cannot rename windows xp machine in samba4

Matthieu Patou mat at samba.org
Wed May 2 00:30:57 MDT 2012 

On 05/01/2012 08:43 PM, Vladimir Obukhov wrote:
>> So now in Computer properties in XP, what's the name ?
>>
>> I have the feeling that XP is sending a create when it should in fact
>> send a rename, to help us it would be great to:
>>
>> * leave XP from the domain
>> * join the domain
>> * stop the vm
>> * start a tcpdump capture (check
>> https://wiki.samba.org/index.php/Capture_Packets) on the ubuntu box
>> * export the keytab of the domain (attention with this we have access to
>> ALL the password so do it on a test domain with password that you
>> _never_ use in production), check
>> https://wiki.samba.org/index.php/Keytab_Extraction for the method to
>> export the keytab
>> * start the vm
>> * log in with the admin, if possible note the packet number after the
>> user has logged in
>> * rename the workstation
>>
>> Send us the capture it might be helpful.
>>
> in computer properties the name was still ws1
>
> I followed your instructions:
> * left XP from domain
> * changed winxp computer name to ws3 and sid with newsid utility (I had to
> do it because I got the error saying smth like "cannot correlate user
> names", sorry for my bad translation from russian)
> * joined winxp to domain under name WS3
> * powered off the vm
> * started packet capture with "tcpdump -i eth1 -p -s 0 -w samba4.dump.txt
> port 445 or port 139"
Don't filter the port we need LDAP, kerberos and all the rest ...
> * exported keytab with "samba-tool domain exportkeytab ./samba4.keytab"
> * powered on winxp
> * logged in as admin and tried to rename WS3 to WS4, twice, both times a
> got an error but they seem to be a bit different, first time it said smth
> like the file exists already, the second time something like username is
> not found.
The "funny" part of it is that it seems that the samaccountname of the 
XP box has been changed SAMR response #393 shows that the name WS4$ can 
be resolved.

Maybe with a complete trace we can understand what is denied when 
renaming the workstation (change of the account name is at request #330).



> I wasn't able to note the packet number after I've logged on, packets are
> in raw. I zipped samba4 dump and keytab files and attached it.
> Thanks!

Matthieu.

-- 
Matthieu Patou
Samba Team
http://samba.org

More information about the samba-technical mailing list