net vampire - error
Magnus Benngård
magnus.b at inputinterior.se
Sun Oct 17 13:12:20 MDT 2010
./net vampire gbg.inputinterior.se -Uadministrator -
--realm=gbg.inputinterior.se -d10
adding hidden service IPC$
adding hidden service ADMIN$
added interface ip=10.242.101.10 nmask=255.255.255.0
added interface ip=10.242.101.10 nmask=255.255.255.0
finddcs: searching for a DC by DNS domain gbg.inputinterior.se
finddcs: looking for SRV records for _ldap._tcp.gbg.inputinterior.se
finddcs: performing CLDAP query on 10.242.10.9
&response->data.nt5_ex: struct NETLOGON_SAM_LOGON_RESPONSE_EX
command : LOGON_SAM_LOGON_RESPONSE_EX (23)
sbz : 0x0000 (0)
server_type : 0x000003fd (1021)
1: NBT_SERVER_PDC
1: NBT_SERVER_GC
1: NBT_SERVER_LDAP
1: NBT_SERVER_DS
1: NBT_SERVER_KDC
1: NBT_SERVER_TIMESERV
1: NBT_SERVER_CLOSEST
1: NBT_SERVER_WRITABLE
1: NBT_SERVER_GOOD_TIMESERV
0: NBT_SERVER_NDNC
0: NBT_SERVER_SELECT_SECRET_DOMAIN_6
0: NBT_SERVER_FULL_SECRET_DOMAIN_6
0: NBT_SERVER_ADS_WEB_SERVICE
0: NBT_SERVER_HAS_DNS_NAME
0: NBT_SERVER_IS_DEFAULT_NC
0:
NBT_SERVER_FOREST_ROOT
domain_uuid : 5e13586b-9c12-479f-9a03-269d2ea81968
forest : 'gbg.inputinterior.se'
dns_domain : 'gbg.inputinterior.se'
pdc_dns_name : 'pdc.gbg.inputinterior.se'
domain_name : 'GBG'
pdc_name : '\PDC'
user_name : ''
server_site : 'Default-First-Site-Name'
client_site : 'Default-First-Site-Name'
sockaddr_size : 0x00 (0)
sockaddr: struct nbt_sockaddr
sockaddr_family : 0x00000000 (0)
pdc_ip : (null)
remaining : DATA_BLOB length=0
next_closest_site : NULL
nt_version : 0x00000005 (5)
1: NETLOGON_NT_VERSION_1
0: NETLOGON_NT_VERSION_5
1: NETLOGON_NT_VERSION_5EX
0: NETLOGON_NT_VERSION_5EX_WITH_IP
0: NETLOGON_NT_VERSION_WITH_CLOSEST_SITE
0: NETLOGON_NT_VERSION_AVOID_NT4EMUL
0: NETLOGON_NT_VERSION_PDC
0: NETLOGON_NT_VERSION_IP
0: NETLOGON_NT_VERSION_LOCAL
0: NETLOGON_NT_VERSION_GC
lmnt_token : 0xffff (65535)
lm20_token : 0xffff (65535)
finddcs: Found matching DC 10.242.10.9 with server_type=0x000003fd
Mapped to DCERPC endpoint
pipelsarpc
added interface ip=10.242.101.10 nmask=255.255.255.0
added interface ip=10.242.101.10 nmask=255.255.255.0
Shutdown SMB signing
BSRSPYL SMB signing enabled
Shutdown SMB signing
Starting GENSEC mechanism spnego
Server claims it's principal name is PDC$@GBG.INPUTINTERIOR.SE
Starting GENSEC submechanism gssapi_krb5
Password for [GBG.INPUTINTERIOR.SEadministrator]:
Received smb_krb5 packet of length 250
Received smb_krb5 packet of length 166
Failed to get CCACHE for GSSAPI client: KDC has no support for encryption
type
Aquiring initiator credentials failed: kinit for
administrator at GBG.INPUTINTERIOR.SE failed (KDC has no support for
encryption type: KDC has no support for encryption type)
Failed to start GENSEC client mech gssapi_krb5: NT_STATUS_UNSUCCESSFUL
Starting GENSEC submechanism ntlmssp
Got challenge flags:
Got NTLMSSP neg_flags=0x60898205
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_NEGOTIATE_NTLM2
NTLMSSP_NEGOTIATE_TARGET_INFO
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
NTLMSSP challenge set by NTLM2
challenge is:
[0000] 98 C6 6E B1 A6 BA 52 F3 ..n...R.
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x60088205
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_NEGOTIATE_NTLM2
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
SMB signing enabled!
[0000] 7C 17 F5 B1 DF A8 F9 2B |......+
Seen valid packet, so turning signing on
Seen valid packet, so marking signing as 'seen valid'
sign_outgoing_message: SENT SIG (seq: 2): sent SMB signature of
[0000] 86 56 62 AF 40 52 77 DA .Vb. at Rw.
[0000] 8A 48 D7 00 07 C9 35 30 .H....50
sign_outgoing_message: SENT SIG (seq: 4): sent SMB signature of
[0000] 76 16 4D 4F C8 23 1C A7 v.MO.#..
[0000] 41 D0 60 84 29 3F D2 FA A.`.)?..
sign_outgoing_message: SENT SIG (seq: 6): sent SMB signature of
[0000] 8E 44 33 80 10 66 BD 62 .D3..f.b
[0000] 90 66 1F 35 0D F1 3C E8
.f.5..search
ldb: ldb_trace_response: ENTRY
dn:
configurationNamingContext: CN=Configuration,DC=gbg,DC=inputinterior,DC=se
defaultNamingContext: DC=gbg,DC=inputinterior,DC=se
rootDomainNamingContext: DC=gbg,DC=inputinterior,DC=se
schemaNamingContext:
CN=Schema,CN=Configuration,DC=gbg,DC=inputinterior,DC=se
ldb_wrap open of ldap://pdc.gbg.inputinterior.se
ldb: ldb_trace_request: SEARCH
dn: CN=FS-MLM,CN=Computers,DC=gbg,DC=inputinterior,DC=se
scope: base
expr: (|(objectClass=*)(distinguishedName=*))
attr: msDS-KeyVersionNumber
attr: servicePrincipalName
attr: dNSHostName
attr: objectGUID
control:
ldb: ldb_trace_request: (ldap)->search
ldb: ldb_trace_response: ENTRY
dn: CN=FS-MLM,CN=Computers,DC=gbg,DC=inputinterior,DC=se
objectGUID: 1f1c0dea-24d6-4214-83e3-f4b46526cbc4
servicePrincipalName: host/fs-mlm.gbg.inputinterior.se
servicePrincipalName: host/fs-mlm
servicePrincipalName: host/fs-mlm.gbg.inputinterior.se/gbg.inputinterior.se
servicePrincipalName:
host/fs-mlm/gbg.inputinterior.se
servicePrincipalName: host/fs-mlm.gbg.inputinterior.se/GBG
servicePrincipalName: host/fs-mlm/GBG
dNSHostName: fs-mlm.gbg.inputinterior.se
msDS-KeyVersionNumber: 27
ldb: start ldb transaction (nesting: 0)
ldb: ldb_trace_request: (ldap)->start_transaction
ldb: start ldb transaction error: (null)
ldb: ldb_trace_request: MODIFY
dn: CN=FS-MLM,CN=Computers,DC=gbg,DC=inputinterior,DC=se
changetype: add
servicePrincipalName: host/fs-mlm.gbg.inputinterior.se
servicePrincipalName: host/fs-mlm
servicePrincipalName: host/fs-mlm.gbg.inputinterior.se/gbg.inputinterior.se
servicePrincipalName: host/fs-mlm/gbg.inputinterior.se
servicePrincipalName: host/fs-mlm.gbg.inputinterior.se/GBG
servicePrincipalName: host/fs-mlm/GBG
dNSHostName: fs-mlm.gbg.inputinterior.se
control:
ldb: ldb_trace_request: (ldap)->modify
ldb: commit ldb transaction (nesting: 0)
ldb: ldb_trace_request: (ldap)->end_transaction
ldb: start ldb transaction (nesting: 0)
ldb: ldb_trace_request:
(ldap)->start_transaction
ldb: start ldb transaction error: (null)
ldb: ldb_trace_request: MODIFY
dn: CN=FS-MLM,CN=Computers,DC=gbg,DC=inputinterior,DC=se
changetype: add
msDS-SupportedEncryptionTypes: 31
control:
ldb: ldb_trace_request: (ldap)->modify
ldb: commit ldb transaction (nesting: 0)
ldb: ldb_trace_request: (ldap)->end_transaction
drsuapi_DsCrackNames: struct drsuapi_DsCrackNames
in: struct drsuapi_DsCrackNames
bind_handle : *
bind_handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : 628dfa1f-8fd9-40e9-99c2-769ffb796464
level : 0x00000001 (1)
req : *
req : union drsuapi_DsNameRequest(case 1)
req1: struct drsuapi_DsNameRequest1
codepage : 0x000004e4 (1252)
language : 0x00000407 (1031)
format_flags : DRSUAPI_DS_NAME_FLAG_NO_FLAGS (0)
format_offered : DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT (2)
format_desired : DRSUAPI_DS_NAME_FORMAT_FQDN_1779 (1)
count : 0x00000001 (1)
names : *
names: ARRAY(1)
names: struct drsuapi_DsNameString
str : *
str :
'GBG'
rpc request data:
[0000] 00 00 00 00 1F FA 8D 62 D9 8F E9 40 99 C2 76 9F .......b ... at ..v.
[0010] FB 79 64 64 01 00 00 00 01 00 00 00 E4 04 00 00 .ydd.... ........
[0020] 07 04 00 00 00 00 00 00 02 00 00 00 01 00 00 00 ........ ........
[0030] 01 00 00 00 00 00 02 00 01 00 00 00 04 00 02 00 ........ ........
[0040] 05 00 00 00 00 00 00 00 05 00 00 00 47 00 42 00 ........ ....G.B.
[0050] 47 00 5C 00 00 00 G....
ntlmssp_seal_data: seal
../../librpc/rpc/dcerpc_util.c:139: auth_pad_length 8
ntlmssp_unseal_packet: seal
ntlmssp_check_packet: NTLMSSP signature OK !
drsuapi_DsCrackNames: struct drsuapi_DsCrackNames
out: struct drsuapi_DsCrackNames
level_out : *
level_out : 0x00000001 (1)
ctr : *
ctr : union drsuapi_DsNameCtr(case 1)
ctr1 : *
ctr1: struct drsuapi_DsNameCtr1
count : 0x00000001 (1)
array : *
array: ARRAY(1)
array: struct drsuapi_DsNameInfo1
status : DRSUAPI_DS_NAME_STATUS_OK (0)
dns_domain_name : *
dns_domain_name : 'gbg.inputinterior.se'
result_name : *
result_name : 'DC=gbg,DC=inputinterior,DC=se'
result : WERR_OK
rpc reply data:
[0000] 01 00 00 00 01 00 00 00 08 00 02 00 01 00 00 00 ........ ........
[0010] 0C 00 02 00 01 00 00 00 00 00 00 00 10 00 02 00 ........ ........
[0020] 14 00 02 00 15 00 00 00 00 00 00 00 15 00 00 00 ........ ........
[0030] 67 00 62 00 67 00 2E 00 69 00 6E 00 70 00 75 00 g.b.g... i.n.p.u.
[0040] 74 00 69 00 6E 00 74 00 65 00 72 00 69 00 6F 00 t.i.n.t. e.r.i.o.
[0050] 72 00 2E 00 73 00 65 00 00 00 00 00 1E 00 00 00 r...s.e. ........
[0060] 00 00 00 00 1E 00 00 00 44 00 43 00 3D 00 67 00 ........ D.C.=.g.
[0070] 62 00 67 00 2C 00 44 00 43 00 3D 00 69 00 6E 00 b.g.,.D. C.=.i.n.
[0080] 70 00 75 00 74 00 69 00 6E 00 74 00 65 00 72 00 p.u.t.i. n.t.e.r.
[0090] 69 00 6F 00 72 00 2C 00 44 00 43 00 3D 00 73 00 i.o.r.,. D.C.=.s.
[00A0] 65 00 00 00 00 00 00 00 e.......
border-left: 2px solid #1010ff; margin-left: 5px; width: 100%;">
Hi Magnus,
Could you make a log file with higher log level and send it
here?
Something like:
./net vampire gbg.inputinterior.se -Uadministrator
--realm=gbg.inputinterior.se -d10
should do the job
--
CU,
Kamen
2010/10/17 Magnus Benngård :
>
>
> Him
>
> I am trying to join a running samba4 server:
>
> ./net vampire gbg.inputinterior.se -Uadministrator
> --realm=gbg.inputinterior.se
> Password for [GBG.INPUTINTERIOR.SEadministrator]:
> CLDAP response: forest=gbg.inputinterior.se dns=gbg.inputinterior.se
> netbios=GBG server_site=Default-First-Site-Name
> client_site=Default-First-Site-Name
> libnet_BecomeDC() failed - NT_STATUS_INVALID_NETWORK_RESPONSE
> Traceback (most recent call last):
> File
> "/usr/local/samba/lib/python2.5/site-packages/samba/netcmd/__init__.py",
> line 99, in _run
> return self.run(*args, **kwargs)
> File
> "/usr/local/samba/lib/python2.5/site-packages/samba/netcmd/vampire.py",
> line 51, in run
> (domain_name, domain_sid) = net.vampire(domain=domain,
> target_dir=target_dir)
> RuntimeError:
NT_STATUS_INVALID_NETWORK_RESPONSE
>
> Any that can give me an idea howto find out what I am doing wrong?
>
> Both servers are runnning: Version 4.0.0alpha14-GIT-10adee8
>
> On the new server I just did "make install" no provision.
>
> /Magnus
>
More information about the samba-technical
mailing list