[Samba] Cannot join Ubuntu12.04 Samba 4.1.17 to domain

Rowland Penny rowlandpenny at googlemail.com
Fri Apr 17 06:01:08 MDT 2015


On 17/04/15 12:29, ivenhov wrote:
> Hi all
>
> I'm desperate now.
>
> On one of the sites I cannot connect Ubuntu to Windows AD 2003.
> Error below.
> On exactly the same setup but on a different network and also on VirtualBox
> VMs everything works as expected.
> Looks like something on the network then or mission parameter.
> Error is about KDC but I can successfully do kinit and get ticket.
> I can also successfully run:
> sudo net ads info
>
> Failing command:
>
> myuser at myserver:~$ sudo net ads join
> createcomputer="MyStructure/Internal/Servers/UnManaged" -S
> serverDC1001.dan2003.sample.domain.com -U SUPER-USER -d10
> INFO: Current debug levels:
>    all: 10
>    tdb: 10
>    printdrivers: 10
>    lanman: 10
>    smb: 10
>    rpc_parse: 10
>    rpc_srv: 10
>    rpc_cli: 10
>    passdb: 10
>    sam: 10
>    auth: 10
>    winbind: 10
>    vfs: 10
>    idmap: 10
>    quota: 10
>    acls: 10
>    locking: 10
>    msdfs: 10
>    dmapi: 10
>    registry: 10
>    scavenger: 10
>    dns: 10
>    ldb: 10
> lp_load_ex: refreshing parameters
> Initialising global parameters
> INFO: Current debug levels:
>    all: 10
>    tdb: 10
>    printdrivers: 10
>    lanman: 10
>    smb: 10
>    rpc_parse: 10
>    rpc_srv: 10
>    rpc_cli: 10
>    passdb: 10
>    sam: 10
>    auth: 10
>    winbind: 10
>    vfs: 10
>    idmap: 10
>    quota: 10
>    acls: 10
>    locking: 10
>    msdfs: 10
>    dmapi: 10
>    registry: 10
>    scavenger: 10
>    dns: 10
>    ldb: 10
> params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
> Processing section "[global]"
> doing parameter workgroup = DAN2003
> doing parameter realm = DAN2003.SAMPLE.DOMAIN.COM
> doing parameter server string = MySpecial server %h
> doing parameter security = ADS
> doing parameter map to guest = Bad User
> doing parameter obey pam restrictions = Yes
> doing parameter pam password change = Yes
> doing parameter passwd program = /usr/bin/passwd %u
> doing parameter passwd chat = *Enter\snew\s*\spassword:* %n\n
> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
> doing parameter unix password sync = Yes
> doing parameter syslog = 0
> doing parameter log file = /var/log/samba/log.%m
> doing parameter max log size = 1000
> doing parameter server max protocol = SMB2
> doing parameter min receivefile size = 13638
> doing parameter max xmit = 131072
> doing parameter socket options = TCP_NODELAY SO_RCVBUF=262144
> SO_SNDBUF=262144 IPTOS_LOWDELAY SO_KEEPALIVE
> doing parameter load printers = No
> doing parameter printcap name = /dev/null
> doing parameter disable spoolss = Yes
> doing parameter dns proxy = No
> doing parameter usershare allow guests = Yes
> doing parameter panic action = /usr/share/samba/panic-action %d
> doing parameter template homedir = /dev/null
> doing parameter template shell = /bin/true
> doing parameter winbind enum users = Yes
> doing parameter winbind enum groups = Yes
> doing parameter winbind use default domain = Yes
> doing parameter idmap config * : range = 100000-200000
> doing parameter idmap config * : backend = tdb
> doing parameter aio read size = 1
> doing parameter aio write size = 1
> doing parameter aio write behind = true
> doing parameter use sendfile = Yes
> doing parameter write cache size = 12826144
> doing parameter printing = bsd
> doing parameter print command = lpr -r -P'%p' %s
> doing parameter lpq command = lpq -P'%p'
> doing parameter lprm command = lprm -P'%p' %j
> pm_process() returned Yes
> lp_servicenumber: couldn't find homes
> Netbios name list:-
> my_netbios_names[0]="MYSERVER"
> added interface bond0 ip=10.80.100.74 bcast=10.80.100.255
> netmask=255.255.255.0
> Registering messaging pointer for type 2 - private_data=(nil)
> Registering messaging pointer for type 9 - private_data=(nil)
> Registered MSG_REQ_POOL_USAGE
> Registering messaging pointer for type 11 - private_data=(nil)
> Registering messaging pointer for type 12 - private_data=(nil)
> Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
> Registering messaging pointer for type 1 - private_data=(nil)
> Registering messaging pointer for type 5 - private_data=(nil)
> Enter SUPER-USER's password:
> libnet_Join:
>      libnet_JoinCtx: struct libnet_JoinCtx
>          in: struct libnet_JoinCtx
>              dc_name                  :
> 'serverDC1001.dan2003.sample.domain.com'
>              machine_name             : 'MYSERVER'
>              domain_name              : *
>                  domain_name              : 'DAN2003.SAMPLE.DOMAIN.COM'
>              account_ou               :
> 'MyStructure/Internal/Servers/UnManaged'
>              admin_account            : 'SUPER-USER'
>              machine_password         : NULL
>              join_flags               : 0x00000023 (35)
>                     0: WKSSVC_JOIN_FLAGS_IGNORE_UNSUPPORTED_FLAGS
>                     0: WKSSVC_JOIN_FLAGS_JOIN_WITH_NEW_NAME
>                     0: WKSSVC_JOIN_FLAGS_JOIN_DC_ACCOUNT
>                     0: WKSSVC_JOIN_FLAGS_DEFER_SPN
>                     0: WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED
>                     0: WKSSVC_JOIN_FLAGS_JOIN_UNSECURE
>                     1: WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED
>                     0: WKSSVC_JOIN_FLAGS_WIN9X_UPGRADE
>                     0: WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE
>                     1: WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE
>                     1: WKSSVC_JOIN_FLAGS_JOIN_TYPE
>              os_version               : NULL
>              os_name                  : NULL
>              create_upn               : 0x00 (0)
>              upn                      : NULL
>              modify_config            : 0x00 (0)
>              ads                      : NULL
>              debug                    : 0x01 (1)
>              use_kerberos             : 0x00 (0)
>              secure_channel_type      : SEC_CHAN_WKSTA (2)
> Opening cache file at /var/cache/samba/gencache.tdb
> Opening cache file at /var/cache/samba/gencache_notrans.tdb
> sitename_fetch: No stored sitename for DAN2003.SAMPLE.DOMAIN.COM
> internal_resolve_name: looking up serverDC1001.dan2003.sample.domain.com#20
> (sitename (null))
> name serverDC1001.dan2003.sample.domain.com#20 found.
> remove_duplicate_addrs2: looking for duplicate address/port pairs
> Connecting to 10.80.8.88 at port 445
> Socket options:
>          SO_KEEPALIVE = 1
>          SO_REUSEADDR = 0
>          SO_BROADCAST = 0
>          TCP_NODELAY = 1
>          TCP_KEEPCNT = 9
>          TCP_KEEPIDLE = 7200
>          TCP_KEEPINTVL = 75
>          IPTOS_LOWDELAY = 16
>          IPTOS_THROUGHPUT = 16
>          SO_SNDBUF = 262142
>          SO_RCVBUF = 262142
>          SO_SNDLOWAT = 1
>          SO_RCVLOWAT = 1
>          SO_SNDTIMEO = 0
>          SO_RCVTIMEO = 0
>          TCP_QUICKACK = 1
>          TCP_DEFER_ACCEPT = 0
> Doing spnego session setup (blob length=120)
> got OID=1.3.6.1.4.1.311.2.2.30
> got OID=1.2.840.48018.1.2.2
> got OID=1.2.840.113554.1.2.2
> got OID=1.2.840.113554.1.2.2.3
> got OID=1.3.6.1.4.1.311.2.2.10
> got principal=not_defined_in_RFC4178 at please_ignore
>       negotiate: struct NEGOTIATE_MESSAGE
>          Signature                : 'NTLMSSP'
>          MessageType              : NtLmNegotiate (1)
>          NegotiateFlags           : 0x60088215 (1611170325)
>                 1: NTLMSSP_NEGOTIATE_UNICODE
>                 0: NTLMSSP_NEGOTIATE_OEM
>                 1: NTLMSSP_REQUEST_TARGET
>                 1: NTLMSSP_NEGOTIATE_SIGN
>                 0: NTLMSSP_NEGOTIATE_SEAL
>                 0: NTLMSSP_NEGOTIATE_DATAGRAM
>                 0: NTLMSSP_NEGOTIATE_LM_KEY
>                 0: NTLMSSP_NEGOTIATE_NETWARE
>                 1: NTLMSSP_NEGOTIATE_NTLM
>                 0: NTLMSSP_NEGOTIATE_NT_ONLY
>                 0: NTLMSSP_ANONYMOUS
>                 0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
>                 0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
>                 0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
>                 1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN
>                 0: NTLMSSP_TARGET_TYPE_DOMAIN
>                 0: NTLMSSP_TARGET_TYPE_SERVER
>                 0: NTLMSSP_TARGET_TYPE_SHARE
>                 1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
>                 0: NTLMSSP_NEGOTIATE_IDENTIFY
>                 0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY
>                 0: NTLMSSP_NEGOTIATE_TARGET_INFO
>                 0: NTLMSSP_NEGOTIATE_VERSION
>                 1: NTLMSSP_NEGOTIATE_128
>                 1: NTLMSSP_NEGOTIATE_KEY_EXCH
>                 0: NTLMSSP_NEGOTIATE_56
>          DomainNameLen            : 0x0008 (8)
>          DomainNameMaxLen         : 0x0008 (8)
>          DomainName               : *
>              DomainName               : 'DAN2003'
>          WorkstationLen           : 0x000e (14)
>          WorkstationMaxLen        : 0x000e (14)
>          Workstation              : *
>              Workstation              : 'MYSERVER'
>       challenge: struct CHALLENGE_MESSAGE
>          Signature                : 'NTLMSSP'
>          MessageType              : NtLmChallenge (0x2)
>          TargetNameLen            : 0x0010 (16)
>          TargetNameMaxLen         : 0x0010 (16)
>          TargetName               : *
>              TargetName               : 'DAN2003'
>          NegotiateFlags           : 0x62898215 (1653178901)
>                 1: NTLMSSP_NEGOTIATE_UNICODE
>                 0: NTLMSSP_NEGOTIATE_OEM
>                 1: NTLMSSP_REQUEST_TARGET
>                 1: NTLMSSP_NEGOTIATE_SIGN
>                 0: NTLMSSP_NEGOTIATE_SEAL
>                 0: NTLMSSP_NEGOTIATE_DATAGRAM
>                 0: NTLMSSP_NEGOTIATE_LM_KEY
>                 0: NTLMSSP_NEGOTIATE_NETWARE
>                 1: NTLMSSP_NEGOTIATE_NTLM
>                 0: NTLMSSP_NEGOTIATE_NT_ONLY
>                 0: NTLMSSP_ANONYMOUS
>                 0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
>                 0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
>                 0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
>                 1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN
>                 1: NTLMSSP_TARGET_TYPE_DOMAIN
>                 0: NTLMSSP_TARGET_TYPE_SERVER
>                 0: NTLMSSP_TARGET_TYPE_SHARE
>                 1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
>                 0: NTLMSSP_NEGOTIATE_IDENTIFY
>                 0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY
>                 1: NTLMSSP_NEGOTIATE_TARGET_INFO
>                 1: NTLMSSP_NEGOTIATE_VERSION
>                 1: NTLMSSP_NEGOTIATE_128
>                 1: NTLMSSP_NEGOTIATE_KEY_EXCH
>                 0: NTLMSSP_NEGOTIATE_56
>          ServerChallenge          : d19c394ddd43af69
>          Reserved                 : 0000000000000000
>          TargetInfoLen            : 0x00da (218)
>          TargetNameInfoMaxLen     : 0x00da (218)
>          TargetInfo               : *
>              TargetInfo: struct AV_PAIR_LIST
>                  count                    : 0x00000007 (7)
>                  pair: ARRAY(7)
>                      pair: struct AV_PAIR
>                          AvId                     : MsvAvNbDomainName (0x2)
>                          AvLen                    : 0x0010 (16)
>                          Value                    : union
> ntlmssp_AvValue(case 0x2)
>                          AvNbDomainName           : 'DAN2003'
>                      pair: struct AV_PAIR
>                          AvId                     : MsvAvNbComputerName (0x1)
>                          AvLen                    : 0x0016 (22)
>                          Value                    : union
> ntlmssp_AvValue(case 0x1)
>                          AvNbComputerName         : 'SERVERDC1001'
>                      pair: struct AV_PAIR
>                          AvId                     : MsvAvDnsDomainName (0x4)
>                          AvLen                    : 0x002e (46)
>                          Value                    : union
> ntlmssp_AvValue(case 0x4)
>                          AvDnsDomainName          :
> 'dan2003.sample.domain.com'
>                      pair: struct AV_PAIR
>                          AvId                     : MsvAvDnsComputerName
> (0x3)
>                          AvLen                    : 0x0046 (70)
>                          Value                    : union
> ntlmssp_AvValue(case 0x3)
>                          AvDnsComputerName        :
> 'SERVERDC1001.dan2003.sample.domain.com'
>                      pair: struct AV_PAIR
>                          AvId                     : MsvAvDnsTreeName (0x5)
>                          AvLen                    : 0x001c (28)
>                          Value                    : union
> ntlmssp_AvValue(case 0x5)
>                          AvDnsTreeName            : 'sample.domain.com'
>                      pair: struct AV_PAIR
>                          AvId                     : MsvAvTimestamp (0x7)
>                          AvLen                    : 0x0008 (8)
>                          Value                    : union
> ntlmssp_AvValue(case 0x7)
>                          AvTimestamp              : Tue Apr 14 12:28:04 2015
> UTC
>                      pair: struct AV_PAIR
>                          AvId                     : MsvAvEOL (0x0)
>                          AvLen                    : 0x0000 (0)
>                          Value                    : union
> ntlmssp_AvValue(case 0x0)
>          Version: struct ntlmssp_VERSION
>              ProductMajorVersion      : NTLMSSP_WINDOWS_MAJOR_VERSION_6 (0x6)
>              ProductMinorVersion      : NTLMSSP_WINDOWS_MINOR_VERSION_1 (0x1)
>              ProductBuild             : 0x1db1 (7601)
>              Reserved                 : 000000
>              NTLMRevisionCurrent      : NTLMSSP_REVISION_W2K3 (0xF)
> Got challenge flags:
> Got NTLMSSP neg_flags=0x62898215
>    NTLMSSP_NEGOTIATE_UNICODE
>    NTLMSSP_REQUEST_TARGET
>    NTLMSSP_NEGOTIATE_SIGN
>    NTLMSSP_NEGOTIATE_NTLM
>    NTLMSSP_NEGOTIATE_ALWAYS_SIGN
>    NTLMSSP_NEGOTIATE_NTLM2
>    NTLMSSP_NEGOTIATE_TARGET_INFO
>    NTLMSSP_NEGOTIATE_VERSION
>    NTLMSSP_NEGOTIATE_128
>    NTLMSSP_NEGOTIATE_KEY_EXCH
> NTLMSSP: Set final flags:
> Got NTLMSSP neg_flags=0x60088215
>    NTLMSSP_NEGOTIATE_UNICODE
>    NTLMSSP_REQUEST_TARGET
>    NTLMSSP_NEGOTIATE_SIGN
>    NTLMSSP_NEGOTIATE_NTLM
>    NTLMSSP_NEGOTIATE_ALWAYS_SIGN
>    NTLMSSP_NEGOTIATE_NTLM2
>    NTLMSSP_NEGOTIATE_128
>    NTLMSSP_NEGOTIATE_KEY_EXCH
>       authenticate: struct AUTHENTICATE_MESSAGE
>          Signature                : 'NTLMSSP'
>          MessageType              : NtLmAuthenticate (3)
>          LmChallengeResponseLen   : 0x0018 (24)
>          LmChallengeResponseMaxLen: 0x0018 (24)
>          LmChallengeResponse      : *
>              LmChallengeResponse      : union ntlmssp_LM_RESPONSE(case 24)
>              v1: struct LM_RESPONSE
>                  Response                 :
> de06e6edc8275e8aa58a9e95067f4cbc5bb6ac5b0279a515
>          NtChallengeResponseLen   : 0x0106 (262)
>          NtChallengeResponseMaxLen: 0x0106 (262)
>          NtChallengeResponse      : *
>              NtChallengeResponse      : union ntlmssp_NTLM_RESPONSE(case 262)
>              v2: struct NTLMv2_RESPONSE
>                  Response                 : a5e98b1ba196aa8513fdbecb1a53a3ac
>                  Challenge: struct NTLMv2_CLIENT_CHALLENGE
>                      RespType                 : 0x01 (1)
>                      HiRespType               : 0x01 (1)
>                      Reserved1                : 0x0000 (0)
>                      Reserved2                : 0x00000000 (0)
>                      TimeStamp                : Tue Apr 14 12:28:03 2015 UTC
>                      ChallengeFromClient      : 1ca419ea47cceec3
>                      Reserved3                : 0x00000000 (0)
>                      AvPairs: struct AV_PAIR_LIST
>                          count                    : 0x00000007 (7)
>                          pair: ARRAY(7)
>                              pair: struct AV_PAIR
>                                  AvId                     : MsvAvNbDomainName
> (0x2)
>                                  AvLen                    : 0x0010 (16)
>                                  Value                    : union
> ntlmssp_AvValue(case 0x2)
>                                  AvNbDomainName           : 'DAN2003'
>                              pair: struct AV_PAIR
>                                  AvId                     :
> MsvAvNbComputerName (0x1)
>                                  AvLen                    : 0x0016 (22)
>                                  Value                    : union
> ntlmssp_AvValue(case 0x1)
>                                  AvNbComputerName         : 'SERVERDC1001'
>                              pair: struct AV_PAIR
>                                  AvId                     :
> MsvAvDnsDomainName (0x4)
>                                  AvLen                    : 0x002e (46)
>                                  Value                    : union
> ntlmssp_AvValue(case 0x4)
>                                  AvDnsDomainName          :
> 'dan2003.sample.domain.com'
>                              pair: struct AV_PAIR
>                                  AvId                     :
> MsvAvDnsComputerName (0x3)
>                                  AvLen                    : 0x0046 (70)
>                                  Value                    : union
> ntlmssp_AvValue(case 0x3)
>                                  AvDnsComputerName        :
> 'SERVERDC1001.dan2003.sample.domain.com'
>                              pair: struct AV_PAIR
>                                  AvId                     : MsvAvDnsTreeName
> (0x5)
>                                  AvLen                    : 0x001c (28)
>                                  Value                    : union
> ntlmssp_AvValue(case 0x5)
>                                  AvDnsTreeName            :
> 'sample.domain.com'
>                              pair: struct AV_PAIR
>                                  AvId                     : MsvAvTimestamp
> (0x7)
>                                  AvLen                    : 0x0008 (8)
>                                  Value                    : union
> ntlmssp_AvValue(case 0x7)
>                                  AvTimestamp              : Tue Apr 14
> 12:28:04 2015 UTC
>                              pair: struct AV_PAIR
>                                  AvId                     : MsvAvEOL (0x0)
>                                  AvLen                    : 0x0000 (0)
>                                  Value                    : union
> ntlmssp_AvValue(case 0x0)
>          DomainNameLen            : 0x0000 (0)
>          DomainNameMaxLen         : 0x0000 (0)
>          DomainName               : *
>              DomainName               : ''
>          UserNameLen              : 0x0012 (18)
>          UserNameMaxLen           : 0x0012 (18)
>          UserName                 : *
>              UserName                 : 'SUPER-USER'
>          WorkstationLen           : 0x001c (28)
>          WorkstationMaxLen        : 0x001c (28)
>          Workstation              : *
>              Workstation              : 'MYSERVER'
>          EncryptedRandomSessionKeyLen: 0x0010 (16)
>          EncryptedRandomSessionKeyMaxLen: 0x0010 (16)
>          EncryptedRandomSessionKey: *
>              EncryptedRandomSessionKey: DATA_BLOB length=16
> [0000] 48 09 D4 57 08 FC AD F2   DD B7 FB 1D 65 28 BC 8A   H..W.... ....e(..
>          NegotiateFlags           : 0x60088215 (1611170325)
>                 1: NTLMSSP_NEGOTIATE_UNICODE
>                 0: NTLMSSP_NEGOTIATE_OEM
>                 1: NTLMSSP_REQUEST_TARGET
>                 1: NTLMSSP_NEGOTIATE_SIGN
>                 0: NTLMSSP_NEGOTIATE_SEAL
>                 0: NTLMSSP_NEGOTIATE_DATAGRAM
>                 0: NTLMSSP_NEGOTIATE_LM_KEY
>                 0: NTLMSSP_NEGOTIATE_NETWARE
>                 1: NTLMSSP_NEGOTIATE_NTLM
>                 0: NTLMSSP_NEGOTIATE_NT_ONLY
>                 0: NTLMSSP_ANONYMOUS
>                 0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
>                 0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
>                 0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
>                 1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN
>                 0: NTLMSSP_TARGET_TYPE_DOMAIN
>                 0: NTLMSSP_TARGET_TYPE_SERVER
>                 0: NTLMSSP_TARGET_TYPE_SHARE
>                 1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
>                 0: NTLMSSP_NEGOTIATE_IDENTIFY
>                 0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY
>                 0: NTLMSSP_NEGOTIATE_TARGET_INFO
>                 0: NTLMSSP_NEGOTIATE_VERSION
>                 1: NTLMSSP_NEGOTIATE_128
>                 1: NTLMSSP_NEGOTIATE_KEY_EXCH
>                 0: NTLMSSP_NEGOTIATE_56
> NTLMSSP Sign/Seal - Initialising with flags:
> Got NTLMSSP neg_flags=0x60088215
>    NTLMSSP_NEGOTIATE_UNICODE
>    NTLMSSP_REQUEST_TARGET
>    NTLMSSP_NEGOTIATE_SIGN
>    NTLMSSP_NEGOTIATE_NTLM
>    NTLMSSP_NEGOTIATE_ALWAYS_SIGN
>    NTLMSSP_NEGOTIATE_NTLM2
>    NTLMSSP_NEGOTIATE_128
>    NTLMSSP_NEGOTIATE_KEY_EXCH
> cli_init_creds: user SUPER-USER domain
> Bind RPC Pipe: host serverDC1001.dan2003.sample.domain.com auth_type 0,
> auth_level 1
>       &r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_BIND (11)
>          pfc_flags                : 0x03 (3)
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0048 (72)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000001 (1)
>          u                        : union dcerpc_payload(case 11)
>          bind: struct dcerpc_bind
>              max_xmit_frag            : 0x10b8 (4280)
>              max_recv_frag            : 0x10b8 (4280)
>              assoc_group_id           : 0x00000000 (0)
>              num_contexts             : 0x01 (1)
>              ctx_list: ARRAY(1)
>                  ctx_list: struct dcerpc_ctx_list
>                      context_id               : 0x0000 (0)
>                      num_transfer_syntaxes    : 0x01 (1)
>                      abstract_syntax: struct ndr_syntax_id
>                          uuid                     :
> 12345778-1234-abcd-ef00-0123456789ab
>                          if_version               : 0x00000000 (0)
>                      transfer_syntaxes: ARRAY(1)
>                          transfer_syntaxes: struct ndr_syntax_id
>                              uuid                     :
> 8a885d04-1ceb-11c9-9fe8-08002b104860
>                              if_version               : 0x00000002 (2)
>              auth_info                : DATA_BLOB length=0
> rpc_api_pipe: host serverDC1001.dan2003.sample.domain.com
> num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0,
> data_total=72, this_data=72, max_data=4280, param_offset=84, param_pad=2,
> param_disp=0, data_offset=84, data_pad=0, data_disp=0
> rpc_read_send: data_to_read: 52
>       r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_BIND_ACK (12)
>          pfc_flags                : 0x03 (3)
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0044 (68)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000001 (1)
>          u                        : union dcerpc_payload(case 12)
>          bind_ack: struct dcerpc_bind_ack
>              max_xmit_frag            : 0x10b8 (4280)
>              max_recv_frag            : 0x10b8 (4280)
>              assoc_group_id           : 0x00069674 (431732)
>              secondary_address_size   : 0x000c (12)
>              secondary_address        : '\pipe\lsass'
>              _pad1                    : DATA_BLOB length=2
> [0000] 71 71                                             qq
>              num_results              : 0x01 (1)
>              ctx_list: ARRAY(1)
>                  ctx_list: struct dcerpc_ack_ctx
>                      result                   : 0x0000 (0)
>                      reason                   : 0x0000 (0)
>                      syntax: struct ndr_syntax_id
>                          uuid                     :
> 8a885d04-1ceb-11c9-9fe8-08002b104860
>                          if_version               : 0x00000002 (2)
>              auth_info                : DATA_BLOB length=0
> rpc_api_pipe: got frag len of 68 at offset 0: NT_STATUS_OK
> rpc_api_pipe: host serverDC1001.dan2003.sample.domain.com returned 68 bytes.
> check_bind_response: accepted!
> cli_rpc_pipe_open_noauth: opened pipe \lsarpc to machine
> serverDC1001.dan2003.sample.domain.com and bound anonymously.
>       lsa_OpenPolicy: struct lsa_OpenPolicy
>          in: struct lsa_OpenPolicy
>              system_name              : *
>                  system_name              : 0x005c (92)
>              attr                     : *
>                  attr: struct lsa_ObjectAttribute
>                      len                      : 0x00000018 (24)
>                      root_dir                 : NULL
>                      object_name              : NULL
>                      attributes               : 0x00000000 (0)
>                      sec_desc                 : NULL
>                      sec_qos                  : *
>                          sec_qos: struct lsa_QosInfo
>                              len                      : 0x0000000c (12)
>                              impersonation_level      : 0x0002 (2)
>                              context_mode             : 0x01 (1)
>                              effective_only           : 0x00 (0)
>              access_mask              : 0x02000000 (33554432)
>                     0: LSA_POLICY_VIEW_LOCAL_INFORMATION
>                     0: LSA_POLICY_VIEW_AUDIT_INFORMATION
>                     0: LSA_POLICY_GET_PRIVATE_INFORMATION
>                     0: LSA_POLICY_TRUST_ADMIN
>                     0: LSA_POLICY_CREATE_ACCOUNT
>                     0: LSA_POLICY_CREATE_SECRET
>                     0: LSA_POLICY_CREATE_PRIVILEGE
>                     0: LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS
>                     0: LSA_POLICY_SET_AUDIT_REQUIREMENTS
>                     0: LSA_POLICY_AUDIT_LOG_ADMIN
>                     0: LSA_POLICY_SERVER_ADMIN
>                     0: LSA_POLICY_LOOKUP_NAMES
>                     0: LSA_POLICY_NOTIFICATION
>       &r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_REQUEST (0)
>          pfc_flags                : 0x03 (3)
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0018 (24)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000002 (2)
>          u                        : union dcerpc_payload(case 0)
>          request: struct dcerpc_request
>              alloc_hint               : 0x0000002c (44)
>              context_id               : 0x0000 (0)
>              opnum                    : 0x0006 (6)
>              object                   : union dcerpc_object(case 0)
>              empty: struct dcerpc_empty
>              _pad                     : DATA_BLOB length=0
>              stub_and_verifier        : DATA_BLOB length=0
> rpc_api_pipe: host serverDC1001.dan2003.sample.domain.com
> num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0,
> data_total=68, this_data=68, max_data=4280, param_offset=84, param_pad=2,
> param_disp=0, data_offset=84, data_pad=0, data_disp=0
> rpc_read_send: data_to_read: 32
>       r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_RESPONSE (2)
>          pfc_flags                : 0x03 (3)
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0030 (48)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000002 (2)
>          u                        : union dcerpc_payload(case 2)
>          response: struct dcerpc_response
>              alloc_hint               : 0x00000018 (24)
>              context_id               : 0x0000 (0)
>              cancel_count             : 0x00 (0)
>              _pad                     : DATA_BLOB length=1
> [0000] 00                                                .
>              stub_and_verifier        : DATA_BLOB length=24
> [0000] 00 00 00 00 7E 29 EA FB   47 80 8A 49 9C 2F 88 A6   ....~).. G..I./..
> [0010] 65 A8 5D 72 00 00 00 00                            e.]r....
> Got pdu len 48, data_len 24, ss_len 0
> rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK
> rpc_api_pipe: host serverDC1001.dan2003.sample.domain.com returned 24 bytes.
>       lsa_OpenPolicy: struct lsa_OpenPolicy
>          out: struct lsa_OpenPolicy
>              handle                   : *
>                  handle: struct policy_handle
>                      handle_type              : 0x00000000 (0)
>                      uuid                     :
> fbea297e-8047-498a-9c2f-88a665a85d72
>              result                   : NT_STATUS_OK
>       lsa_QueryInfoPolicy2: struct lsa_QueryInfoPolicy2
>          in: struct lsa_QueryInfoPolicy2
>              handle                   : *
>                  handle: struct policy_handle
>                      handle_type              : 0x00000000 (0)
>                      uuid                     :
> fbea297e-8047-498a-9c2f-88a665a85d72
>              level                    : LSA_POLICY_INFO_DNS (12)
>       &r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_REQUEST (0)
>          pfc_flags                : 0x03 (3)
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0018 (24)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000003 (3)
>          u                        : union dcerpc_payload(case 0)
>          request: struct dcerpc_request
>              alloc_hint               : 0x00000016 (22)
>              context_id               : 0x0000 (0)
>              opnum                    : 0x002e (46)
>              object                   : union dcerpc_object(case 0)
>              empty: struct dcerpc_empty
>              _pad                     : DATA_BLOB length=0
>              stub_and_verifier        : DATA_BLOB length=0
> rpc_api_pipe: host serverDC1001.dan2003.sample.domain.com
> num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0,
> data_total=46, this_data=46, max_data=4280, param_offset=84, param_pad=2,
> param_disp=0, data_offset=84, data_pad=0, data_disp=0
> rpc_read_send: data_to_read: 220
>       r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_RESPONSE (2)
>          pfc_flags                : 0x03 (3)
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x00ec (236)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000003 (3)
>          u                        : union dcerpc_payload(case 2)
>          response: struct dcerpc_response
>              alloc_hint               : 0x000000d4 (212)
>              context_id               : 0x0000 (0)
>              cancel_count             : 0x00 (0)
>              _pad                     : DATA_BLOB length=1
> [0000] 00                                                .
>              stub_and_verifier        : DATA_BLOB length=212
> [0000] 00 00 02 00 0C 00 00 00   10 00 12 00 04 00 02 00   ........ ........
> [0010] 2E 00 30 00 08 00 02 00   1C 00 1E 00 0C 00 02 00   ..0..... ........
> [0020] 72 C5 DE 51 A1 3A D6 45   AA C3 E3 27 E8 31 0B 54   r..Q.:.E ...'.1.T
> [0030] 10 00 02 00 09 00 00 00   00 00 00 00 08 00 00 00   ........ ........
> [0040] 4E 00 41 00 54 00 49 00   4F 00 4E 00 41 00 4C 00   N.A.T.I. O.N.A.L.
> [0050] 18 00 00 00 00 00 00 00   17 00 00 00 6E 00 61 00   ........ ....n.a.
> [0060] 74 00 69 00 6F 00 6E 00   61 00 6C 00 2E 00 63 00   t.i.o.n. a.l...c.
> [0070] 6F 00 72 00 65 00 2E 00   62 00 62 00 63 00 2E 00   o.r.e... b.b.c...
> [0080] 63 00 6F 00 2E 00 75 00   6B 00 00 00 0F 00 00 00   c.o...u. k.......
> [0090] 00 00 00 00 0E 00 00 00   63 00 6F 00 72 00 65 00   ........ c.o.r.e.
> [00A0] 2E 00 62 00 62 00 63 00   2E 00 63 00 6F 00 2E 00   ..b.b.c. ..c.o...
> [00B0] 75 00 6B 00 04 00 00 00   01 04 00 00 00 00 00 05   u.k..... ........
> [00C0] 15 00 00 00 6B D6 62 04   16 C0 EA 32 82 8B A6 28   ....k.b. ...2...(
> [00D0] 00 00 00 00                                       ....
> Got pdu len 236, data_len 212, ss_len 0
> rpc_api_pipe: got frag len of 236 at offset 0: NT_STATUS_OK
> rpc_api_pipe: host serverDC1001.dan2003.sample.domain.com returned 212
> bytes.
>       lsa_QueryInfoPolicy2: struct lsa_QueryInfoPolicy2
>          out: struct lsa_QueryInfoPolicy2
>              info                     : *
>                  info                     : *
>                      info                     : union
> lsa_PolicyInformation(case 12)
>                      dns: struct lsa_DnsDomainInfo
>                          name: struct lsa_StringLarge
>                              length                   : 0x0010 (16)
>                              size                     : 0x0012 (18)
>                              string                   : *
>                                  string                   : 'DAN2003'
>                          dns_domain: struct lsa_StringLarge
>                              length                   : 0x002e (46)
>                              size                     : 0x0030 (48)
>                              string                   : *
>                                  string                   :
> 'dan2003.sample.domain.com'
>                          dns_forest: struct lsa_StringLarge
>                              length                   : 0x001c (28)
>                              size                     : 0x001e (30)
>                              string                   : *
>                                  string                   :
> 'sample.domain.com'
>                          domain_guid              :
> 51dec572-3aa1-45d6-aac3-e327e8310b54
>                          sid                      : *
>                              sid                      :
> S-1-5-21-73586283-854245398-682003330
>              result                   : NT_STATUS_OK
>       lsa_Close: struct lsa_Close
>          in: struct lsa_Close
>              handle                   : *
>                  handle: struct policy_handle
>                      handle_type              : 0x00000000 (0)
>                      uuid                     :
> fbea297e-8047-498a-9c2f-88a665a85d72
>       &r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_REQUEST (0)
>          pfc_flags                : 0x03 (3)
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0018 (24)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000004 (4)
>          u                        : union dcerpc_payload(case 0)
>          request: struct dcerpc_request
>              alloc_hint               : 0x00000014 (20)
>              context_id               : 0x0000 (0)
>              opnum                    : 0x0000 (0)
>              object                   : union dcerpc_object(case 0)
>              empty: struct dcerpc_empty
>              _pad                     : DATA_BLOB length=0
>              stub_and_verifier        : DATA_BLOB length=0
> rpc_api_pipe: host serverDC1001.dan2003.sample.domain.com
> num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0,
> data_total=44, this_data=44, max_data=4280, param_offset=84, param_pad=2,
> param_disp=0, data_offset=84, data_pad=0, data_disp=0
> rpc_read_send: data_to_read: 32
>       r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_RESPONSE (2)
>          pfc_flags                : 0x03 (3)
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0030 (48)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000004 (4)
>          u                        : union dcerpc_payload(case 2)
>          response: struct dcerpc_response
>              alloc_hint               : 0x00000018 (24)
>              context_id               : 0x0000 (0)
>              cancel_count             : 0x00 (0)
>              _pad                     : DATA_BLOB length=1
> [0000] 00                                                .
>              stub_and_verifier        : DATA_BLOB length=24
> [0000] 00 00 00 00 00 00 00 00   00 00 00 00 00 00 00 00   ........ ........
> [0010] 00 00 00 00 00 00 00 00                            ........
> Got pdu len 48, data_len 24, ss_len 0
> rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK
> rpc_api_pipe: host serverDC1001.dan2003.sample.domain.com returned 24 bytes.
>       lsa_Close: struct lsa_Close
>          out: struct lsa_Close
>              handle                   : *
>                  handle: struct policy_handle
>                      handle_type              : 0x00000000 (0)
>                      uuid                     :
> 00000000-0000-0000-0000-000000000000
>              result                   : NT_STATUS_OK
> create_local_private_krb5_conf_for_domain: fname =
> /var/cache/samba/smb_krb5/krb5.conf.DAN2003, realm =
> dan2003.sample.domain.com, domain = DAN2003
> saf_fetch: Returning "SERVERDC1001.dan2003.sample.domain.com" for
> "dan2003.sample.domain.com" domain
> get_dc_list: preferred server list: "SERVERDC1001.dan2003.sample.domain.com,
> *"
> internal_resolve_name: looking up dan2003.sample.domain.com#1c (sitename
> (null))
> name dan2003.sample.domain.com#1C found.
> remove_duplicate_addrs2: looking for duplicate address/port pairs
> Adding 11 DC's from auto lookup
> sitename_fetch: No stored sitename for DAN2003.SAMPLE.DOMAIN.COM
> internal_resolve_name: looking up SERVERDC1001.dan2003.sample.domain.com#20
> (sitename (null))
> name SERVERDC1001.dan2003.sample.domain.com#20 found.
> remove_duplicate_addrs2: looking for duplicate address/port pairs
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.80.8.88
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.124.23.5
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.184.32.187
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.161.8.2
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.184.32.58
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.84.136.29
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.80.8.88
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.52.69.202
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.76.8.118
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.94.76.240
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.72.136.53
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.68.140.2
> remove_duplicate_addrs2: looking for duplicate address/port pairs
> get_dc_list: returning 11 ip addresses in an ordered list
> get_dc_list: 10.80.8.88:389 10.124.23.5:389 10.184.32.187:389 10.161.8.2:389
> 10.184.32.58:389 10.84.136.29:389 10.52.69.202:389 10.76.8.118:389
> 10.94.76.240:389 10.72.136.53:389 10.68.140.2:389
>       &response->data.nt5_ex: struct NETLOGON_SAM_LOGON_RESPONSE_EX
>          command                  : LOGON_SAM_LOGON_RESPONSE_EX (23)
>          sbz                      : 0x0000 (0)
>          server_type              : 0x0000317c (12668)
>                 0: NBT_SERVER_PDC
>                 1: NBT_SERVER_GC
>                 1: NBT_SERVER_LDAP
>                 1: NBT_SERVER_DS
>                 1: NBT_SERVER_KDC
>                 1: NBT_SERVER_TIMESERV
>                 0: NBT_SERVER_CLOSEST
>                 1: NBT_SERVER_WRITABLE
>                 0: NBT_SERVER_GOOD_TIMESERV
>                 0: NBT_SERVER_NDNC
>                 0: NBT_SERVER_SELECT_SECRET_DOMAIN_6
>                 1: NBT_SERVER_FULL_SECRET_DOMAIN_6
>                 1: NBT_SERVER_ADS_WEB_SERVICE
>                 0: NBT_SERVER_HAS_DNS_NAME
>                 0: NBT_SERVER_IS_DEFAULT_NC
>                 0: NBT_SERVER_FOREST_ROOT
>          domain_uuid              : 51dec572-3aa1-45d6-aac3-e327e8310b54
>          forest                   : 'sample.domain.com'
>          dns_domain               : 'dan2003.sample.domain.com'
>          pdc_dns_name             : 'SERVERDC1001.dan2003.sample.domain.com'
>          domain_name              : 'DAN2003'
>          pdc_name                 : 'SERVERDC1001'
>          user_name                : ''
>          server_site              : 'UK-Lanc-BH-LAN-Main'
>          client_site              : ''
>          sockaddr_size            : 0x00 (0)
>          sockaddr: struct nbt_sockaddr
>              sockaddr_family          : 0x00000000 (0)
>              pdc_ip                   : (null)
>              remaining                : DATA_BLOB length=0
>          next_closest_site        : NULL
>          nt_version               : 0x00000005 (5)
>                 1: NETLOGON_NT_VERSION_1
>                 0: NETLOGON_NT_VERSION_5
>                 1: NETLOGON_NT_VERSION_5EX
>                 0: NETLOGON_NT_VERSION_5EX_WITH_IP
>                 0: NETLOGON_NT_VERSION_WITH_CLOSEST_SITE
>                 0: NETLOGON_NT_VERSION_AVOID_NT4EMUL
>                 0: NETLOGON_NT_VERSION_PDC
>                 0: NETLOGON_NT_VERSION_IP
>                 0: NETLOGON_NT_VERSION_LOCAL
>                 0: NETLOGON_NT_VERSION_GC
>          lmnt_token               : 0xffff (65535)
>          lm20_token               : 0xffff (65535)
> get_kdc_ip_string: Returning    kdc = 10.80.8.88
>
> create_local_private_krb5_conf_for_domain: wrote file
> /var/cache/samba/smb_krb5/krb5.conf.DAN2003 with realm
> DAN2003.SAMPLE.DOMAIN.COM KDC list =     kdc = 10.80.8.88
>
> sitename_fetch: No stored sitename for DAN2003.SAMPLE.DOMAIN.COM
> internal_resolve_name: looking up serverDC1001.dan2003.sample.domain.com#20
> (sitename (null))
> name serverDC1001.dan2003.sample.domain.com#20 found.
> remove_duplicate_addrs2: looking for duplicate address/port pairs
> ads_try_connect: sending CLDAP request to 10.80.8.88 (realm:
> dan2003.sample.domain.com)
>       &response->data.nt5_ex: struct NETLOGON_SAM_LOGON_RESPONSE_EX
>          command                  : LOGON_SAM_LOGON_RESPONSE_EX (23)
>          sbz                      : 0x0000 (0)
>          server_type              : 0x0000317c (12668)
>                 0: NBT_SERVER_PDC
>                 1: NBT_SERVER_GC
>                 1: NBT_SERVER_LDAP
>                 1: NBT_SERVER_DS
>                 1: NBT_SERVER_KDC
>                 1: NBT_SERVER_TIMESERV
>                 0: NBT_SERVER_CLOSEST
>                 1: NBT_SERVER_WRITABLE
>                 0: NBT_SERVER_GOOD_TIMESERV
>                 0: NBT_SERVER_NDNC
>                 0: NBT_SERVER_SELECT_SECRET_DOMAIN_6
>                 1: NBT_SERVER_FULL_SECRET_DOMAIN_6
>                 1: NBT_SERVER_ADS_WEB_SERVICE
>                 0: NBT_SERVER_HAS_DNS_NAME
>                 0: NBT_SERVER_IS_DEFAULT_NC
>                 0: NBT_SERVER_FOREST_ROOT
>          domain_uuid              : 51dec572-3aa1-45d6-aac3-e327e8310b54
>          forest                   : 'sample.domain.com'
>          dns_domain               : 'dan2003.sample.domain.com'
>          pdc_dns_name             : 'SERVERDC1001.dan2003.sample.domain.com'
>          domain_name              : 'DAN2003'
>          pdc_name                 : 'SERVERDC1001'
>          user_name                : ''
>          server_site              : 'UK-Lanc-BH-LAN-Main'
>          client_site              : ''
>          sockaddr_size            : 0x00 (0)
>          sockaddr: struct nbt_sockaddr
>              sockaddr_family          : 0x00000000 (0)
>              pdc_ip                   : (null)
>              remaining                : DATA_BLOB length=0
>          next_closest_site        : NULL
>          nt_version               : 0x00000005 (5)
>                 1: NETLOGON_NT_VERSION_1
>                 0: NETLOGON_NT_VERSION_5
>                 1: NETLOGON_NT_VERSION_5EX
>                 0: NETLOGON_NT_VERSION_5EX_WITH_IP
>                 0: NETLOGON_NT_VERSION_WITH_CLOSEST_SITE
>                 0: NETLOGON_NT_VERSION_AVOID_NT4EMUL
>                 0: NETLOGON_NT_VERSION_PDC
>                 0: NETLOGON_NT_VERSION_IP
>                 0: NETLOGON_NT_VERSION_LOCAL
>                 0: NETLOGON_NT_VERSION_GC
>          lmnt_token               : 0xffff (65535)
>          lm20_token               : 0xffff (65535)
> sitename_store: deleting empty sitename!
> Deleting cache entry (key=[AD_SITENAME/DOMAIN/DAN2003])
> sitename_store: deleting empty sitename!
> Deleting cache entry (key=[AD_SITENAME/DOMAIN/DAN2003.SAMPLE.DOMAIN.COM])
> Successfully contacted LDAP server 10.80.8.88
> Opening connection to LDAP server
> 'SERVERDC1001.dan2003.sample.domain.com:389', timeout 15 seconds
> Connected to LDAP server 'SERVERDC1001.dan2003.sample.domain.com:389'
> Connected to LDAP server SERVERDC1001.dan2003.sample.domain.com
> ads_sitename_match: no match between server: UK-Lanc-BH-LAN-Main and client:
> NULL
> ads_closest_dc: client belongs to no site
> saf_store: domain = [DAN2003], server =
> [SERVERDC1001.dan2003.sample.domain.com], expire = [1429015386]
> Did not store value for SAF/DOMAIN/DAN2003, we already got it
> saf_store: domain = [dan2003.sample.domain.com], server =
> [SERVERDC1001.dan2003.sample.domain.com], expire = [1429015386]
> Did not store value for SAF/DOMAIN/DAN2003.SAMPLE.DOMAIN.COM, we already got
> it
> KDC time offset is 0 seconds
> Found SASL mechanism GSS-SPNEGO
> ads_sasl_spnego_bind: got OID=1.3.6.1.4.1.311.2.2.30
> ads_sasl_spnego_bind: got OID=1.2.840.48018.1.2.2
> ads_sasl_spnego_bind: got OID=1.2.840.113554.1.2.2
> ads_sasl_spnego_bind: got OID=1.2.840.113554.1.2.2.3
> ads_sasl_spnego_bind: got OID=1.3.6.1.4.1.311.2.2.10
> ads_sasl_spnego_bind: got server principal name =
> not_defined_in_RFC4178 at please_ignore
> ads_krb5_mk_req: krb5_cc_get_principal failed (No such file or directory)
> ads_sasl_spnego_krb5_bind failed with: No such file or directory, calling
> kinit
> kerberos_kinit_password: as SUPER-USER at DAN2003.SAMPLE.DOMAIN.COM using
> [MEMORY:net_ads] as ccache and config
> [/var/cache/samba/smb_krb5/krb5.conf.DAN2003]
> kerberos_kinit_password SUPER-USER at DAN2003.SAMPLE.DOMAIN.COM failed: Cannot
> contact any KDC for requested realm
> libnet_Join:
>      libnet_JoinCtx: struct libnet_JoinCtx
>          out: struct libnet_JoinCtx
>              account_name             : NULL
>              netbios_domain_name      : 'DAN2003'
>              dns_domain_name          : 'dan2003.sample.domain.com'
>              forest_name              : 'sample.domain.com'
>              dn                       : NULL
>              domain_sid               : *
>                  domain_sid               :
> S-1-5-21-73586283-854245398-682003330
>              modified_config          : 0x00 (0)
>              error_string             : 'failed to connect to AD: Cannot
> contact any KDC for requested realm'
>              domain_is_ad             : 0x01 (1)
>              result                   : WERR_DEFAULT_JOIN_REQUIRED
> Failed to join domain: failed to connect to AD: Cannot contact any KDC for
> requested realm
> return code = -1
> myuser at myserver:~$
> myuser at myserver:~$
> myuser at myserver:~$
> myuser at myserver:~$
>
>
>
>
> --
> View this message in context: http://samba.2283325.n4.nabble.com/Cannot-join-Ubuntu12-04-Samba-4-1-17-to-domain-tp4684555.html
> Sent from the Samba - General mailing list archive at Nabble.com.

OK, what have you got in /etc/krb5.conf ?
Does /etc/resolv.conf point to the AD DC ?
Have you turned off dnsmasq in NetworkManager ?

We will come to what you shouldn't have in smb.conf once you have joined 
the domain.

Rowland



More information about the samba mailing list