[Samba] Cannot join Ubuntu12.04 Samba 4.1.17 to domain
Rowland Penny
rowlandpenny at googlemail.com
Fri Apr 17 06:01:08 MDT 2015
On 17/04/15 12:29, ivenhov wrote:
> Hi all
>
> I'm desperate now.
>
> On one of the sites I cannot connect Ubuntu to Windows AD 2003.
> Error below.
> On exactly the same setup but on a different network and also on VirtualBox
> VMs everything works as expected.
> Looks like something on the network then or mission parameter.
> Error is about KDC but I can successfully do kinit and get ticket.
> I can also successfully run:
> sudo net ads info
>
> Failing command:
>
> myuser at myserver:~$ sudo net ads join
> createcomputer="MyStructure/Internal/Servers/UnManaged" -S
> serverDC1001.dan2003.sample.domain.com -U SUPER-USER -d10
> INFO: Current debug levels:
> all: 10
> tdb: 10
> printdrivers: 10
> lanman: 10
> smb: 10
> rpc_parse: 10
> rpc_srv: 10
> rpc_cli: 10
> passdb: 10
> sam: 10
> auth: 10
> winbind: 10
> vfs: 10
> idmap: 10
> quota: 10
> acls: 10
> locking: 10
> msdfs: 10
> dmapi: 10
> registry: 10
> scavenger: 10
> dns: 10
> ldb: 10
> lp_load_ex: refreshing parameters
> Initialising global parameters
> INFO: Current debug levels:
> all: 10
> tdb: 10
> printdrivers: 10
> lanman: 10
> smb: 10
> rpc_parse: 10
> rpc_srv: 10
> rpc_cli: 10
> passdb: 10
> sam: 10
> auth: 10
> winbind: 10
> vfs: 10
> idmap: 10
> quota: 10
> acls: 10
> locking: 10
> msdfs: 10
> dmapi: 10
> registry: 10
> scavenger: 10
> dns: 10
> ldb: 10
> params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
> Processing section "[global]"
> doing parameter workgroup = DAN2003
> doing parameter realm = DAN2003.SAMPLE.DOMAIN.COM
> doing parameter server string = MySpecial server %h
> doing parameter security = ADS
> doing parameter map to guest = Bad User
> doing parameter obey pam restrictions = Yes
> doing parameter pam password change = Yes
> doing parameter passwd program = /usr/bin/passwd %u
> doing parameter passwd chat = *Enter\snew\s*\spassword:* %n\n
> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
> doing parameter unix password sync = Yes
> doing parameter syslog = 0
> doing parameter log file = /var/log/samba/log.%m
> doing parameter max log size = 1000
> doing parameter server max protocol = SMB2
> doing parameter min receivefile size = 13638
> doing parameter max xmit = 131072
> doing parameter socket options = TCP_NODELAY SO_RCVBUF=262144
> SO_SNDBUF=262144 IPTOS_LOWDELAY SO_KEEPALIVE
> doing parameter load printers = No
> doing parameter printcap name = /dev/null
> doing parameter disable spoolss = Yes
> doing parameter dns proxy = No
> doing parameter usershare allow guests = Yes
> doing parameter panic action = /usr/share/samba/panic-action %d
> doing parameter template homedir = /dev/null
> doing parameter template shell = /bin/true
> doing parameter winbind enum users = Yes
> doing parameter winbind enum groups = Yes
> doing parameter winbind use default domain = Yes
> doing parameter idmap config * : range = 100000-200000
> doing parameter idmap config * : backend = tdb
> doing parameter aio read size = 1
> doing parameter aio write size = 1
> doing parameter aio write behind = true
> doing parameter use sendfile = Yes
> doing parameter write cache size = 12826144
> doing parameter printing = bsd
> doing parameter print command = lpr -r -P'%p' %s
> doing parameter lpq command = lpq -P'%p'
> doing parameter lprm command = lprm -P'%p' %j
> pm_process() returned Yes
> lp_servicenumber: couldn't find homes
> Netbios name list:-
> my_netbios_names[0]="MYSERVER"
> added interface bond0 ip=10.80.100.74 bcast=10.80.100.255
> netmask=255.255.255.0
> Registering messaging pointer for type 2 - private_data=(nil)
> Registering messaging pointer for type 9 - private_data=(nil)
> Registered MSG_REQ_POOL_USAGE
> Registering messaging pointer for type 11 - private_data=(nil)
> Registering messaging pointer for type 12 - private_data=(nil)
> Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
> Registering messaging pointer for type 1 - private_data=(nil)
> Registering messaging pointer for type 5 - private_data=(nil)
> Enter SUPER-USER's password:
> libnet_Join:
> libnet_JoinCtx: struct libnet_JoinCtx
> in: struct libnet_JoinCtx
> dc_name :
> 'serverDC1001.dan2003.sample.domain.com'
> machine_name : 'MYSERVER'
> domain_name : *
> domain_name : 'DAN2003.SAMPLE.DOMAIN.COM'
> account_ou :
> 'MyStructure/Internal/Servers/UnManaged'
> admin_account : 'SUPER-USER'
> machine_password : NULL
> join_flags : 0x00000023 (35)
> 0: WKSSVC_JOIN_FLAGS_IGNORE_UNSUPPORTED_FLAGS
> 0: WKSSVC_JOIN_FLAGS_JOIN_WITH_NEW_NAME
> 0: WKSSVC_JOIN_FLAGS_JOIN_DC_ACCOUNT
> 0: WKSSVC_JOIN_FLAGS_DEFER_SPN
> 0: WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED
> 0: WKSSVC_JOIN_FLAGS_JOIN_UNSECURE
> 1: WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED
> 0: WKSSVC_JOIN_FLAGS_WIN9X_UPGRADE
> 0: WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE
> 1: WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE
> 1: WKSSVC_JOIN_FLAGS_JOIN_TYPE
> os_version : NULL
> os_name : NULL
> create_upn : 0x00 (0)
> upn : NULL
> modify_config : 0x00 (0)
> ads : NULL
> debug : 0x01 (1)
> use_kerberos : 0x00 (0)
> secure_channel_type : SEC_CHAN_WKSTA (2)
> Opening cache file at /var/cache/samba/gencache.tdb
> Opening cache file at /var/cache/samba/gencache_notrans.tdb
> sitename_fetch: No stored sitename for DAN2003.SAMPLE.DOMAIN.COM
> internal_resolve_name: looking up serverDC1001.dan2003.sample.domain.com#20
> (sitename (null))
> name serverDC1001.dan2003.sample.domain.com#20 found.
> remove_duplicate_addrs2: looking for duplicate address/port pairs
> Connecting to 10.80.8.88 at port 445
> Socket options:
> SO_KEEPALIVE = 1
> SO_REUSEADDR = 0
> SO_BROADCAST = 0
> TCP_NODELAY = 1
> TCP_KEEPCNT = 9
> TCP_KEEPIDLE = 7200
> TCP_KEEPINTVL = 75
> IPTOS_LOWDELAY = 16
> IPTOS_THROUGHPUT = 16
> SO_SNDBUF = 262142
> SO_RCVBUF = 262142
> SO_SNDLOWAT = 1
> SO_RCVLOWAT = 1
> SO_SNDTIMEO = 0
> SO_RCVTIMEO = 0
> TCP_QUICKACK = 1
> TCP_DEFER_ACCEPT = 0
> Doing spnego session setup (blob length=120)
> got OID=1.3.6.1.4.1.311.2.2.30
> got OID=1.2.840.48018.1.2.2
> got OID=1.2.840.113554.1.2.2
> got OID=1.2.840.113554.1.2.2.3
> got OID=1.3.6.1.4.1.311.2.2.10
> got principal=not_defined_in_RFC4178 at please_ignore
> negotiate: struct NEGOTIATE_MESSAGE
> Signature : 'NTLMSSP'
> MessageType : NtLmNegotiate (1)
> NegotiateFlags : 0x60088215 (1611170325)
> 1: NTLMSSP_NEGOTIATE_UNICODE
> 0: NTLMSSP_NEGOTIATE_OEM
> 1: NTLMSSP_REQUEST_TARGET
> 1: NTLMSSP_NEGOTIATE_SIGN
> 0: NTLMSSP_NEGOTIATE_SEAL
> 0: NTLMSSP_NEGOTIATE_DATAGRAM
> 0: NTLMSSP_NEGOTIATE_LM_KEY
> 0: NTLMSSP_NEGOTIATE_NETWARE
> 1: NTLMSSP_NEGOTIATE_NTLM
> 0: NTLMSSP_NEGOTIATE_NT_ONLY
> 0: NTLMSSP_ANONYMOUS
> 0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
> 0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
> 0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
> 1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN
> 0: NTLMSSP_TARGET_TYPE_DOMAIN
> 0: NTLMSSP_TARGET_TYPE_SERVER
> 0: NTLMSSP_TARGET_TYPE_SHARE
> 1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
> 0: NTLMSSP_NEGOTIATE_IDENTIFY
> 0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY
> 0: NTLMSSP_NEGOTIATE_TARGET_INFO
> 0: NTLMSSP_NEGOTIATE_VERSION
> 1: NTLMSSP_NEGOTIATE_128
> 1: NTLMSSP_NEGOTIATE_KEY_EXCH
> 0: NTLMSSP_NEGOTIATE_56
> DomainNameLen : 0x0008 (8)
> DomainNameMaxLen : 0x0008 (8)
> DomainName : *
> DomainName : 'DAN2003'
> WorkstationLen : 0x000e (14)
> WorkstationMaxLen : 0x000e (14)
> Workstation : *
> Workstation : 'MYSERVER'
> challenge: struct CHALLENGE_MESSAGE
> Signature : 'NTLMSSP'
> MessageType : NtLmChallenge (0x2)
> TargetNameLen : 0x0010 (16)
> TargetNameMaxLen : 0x0010 (16)
> TargetName : *
> TargetName : 'DAN2003'
> NegotiateFlags : 0x62898215 (1653178901)
> 1: NTLMSSP_NEGOTIATE_UNICODE
> 0: NTLMSSP_NEGOTIATE_OEM
> 1: NTLMSSP_REQUEST_TARGET
> 1: NTLMSSP_NEGOTIATE_SIGN
> 0: NTLMSSP_NEGOTIATE_SEAL
> 0: NTLMSSP_NEGOTIATE_DATAGRAM
> 0: NTLMSSP_NEGOTIATE_LM_KEY
> 0: NTLMSSP_NEGOTIATE_NETWARE
> 1: NTLMSSP_NEGOTIATE_NTLM
> 0: NTLMSSP_NEGOTIATE_NT_ONLY
> 0: NTLMSSP_ANONYMOUS
> 0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
> 0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
> 0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
> 1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN
> 1: NTLMSSP_TARGET_TYPE_DOMAIN
> 0: NTLMSSP_TARGET_TYPE_SERVER
> 0: NTLMSSP_TARGET_TYPE_SHARE
> 1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
> 0: NTLMSSP_NEGOTIATE_IDENTIFY
> 0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY
> 1: NTLMSSP_NEGOTIATE_TARGET_INFO
> 1: NTLMSSP_NEGOTIATE_VERSION
> 1: NTLMSSP_NEGOTIATE_128
> 1: NTLMSSP_NEGOTIATE_KEY_EXCH
> 0: NTLMSSP_NEGOTIATE_56
> ServerChallenge : d19c394ddd43af69
> Reserved : 0000000000000000
> TargetInfoLen : 0x00da (218)
> TargetNameInfoMaxLen : 0x00da (218)
> TargetInfo : *
> TargetInfo: struct AV_PAIR_LIST
> count : 0x00000007 (7)
> pair: ARRAY(7)
> pair: struct AV_PAIR
> AvId : MsvAvNbDomainName (0x2)
> AvLen : 0x0010 (16)
> Value : union
> ntlmssp_AvValue(case 0x2)
> AvNbDomainName : 'DAN2003'
> pair: struct AV_PAIR
> AvId : MsvAvNbComputerName (0x1)
> AvLen : 0x0016 (22)
> Value : union
> ntlmssp_AvValue(case 0x1)
> AvNbComputerName : 'SERVERDC1001'
> pair: struct AV_PAIR
> AvId : MsvAvDnsDomainName (0x4)
> AvLen : 0x002e (46)
> Value : union
> ntlmssp_AvValue(case 0x4)
> AvDnsDomainName :
> 'dan2003.sample.domain.com'
> pair: struct AV_PAIR
> AvId : MsvAvDnsComputerName
> (0x3)
> AvLen : 0x0046 (70)
> Value : union
> ntlmssp_AvValue(case 0x3)
> AvDnsComputerName :
> 'SERVERDC1001.dan2003.sample.domain.com'
> pair: struct AV_PAIR
> AvId : MsvAvDnsTreeName (0x5)
> AvLen : 0x001c (28)
> Value : union
> ntlmssp_AvValue(case 0x5)
> AvDnsTreeName : 'sample.domain.com'
> pair: struct AV_PAIR
> AvId : MsvAvTimestamp (0x7)
> AvLen : 0x0008 (8)
> Value : union
> ntlmssp_AvValue(case 0x7)
> AvTimestamp : Tue Apr 14 12:28:04 2015
> UTC
> pair: struct AV_PAIR
> AvId : MsvAvEOL (0x0)
> AvLen : 0x0000 (0)
> Value : union
> ntlmssp_AvValue(case 0x0)
> Version: struct ntlmssp_VERSION
> ProductMajorVersion : NTLMSSP_WINDOWS_MAJOR_VERSION_6 (0x6)
> ProductMinorVersion : NTLMSSP_WINDOWS_MINOR_VERSION_1 (0x1)
> ProductBuild : 0x1db1 (7601)
> Reserved : 000000
> NTLMRevisionCurrent : NTLMSSP_REVISION_W2K3 (0xF)
> Got challenge flags:
> Got NTLMSSP neg_flags=0x62898215
> NTLMSSP_NEGOTIATE_UNICODE
> NTLMSSP_REQUEST_TARGET
> NTLMSSP_NEGOTIATE_SIGN
> NTLMSSP_NEGOTIATE_NTLM
> NTLMSSP_NEGOTIATE_ALWAYS_SIGN
> NTLMSSP_NEGOTIATE_NTLM2
> NTLMSSP_NEGOTIATE_TARGET_INFO
> NTLMSSP_NEGOTIATE_VERSION
> NTLMSSP_NEGOTIATE_128
> NTLMSSP_NEGOTIATE_KEY_EXCH
> NTLMSSP: Set final flags:
> Got NTLMSSP neg_flags=0x60088215
> NTLMSSP_NEGOTIATE_UNICODE
> NTLMSSP_REQUEST_TARGET
> NTLMSSP_NEGOTIATE_SIGN
> NTLMSSP_NEGOTIATE_NTLM
> NTLMSSP_NEGOTIATE_ALWAYS_SIGN
> NTLMSSP_NEGOTIATE_NTLM2
> NTLMSSP_NEGOTIATE_128
> NTLMSSP_NEGOTIATE_KEY_EXCH
> authenticate: struct AUTHENTICATE_MESSAGE
> Signature : 'NTLMSSP'
> MessageType : NtLmAuthenticate (3)
> LmChallengeResponseLen : 0x0018 (24)
> LmChallengeResponseMaxLen: 0x0018 (24)
> LmChallengeResponse : *
> LmChallengeResponse : union ntlmssp_LM_RESPONSE(case 24)
> v1: struct LM_RESPONSE
> Response :
> de06e6edc8275e8aa58a9e95067f4cbc5bb6ac5b0279a515
> NtChallengeResponseLen : 0x0106 (262)
> NtChallengeResponseMaxLen: 0x0106 (262)
> NtChallengeResponse : *
> NtChallengeResponse : union ntlmssp_NTLM_RESPONSE(case 262)
> v2: struct NTLMv2_RESPONSE
> Response : a5e98b1ba196aa8513fdbecb1a53a3ac
> Challenge: struct NTLMv2_CLIENT_CHALLENGE
> RespType : 0x01 (1)
> HiRespType : 0x01 (1)
> Reserved1 : 0x0000 (0)
> Reserved2 : 0x00000000 (0)
> TimeStamp : Tue Apr 14 12:28:03 2015 UTC
> ChallengeFromClient : 1ca419ea47cceec3
> Reserved3 : 0x00000000 (0)
> AvPairs: struct AV_PAIR_LIST
> count : 0x00000007 (7)
> pair: ARRAY(7)
> pair: struct AV_PAIR
> AvId : MsvAvNbDomainName
> (0x2)
> AvLen : 0x0010 (16)
> Value : union
> ntlmssp_AvValue(case 0x2)
> AvNbDomainName : 'DAN2003'
> pair: struct AV_PAIR
> AvId :
> MsvAvNbComputerName (0x1)
> AvLen : 0x0016 (22)
> Value : union
> ntlmssp_AvValue(case 0x1)
> AvNbComputerName : 'SERVERDC1001'
> pair: struct AV_PAIR
> AvId :
> MsvAvDnsDomainName (0x4)
> AvLen : 0x002e (46)
> Value : union
> ntlmssp_AvValue(case 0x4)
> AvDnsDomainName :
> 'dan2003.sample.domain.com'
> pair: struct AV_PAIR
> AvId :
> MsvAvDnsComputerName (0x3)
> AvLen : 0x0046 (70)
> Value : union
> ntlmssp_AvValue(case 0x3)
> AvDnsComputerName :
> 'SERVERDC1001.dan2003.sample.domain.com'
> pair: struct AV_PAIR
> AvId : MsvAvDnsTreeName
> (0x5)
> AvLen : 0x001c (28)
> Value : union
> ntlmssp_AvValue(case 0x5)
> AvDnsTreeName :
> 'sample.domain.com'
> pair: struct AV_PAIR
> AvId : MsvAvTimestamp
> (0x7)
> AvLen : 0x0008 (8)
> Value : union
> ntlmssp_AvValue(case 0x7)
> AvTimestamp : Tue Apr 14
> 12:28:04 2015 UTC
> pair: struct AV_PAIR
> AvId : MsvAvEOL (0x0)
> AvLen : 0x0000 (0)
> Value : union
> ntlmssp_AvValue(case 0x0)
> DomainNameLen : 0x0000 (0)
> DomainNameMaxLen : 0x0000 (0)
> DomainName : *
> DomainName : ''
> UserNameLen : 0x0012 (18)
> UserNameMaxLen : 0x0012 (18)
> UserName : *
> UserName : 'SUPER-USER'
> WorkstationLen : 0x001c (28)
> WorkstationMaxLen : 0x001c (28)
> Workstation : *
> Workstation : 'MYSERVER'
> EncryptedRandomSessionKeyLen: 0x0010 (16)
> EncryptedRandomSessionKeyMaxLen: 0x0010 (16)
> EncryptedRandomSessionKey: *
> EncryptedRandomSessionKey: DATA_BLOB length=16
> [0000] 48 09 D4 57 08 FC AD F2 DD B7 FB 1D 65 28 BC 8A H..W.... ....e(..
> NegotiateFlags : 0x60088215 (1611170325)
> 1: NTLMSSP_NEGOTIATE_UNICODE
> 0: NTLMSSP_NEGOTIATE_OEM
> 1: NTLMSSP_REQUEST_TARGET
> 1: NTLMSSP_NEGOTIATE_SIGN
> 0: NTLMSSP_NEGOTIATE_SEAL
> 0: NTLMSSP_NEGOTIATE_DATAGRAM
> 0: NTLMSSP_NEGOTIATE_LM_KEY
> 0: NTLMSSP_NEGOTIATE_NETWARE
> 1: NTLMSSP_NEGOTIATE_NTLM
> 0: NTLMSSP_NEGOTIATE_NT_ONLY
> 0: NTLMSSP_ANONYMOUS
> 0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
> 0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
> 0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
> 1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN
> 0: NTLMSSP_TARGET_TYPE_DOMAIN
> 0: NTLMSSP_TARGET_TYPE_SERVER
> 0: NTLMSSP_TARGET_TYPE_SHARE
> 1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
> 0: NTLMSSP_NEGOTIATE_IDENTIFY
> 0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY
> 0: NTLMSSP_NEGOTIATE_TARGET_INFO
> 0: NTLMSSP_NEGOTIATE_VERSION
> 1: NTLMSSP_NEGOTIATE_128
> 1: NTLMSSP_NEGOTIATE_KEY_EXCH
> 0: NTLMSSP_NEGOTIATE_56
> NTLMSSP Sign/Seal - Initialising with flags:
> Got NTLMSSP neg_flags=0x60088215
> NTLMSSP_NEGOTIATE_UNICODE
> NTLMSSP_REQUEST_TARGET
> NTLMSSP_NEGOTIATE_SIGN
> NTLMSSP_NEGOTIATE_NTLM
> NTLMSSP_NEGOTIATE_ALWAYS_SIGN
> NTLMSSP_NEGOTIATE_NTLM2
> NTLMSSP_NEGOTIATE_128
> NTLMSSP_NEGOTIATE_KEY_EXCH
> cli_init_creds: user SUPER-USER domain
> Bind RPC Pipe: host serverDC1001.dan2003.sample.domain.com auth_type 0,
> auth_level 1
> &r: struct ncacn_packet
> rpc_vers : 0x05 (5)
> rpc_vers_minor : 0x00 (0)
> ptype : DCERPC_PKT_BIND (11)
> pfc_flags : 0x03 (3)
> drep: ARRAY(4)
> [0] : 0x10 (16)
> [1] : 0x00 (0)
> [2] : 0x00 (0)
> [3] : 0x00 (0)
> frag_length : 0x0048 (72)
> auth_length : 0x0000 (0)
> call_id : 0x00000001 (1)
> u : union dcerpc_payload(case 11)
> bind: struct dcerpc_bind
> max_xmit_frag : 0x10b8 (4280)
> max_recv_frag : 0x10b8 (4280)
> assoc_group_id : 0x00000000 (0)
> num_contexts : 0x01 (1)
> ctx_list: ARRAY(1)
> ctx_list: struct dcerpc_ctx_list
> context_id : 0x0000 (0)
> num_transfer_syntaxes : 0x01 (1)
> abstract_syntax: struct ndr_syntax_id
> uuid :
> 12345778-1234-abcd-ef00-0123456789ab
> if_version : 0x00000000 (0)
> transfer_syntaxes: ARRAY(1)
> transfer_syntaxes: struct ndr_syntax_id
> uuid :
> 8a885d04-1ceb-11c9-9fe8-08002b104860
> if_version : 0x00000002 (2)
> auth_info : DATA_BLOB length=0
> rpc_api_pipe: host serverDC1001.dan2003.sample.domain.com
> num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0,
> data_total=72, this_data=72, max_data=4280, param_offset=84, param_pad=2,
> param_disp=0, data_offset=84, data_pad=0, data_disp=0
> rpc_read_send: data_to_read: 52
> r: struct ncacn_packet
> rpc_vers : 0x05 (5)
> rpc_vers_minor : 0x00 (0)
> ptype : DCERPC_PKT_BIND_ACK (12)
> pfc_flags : 0x03 (3)
> drep: ARRAY(4)
> [0] : 0x10 (16)
> [1] : 0x00 (0)
> [2] : 0x00 (0)
> [3] : 0x00 (0)
> frag_length : 0x0044 (68)
> auth_length : 0x0000 (0)
> call_id : 0x00000001 (1)
> u : union dcerpc_payload(case 12)
> bind_ack: struct dcerpc_bind_ack
> max_xmit_frag : 0x10b8 (4280)
> max_recv_frag : 0x10b8 (4280)
> assoc_group_id : 0x00069674 (431732)
> secondary_address_size : 0x000c (12)
> secondary_address : '\pipe\lsass'
> _pad1 : DATA_BLOB length=2
> [0000] 71 71 qq
> num_results : 0x01 (1)
> ctx_list: ARRAY(1)
> ctx_list: struct dcerpc_ack_ctx
> result : 0x0000 (0)
> reason : 0x0000 (0)
> syntax: struct ndr_syntax_id
> uuid :
> 8a885d04-1ceb-11c9-9fe8-08002b104860
> if_version : 0x00000002 (2)
> auth_info : DATA_BLOB length=0
> rpc_api_pipe: got frag len of 68 at offset 0: NT_STATUS_OK
> rpc_api_pipe: host serverDC1001.dan2003.sample.domain.com returned 68 bytes.
> check_bind_response: accepted!
> cli_rpc_pipe_open_noauth: opened pipe \lsarpc to machine
> serverDC1001.dan2003.sample.domain.com and bound anonymously.
> lsa_OpenPolicy: struct lsa_OpenPolicy
> in: struct lsa_OpenPolicy
> system_name : *
> system_name : 0x005c (92)
> attr : *
> attr: struct lsa_ObjectAttribute
> len : 0x00000018 (24)
> root_dir : NULL
> object_name : NULL
> attributes : 0x00000000 (0)
> sec_desc : NULL
> sec_qos : *
> sec_qos: struct lsa_QosInfo
> len : 0x0000000c (12)
> impersonation_level : 0x0002 (2)
> context_mode : 0x01 (1)
> effective_only : 0x00 (0)
> access_mask : 0x02000000 (33554432)
> 0: LSA_POLICY_VIEW_LOCAL_INFORMATION
> 0: LSA_POLICY_VIEW_AUDIT_INFORMATION
> 0: LSA_POLICY_GET_PRIVATE_INFORMATION
> 0: LSA_POLICY_TRUST_ADMIN
> 0: LSA_POLICY_CREATE_ACCOUNT
> 0: LSA_POLICY_CREATE_SECRET
> 0: LSA_POLICY_CREATE_PRIVILEGE
> 0: LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS
> 0: LSA_POLICY_SET_AUDIT_REQUIREMENTS
> 0: LSA_POLICY_AUDIT_LOG_ADMIN
> 0: LSA_POLICY_SERVER_ADMIN
> 0: LSA_POLICY_LOOKUP_NAMES
> 0: LSA_POLICY_NOTIFICATION
> &r: struct ncacn_packet
> rpc_vers : 0x05 (5)
> rpc_vers_minor : 0x00 (0)
> ptype : DCERPC_PKT_REQUEST (0)
> pfc_flags : 0x03 (3)
> drep: ARRAY(4)
> [0] : 0x10 (16)
> [1] : 0x00 (0)
> [2] : 0x00 (0)
> [3] : 0x00 (0)
> frag_length : 0x0018 (24)
> auth_length : 0x0000 (0)
> call_id : 0x00000002 (2)
> u : union dcerpc_payload(case 0)
> request: struct dcerpc_request
> alloc_hint : 0x0000002c (44)
> context_id : 0x0000 (0)
> opnum : 0x0006 (6)
> object : union dcerpc_object(case 0)
> empty: struct dcerpc_empty
> _pad : DATA_BLOB length=0
> stub_and_verifier : DATA_BLOB length=0
> rpc_api_pipe: host serverDC1001.dan2003.sample.domain.com
> num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0,
> data_total=68, this_data=68, max_data=4280, param_offset=84, param_pad=2,
> param_disp=0, data_offset=84, data_pad=0, data_disp=0
> rpc_read_send: data_to_read: 32
> r: struct ncacn_packet
> rpc_vers : 0x05 (5)
> rpc_vers_minor : 0x00 (0)
> ptype : DCERPC_PKT_RESPONSE (2)
> pfc_flags : 0x03 (3)
> drep: ARRAY(4)
> [0] : 0x10 (16)
> [1] : 0x00 (0)
> [2] : 0x00 (0)
> [3] : 0x00 (0)
> frag_length : 0x0030 (48)
> auth_length : 0x0000 (0)
> call_id : 0x00000002 (2)
> u : union dcerpc_payload(case 2)
> response: struct dcerpc_response
> alloc_hint : 0x00000018 (24)
> context_id : 0x0000 (0)
> cancel_count : 0x00 (0)
> _pad : DATA_BLOB length=1
> [0000] 00 .
> stub_and_verifier : DATA_BLOB length=24
> [0000] 00 00 00 00 7E 29 EA FB 47 80 8A 49 9C 2F 88 A6 ....~).. G..I./..
> [0010] 65 A8 5D 72 00 00 00 00 e.]r....
> Got pdu len 48, data_len 24, ss_len 0
> rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK
> rpc_api_pipe: host serverDC1001.dan2003.sample.domain.com returned 24 bytes.
> lsa_OpenPolicy: struct lsa_OpenPolicy
> out: struct lsa_OpenPolicy
> handle : *
> handle: struct policy_handle
> handle_type : 0x00000000 (0)
> uuid :
> fbea297e-8047-498a-9c2f-88a665a85d72
> result : NT_STATUS_OK
> lsa_QueryInfoPolicy2: struct lsa_QueryInfoPolicy2
> in: struct lsa_QueryInfoPolicy2
> handle : *
> handle: struct policy_handle
> handle_type : 0x00000000 (0)
> uuid :
> fbea297e-8047-498a-9c2f-88a665a85d72
> level : LSA_POLICY_INFO_DNS (12)
> &r: struct ncacn_packet
> rpc_vers : 0x05 (5)
> rpc_vers_minor : 0x00 (0)
> ptype : DCERPC_PKT_REQUEST (0)
> pfc_flags : 0x03 (3)
> drep: ARRAY(4)
> [0] : 0x10 (16)
> [1] : 0x00 (0)
> [2] : 0x00 (0)
> [3] : 0x00 (0)
> frag_length : 0x0018 (24)
> auth_length : 0x0000 (0)
> call_id : 0x00000003 (3)
> u : union dcerpc_payload(case 0)
> request: struct dcerpc_request
> alloc_hint : 0x00000016 (22)
> context_id : 0x0000 (0)
> opnum : 0x002e (46)
> object : union dcerpc_object(case 0)
> empty: struct dcerpc_empty
> _pad : DATA_BLOB length=0
> stub_and_verifier : DATA_BLOB length=0
> rpc_api_pipe: host serverDC1001.dan2003.sample.domain.com
> num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0,
> data_total=46, this_data=46, max_data=4280, param_offset=84, param_pad=2,
> param_disp=0, data_offset=84, data_pad=0, data_disp=0
> rpc_read_send: data_to_read: 220
> r: struct ncacn_packet
> rpc_vers : 0x05 (5)
> rpc_vers_minor : 0x00 (0)
> ptype : DCERPC_PKT_RESPONSE (2)
> pfc_flags : 0x03 (3)
> drep: ARRAY(4)
> [0] : 0x10 (16)
> [1] : 0x00 (0)
> [2] : 0x00 (0)
> [3] : 0x00 (0)
> frag_length : 0x00ec (236)
> auth_length : 0x0000 (0)
> call_id : 0x00000003 (3)
> u : union dcerpc_payload(case 2)
> response: struct dcerpc_response
> alloc_hint : 0x000000d4 (212)
> context_id : 0x0000 (0)
> cancel_count : 0x00 (0)
> _pad : DATA_BLOB length=1
> [0000] 00 .
> stub_and_verifier : DATA_BLOB length=212
> [0000] 00 00 02 00 0C 00 00 00 10 00 12 00 04 00 02 00 ........ ........
> [0010] 2E 00 30 00 08 00 02 00 1C 00 1E 00 0C 00 02 00 ..0..... ........
> [0020] 72 C5 DE 51 A1 3A D6 45 AA C3 E3 27 E8 31 0B 54 r..Q.:.E ...'.1.T
> [0030] 10 00 02 00 09 00 00 00 00 00 00 00 08 00 00 00 ........ ........
> [0040] 4E 00 41 00 54 00 49 00 4F 00 4E 00 41 00 4C 00 N.A.T.I. O.N.A.L.
> [0050] 18 00 00 00 00 00 00 00 17 00 00 00 6E 00 61 00 ........ ....n.a.
> [0060] 74 00 69 00 6F 00 6E 00 61 00 6C 00 2E 00 63 00 t.i.o.n. a.l...c.
> [0070] 6F 00 72 00 65 00 2E 00 62 00 62 00 63 00 2E 00 o.r.e... b.b.c...
> [0080] 63 00 6F 00 2E 00 75 00 6B 00 00 00 0F 00 00 00 c.o...u. k.......
> [0090] 00 00 00 00 0E 00 00 00 63 00 6F 00 72 00 65 00 ........ c.o.r.e.
> [00A0] 2E 00 62 00 62 00 63 00 2E 00 63 00 6F 00 2E 00 ..b.b.c. ..c.o...
> [00B0] 75 00 6B 00 04 00 00 00 01 04 00 00 00 00 00 05 u.k..... ........
> [00C0] 15 00 00 00 6B D6 62 04 16 C0 EA 32 82 8B A6 28 ....k.b. ...2...(
> [00D0] 00 00 00 00 ....
> Got pdu len 236, data_len 212, ss_len 0
> rpc_api_pipe: got frag len of 236 at offset 0: NT_STATUS_OK
> rpc_api_pipe: host serverDC1001.dan2003.sample.domain.com returned 212
> bytes.
> lsa_QueryInfoPolicy2: struct lsa_QueryInfoPolicy2
> out: struct lsa_QueryInfoPolicy2
> info : *
> info : *
> info : union
> lsa_PolicyInformation(case 12)
> dns: struct lsa_DnsDomainInfo
> name: struct lsa_StringLarge
> length : 0x0010 (16)
> size : 0x0012 (18)
> string : *
> string : 'DAN2003'
> dns_domain: struct lsa_StringLarge
> length : 0x002e (46)
> size : 0x0030 (48)
> string : *
> string :
> 'dan2003.sample.domain.com'
> dns_forest: struct lsa_StringLarge
> length : 0x001c (28)
> size : 0x001e (30)
> string : *
> string :
> 'sample.domain.com'
> domain_guid :
> 51dec572-3aa1-45d6-aac3-e327e8310b54
> sid : *
> sid :
> S-1-5-21-73586283-854245398-682003330
> result : NT_STATUS_OK
> lsa_Close: struct lsa_Close
> in: struct lsa_Close
> handle : *
> handle: struct policy_handle
> handle_type : 0x00000000 (0)
> uuid :
> fbea297e-8047-498a-9c2f-88a665a85d72
> &r: struct ncacn_packet
> rpc_vers : 0x05 (5)
> rpc_vers_minor : 0x00 (0)
> ptype : DCERPC_PKT_REQUEST (0)
> pfc_flags : 0x03 (3)
> drep: ARRAY(4)
> [0] : 0x10 (16)
> [1] : 0x00 (0)
> [2] : 0x00 (0)
> [3] : 0x00 (0)
> frag_length : 0x0018 (24)
> auth_length : 0x0000 (0)
> call_id : 0x00000004 (4)
> u : union dcerpc_payload(case 0)
> request: struct dcerpc_request
> alloc_hint : 0x00000014 (20)
> context_id : 0x0000 (0)
> opnum : 0x0000 (0)
> object : union dcerpc_object(case 0)
> empty: struct dcerpc_empty
> _pad : DATA_BLOB length=0
> stub_and_verifier : DATA_BLOB length=0
> rpc_api_pipe: host serverDC1001.dan2003.sample.domain.com
> num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0,
> data_total=44, this_data=44, max_data=4280, param_offset=84, param_pad=2,
> param_disp=0, data_offset=84, data_pad=0, data_disp=0
> rpc_read_send: data_to_read: 32
> r: struct ncacn_packet
> rpc_vers : 0x05 (5)
> rpc_vers_minor : 0x00 (0)
> ptype : DCERPC_PKT_RESPONSE (2)
> pfc_flags : 0x03 (3)
> drep: ARRAY(4)
> [0] : 0x10 (16)
> [1] : 0x00 (0)
> [2] : 0x00 (0)
> [3] : 0x00 (0)
> frag_length : 0x0030 (48)
> auth_length : 0x0000 (0)
> call_id : 0x00000004 (4)
> u : union dcerpc_payload(case 2)
> response: struct dcerpc_response
> alloc_hint : 0x00000018 (24)
> context_id : 0x0000 (0)
> cancel_count : 0x00 (0)
> _pad : DATA_BLOB length=1
> [0000] 00 .
> stub_and_verifier : DATA_BLOB length=24
> [0000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
> [0010] 00 00 00 00 00 00 00 00 ........
> Got pdu len 48, data_len 24, ss_len 0
> rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK
> rpc_api_pipe: host serverDC1001.dan2003.sample.domain.com returned 24 bytes.
> lsa_Close: struct lsa_Close
> out: struct lsa_Close
> handle : *
> handle: struct policy_handle
> handle_type : 0x00000000 (0)
> uuid :
> 00000000-0000-0000-0000-000000000000
> result : NT_STATUS_OK
> create_local_private_krb5_conf_for_domain: fname =
> /var/cache/samba/smb_krb5/krb5.conf.DAN2003, realm =
> dan2003.sample.domain.com, domain = DAN2003
> saf_fetch: Returning "SERVERDC1001.dan2003.sample.domain.com" for
> "dan2003.sample.domain.com" domain
> get_dc_list: preferred server list: "SERVERDC1001.dan2003.sample.domain.com,
> *"
> internal_resolve_name: looking up dan2003.sample.domain.com#1c (sitename
> (null))
> name dan2003.sample.domain.com#1C found.
> remove_duplicate_addrs2: looking for duplicate address/port pairs
> Adding 11 DC's from auto lookup
> sitename_fetch: No stored sitename for DAN2003.SAMPLE.DOMAIN.COM
> internal_resolve_name: looking up SERVERDC1001.dan2003.sample.domain.com#20
> (sitename (null))
> name SERVERDC1001.dan2003.sample.domain.com#20 found.
> remove_duplicate_addrs2: looking for duplicate address/port pairs
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.80.8.88
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.124.23.5
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.184.32.187
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.161.8.2
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.184.32.58
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.84.136.29
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.80.8.88
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.52.69.202
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.76.8.118
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.94.76.240
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.72.136.53
> check_negative_conn_cache returning result 0 for domain
> dan2003.sample.domain.com server 10.68.140.2
> remove_duplicate_addrs2: looking for duplicate address/port pairs
> get_dc_list: returning 11 ip addresses in an ordered list
> get_dc_list: 10.80.8.88:389 10.124.23.5:389 10.184.32.187:389 10.161.8.2:389
> 10.184.32.58:389 10.84.136.29:389 10.52.69.202:389 10.76.8.118:389
> 10.94.76.240:389 10.72.136.53:389 10.68.140.2:389
> &response->data.nt5_ex: struct NETLOGON_SAM_LOGON_RESPONSE_EX
> command : LOGON_SAM_LOGON_RESPONSE_EX (23)
> sbz : 0x0000 (0)
> server_type : 0x0000317c (12668)
> 0: NBT_SERVER_PDC
> 1: NBT_SERVER_GC
> 1: NBT_SERVER_LDAP
> 1: NBT_SERVER_DS
> 1: NBT_SERVER_KDC
> 1: NBT_SERVER_TIMESERV
> 0: NBT_SERVER_CLOSEST
> 1: NBT_SERVER_WRITABLE
> 0: NBT_SERVER_GOOD_TIMESERV
> 0: NBT_SERVER_NDNC
> 0: NBT_SERVER_SELECT_SECRET_DOMAIN_6
> 1: NBT_SERVER_FULL_SECRET_DOMAIN_6
> 1: NBT_SERVER_ADS_WEB_SERVICE
> 0: NBT_SERVER_HAS_DNS_NAME
> 0: NBT_SERVER_IS_DEFAULT_NC
> 0: NBT_SERVER_FOREST_ROOT
> domain_uuid : 51dec572-3aa1-45d6-aac3-e327e8310b54
> forest : 'sample.domain.com'
> dns_domain : 'dan2003.sample.domain.com'
> pdc_dns_name : 'SERVERDC1001.dan2003.sample.domain.com'
> domain_name : 'DAN2003'
> pdc_name : 'SERVERDC1001'
> user_name : ''
> server_site : 'UK-Lanc-BH-LAN-Main'
> client_site : ''
> sockaddr_size : 0x00 (0)
> sockaddr: struct nbt_sockaddr
> sockaddr_family : 0x00000000 (0)
> pdc_ip : (null)
> remaining : DATA_BLOB length=0
> next_closest_site : NULL
> nt_version : 0x00000005 (5)
> 1: NETLOGON_NT_VERSION_1
> 0: NETLOGON_NT_VERSION_5
> 1: NETLOGON_NT_VERSION_5EX
> 0: NETLOGON_NT_VERSION_5EX_WITH_IP
> 0: NETLOGON_NT_VERSION_WITH_CLOSEST_SITE
> 0: NETLOGON_NT_VERSION_AVOID_NT4EMUL
> 0: NETLOGON_NT_VERSION_PDC
> 0: NETLOGON_NT_VERSION_IP
> 0: NETLOGON_NT_VERSION_LOCAL
> 0: NETLOGON_NT_VERSION_GC
> lmnt_token : 0xffff (65535)
> lm20_token : 0xffff (65535)
> get_kdc_ip_string: Returning kdc = 10.80.8.88
>
> create_local_private_krb5_conf_for_domain: wrote file
> /var/cache/samba/smb_krb5/krb5.conf.DAN2003 with realm
> DAN2003.SAMPLE.DOMAIN.COM KDC list = kdc = 10.80.8.88
>
> sitename_fetch: No stored sitename for DAN2003.SAMPLE.DOMAIN.COM
> internal_resolve_name: looking up serverDC1001.dan2003.sample.domain.com#20
> (sitename (null))
> name serverDC1001.dan2003.sample.domain.com#20 found.
> remove_duplicate_addrs2: looking for duplicate address/port pairs
> ads_try_connect: sending CLDAP request to 10.80.8.88 (realm:
> dan2003.sample.domain.com)
> &response->data.nt5_ex: struct NETLOGON_SAM_LOGON_RESPONSE_EX
> command : LOGON_SAM_LOGON_RESPONSE_EX (23)
> sbz : 0x0000 (0)
> server_type : 0x0000317c (12668)
> 0: NBT_SERVER_PDC
> 1: NBT_SERVER_GC
> 1: NBT_SERVER_LDAP
> 1: NBT_SERVER_DS
> 1: NBT_SERVER_KDC
> 1: NBT_SERVER_TIMESERV
> 0: NBT_SERVER_CLOSEST
> 1: NBT_SERVER_WRITABLE
> 0: NBT_SERVER_GOOD_TIMESERV
> 0: NBT_SERVER_NDNC
> 0: NBT_SERVER_SELECT_SECRET_DOMAIN_6
> 1: NBT_SERVER_FULL_SECRET_DOMAIN_6
> 1: NBT_SERVER_ADS_WEB_SERVICE
> 0: NBT_SERVER_HAS_DNS_NAME
> 0: NBT_SERVER_IS_DEFAULT_NC
> 0: NBT_SERVER_FOREST_ROOT
> domain_uuid : 51dec572-3aa1-45d6-aac3-e327e8310b54
> forest : 'sample.domain.com'
> dns_domain : 'dan2003.sample.domain.com'
> pdc_dns_name : 'SERVERDC1001.dan2003.sample.domain.com'
> domain_name : 'DAN2003'
> pdc_name : 'SERVERDC1001'
> user_name : ''
> server_site : 'UK-Lanc-BH-LAN-Main'
> client_site : ''
> sockaddr_size : 0x00 (0)
> sockaddr: struct nbt_sockaddr
> sockaddr_family : 0x00000000 (0)
> pdc_ip : (null)
> remaining : DATA_BLOB length=0
> next_closest_site : NULL
> nt_version : 0x00000005 (5)
> 1: NETLOGON_NT_VERSION_1
> 0: NETLOGON_NT_VERSION_5
> 1: NETLOGON_NT_VERSION_5EX
> 0: NETLOGON_NT_VERSION_5EX_WITH_IP
> 0: NETLOGON_NT_VERSION_WITH_CLOSEST_SITE
> 0: NETLOGON_NT_VERSION_AVOID_NT4EMUL
> 0: NETLOGON_NT_VERSION_PDC
> 0: NETLOGON_NT_VERSION_IP
> 0: NETLOGON_NT_VERSION_LOCAL
> 0: NETLOGON_NT_VERSION_GC
> lmnt_token : 0xffff (65535)
> lm20_token : 0xffff (65535)
> sitename_store: deleting empty sitename!
> Deleting cache entry (key=[AD_SITENAME/DOMAIN/DAN2003])
> sitename_store: deleting empty sitename!
> Deleting cache entry (key=[AD_SITENAME/DOMAIN/DAN2003.SAMPLE.DOMAIN.COM])
> Successfully contacted LDAP server 10.80.8.88
> Opening connection to LDAP server
> 'SERVERDC1001.dan2003.sample.domain.com:389', timeout 15 seconds
> Connected to LDAP server 'SERVERDC1001.dan2003.sample.domain.com:389'
> Connected to LDAP server SERVERDC1001.dan2003.sample.domain.com
> ads_sitename_match: no match between server: UK-Lanc-BH-LAN-Main and client:
> NULL
> ads_closest_dc: client belongs to no site
> saf_store: domain = [DAN2003], server =
> [SERVERDC1001.dan2003.sample.domain.com], expire = [1429015386]
> Did not store value for SAF/DOMAIN/DAN2003, we already got it
> saf_store: domain = [dan2003.sample.domain.com], server =
> [SERVERDC1001.dan2003.sample.domain.com], expire = [1429015386]
> Did not store value for SAF/DOMAIN/DAN2003.SAMPLE.DOMAIN.COM, we already got
> it
> KDC time offset is 0 seconds
> Found SASL mechanism GSS-SPNEGO
> ads_sasl_spnego_bind: got OID=1.3.6.1.4.1.311.2.2.30
> ads_sasl_spnego_bind: got OID=1.2.840.48018.1.2.2
> ads_sasl_spnego_bind: got OID=1.2.840.113554.1.2.2
> ads_sasl_spnego_bind: got OID=1.2.840.113554.1.2.2.3
> ads_sasl_spnego_bind: got OID=1.3.6.1.4.1.311.2.2.10
> ads_sasl_spnego_bind: got server principal name =
> not_defined_in_RFC4178 at please_ignore
> ads_krb5_mk_req: krb5_cc_get_principal failed (No such file or directory)
> ads_sasl_spnego_krb5_bind failed with: No such file or directory, calling
> kinit
> kerberos_kinit_password: as SUPER-USER at DAN2003.SAMPLE.DOMAIN.COM using
> [MEMORY:net_ads] as ccache and config
> [/var/cache/samba/smb_krb5/krb5.conf.DAN2003]
> kerberos_kinit_password SUPER-USER at DAN2003.SAMPLE.DOMAIN.COM failed: Cannot
> contact any KDC for requested realm
> libnet_Join:
> libnet_JoinCtx: struct libnet_JoinCtx
> out: struct libnet_JoinCtx
> account_name : NULL
> netbios_domain_name : 'DAN2003'
> dns_domain_name : 'dan2003.sample.domain.com'
> forest_name : 'sample.domain.com'
> dn : NULL
> domain_sid : *
> domain_sid :
> S-1-5-21-73586283-854245398-682003330
> modified_config : 0x00 (0)
> error_string : 'failed to connect to AD: Cannot
> contact any KDC for requested realm'
> domain_is_ad : 0x01 (1)
> result : WERR_DEFAULT_JOIN_REQUIRED
> Failed to join domain: failed to connect to AD: Cannot contact any KDC for
> requested realm
> return code = -1
> myuser at myserver:~$
> myuser at myserver:~$
> myuser at myserver:~$
> myuser at myserver:~$
>
>
>
>
> --
> View this message in context: http://samba.2283325.n4.nabble.com/Cannot-join-Ubuntu12-04-Samba-4-1-17-to-domain-tp4684555.html
> Sent from the Samba - General mailing list archive at Nabble.com.
OK, what have you got in /etc/krb5.conf ?
Does /etc/resolv.conf point to the AD DC ?
Have you turned off dnsmasq in NetworkManager ?
We will come to what you shouldn't have in smb.conf once you have joined
the domain.
Rowland
More information about the samba
mailing list