cannot rename windows xp machine in samba4
Vladimir Obukhov
stncldbsh at gmail.com
Wed May 2 02:09:08 MDT 2012
2012/5/2 Matthieu Patou <mat at samba.org>
> On 05/01/2012 08:43 PM, Vladimir Obukhov wrote:
>
>> So now in Computer properties in XP, what's the name ?
>>>
>>> I have the feeling that XP is sending a create when it should in fact
>>> send a rename, to help us it would be great to:
>>>
>>> * leave XP from the domain
>>> * join the domain
>>> * stop the vm
>>> * start a tcpdump capture (check
>>> https://wiki.samba.org/index.**php/Capture_Packets<https://wiki.samba.org/index.php/Capture_Packets>)
>>> on the ubuntu box
>>> * export the keytab of the domain (attention with this we have access to
>>> ALL the password so do it on a test domain with password that you
>>> _never_ use in production), check
>>> https://wiki.samba.org/index.**php/Keytab_Extraction<https://wiki.samba.org/index.php/Keytab_Extraction>for the method to
>>> export the keytab
>>> * start the vm
>>> * log in with the admin, if possible note the packet number after the
>>> user has logged in
>>> * rename the workstation
>>>
>>> Send us the capture it might be helpful.
>>>
>>> in computer properties the name was still ws1
>>
>> I followed your instructions:
>> * left XP from domain
>> * changed winxp computer name to ws3 and sid with newsid utility (I had to
>> do it because I got the error saying smth like "cannot correlate user
>> names", sorry for my bad translation from russian)
>> * joined winxp to domain under name WS3
>> * powered off the vm
>> * started packet capture with "tcpdump -i eth1 -p -s 0 -w samba4.dump.txt
>> port 445 or port 139"
>>
> Don't filter the port we need LDAP, kerberos and all the rest ...
>
> * exported keytab with "samba-tool domain exportkeytab ./samba4.keytab"
>> * powered on winxp
>> * logged in as admin and tried to rename WS3 to WS4, twice, both times a
>> got an error but they seem to be a bit different, first time it said smth
>> like the file exists already, the second time something like username is
>> not found.
>>
> The "funny" part of it is that it seems that the samaccountname of the XP
> box has been changed SAMR response #393 shows that the name WS4$ can be
> resolved.
>
> Maybe with a complete trace we can understand what is denied when renaming
> the workstation (change of the account name is at request #330).
>
>
>
>
> I wasn't able to note the packet number after I've logged on, packets are
>> in raw. I zipped samba4 dump and keytab files and attached it.
>> Thanks!
>
>
ok, I that's what I've done step by step again:
* left XP from domain
* changed winxp computer name to WS5 and sid with newsid utility
* joined winxp to domain under name WS5
* powered off the vm
* started packet capture with "tcpdump -p -s 0 -w samba4.dump.txt
* exported keytab with "samba-tool domain exportkeytab ./samba4.keytab"
* powered on winxp
* logged in as admin (I entered wrong username one time, if that's
important) and tried to rename WS5 to WS6, twice, both times I got error
but they seem to be a bit different, first time it said smth
the dump files were too large for the maillist (I cancelled that posting)
so I have put it to rapidshare here's the link:
https://rapidshare.com/files/3805994593/samba4.zip
More information about the samba-technical
mailing list