[Samba] Debian Jessie joining AD as member fails with "The object name is not found."

Rowland penny rpenny at samba.org
Mon Jul 18 07:57:07 UTC 2016


On 18/07/16 06:08, Russell Ault wrote:
> Hi all!
>
> To clarify, it must have been removed from the copy-pasta, but “net ads join -U” did produce a password prompt as expected.
>
> The dig command produced the following:
>
> root at host:~$ dig -t SRV _ldap._tcp.domain.local
>
> ; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> -t SRV _ldap._tcp.domain.local
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35393
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 2
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4000
> ;; QUESTION SECTION:
> ;_ldap._tcp.domain.local.          IN      SRV
>
> ;; ANSWER SECTION:
> _ldap._tcp.domain.local.   600     IN      SRV     0 100 389 domain-controller.domain.local.
>
> ;; ADDITIONAL SECTION:
> domain-controller.domain.local. 3600    IN      A       192.168.0.34
>
> ;; Query time: 0 msec
> ;; SERVER: 192.168.0.34#53(192.168.0.34)
> ;; WHEN: Sun Jul 17 23:23:47 MDT 2016
> ;; MSG SIZE  rcvd: 107
>
> And "kinit administrator" gave me a valid ticket according to klist.
>
> When I ran "net ads join -k" I got the same error: "Failed to join domain: failed to join domain 'DOMAIN.LOCAL' over rpc: The object name is not found." The -d10 output looks pretty much like the one I posted in my first e-mail message.
>
> Any thoughts? Is there something in my domain that could be misconfigured? What does "The object name is not found." even mean?
>
> Thanks!
>
> Sincerely,
>
> Russell Ault
>
> From: mathias dufresne [mailto:infractory at gmail.com]
> Sent: July 11, 2016 06:53
> To: Russell Ault
> Cc: samba at lists.samba.org
> Subject: Re: [Samba] Debian Jessie joining AD as member fails with "The object name is not found."
>
> I found strange to not see password prompt right after your "net ads join" command. As you did used -U a password should have been asked, at least that's what I believe.
> Before joining AD your Linux must be well configured. DNS and Kerberos are the first points.
> DNS:
> dig -t SRV _ldap._tcp.<your>.<domain>.<tld>
> must work.
> Kerberos:
> kinit administartor
> must also work.
> Then once these commands worked you should have a valid kerberos ticket (generated during kinit). You can verify Kerbreos ticket status with "klist", if you have one valid you can retry net ads join using kerberos auth:
> net ads join -k
>
> 2016-07-10 8:32 GMT+02:00 Russell Ault <russell at auksnest.ca>:
> Hi all!
>
> I'm trying to join Debian Jessie to an existing AD domain as a member server (AD DC is Server 2012R2) to run it as a file server. I installed acl, samba, winbind, libnss-winbind, and krb5-user using APT, and configured /etc/samba/smb.conf according to the Samba wiki article.
>
> The error the join command is producing is " Failed to join domain: failed to join domain 'DOMAIN.LOCAL' over rpc: The object name is not found." which isn't an error message that appeared in any of my searching, so I'm pretty stumped. I've attached my smb.conf and -d10 command output. Any thoughts?
>
> Thanks!
>
> Sincerely,
>
> Russell Ault
>
>
> Here is my (sanitized) smb.conf:
>
>   [global]
>    netbios name = HOSTNAME
>    security  = ADS
>    workgroup = DOMAIN
>    realm = DOMAIN.LOCAL
>
>    idmap config *:backend = tdb
>    idmap config *:range = 2000-9999
>
>    idmap config DOMAIN:backend = ad
>    idmap config DOMAIN:schema_mode = rfc2307
>    idmap config DOMAIN:range = 10000-99999
>
>    winbind nss info = template
>    template shell = /bin/bash
>    template homedir = /home/%U
>
>    vfs objects = acl_xattr
>    map acl inherit = yes
>    store dos attributes = yes
>
>   [storage]
>    path = /path
>    read only = no
>    admin users = "@DOMAIN\Domain Admins"
>
>
> Here's the (sanitized) output of trying to join the domain:
> root at hostname:~# net ads join -U administrator -d10
> INFO: Current debug levels:
>    all: 10
>    tdb: 10
>    printdrivers: 10
>    lanman: 10
>    smb: 10
>    rpc_parse: 10
>    rpc_srv: 10
>    rpc_cli: 10
>    passdb: 10
>    sam: 10
>    auth: 10
>    winbind: 10
>    vfs: 10
>    idmap: 10
>    quota: 10
>    acls: 10
>    locking: 10
>    msdfs: 10
>    dmapi: 10
>    registry: 10
>    scavenger: 10
>    dns: 10
>    ldb: 10
> lp_load_ex: refreshing parameters
> Initialising global parameters
> INFO: Current debug levels:
>    all: 10
>    tdb: 10
>    printdrivers: 10
>    lanman: 10
>    smb: 10
>    rpc_parse: 10
>    rpc_srv: 10
>    rpc_cli: 10
>    passdb: 10
>    sam: 10
>    auth: 10
>    winbind: 10
>    vfs: 10
>    idmap: 10
>    quota: 10
>    acls: 10
>    locking: 10
>    msdfs: 10
>    dmapi: 10
>    registry: 10
>    scavenger: 10
>    dns: 10
>    ldb: 10
> Processing section "[global]"
> doing parameter netbios name = HOSTNAME
> doing parameter security = ADS
> doing parameter workgroup = DOMAIN
> doing parameter realm = DOMAIN.LOCAL
> doing parameter idmap config *:backend = tdb
> doing parameter idmap config *:range = 2000-9999
> doing parameter idmap config DOMAIN:backend = ad
> doing parameter idmap config DOMAIN:schema_mode = rfc2307
> doing parameter idmap config DOMAIN:range = 10000-99999
> doing parameter winbind nss info = template
> doing parameter template shell = /bin/bash
> doing parameter template homedir = /home/%U
> doing parameter vfs objects = acl_xattr
> doing parameter map acl inherit = yes
> doing parameter store dos attributes = yes
> pm_process() returned Yes
> lp_servicenumber: couldn't find homes
> Netbios name list:-
> my_netbios_names[0]="HOSTNAME"
> added interface eth0 ip=192.168.0.37 bcast=192.168.0.255 netmask=255.255.255.0
> Registering messaging pointer for type 2 - private_data=(nil)
> Registering messaging pointer for type 9 - private_data=(nil)
> Registered MSG_REQ_POOL_USAGE
> Registering messaging pointer for type 11 - private_data=(nil)
> Registering messaging pointer for type 12 - private_data=(nil)
> Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
> Registering messaging pointer for type 1 - private_data=(nil)
> Registering messaging pointer for type 5 - private_data=(nil)
> Enter administrator's password:
> libnet_Join:
>      libnet_JoinCtx: struct libnet_JoinCtx
>          in: struct libnet_JoinCtx
>              dc_name                  : NULL
>              machine_name             : 'HOSTNAME'
>              domain_name              : *
>                  domain_name              : 'DOMAIN.LOCAL'
>              account_ou               : NULL
>              admin_account            : 'administrator'
>              admin_domain             : NULL
>              machine_password         : NULL
>              join_flags               : 0x00000023 (35)
>                     0: WKSSVC_JOIN_FLAGS_IGNORE_UNSUPPORTED_FLAGS
>                     0: WKSSVC_JOIN_FLAGS_JOIN_WITH_NEW_NAME
>                     0: WKSSVC_JOIN_FLAGS_JOIN_DC_ACCOUNT
>                     0: WKSSVC_JOIN_FLAGS_DEFER_SPN
>                     0: WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED
>                     0: WKSSVC_JOIN_FLAGS_JOIN_UNSECURE
>                     1: WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED
>                     0: WKSSVC_JOIN_FLAGS_WIN9X_UPGRADE
>                     0: WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE
>                     1: WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE
>                     1: WKSSVC_JOIN_FLAGS_JOIN_TYPE
>              os_version               : NULL
>              os_name                  : NULL
>              create_upn               : 0x00 (0)
>              upn                      : NULL
>              modify_config            : 0x00 (0)
>              ads                      : NULL
>              debug                    : 0x01 (1)
>              use_kerberos             : 0x00 (0)
>              secure_channel_type      : SEC_CHAN_WKSTA (2)
> Opening cache file at /var/cache/samba/gencache.tdb
> Opening cache file at /var/run/samba/gencache_notrans.tdb
> sitename_fetch: Returning sitename for DOMAIN.LOCAL: "Default-First-Site-Name"
> dsgetdcname_internal: domain_name: DOMAIN.LOCAL, domain_guid: (null), site_name: Default-First-Site-Name, flags: 0x40001011
> debug_dsdcinfo_flags: 0x40001011
>          DS_FORCE_REDISCOVERY DS_DIRECTORY_SERVICE_REQUIRED DS_WRITABLE_REQUIRED DS_RETURN_DNS_NAME
> dsgetdcname_rediscover
> ads_dns_lookup_srv: 1 records returned in the answer section.
> ads_dns_parse_rr_srv: Parsed domain-controller.domain.local [0, 100, 389]
> LDAP ping to domain-controller.domain.local (192.168.0.34)
>       &response->data.nt5_ex: struct NETLOGON_SAM_LOGON_RESPONSE_EX
>          command                  : LOGON_SAM_LOGON_RESPONSE_EX (23)
>          sbz                      : 0x0000 (0)
>          server_type              : 0x0000f3fd (62461)
>                 1: NBT_SERVER_PDC
>                 1: NBT_SERVER_GC
>                 1: NBT_SERVER_LDAP
>                 1: NBT_SERVER_DS
>                 1: NBT_SERVER_KDC
>                 1: NBT_SERVER_TIMESERV
>                 1: NBT_SERVER_CLOSEST
>                 1: NBT_SERVER_WRITABLE
>                 1: NBT_SERVER_GOOD_TIMESERV
>                 0: NBT_SERVER_NDNC
>                 0: NBT_SERVER_SELECT_SECRET_DOMAIN_6
>                 1: NBT_SERVER_FULL_SECRET_DOMAIN_6
>                 1: NBT_SERVER_ADS_WEB_SERVICE
>                 0: NBT_SERVER_HAS_DNS_NAME
>                 0: NBT_SERVER_IS_DEFAULT_NC
>                 0: NBT_SERVER_FOREST_ROOT
>          domain_uuid              : 681ea09d-d921-4581-b653-8f8b8f4eb470
>          forest                   : 'domain.local'
>          dns_domain               : 'domain.local'
>          pdc_dns_name             : 'domain-controller.domain.local'
>          domain_name              : 'DOMAIN'
>          pdc_name                 : 'DOMAIN-CONTROLLER'
>          user_name                : ''
>          server_site              : 'Default-First-Site-Name'
>          client_site              : 'Default-First-Site-Name'
>          sockaddr_size            : 0x00 (0)
>          sockaddr: struct nbt_sockaddr
>              sockaddr_family          : 0x00000000 (0)
>              pdc_ip                   : (null)
>              remaining                : DATA_BLOB length=0
>          next_closest_site        : NULL
>          nt_version               : 0x00000005 (5)
>                 1: NETLOGON_NT_VERSION_1
>                 0: NETLOGON_NT_VERSION_5
>                 1: NETLOGON_NT_VERSION_5EX
>                 0: NETLOGON_NT_VERSION_5EX_WITH_IP
>                 0: NETLOGON_NT_VERSION_WITH_CLOSEST_SITE
>                 0: NETLOGON_NT_VERSION_AVOID_NT4EMUL
>                 0: NETLOGON_NT_VERSION_PDC
>                 0: NETLOGON_NT_VERSION_IP
>                 0: NETLOGON_NT_VERSION_LOCAL
>                 0: NETLOGON_NT_VERSION_GC
>          lmnt_token               : 0xffff (65535)
>          lm20_token               : 0xffff (65535)
> Did not store value for DSGETDCNAME/DOMAIN/DOMAIN, we already got it
> sitename_store: realm = [DOMAIN], sitename = [Default-First-Site-Name], expire = [2085923199]
> Did not store value for AD_SITENAME/DOMAIN/DOMAIN, we already got it
> Did not store value for DSGETDCNAME/DOMAIN/DOMAIN.LOCAL, we already got it
> sitename_store: realm = [domain.local], sitename = [Default-First-Site-Name], expire = [2085923199]
> Did not store value for AD_SITENAME/DOMAIN/DOMAIN.LOCAL, we already got it
> sitename_fetch: Returning sitename for DOMAIN.LOCAL: "Default-First-Site-Name"
> internal_resolve_name: looking up domain-controller.domain.local#20 (sitename Default-First-Site-Name)
> Adding cache entry with key=[NBT/DOMAIN-CONTROLLER.DOMAIN.LOCAL#20] and timeout=[Wed Dec 31 05:00:00 PM 1969 MST] (-1468131016 seconds in the past)
> no entry for domain-controller.domain.local#20 found.
> resolve_lmhosts: Attempting lmhosts lookup for name domain-controller.domain.local<0x20>
> resolve_lmhosts: Attempting lmhosts lookup for name domain-controller.domain.local<0x20>
> startlmhosts: Can't open lmhosts file /etc/samba/lmhosts. Error was No such file or directory
> resolve_wins: WINS server resolution selected and no WINS servers listed.
> resolve_hosts: Attempting host lookup for name domain-controller.domain.local<0x20>
> remove_duplicate_addrs2: looking for duplicate address/port pairs
> namecache_store: storing 1 address for domain-controller.domain.local#20: 192.168.0.34
> Adding cache entry with key=[NBT/DOMAIN-CONTROLLER.DOMAIN.LOCAL#20] and timeout=[Sun Jul 10 12:21:16 AM 2016 MDT] (660 seconds ahead)
> internal_resolve_name: returning 1 addresses: 192.168.0.34:0
> Connecting to 192.168.0.34 at port 445
> Socket options:
>          SO_KEEPALIVE = 0
>          SO_REUSEADDR = 0
>          SO_BROADCAST = 0
>          TCP_NODELAY = 1
>          TCP_KEEPCNT = 9
>          TCP_KEEPIDLE = 7200
>          TCP_KEEPINTVL = 75
>          IPTOS_LOWDELAY = 0
>          IPTOS_THROUGHPUT = 0
>          SO_REUSEPORT = 0
>          SO_SNDBUF = 87040
>          SO_RCVBUF = 372480
>          SO_SNDLOWAT = 1
>          SO_RCVLOWAT = 1
>          SO_SNDTIMEO = 0
>          SO_RCVTIMEO = 0
>          TCP_QUICKACK = 1
>          TCP_DEFER_ACCEPT = 0
> Doing spnego session setup (blob length=120)
> got OID=1.3.6.1.4.1.311.2.2.30
> got OID=1.2.840.48018.1.2.2
> got OID=1.2.840.113554.1.2.2
> got OID=1.2.840.113554.1.2.2.3
> got OID=1.3.6.1.4.1.311.2.2.10
> got principal=not_defined_in_RFC4178 at please_ignore
> GENSEC backend 'gssapi_spnego' registered
> GENSEC backend 'gssapi_krb5' registered
> GENSEC backend 'gssapi_krb5_sasl' registered
> GENSEC backend 'spnego' registered
> GENSEC backend 'schannel' registered
> GENSEC backend 'naclrpc_as_system' registered
> GENSEC backend 'sasl-EXTERNAL' registered
> GENSEC backend 'ntlmssp' registered
> GENSEC backend 'ntlmssp_resume_ccache' registered
> GENSEC backend 'http_basic' registered
> GENSEC backend 'http_ntlm' registered
> GENSEC backend 'krb5' registered
> GENSEC backend 'fake_gssapi_krb5' registered
> Starting GENSEC mechanism spnego
> Starting GENSEC submechanism ntlmssp
>       negotiate: struct NEGOTIATE_MESSAGE
>          Signature                : 'NTLMSSP'
>          MessageType              : NtLmNegotiate (1)
>          NegotiateFlags           : 0x62088215 (1644724757)
>                 1: NTLMSSP_NEGOTIATE_UNICODE
>                 0: NTLMSSP_NEGOTIATE_OEM
>                 1: NTLMSSP_REQUEST_TARGET
>                 1: NTLMSSP_NEGOTIATE_SIGN
>                 0: NTLMSSP_NEGOTIATE_SEAL
>                 0: NTLMSSP_NEGOTIATE_DATAGRAM
>                 0: NTLMSSP_NEGOTIATE_LM_KEY
>                 0: NTLMSSP_NEGOTIATE_NETWARE
>                 1: NTLMSSP_NEGOTIATE_NTLM
>                 0: NTLMSSP_NEGOTIATE_NT_ONLY
>                 0: NTLMSSP_ANONYMOUS
>                 0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
>                 0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
>                 0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
>                 1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN
>                 0: NTLMSSP_TARGET_TYPE_DOMAIN
>                 0: NTLMSSP_TARGET_TYPE_SERVER
>                 0: NTLMSSP_TARGET_TYPE_SHARE
>                 1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
>                 0: NTLMSSP_NEGOTIATE_IDENTIFY
>                 0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY
>                 0: NTLMSSP_NEGOTIATE_TARGET_INFO
>                 1: NTLMSSP_NEGOTIATE_VERSION
>                 1: NTLMSSP_NEGOTIATE_128
>                 1: NTLMSSP_NEGOTIATE_KEY_EXCH
>                 0: NTLMSSP_NEGOTIATE_56
>          DomainNameLen            : 0x0000 (0)
>          DomainNameMaxLen         : 0x0000 (0)
>          DomainName               : *
>              DomainName               : ''
>          WorkstationLen           : 0x0000 (0)
>          WorkstationMaxLen        : 0x0000 (0)
>          Workstation              : *
>              Workstation              : ''
>          Version: struct ntlmssp_VERSION
>              ProductMajorVersion      : NTLMSSP_WINDOWS_MAJOR_VERSION_6 (6)
>              ProductMinorVersion      : NTLMSSP_WINDOWS_MINOR_VERSION_1 (1)
>              ProductBuild             : 0x0000 (0)
>              Reserved: ARRAY(3)
>                  [0]                      : 0x00 (0)
>                  [1]                      : 0x00 (0)
>                  [2]                      : 0x00 (0)
>              NTLMRevisionCurrent      : NTLMSSP_REVISION_W2K3 (15)
> Got challenge flags:
> Got NTLMSSP neg_flags=0x62898215
>    NTLMSSP_NEGOTIATE_UNICODE
>    NTLMSSP_REQUEST_TARGET
>    NTLMSSP_NEGOTIATE_SIGN
>    NTLMSSP_NEGOTIATE_NTLM
>    NTLMSSP_NEGOTIATE_ALWAYS_SIGN
>    NTLMSSP_TARGET_TYPE_DOMAIN
>    NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
>    NTLMSSP_NEGOTIATE_TARGET_INFO
>    NTLMSSP_NEGOTIATE_VERSION
>    NTLMSSP_NEGOTIATE_128
>    NTLMSSP_NEGOTIATE_KEY_EXCH
> NTLMSSP: Set final flags:
> Got NTLMSSP neg_flags=0x62088215
>    NTLMSSP_NEGOTIATE_UNICODE
>    NTLMSSP_REQUEST_TARGET
>    NTLMSSP_NEGOTIATE_SIGN
>    NTLMSSP_NEGOTIATE_NTLM
>    NTLMSSP_NEGOTIATE_ALWAYS_SIGN
>    NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
>    NTLMSSP_NEGOTIATE_VERSION
>    NTLMSSP_NEGOTIATE_128
>    NTLMSSP_NEGOTIATE_KEY_EXCH
> NTLMSSP Sign/Seal - Initialising with flags:
> Got NTLMSSP neg_flags=0x62088215
>    NTLMSSP_NEGOTIATE_UNICODE
>    NTLMSSP_REQUEST_TARGET
>    NTLMSSP_NEGOTIATE_SIGN
>    NTLMSSP_NEGOTIATE_NTLM
>    NTLMSSP_NEGOTIATE_ALWAYS_SIGN
>    NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
>    NTLMSSP_NEGOTIATE_VERSION
>    NTLMSSP_NEGOTIATE_128
>    NTLMSSP_NEGOTIATE_KEY_EXCH
> ntlmssp_check_packet: NTLMSSP signature OK !
> NTLMSSP Sign/Seal - Initialising with flags:
> Got NTLMSSP neg_flags=0x62088215
>    NTLMSSP_NEGOTIATE_UNICODE
>    NTLMSSP_REQUEST_TARGET
>    NTLMSSP_NEGOTIATE_SIGN
>    NTLMSSP_NEGOTIATE_NTLM
>    NTLMSSP_NEGOTIATE_ALWAYS_SIGN
>    NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
>    NTLMSSP_NEGOTIATE_VERSION
>    NTLMSSP_NEGOTIATE_128
>    NTLMSSP_NEGOTIATE_KEY_EXCH
> signed SMB2 message
> signed SMB2 message
> cli_init_creds: user administrator domain
> signed SMB2 message
> Bind RPC Pipe: host domain-controller.domain.local auth_type 0, auth_level 1
>       &r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_BIND (11)
>          pfc_flags                : 0x03 (3)
>                 1: DCERPC_PFC_FLAG_FIRST
>                 1: DCERPC_PFC_FLAG_LAST
>                 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
>                 0: DCERPC_PFC_FLAG_CONC_MPX
>                 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
>                 0: DCERPC_PFC_FLAG_MAYBE
>                 0: DCERPC_PFC_FLAG_OBJECT_UUID
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0048 (72)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000001 (1)
>          u                        : union dcerpc_payload(case 11)
>          bind: struct dcerpc_bind
>              max_xmit_frag            : 0x10b8 (4280)
>              max_recv_frag            : 0x10b8 (4280)
>              assoc_group_id           : 0x00000000 (0)
>              num_contexts             : 0x01 (1)
>              ctx_list: ARRAY(1)
>                  ctx_list: struct dcerpc_ctx_list
>                      context_id               : 0x0000 (0)
>                      num_transfer_syntaxes    : 0x01 (1)
>                      abstract_syntax: struct ndr_syntax_id
>                          uuid                     : 12345778-1234-abcd-ef00-0123456789ab
>                          if_version               : 0x00000000 (0)
>                      transfer_syntaxes: ARRAY(1)
>                          transfer_syntaxes: struct ndr_syntax_id
>                              uuid                     : 8a885d04-1ceb-11c9-9fe8-08002b104860
>                              if_version               : 0x00000002 (2)
>              auth_info                : DATA_BLOB length=0
> rpc_api_pipe: host domain-controller.domain.local
> signed SMB2 message
> rpc_read_send: data_to_read: 52
>       r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_BIND_ACK (12)
>          pfc_flags                : 0x03 (3)
>                 1: DCERPC_PFC_FLAG_FIRST
>                 1: DCERPC_PFC_FLAG_LAST
>                 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
>                 0: DCERPC_PFC_FLAG_CONC_MPX
>                 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
>                 0: DCERPC_PFC_FLAG_MAYBE
>                 0: DCERPC_PFC_FLAG_OBJECT_UUID
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0044 (68)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000001 (1)
>          u                        : union dcerpc_payload(case 12)
>          bind_ack: struct dcerpc_bind_ack
>              max_xmit_frag            : 0x10b8 (4280)
>              max_recv_frag            : 0x10b8 (4280)
>              assoc_group_id           : 0x0012e7d2 (1238994)
>              secondary_address_size   : 0x000c (12)
>              secondary_address        : '\pipe\lsass'
>              _pad1                    : DATA_BLOB length=2
> [0000] 00 00                                              ..
>              num_results              : 0x01 (1)
>              ctx_list: ARRAY(1)
>                  ctx_list: struct dcerpc_ack_ctx
>                      result                   : DCERPC_BIND_ACK_RESULT_ACCEPTANCE (0)
>                      reason                   : union dcerpc_bind_ack_reason(case 0)
>                      value                    : DCERPC_BIND_ACK_REASON_NOT_SPECIFIED (0)
>                      syntax: struct ndr_syntax_id
>                          uuid                     : 8a885d04-1ceb-11c9-9fe8-08002b104860
>                          if_version               : 0x00000002 (2)
>              auth_info                : DATA_BLOB length=0
> rpc_api_pipe: got frag len of 68 at offset 0: NT_STATUS_OK
> rpc_api_pipe: host domain-controller.domain.local returned 68 bytes.
> check_bind_response: accepted!
> cli_rpc_pipe_open_noauth: opened pipe lsarpc to machine domain-controller.domain.local and bound anonymously.
>       lsa_OpenPolicy: struct lsa_OpenPolicy
>          in: struct lsa_OpenPolicy
>              system_name              : *
>                  system_name              : 0x005c (92)
>              attr                     : *
>                  attr: struct lsa_ObjectAttribute
>                      len                      : 0x00000018 (24)
>                      root_dir                 : NULL
>                      object_name              : NULL
>                      attributes               : 0x00000000 (0)
>                      sec_desc                 : NULL
>                      sec_qos                  : *
>                          sec_qos: struct lsa_QosInfo
>                              len                      : 0x0000000c (12)
>                              impersonation_level      : 0x0002 (2)
>                              context_mode             : 0x01 (1)
>                              effective_only           : 0x00 (0)
>              access_mask              : 0x02000000 (33554432)
>                     0: LSA_POLICY_VIEW_LOCAL_INFORMATION
>                     0: LSA_POLICY_VIEW_AUDIT_INFORMATION
>                     0: LSA_POLICY_GET_PRIVATE_INFORMATION
>                     0: LSA_POLICY_TRUST_ADMIN
>                     0: LSA_POLICY_CREATE_ACCOUNT
>                     0: LSA_POLICY_CREATE_SECRET
>                     0: LSA_POLICY_CREATE_PRIVILEGE
>                     0: LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS
>                     0: LSA_POLICY_SET_AUDIT_REQUIREMENTS
>                     0: LSA_POLICY_AUDIT_LOG_ADMIN
>                     0: LSA_POLICY_SERVER_ADMIN
>                     0: LSA_POLICY_LOOKUP_NAMES
>                     0: LSA_POLICY_NOTIFICATION
>       &r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_REQUEST (0)
>          pfc_flags                : 0x03 (3)
>                 1: DCERPC_PFC_FLAG_FIRST
>                 1: DCERPC_PFC_FLAG_LAST
>                 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
>                 0: DCERPC_PFC_FLAG_CONC_MPX
>                 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
>                 0: DCERPC_PFC_FLAG_MAYBE
>                 0: DCERPC_PFC_FLAG_OBJECT_UUID
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0018 (24)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000002 (2)
>          u                        : union dcerpc_payload(case 0)
>          request: struct dcerpc_request
>              alloc_hint               : 0x0000002c (44)
>              context_id               : 0x0000 (0)
>              opnum                    : 0x0006 (6)
>              object                   : union dcerpc_object(case 0)
>              empty: struct dcerpc_empty
>              _pad                     : DATA_BLOB length=0
>              stub_and_verifier        : DATA_BLOB length=0
> rpc_api_pipe: host domain-controller.domain.local
> signed SMB2 message
> rpc_read_send: data_to_read: 32
>       r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_RESPONSE (2)
>          pfc_flags                : 0x03 (3)
>                 1: DCERPC_PFC_FLAG_FIRST
>                 1: DCERPC_PFC_FLAG_LAST
>                 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
>                 0: DCERPC_PFC_FLAG_CONC_MPX
>                 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
>                 0: DCERPC_PFC_FLAG_MAYBE
>                 0: DCERPC_PFC_FLAG_OBJECT_UUID
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0030 (48)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000002 (2)
>          u                        : union dcerpc_payload(case 2)
>          response: struct dcerpc_response
>              alloc_hint               : 0x00000018 (24)
>              context_id               : 0x0000 (0)
>              cancel_count             : 0x00 (0)
>              _pad                     : DATA_BLOB length=1
> [0000] 00                                                 .
>              stub_and_verifier        : DATA_BLOB length=24
> [0000] 00 00 00 00 12 75 96 20   33 1B 0A 40 A0 CE C9 5D   .....u.  3.. at ...]
> [0010] 01 EA 3F 01 00 00 00 00                             ..?.....
> Got pdu len 48, data_len 24
> rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK
> rpc_api_pipe: host domain-controller.domain.local returned 24 bytes.
>       lsa_OpenPolicy: struct lsa_OpenPolicy
>          out: struct lsa_OpenPolicy
>              handle                   : *
>                  handle: struct policy_handle
>                      handle_type              : 0x00000000 (0)
>                      uuid                     : 20967512-1b33-400a-a0ce-c95d01ea3f01
>              result                   : NT_STATUS_OK
>       lsa_QueryInfoPolicy2: struct lsa_QueryInfoPolicy2
>          in: struct lsa_QueryInfoPolicy2
>              handle                   : *
>                  handle: struct policy_handle
>                      handle_type              : 0x00000000 (0)
>                      uuid                     : 20967512-1b33-400a-a0ce-c95d01ea3f01
>              level                    : LSA_POLICY_INFO_DNS (12)
>       &r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_REQUEST (0)
>          pfc_flags                : 0x03 (3)
>                 1: DCERPC_PFC_FLAG_FIRST
>                 1: DCERPC_PFC_FLAG_LAST
>                 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
>                 0: DCERPC_PFC_FLAG_CONC_MPX
>                 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
>                 0: DCERPC_PFC_FLAG_MAYBE
>                 0: DCERPC_PFC_FLAG_OBJECT_UUID
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0018 (24)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000003 (3)
>          u                        : union dcerpc_payload(case 0)
>          request: struct dcerpc_request
>              alloc_hint               : 0x00000016 (22)
>              context_id               : 0x0000 (0)
>              opnum                    : 0x002e (46)
>              object                   : union dcerpc_object(case 0)
>              empty: struct dcerpc_empty
>              _pad                     : DATA_BLOB length=0
>              stub_and_verifier        : DATA_BLOB length=0
> rpc_api_pipe: host domain-controller.domain.local
> signed SMB2 message
> rpc_read_send: data_to_read: 176
>       r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_RESPONSE (2)
>          pfc_flags                : 0x03 (3)
>                 1: DCERPC_PFC_FLAG_FIRST
>                 1: DCERPC_PFC_FLAG_LAST
>                 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
>                 0: DCERPC_PFC_FLAG_CONC_MPX
>                 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
>                 0: DCERPC_PFC_FLAG_MAYBE
>                 0: DCERPC_PFC_FLAG_OBJECT_UUID
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x00c0 (192)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000003 (3)
>          u                        : union dcerpc_payload(case 2)
>          response: struct dcerpc_response
>              alloc_hint               : 0x000000a8 (168)
>              context_id               : 0x0000 (0)
>              cancel_count             : 0x00 (0)
>              _pad                     : DATA_BLOB length=1
> [0000] 00                                                 .
>              stub_and_verifier        : DATA_BLOB length=168
>
> <redacted>
>
>                          Got pdu len 192, data_len 168
> rpc_api_pipe: got frag len of 192 at offset 0: NT_STATUS_OK
> rpc_api_pipe: host domain-controller.domain.local returned 168 bytes.
>       lsa_QueryInfoPolicy2: struct lsa_QueryInfoPolicy2
>          out: struct lsa_QueryInfoPolicy2
>              info                     : *
>                  info                     : *
>                      info                     : union lsa_PolicyInformation(case 12)
>                      dns: struct lsa_DnsDomainInfo
>                          name: struct lsa_StringLarge
>                              length                   : 0x0006 (6)
>                              size                     : 0x0008 (8)
>                              string                   : *
>                                  string                   : 'DOMAIN'
>                          dns_domain: struct lsa_StringLarge
>                              length                   : 0x0012 (18)
>                              size                     : 0x0014 (20)
>                              string                   : *
>                                  string                   : 'domain.local'
>                          dns_forest: struct lsa_StringLarge
>                              length                   : 0x0012 (18)
>                              size                     : 0x0014 (20)
>                              string                   : *
>                                  string                   : 'domain.local'
>                          domain_guid              : 681ea09d-d921-4581-b653-8f8b8f4eb470
>                          sid                      : *
>                              sid                      : S-1-5-21-<redacted>-<redacted>-<redacted>
>              result                   : NT_STATUS_OK
>       lsa_Close: struct lsa_Close
>          in: struct lsa_Close
>              handle                   : *
>                  handle: struct policy_handle
>                      handle_type              : 0x00000000 (0)
>                      uuid                     : 20967512-1b33-400a-a0ce-c95d01ea3f01
>       &r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_REQUEST (0)
>          pfc_flags                : 0x03 (3)
>                 1: DCERPC_PFC_FLAG_FIRST
>                 1: DCERPC_PFC_FLAG_LAST
>                 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
>                 0: DCERPC_PFC_FLAG_CONC_MPX
>                 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
>                 0: DCERPC_PFC_FLAG_MAYBE
>                 0: DCERPC_PFC_FLAG_OBJECT_UUID
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0018 (24)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000004 (4)
>          u                        : union dcerpc_payload(case 0)
>          request: struct dcerpc_request
>              alloc_hint               : 0x00000014 (20)
>              context_id               : 0x0000 (0)
>              opnum                    : 0x0000 (0)
>              object                   : union dcerpc_object(case 0)
>              empty: struct dcerpc_empty
>              _pad                     : DATA_BLOB length=0
>              stub_and_verifier        : DATA_BLOB length=0
> rpc_api_pipe: host domain-controller.domain.local
> signed SMB2 message
> rpc_read_send: data_to_read: 32
>       r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_RESPONSE (2)
>          pfc_flags                : 0x03 (3)
>                 1: DCERPC_PFC_FLAG_FIRST
>                 1: DCERPC_PFC_FLAG_LAST
>                 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
>                 0: DCERPC_PFC_FLAG_CONC_MPX
>                 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
>                 0: DCERPC_PFC_FLAG_MAYBE
>                 0: DCERPC_PFC_FLAG_OBJECT_UUID
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0030 (48)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000004 (4)
>          u                        : union dcerpc_payload(case 2)
>          response: struct dcerpc_response
>              alloc_hint               : 0x00000018 (24)
>              context_id               : 0x0000 (0)
>              cancel_count             : 0x00 (0)
>              _pad                     : DATA_BLOB length=1
> [0000] 00                                                 .
>              stub_and_verifier        : DATA_BLOB length=24
> [0000] 00 00 00 00 00 00 00 00   00 00 00 00 00 00 00 00   ........ ........
> [0010] 00 00 00 00 00 00 00 00                             ........
> Got pdu len 48, data_len 24
> rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK
> rpc_api_pipe: host domain-controller.domain.local returned 24 bytes.
>       lsa_Close: struct lsa_Close
>          out: struct lsa_Close
>              handle                   : *
>                  handle: struct policy_handle
>                      handle_type              : 0x00000000 (0)
>                      uuid                     : 00000000-0000-0000-0000-000000000000
>              result                   : NT_STATUS_OK
> signed SMB2 message
> create_local_private_krb5_conf_for_domain: fname = /var/run/samba/smb_krb5/krb5.conf.DOMAIN, realm = domain.local, domain = DOMAIN
> saf_fetch: failed to find server for "domain.local" domain
> get_dc_list: preferred server list: ", *"
> internal_resolve_name: looking up domain.local#1c (sitename (null))
> no entry for domain.local#1C found.
> resolve_ads: Attempting to resolve KDCs for domain.local using DNS
> ads_dns_lookup_srv: 1 records returned in the answer section.
> ads_dns_parse_rr_srv: Parsed domain-controller.domain.local [0, 100, 88]
> remove_duplicate_addrs2: looking for duplicate address/port pairs
> internal_resolve_name: returning 1 addresses: 192.168.0.34:88
> Adding 1 DC's from auto lookup
> check_negative_conn_cache returning result 0 for domain domain.local server 192.168.0.34
> remove_duplicate_addrs2: looking for duplicate address/port pairs
> get_dc_list: returning 1 ip addresses in an ordered list
> get_dc_list: 192.168.0.34:88
>       &response->data.nt5_ex: struct NETLOGON_SAM_LOGON_RESPONSE_EX
>          command                  : LOGON_SAM_LOGON_RESPONSE_EX (23)
>          sbz                      : 0x0000 (0)
>          server_type              : 0x0000f3fd (62461)
>                 1: NBT_SERVER_PDC
>                 1: NBT_SERVER_GC
>                 1: NBT_SERVER_LDAP
>                 1: NBT_SERVER_DS
>                 1: NBT_SERVER_KDC
>                 1: NBT_SERVER_TIMESERV
>                 1: NBT_SERVER_CLOSEST
>                 1: NBT_SERVER_WRITABLE
>                 1: NBT_SERVER_GOOD_TIMESERV
>                 0: NBT_SERVER_NDNC
>                 0: NBT_SERVER_SELECT_SECRET_DOMAIN_6
>                 1: NBT_SERVER_FULL_SECRET_DOMAIN_6
>                 1: NBT_SERVER_ADS_WEB_SERVICE
>                 0: NBT_SERVER_HAS_DNS_NAME
>                 0: NBT_SERVER_IS_DEFAULT_NC
>                 0: NBT_SERVER_FOREST_ROOT
>          domain_uuid              : 681ea09d-d921-4581-b653-8f8b8f4eb470
>          forest                   : 'domain.local'
>          dns_domain               : 'domain.local'
>          pdc_dns_name             : 'domain-controller.domain.local'
>          domain_name              : 'DOMAIN'
>          pdc_name                 : 'DOMAIN-CONTROLLER'
>          user_name                : ''
>          server_site              : 'Default-First-Site-Name'
>          client_site              : 'Default-First-Site-Name'
>          sockaddr_size            : 0x00 (0)
>          sockaddr: struct nbt_sockaddr
>              sockaddr_family          : 0x00000000 (0)
>              pdc_ip                   : (null)
>              remaining                : DATA_BLOB length=0
>          next_closest_site        : NULL
>          nt_version               : 0x00000005 (5)
>                 1: NETLOGON_NT_VERSION_1
>                 0: NETLOGON_NT_VERSION_5
>                 1: NETLOGON_NT_VERSION_5EX
>                 0: NETLOGON_NT_VERSION_5EX_WITH_IP
>                 0: NETLOGON_NT_VERSION_WITH_CLOSEST_SITE
>                 0: NETLOGON_NT_VERSION_AVOID_NT4EMUL
>                 0: NETLOGON_NT_VERSION_PDC
>                 0: NETLOGON_NT_VERSION_IP
>                 0: NETLOGON_NT_VERSION_LOCAL
>                 0: NETLOGON_NT_VERSION_GC
>          lmnt_token               : 0xffff (65535)
>          lm20_token               : 0xffff (65535)
> get_kdc_ip_string: Returning    kdc = 192.168.0.34
>
> create_local_private_krb5_conf_for_domain: wrote file /var/run/samba/smb_krb5/krb5.conf.DOMAIN with realm DOMAIN.LOCAL KDC list =     kdc = 192.168.0.34
>
> signed SMB2 message
> Bind RPC Pipe: host domain-controller.domain.local auth_type 0, auth_level 1
>       &r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_BIND (11)
>          pfc_flags                : 0x03 (3)
>                 1: DCERPC_PFC_FLAG_FIRST
>                 1: DCERPC_PFC_FLAG_LAST
>                 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
>                 0: DCERPC_PFC_FLAG_CONC_MPX
>                 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
>                 0: DCERPC_PFC_FLAG_MAYBE
>                 0: DCERPC_PFC_FLAG_OBJECT_UUID
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0048 (72)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000005 (5)
>          u                        : union dcerpc_payload(case 11)
>          bind: struct dcerpc_bind
>              max_xmit_frag            : 0x10b8 (4280)
>              max_recv_frag            : 0x10b8 (4280)
>              assoc_group_id           : 0x00000000 (0)
>              num_contexts             : 0x01 (1)
>              ctx_list: ARRAY(1)
>                  ctx_list: struct dcerpc_ctx_list
>                      context_id               : 0x0000 (0)
>                      num_transfer_syntaxes    : 0x01 (1)
>                      abstract_syntax: struct ndr_syntax_id
>                          uuid                     : 12345778-1234-abcd-ef00-0123456789ac
>                          if_version               : 0x00000001 (1)
>                      transfer_syntaxes: ARRAY(1)
>                          transfer_syntaxes: struct ndr_syntax_id
>                              uuid                     : 8a885d04-1ceb-11c9-9fe8-08002b104860
>                              if_version               : 0x00000002 (2)
>              auth_info                : DATA_BLOB length=0
> rpc_api_pipe: host domain-controller.domain.local
> signed SMB2 message
> rpc_read_send: data_to_read: 52
>       r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_BIND_ACK (12)
>          pfc_flags                : 0x03 (3)
>                 1: DCERPC_PFC_FLAG_FIRST
>                 1: DCERPC_PFC_FLAG_LAST
>                 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
>                 0: DCERPC_PFC_FLAG_CONC_MPX
>                 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
>                 0: DCERPC_PFC_FLAG_MAYBE
>                 0: DCERPC_PFC_FLAG_OBJECT_UUID
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0044 (68)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000005 (5)
>          u                        : union dcerpc_payload(case 12)
>          bind_ack: struct dcerpc_bind_ack
>              max_xmit_frag            : 0x10b8 (4280)
>              max_recv_frag            : 0x10b8 (4280)
>              assoc_group_id           : 0x0012e7d3 (1238995)
>              secondary_address_size   : 0x000c (12)
>              secondary_address        : '\pipe\lsass'
>              _pad1                    : DATA_BLOB length=2
> [0000] 02 00                                              ..
>              num_results              : 0x01 (1)
>              ctx_list: ARRAY(1)
>                  ctx_list: struct dcerpc_ack_ctx
>                      result                   : DCERPC_BIND_ACK_RESULT_ACCEPTANCE (0)
>                      reason                   : union dcerpc_bind_ack_reason(case 0)
>                      value                    : DCERPC_BIND_ACK_REASON_NOT_SPECIFIED (0)
>                      syntax: struct ndr_syntax_id
>                          uuid                     : 8a885d04-1ceb-11c9-9fe8-08002b104860
>                          if_version               : 0x00000002 (2)
>              auth_info                : DATA_BLOB length=0
> rpc_api_pipe: got frag len of 68 at offset 0: NT_STATUS_OK
> rpc_api_pipe: host domain-controller.domain.local returned 68 bytes.
> check_bind_response: accepted!
> cli_rpc_pipe_open_noauth: opened pipe samr to machine domain-controller.domain.local and bound anonymously.
>       samr_Connect2: struct samr_Connect2
>          in: struct samr_Connect2
>              system_name              : *
>                  system_name              : 'domain-controller.domain.local'
>              access_mask              : 0x00000030 (48)
>                     0: SAMR_ACCESS_CONNECT_TO_SERVER
>                     0: SAMR_ACCESS_SHUTDOWN_SERVER
>                     0: SAMR_ACCESS_INITIALIZE_SERVER
>                     0: SAMR_ACCESS_CREATE_DOMAIN
>                     1: SAMR_ACCESS_ENUM_DOMAINS
>                     1: SAMR_ACCESS_LOOKUP_DOMAIN
>       &r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_REQUEST (0)
>          pfc_flags                : 0x03 (3)
>                 1: DCERPC_PFC_FLAG_FIRST
>                 1: DCERPC_PFC_FLAG_LAST
>                 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
>                 0: DCERPC_PFC_FLAG_CONC_MPX
>                 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
>                 0: DCERPC_PFC_FLAG_MAYBE
>                 0: DCERPC_PFC_FLAG_OBJECT_UUID
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0018 (24)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000006 (6)
>          u                        : union dcerpc_payload(case 0)
>          request: struct dcerpc_request
>              alloc_hint               : 0x00000044 (68)
>              context_id               : 0x0000 (0)
>              opnum                    : 0x0039 (57)
>              object                   : union dcerpc_object(case 0)
>              empty: struct dcerpc_empty
>              _pad                     : DATA_BLOB length=0
>              stub_and_verifier        : DATA_BLOB length=0
> rpc_api_pipe: host domain-controller.domain.local
> signed SMB2 message
> rpc_read_send: data_to_read: 32
>       r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_RESPONSE (2)
>          pfc_flags                : 0x03 (3)
>                 1: DCERPC_PFC_FLAG_FIRST
>                 1: DCERPC_PFC_FLAG_LAST
>                 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
>                 0: DCERPC_PFC_FLAG_CONC_MPX
>                 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
>                 0: DCERPC_PFC_FLAG_MAYBE
>                 0: DCERPC_PFC_FLAG_OBJECT_UUID
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0030 (48)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000006 (6)
>          u                        : union dcerpc_payload(case 2)
>          response: struct dcerpc_response
>              alloc_hint               : 0x00000018 (24)
>              context_id               : 0x0000 (0)
>              cancel_count             : 0x00 (0)
>              _pad                     : DATA_BLOB length=1
> [0000] 00                                                 .
>              stub_and_verifier        : DATA_BLOB length=24
> [0000] 00 00 00 00 96 BA 08 79   09 9E B8 43 99 31 35 E3   .......y ...C.15.
> [0010] 6F DB 2D 8C 00 00 00 00                             o.-.....
> Got pdu len 48, data_len 24
> rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK
> rpc_api_pipe: host domain-controller.domain.local returned 24 bytes.
>       samr_Connect2: struct samr_Connect2
>          out: struct samr_Connect2
>              connect_handle           : *
>                  connect_handle: struct policy_handle
>                      handle_type              : 0x00000000 (0)
>                      uuid                     : <redacted>
>              result                   : NT_STATUS_OK
>       samr_OpenDomain: struct samr_OpenDomain
>          in: struct samr_OpenDomain
>              connect_handle           : *
>                  connect_handle: struct policy_handle
>                      handle_type              : 0x00000000 (0)
>                      uuid                     : <redacted>
>              access_mask              : 0x00000211 (529)
>                     1: SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1
>                     0: SAMR_DOMAIN_ACCESS_SET_INFO_1
>                     0: SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2
>                     0: SAMR_DOMAIN_ACCESS_SET_INFO_2
>                     1: SAMR_DOMAIN_ACCESS_CREATE_USER
>                     0: SAMR_DOMAIN_ACCESS_CREATE_GROUP
>                     0: SAMR_DOMAIN_ACCESS_CREATE_ALIAS
>                     0: SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS
>                     0: SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS
>                     1: SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
>                     0: SAMR_DOMAIN_ACCESS_SET_INFO_3
>              sid                      : *
>                  sid                      : S-1-5-21-<redacted>-<redacted>-<redacted>
>       &r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_REQUEST (0)
>          pfc_flags                : 0x03 (3)
>                 1: DCERPC_PFC_FLAG_FIRST
>                 1: DCERPC_PFC_FLAG_LAST
>                 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
>                 0: DCERPC_PFC_FLAG_CONC_MPX
>                 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
>                 0: DCERPC_PFC_FLAG_MAYBE
>                 0: DCERPC_PFC_FLAG_OBJECT_UUID
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0018 (24)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000007 (7)
>          u                        : union dcerpc_payload(case 0)
>          request: struct dcerpc_request
>              alloc_hint               : 0x00000034 (52)
>              context_id               : 0x0000 (0)
>              opnum                    : 0x0007 (7)
>              object                   : union dcerpc_object(case 0)
>              empty: struct dcerpc_empty
>              _pad                     : DATA_BLOB length=0
>              stub_and_verifier        : DATA_BLOB length=0
> rpc_api_pipe: host domain-controller.domain.local
> signed SMB2 message
> rpc_read_send: data_to_read: 32
>       r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_RESPONSE (2)
>          pfc_flags                : 0x03 (3)
>                 1: DCERPC_PFC_FLAG_FIRST
>                 1: DCERPC_PFC_FLAG_LAST
>                 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
>                 0: DCERPC_PFC_FLAG_CONC_MPX
>                 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
>                 0: DCERPC_PFC_FLAG_MAYBE
>                 0: DCERPC_PFC_FLAG_OBJECT_UUID
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0030 (48)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000007 (7)
>          u                        : union dcerpc_payload(case 2)
>          response: struct dcerpc_response
>              alloc_hint               : 0x00000018 (24)
>              context_id               : 0x0000 (0)
>              cancel_count             : 0x00 (0)
>              _pad                     : DATA_BLOB length=1
> [0000] 00                                                 .
>              stub_and_verifier        : DATA_BLOB length=24
> [0000] 00 00 00 00 BB BF DA CA   50 F9 95 4B 9C 62 7E 58   ........ P..K.b~X
> [0010] ED BE BA 7D 00 00 00 00                             ...}....
> Got pdu len 48, data_len 24
> rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK
> rpc_api_pipe: host domain-controller.domain.local returned 24 bytes.
>       samr_OpenDomain: struct samr_OpenDomain
>          out: struct samr_OpenDomain
>              domain_handle            : *
>                  domain_handle: struct policy_handle
>                      handle_type              : 0x00000000 (0)
>                      uuid                     : <redacted>
>              result                   : NT_STATUS_OK
> Creating account with desired access mask: -536543056
>       samr_CreateUser2: struct samr_CreateUser2
>          in: struct samr_CreateUser2
>              domain_handle            : *
>                  domain_handle: struct policy_handle
>                      handle_type              : 0x00000000 (0)
>                      uuid                     : <redacted>
>              account_name             : *
>                  account_name: struct lsa_String
>                      length                   : 0x001c (28)
>                      size                     : 0x001c (28)
>                      string                   : *
>                          string                   : 'hostname$'
>              acct_flags               : 0x00000080 (128)
>                     0: ACB_DISABLED
>                     0: ACB_HOMDIRREQ
>                     0: ACB_PWNOTREQ
>                     0: ACB_TEMPDUP
>                     0: ACB_NORMAL
>                     0: ACB_MNS
>                     0: ACB_DOMTRUST
>                     1: ACB_WSTRUST
>                     0: ACB_SVRTRUST
>                     0: ACB_PWNOEXP
>                     0: ACB_AUTOLOCK
>                     0: ACB_ENC_TXT_PWD_ALLOWED
>                     0: ACB_SMARTCARD_REQUIRED
>                     0: ACB_TRUSTED_FOR_DELEGATION
>                     0: ACB_NOT_DELEGATED
>                     0: ACB_USE_DES_KEY_ONLY
>                     0: ACB_DONT_REQUIRE_PREAUTH
>                     0: ACB_PW_EXPIRED
>                     0: ACB_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION
>                     0: ACB_NO_AUTH_DATA_REQD
>                     0: ACB_PARTIAL_SECRETS_ACCOUNT
>                     0: ACB_USE_AES_KEYS
>              access_mask              : 0xe00500b0 (3758424240)
>                     0: SAMR_USER_ACCESS_GET_NAME_ETC
>                     0: SAMR_USER_ACCESS_GET_LOCALE
>                     0: SAMR_USER_ACCESS_SET_LOC_COM
>                     0: SAMR_USER_ACCESS_GET_LOGONINFO
>                     1: SAMR_USER_ACCESS_GET_ATTRIBUTES
>                     1: SAMR_USER_ACCESS_SET_ATTRIBUTES
>                     0: SAMR_USER_ACCESS_CHANGE_PASSWORD
>                     1: SAMR_USER_ACCESS_SET_PASSWORD
>                     0: SAMR_USER_ACCESS_GET_GROUPS
>                     0: SAMR_USER_ACCESS_GET_GROUP_MEMBERSHIP
>                     0: SAMR_USER_ACCESS_CHANGE_GROUP_MEMBERSHIP
>       &r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_REQUEST (0)
>          pfc_flags                : 0x03 (3)
>                 1: DCERPC_PFC_FLAG_FIRST
>                 1: DCERPC_PFC_FLAG_LAST
>                 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
>                 0: DCERPC_PFC_FLAG_CONC_MPX
>                 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
>                 0: DCERPC_PFC_FLAG_MAYBE
>                 0: DCERPC_PFC_FLAG_OBJECT_UUID
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0018 (24)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000008 (8)
>          u                        : union dcerpc_payload(case 0)
>          request: struct dcerpc_request
>              alloc_hint               : 0x0000004c (76)
>              context_id               : 0x0000 (0)
>              opnum                    : 0x0032 (50)
>              object                   : union dcerpc_object(case 0)
>              empty: struct dcerpc_empty
>              _pad                     : DATA_BLOB length=0
>              stub_and_verifier        : DATA_BLOB length=0
> rpc_api_pipe: host domain-controller.domain.local
> signed SMB2 message
> rpc_read_send: data_to_read: 40
>       r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_RESPONSE (2)
>          pfc_flags                : 0x03 (3)
>                 1: DCERPC_PFC_FLAG_FIRST
>                 1: DCERPC_PFC_FLAG_LAST
>                 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
>                 0: DCERPC_PFC_FLAG_CONC_MPX
>                 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
>                 0: DCERPC_PFC_FLAG_MAYBE
>                 0: DCERPC_PFC_FLAG_OBJECT_UUID
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0038 (56)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000008 (8)
>          u                        : union dcerpc_payload(case 2)
>          response: struct dcerpc_response
>              alloc_hint               : 0x00000020 (32)
>              context_id               : 0x0000 (0)
>              cancel_count             : 0x00 (0)
>              _pad                     : DATA_BLOB length=1
> [0000] 00                                                 .
>              stub_and_verifier        : DATA_BLOB length=32
> [0000] 00 00 00 00 00 00 00 00   00 00 00 00 00 00 00 00   ........ ........
> [0010] 00 00 00 00 00 00 00 00   64 06 00 00 34 00 00 C0   ........ d...4...
> Got pdu len 56, data_len 32
> rpc_api_pipe: got frag len of 56 at offset 0: NT_STATUS_OK
> rpc_api_pipe: host domain-controller.domain.local returned 32 bytes.
>       samr_CreateUser2: struct samr_CreateUser2
>          out: struct samr_CreateUser2
>              user_handle              : *
>                  user_handle: struct policy_handle
>                      handle_type              : 0x00000000 (0)
>                      uuid                     : 00000000-0000-0000-0000-000000000000
>              access_granted           : *
>                  access_granted           : 0x00000000 (0)
>              rid                      : *
>                  rid                      : 0x00000664 (1636)
>              result                   : NT_STATUS_OBJECT_NAME_NOT_FOUND
> Creation of workstation account failed: NT_STATUS_OBJECT_NAME_NOT_FOUND
>       samr_Close: struct samr_Close
>          in: struct samr_Close
>              handle                   : *
>                  handle: struct policy_handle
>                      handle_type              : 0x00000000 (0)
>                      uuid                     : <redacted>
>       &r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_REQUEST (0)
>          pfc_flags                : 0x03 (3)
>                 1: DCERPC_PFC_FLAG_FIRST
>                 1: DCERPC_PFC_FLAG_LAST
>                 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
>                 0: DCERPC_PFC_FLAG_CONC_MPX
>                 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
>                 0: DCERPC_PFC_FLAG_MAYBE
>                 0: DCERPC_PFC_FLAG_OBJECT_UUID
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0018 (24)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000009 (9)
>          u                        : union dcerpc_payload(case 0)
>          request: struct dcerpc_request
>              alloc_hint               : 0x00000014 (20)
>              context_id               : 0x0000 (0)
>              opnum                    : 0x0001 (1)
>              object                   : union dcerpc_object(case 0)
>              empty: struct dcerpc_empty
>              _pad                     : DATA_BLOB length=0
>              stub_and_verifier        : DATA_BLOB length=0
> rpc_api_pipe: host domain-controller.domain.local
> signed SMB2 message
> rpc_read_send: data_to_read: 32
>       r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_RESPONSE (2)
>          pfc_flags                : 0x03 (3)
>                 1: DCERPC_PFC_FLAG_FIRST
>                 1: DCERPC_PFC_FLAG_LAST
>                 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
>                 0: DCERPC_PFC_FLAG_CONC_MPX
>                 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
>                 0: DCERPC_PFC_FLAG_MAYBE
>                 0: DCERPC_PFC_FLAG_OBJECT_UUID
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0030 (48)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x00000009 (9)
>          u                        : union dcerpc_payload(case 2)
>          response: struct dcerpc_response
>              alloc_hint               : 0x00000018 (24)
>              context_id               : 0x0000 (0)
>              cancel_count             : 0x00 (0)
>              _pad                     : DATA_BLOB length=1
> [0000] 00                                                 .
>              stub_and_verifier        : DATA_BLOB length=24
> [0000] 00 00 00 00 00 00 00 00   00 00 00 00 00 00 00 00   ........ ........
> [0010] 00 00 00 00 00 00 00 00                             ........
> Got pdu len 48, data_len 24
> rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK
> rpc_api_pipe: host domain-controller.domain.local returned 24 bytes.
>       samr_Close: struct samr_Close
>          out: struct samr_Close
>              handle                   : *
>                  handle: struct policy_handle
>                      handle_type              : 0x00000000 (0)
>                      uuid                     : 00000000-0000-0000-0000-000000000000
>              result                   : NT_STATUS_OK
>       samr_Close: struct samr_Close
>          in: struct samr_Close
>              handle                   : *
>                  handle: struct policy_handle
>                      handle_type              : 0x00000000 (0)
>                      uuid                     : <redacted>
>       &r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_REQUEST (0)
>          pfc_flags                : 0x03 (3)
>                 1: DCERPC_PFC_FLAG_FIRST
>                 1: DCERPC_PFC_FLAG_LAST
>                 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
>                 0: DCERPC_PFC_FLAG_CONC_MPX
>                 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
>                 0: DCERPC_PFC_FLAG_MAYBE
>                 0: DCERPC_PFC_FLAG_OBJECT_UUID
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0018 (24)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x0000000a (10)
>          u                        : union dcerpc_payload(case 0)
>          request: struct dcerpc_request
>              alloc_hint               : 0x00000014 (20)
>              context_id               : 0x0000 (0)
>              opnum                    : 0x0001 (1)
>              object                   : union dcerpc_object(case 0)
>              empty: struct dcerpc_empty
>              _pad                     : DATA_BLOB length=0
>              stub_and_verifier        : DATA_BLOB length=0
> rpc_api_pipe: host domain-controller.domain.local
> signed SMB2 message
> rpc_read_send: data_to_read: 32
>       r: struct ncacn_packet
>          rpc_vers                 : 0x05 (5)
>          rpc_vers_minor           : 0x00 (0)
>          ptype                    : DCERPC_PKT_RESPONSE (2)
>          pfc_flags                : 0x03 (3)
>                 1: DCERPC_PFC_FLAG_FIRST
>                 1: DCERPC_PFC_FLAG_LAST
>                 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
>                 0: DCERPC_PFC_FLAG_CONC_MPX
>                 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
>                 0: DCERPC_PFC_FLAG_MAYBE
>                 0: DCERPC_PFC_FLAG_OBJECT_UUID
>          drep: ARRAY(4)
>              [0]                      : 0x10 (16)
>              [1]                      : 0x00 (0)
>              [2]                      : 0x00 (0)
>              [3]                      : 0x00 (0)
>          frag_length              : 0x0030 (48)
>          auth_length              : 0x0000 (0)
>          call_id                  : 0x0000000a (10)
>          u                        : union dcerpc_payload(case 2)
>          response: struct dcerpc_response
>              alloc_hint               : 0x00000018 (24)
>              context_id               : 0x0000 (0)
>              cancel_count             : 0x00 (0)
>              _pad                     : DATA_BLOB length=1
> [0000] 00                                                 .
>              stub_and_verifier        : DATA_BLOB length=24
> [0000] 00 00 00 00 00 00 00 00   00 00 00 00 00 00 00 00   ........ ........
> [0010] 00 00 00 00 00 00 00 00                             ........
> Got pdu len 48, data_len 24
> rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK
> rpc_api_pipe: host domain-controller.domain.local returned 24 bytes.
>       samr_Close: struct samr_Close
>          out: struct samr_Close
>              handle                   : *
>                  handle: struct policy_handle
>                      handle_type              : 0x00000000 (0)
>                      uuid                     : 00000000-0000-0000-0000-000000000000
>              result                   : NT_STATUS_OK
> signed SMB2 message
> libnet_Join:
>      libnet_JoinCtx: struct libnet_JoinCtx
>          out: struct libnet_JoinCtx
>              account_name             : NULL
>              netbios_domain_name      : 'DOMAIN'
>              dns_domain_name          : 'domain.local'
>              forest_name              : 'domain.local'
>              dn                       : NULL
>              domain_sid               : *
>                  domain_sid               : S-1-5-21-<redacted>-<redacted>-<redacted>
>              modified_config          : 0x00 (0)
>              error_string             : 'failed to join domain 'DOMAIN.LOCAL' over rpc: The object name is not found.'
>              domain_is_ad             : 0x01 (1)
>              result                   : WERR_BADFILE
> Failed to join domain: failed to join domain 'DOMAIN.LOCAL' over rpc: The object name is not found.
> return code = -1
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

Have you set up /etc/krb5.conf and if so, what does it contain ?
Does your /etc/resolv.conf point at the DC ?

Rowland




More information about the samba mailing list