Error Join Samba4 RODC
Jacó Ramos
j4c0r4m0s at gmail.com
Sun Sep 22 04:17:33 CEST 2013
list debug:
root at samba4:/usr/local/samba/etc# /usr/local/samba/bin/samba-tool domain
join dominiolinux.net.br RODC -U administrador --realm=DOMINIOLINUX.NET.BR-d5
INFO: Current debug levels:
all: 5
tdb: 5
printdrivers: 5
lanman: 5
smb: 5
rpc_parse: 5
rpc_srv: 5
rpc_cli: 5
passdb: 5
sam: 5
auth: 5
winbind: 5
vfs: 5
idmap: 5
quota: 5
acls: 5
locking: 5
msdfs: 5
dmapi: 5
registry: 5
scavenger: 5
dns: 5
ldb: 5
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'schannel' registered
GENSEC backend 'spnego' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
added interface eth0 ip=192.168.1.5 bcast=192.168.1.255
netmask=255.255.255.0
added interface eth0 ip=192.168.1.5 bcast=192.168.1.255
netmask=255.255.255.0
added interface eth0 ip=192.168.1.5 bcast=192.168.1.255
netmask=255.255.255.0
added interface eth0 ip=192.168.1.5 bcast=192.168.1.255
netmask=255.255.255.0
Finding a writeable DC for domain 'dominiolinux.net.br'
added interface eth0 ip=192.168.1.5 bcast=192.168.1.255
netmask=255.255.255.0
added interface eth0 ip=192.168.1.5 bcast=192.168.1.255
netmask=255.255.255.0
finddcs: searching for a DC by DNS domain dominiolinux.net.br
finddcs: looking for SRV records for _ldap._tcp.dominiolinux.net.br
ads_dns_lookup_srv: 2 records returned in the answer section.
finddcs: DNS SRV response 0 at '192.168.1.105'
finddcs: DNS SRV response 1 at '192.168.0.104'
finddcs: performing CLDAP query on 192.168.1.105
finddcs: Found matching DC 192.168.1.105 with server_type=0x000003fd
Found DC win2003.DOMINIOLINUX.NET.BR
added interface eth0 ip=192.168.1.5 bcast=192.168.1.255
netmask=255.255.255.0
added interface eth0 ip=192.168.1.5 bcast=192.168.1.255
netmask=255.255.255.0
Starting GENSEC mechanism spnego
Starting GENSEC submechanism gssapi_krb5
Password for [WORKGROUP\administrador]:
Timed out smb_krb5 packet
Received smb_krb5 packet of length 164
Timed out smb_krb5 packet
Received smb_krb5 packet of length 1318
Received smb_krb5 packet of length 1304
Timed out smb_krb5 packet
Received smb_krb5 packet of length 1292
gensec_gssapi: credentials were delegated
GSSAPI Connection will be cryptographically sealed
workgroup is DOMINIOLINUX
realm is DOMINIOLINUX.NET.BR
ERROR(<type 'exceptions.KeyError'>): uncaught exception - 'No such element'
File
"/usr/local/samba/lib/python2.6/site-packages/samba/netcmd/__init__.py",
line 175, in _run
return self.run(*args, **kwargs)
File
"/usr/local/samba/lib/python2.6/site-packages/samba/netcmd/domain.py", line
558, in run
dns_backend=dns_backend)
File "/usr/local/samba/lib/python2.6/site-packages/samba/join.py", line
1047, in join_RODC
mysid = ctx.get_mysid()
File "/usr/local/samba/lib/python2.6/site-packages/samba/join.py", line
298, in get_mysid
binsid = res[0]["tokenGroups"][0]
root at samba4:/usr/local/samba/etc#
Grato
Jacó Ramos
2013/9/21 Matthieu Patou <mat at matws.net>
> Can you try to add -d 5 on the command line and post the result of the
> command ?
>
> Thanks.
>
>
> On 09/21/2013 03:40 AM, Jacó Ramos wrote:
>
>> I run a join with DC and works well, but RODC not work ?
>>
>> 4.1.rc3 solves this problem ?
>>
>> Thanks!
>> Jacó Ramos
>>
>>
>> 2013/9/19 Jacó Ramos <j4c0r4m0s at gmail.com>
>>
>> Hello my friends....
>>>
>>> Howto resolv this problem?
>>>
>>> ----------------
>>>
>>> root at samba:~/samba-4.0.4# /usr/local/samba/bin/samba-**tool domain join
>>> defensoria.net.br RODC -U Administrador --realm=DEFENSORIA.NET.BR
>>> Finding a writeable DC for domain 'defensoria.net.br'
>>> Found DC centserv11.defensoria.net.br
>>> Password for [WORKGROUP\Administrador]:
>>> workgroup is DEFENSORIA
>>> realm is defensoria.net.br
>>> ERROR(<type 'exceptions.KeyError'>): uncaught exception - 'No such
>>> element'
>>> File
>>> "/usr/local/samba/lib/python2.**7/site-packages/samba/netcmd/_**
>>> _init__.py",
>>> line 175, in _run
>>> return self.run(*args, **kwargs)
>>> File
>>> "/usr/local/samba/lib/python2.**7/site-packages/samba/netcmd/**domain.py",
>>> line
>>> 558, in run
>>> dns_backend=dns_backend)
>>> File "/usr/local/samba/lib/python2.**7/site-packages/samba/join.py"**,
>>> line
>>> 1047, in join_RODC
>>> mysid = ctx.get_mysid()
>>> File "/usr/local/samba/lib/python2.**7/site-packages/samba/join.py"**,
>>> line
>>> 298, in get_mysid
>>> binsid = res[0]["tokenGroups"][0]
>>> root at samba:~/samba-4.0.4#
>>>
>>> ------------------------------**-------------
>>>
>>> I' using in version 4.0.4 and 4.0.9.
>>>
>>> my /etc/krb5.conf
>>> ---------------------
>>> [libdefaults]
>>> dns_lookup_realm = true
>>> dns_lookup_kdc = true
>>> default_realm = DEFENSORIA.NET.BR
>>> ---------------------
>>>
>>> My DC is a windows 2003 server
>>>
>>> and my samba 4 is a Debian 7.0.1.
>>>
>>> Thanks!
>>> Jacó Ramos
>>>
>>>
>>> --
>>>
>>> *"O homem não foi criado para ser feliz nem para vencer, mas para viver
>>>
>>> para Deus. Quando vive para Deus é feliz e vence." Isaltino Gomes
>>> *
>>> *
>>> $whoami*
>>>
>>> - Perito Forense Computacional
>>> - Pentester
>>> - Esp. em Segurança de Redes de Computadores com enfâse a Perícia
>>> Forense Computacional - FACID
>>> - Bacharel em Ciência da Computação - UESPI
>>> - Administrador de Redes de Computadores
>>> - CCNA Modulo II
>>> - Lattes: *http://lattes.cnpq.br/**1591329268136905*<http://lattes.cnpq.br/1591329268136905*>
>>>
>>>
>>>
>>> Esta mensagem pode conter informações confidenciais e/ou privilegiadas.
>>> Se
>>> você não for o destinatário ou a pessoa autorizada a receber esta
>>> mensagem,
>>> não deve usar, copiar ou divulgar as informações nela contida ou tomar
>>> qualquer ação baseada nessas informações.
>>>
>>>
>>
>>
>
--
*"O homem não foi criado para ser feliz nem para vencer, mas para viver
para Deus. Quando vive para Deus é feliz e vence." Isaltino Gomes
*
*
$whoami*
- Perito Forense Computacional
- Pentester
- Esp. em Segurança de Redes de Computadores com enfâse a Perícia
Forense Computacional - FACID
- Bacharel em Ciência da Computação - UESPI
- Administrador de Redes de Computadores
- CCNA Modulo II
- Lattes: *http://lattes.cnpq.br/1591329268136905*
Esta mensagem pode conter informações confidenciais e/ou privilegiadas. Se
você não for o destinatário ou a pessoa autorizada a receber esta mensagem,
não deve usar, copiar ou divulgar as informações nela contida ou tomar
qualquer ação baseada nessas informações.
More information about the samba-technical
mailing list