBBER         NameType=0x00 (Workstation)
> ResType=0x0
> ResClass=0x1100
> TTL=12592
> ResourceLength=13872
> 
>                ^^^^^ Eeeeeks!
> 
> I shall not include the resource data but it involves all kind of stuff
> that has nothing to do with either elzas (the samba server) or quebec (the
> NT 
> wks), including what looks like an ENTIRE arp table. And I can't believe
> 13k is a usual size for a query response ?
> 
> Then tcpdump-sbm cores (and I even got the binary dist).
> 
> Does this help anyone in guessing what could be the problem ?
> 
> Michel.
> 


More information about the samba-ntdom mailing list