[Samba] cli_rpc_pipe_open_schannel_with_creds: rpc_pipe_bind failed with error NT_STATUS_RPC_PROTOCOL_ERROR
Meg
lists.samba.org at megskywalker.de
Fri May 6 14:50:42 UTC 2016
dear samba community,
we have a big problem on joining a Samba 3.5.6 PDC.
Hopefully anyone has an idea/suggestion.
When trying to join with a Samba 4.2.10 or 4.3.9 we got the following
error on client site:
Failed to pull dcerpc auth: NT_STATUS_RPC_PROTOCOL_ERROR.
cli_rpc_pipe_open_schannel_with_key: rpc_pipe_bind failed with error
NT_STATUS_RPC_PROTOCOL_ERROR
libnet_join_ok: failed to open schannel session on netlogon pipe to
server rz-vm12 for domain RZ. Error was NT_STATUS_RPC_PROTOCOL_ERROR
Failed to join domain: failed to verify domain membership after joining:
An RPC protocol error occurred.
the following is logged by winbind:
[2016/05/03 15:00:22.939792, 0]
../source3/rpc_client/cli_pipe.c:1965(rpc_pipe_bind_step_one_done)
Failed to pull dcerpc auth: NT_STATUS_RPC_PROTOCOL_ERROR.
[2016/05/03 15:00:22.939905, 0]
../source3/rpc_client/cli_pipe.c:3209(cli_rpc_pipe_open_schannel_with_key)
cli_rpc_pipe_open_schannel_with_key: rpc_pipe_bind failed with error
NT_STATUS_RPC_PROTOCOL_ERROR
On serversite only the following is logged:
[2016/05/03 15:42:43.198619, 2] auth/auth.c:304(check_ntlm_password)
check_ntlm_password: authentication for user [MACHINENAME$] ->
[MACHINENAME$] -> [MACHINENAME$] succeeded
[2016/05/03 15:42:43.216510, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap)
init_sam_from_ldap: Entry found for user: rz-vm57$
[2016/05/03 15:42:43.219008, 2]
passdb/pdb_ldap.c:2446(init_group_from_ldap)
init_group_from_ldap: Entry found for group: 200
[2016/05/03 15:42:43.219478, 2]
../libcli/auth/credentials.c:307(netlogon_creds_server_check_internal)
credentials check failed
[2016/05/03 15:42:43.219523, 0]
rpc_server/srv_netlog_nt.c:714(_netr_ServerAuthenticate3)
_netr_ServerAuthenticate3: netlogon_creds_server_check failed.
Rejecting auth request from client MACHINENAME machine account MACHINENAME$
Settings 4.2.10:
[global]
workgroup = RZ
server string = Samba Server Version %v
security = DOMAIN
client schannel = No
client NTLMv2 auth = No
log file = /var/log/samba/log.%m
max log size = 500
winbind nss info = rfc2307 template
require strong key = No
client ipc signing = if_required
idmap config * : backend = tdb
Settings 4.3.9:
[global]
workgroup = RZ
server string = Samba Server Version %v
security = DOMAIN
log file = /var/log/samba/log.%m_%u_%S
max log size = 1024
client ipc signing = if_required
idmap config * : backend = tdb
cups options = raw
Settings 3.5.6:
[global]
workgroup = RZ
netbios name = RZ
server string = SMBRZ Samba Server %v
map to guest = Bad User
passdb backend = ldapsam:ldap://***
log level = 2
log file = /opt/samba/log/smb.log
max log size = 50000
unix extensions = No
domain logons = Yes
os level = 99
domain master = Yes
ldap admin dn = ***
ldap group suffix = ou=posix
ldap machine suffix = ou=machines
ldap suffix = ***
ldap user suffix = ou=people
usershare allow guests = Yes
wide links = Yes
thx a lot,
meg
More information about the samba
mailing list