[Samba] Unable to Join Samba Domain: Password Error
David Stringfield
stringfield at wmawater.com.au
Mon Apr 23 06:40:33 UTC 2018
Hi all,
I am attempting to join a Centos7 machine to a Samba NT4 domain. I have
created an account on our OpenLDAP server and ensured it has the default
password. However trying to join the domain is consistently throwing an
error.
>From the machine that is trying to join the domain, I get this (edited for
brevity):
$~ net rpc join -U <user>%<passwd> -d 1 -I 192.168.70.XXX
libnet_Join:
libnet_JoinCtx: struct libnet_JoinCtx
in: struct libnet_JoinCtx
dc_name : NULL
machine_name : ‘YYYY’'
domain_name : *
domain_name : 'XXXX’
domain_name_type : JoinDomNameTypeUnknown (0)
account_ou : NULL
admin_account : 'root'
admin_domain : NULL
machine_password : NULL
join_flags : 0x00000023 (35)
0: WKSSVC_JOIN_FLAGS_IGNORE_UNSUPPORTED_FLAGS
0: WKSSVC_JOIN_FLAGS_JOIN_WITH_NEW_NAME
0: WKSSVC_JOIN_FLAGS_JOIN_DC_ACCOUNT
0: WKSSVC_JOIN_FLAGS_DEFER_SPN
0: WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED
0: WKSSVC_JOIN_FLAGS_JOIN_UNSECURE
1: WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED
0: WKSSVC_JOIN_FLAGS_WIN9X_UPGRADE
0: WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE
1: WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE
1: WKSSVC_JOIN_FLAGS_JOIN_TYPE
os_version : NULL
os_name : NULL
os_servicepack : NULL
create_upn : 0x00 (0)
upn : NULL
modify_config : 0x00 (0)
ads : NULL
debug : 0x01 (1)
use_kerberos : 0x00 (0)
secure_channel_type : SEC_CHAN_WKSTA (2)
desired_encryption_types : 0x0000001f (31)
../source3/rpc_client/cli_pipe.c:568: RPC fault code
DCERPC_NCA_S_OP_RNG_ERROR received from host REMUS!
libnet_Join:
libnet_JoinCtx: struct libnet_JoinCtx
out: struct libnet_JoinCtx
account_name : NULL
netbios_domain_name : 'WMA'
dns_domain_name : NULL
forest_name : NULL
dn : NULL
domain_sid : *
domain_sid :
S-1-5-21-121215118-3415587123-1071246906
modified_config : 0x00 (0)
error_string : 'Failed to set password for machine
account (NT_STATUS_WRONG_PASSWORD)
'
domain_is_ad : 0x00 (0)
set_encryption_types : 0x00000000 (0)
result : WERR_INVALID_PASSWORD
Viewing the log file on the samba server I see:
[2018/04/23 15:29:52.633780, 0]
rpc_server/netlogon/srv_netlog_nt.c:976(_netr_ServerAuthenticate3)
_netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting
auth request from client YYYY machine account YYYY$
[2018/04/23 15:29:53.140584, 0] lib/charcnv.c:543(convert_string_talloc)
Conversion error: Illegal multibyte sequence(▒▒lk▒▒▒1▒0`ã▒.▒t▒t▒:▒▒▒5)
[2018/04/23 15:29:53.140759, 0]
../libcli/auth/smbencrypt.c:597(decode_pw_buffer)
decode_pw_buffer: failed to convert incoming password
It appears to be something with the encryption/coding but I just can’t
figure out what, I’ve had little help from googling most of the errors.
Thanks,
David
More information about the samba
mailing list