[Samba] Using rpcclient with my NetApp fails
Jeremy Allison
jra at samba.org
Wed Feb 18 15:47:30 MST 2015
On Tue, Feb 17, 2015 at 12:42:20PM -0500, pisymbol . wrote:
> Hello:
>
> I have a Netapp 8.2.2P1 7-Mode connected to my Active Directory domain
> and the following rpcclient command on CentOS 6.5 is bailing on the
> following error:
>
> could not obtain sid for domain QUEST
> error: NT_STATUS_ACCESS_DENIED
>
> I've tested this with all stable version of 3.6 etc. I have not tried
> the python based rpcclient command yet though.
>
> But after a bit of debugging, it seems that the fetch_machine_sid()
> function is failing to open up the LSA pipe using the domain's
> administrative credentials.
>
> I have verified that the netapp is joined to the domain, can perform
> SID lookups, as well as have its own "administrators" group see RID
> 500 and have full access to the netapp.
>
> If I comment out fetch_machine_sid() from rpcclient, everything works
> fine (I get 'netshareenum' output from all supported levels).
>
> Does anyone have any idea why samba and my NetApp aren't playing nice?
> More specifically, does anyone know why the LSA open policy stuff
> would fail on a NetApp when using domain administrator creds (RID
> 500)?
Log a bug at bugzilla.samba.org and upload an rpcclient log
+ wireshare trace of this running successfully against Windows
and failing against NetApp please !
More information about the samba
mailing list