[Samba] RSAT Hang
Gregory Sloop
gregs at sloop.net
Tue May 22 00:15:21 UTC 2018
See Inline
LPHvBvs> Hi Gregory,
LPHvBvs> On the questions.
>> Is there a good reason to avoid Samba internal DNS?
LPHvBvs> No, imo not, but i only use bind9_dlz because i need bind in my lan for other setups also.
LPHvBvs> I just used my RSAT on my win7 64b, but at my point it works fine.
LPHvBvs> I do have questions to get a better impression of the setup.
LPHvBvs> Whats the os your using with RSAT and did u use
LPHvBvs> DOM\Administrator or an other account?
LPHvBvs> Check if Adminsitrator has id 0. (root)
W7P, on a station not joined to the domain. But using this kind of launch.
runas /netonly /user:someco-adc1\administrator "mmc /server=someco-adc1.ad.sncc.local."
[The names are defined in the hosts file, on the W7 box.]
LPHvBvs> Is there anything showing up in the windows event logs?
No.
LPHvBvs> Are the SePrivileges checked if the needed groups/users exists?
LPHvBvs> I use this script to check this, it shows the seprivileges.
LPHvBvs> https://raw.githubusercontent.com/thctlo/samba4/master/samba-check-SePrivileges.sh
-SNIPPED YOURS-
[But mine don't appear to have "NTDOM\Domain Admins" - which seems odd.]
SeMachineAccountPrivilege:
SeTakeOwnershipPrivilege:
BUILTIN\Administrators
SeBackupPrivilege:
BUILTIN\Backup Operators
BUILTIN\Administrators
BUILTIN\Server Operators
SeRestorePrivilege:
BUILTIN\Backup Operators
BUILTIN\Administrators
BUILTIN\Server Operators
SeRemoteShutdownPrivilege:
BUILTIN\Administrators
BUILTIN\Server Operators
SePrintOperatorPrivilege:
SeAddUsersPrivilege:
SeDiskOperatorPrivilege:
SeSecurityPrivilege:
BUILTIN\Administrators
SeSystemtimePrivilege:
BUILTIN\Administrators
BUILTIN\Server Operators
SeShutdownPrivilege:
BUILTIN\Print Operators
BUILTIN\Backup Operators
BUILTIN\Administrators
BUILTIN\Server Operators
SeDebugPrivilege:
BUILTIN\Administrators
SeSystemEnvironmentPrivilege:
BUILTIN\Administrators
SeSystemProfilePrivilege:
BUILTIN\Administrators
SeProfileSingleProcessPrivilege:
BUILTIN\Administrators
SeIncreaseBasePriorityPrivilege:
BUILTIN\Administrators
SeLoadDriverPrivilege:
BUILTIN\Print Operators
BUILTIN\Administrators
SeCreatePagefilePrivilege:
BUILTIN\Administrators
SeIncreaseQuotaPrivilege:
BUILTIN\Administrators
SeChangeNotifyPrivilege:
BUILTIN\Administrators
BUILTIN\Pre-Windows 2000 Compatible Access
SeUndockPrivilege:
BUILTIN\Administrators
SeManageVolumePrivilege:
BUILTIN\Administrators
SeImpersonatePrivilege:
BUILTIN\Administrators
SeCreateGlobalPrivilege:
BUILTIN\Administrators
SeEnableDelegationPrivilege:
BUILTIN\Administrators
LPHvBvs> Have you setup samba with a higher debug level also, that
LPHvBvs> might show whats missing/going wrong.
Samba logs, [log level = 2]
Opening a user/computer properties gives these log lines:
[2018/05/21 17:05:15.278252, 2] ../source4/smbd/process_standard.c:473(standard_terminate)
standard_terminate: reason[ldapsrv_call_wait_done: call->wait_recv() - NT_STATUS_LOCAL_DISCONNECT]
[2018/05/21 17:05:15.283207, 2] ../source4/smbd/process_standard.c:157(standard_child_pipe_handler)
Child 27541 () exited with status 0
[2018/05/21 17:05:15.327654, 0] ../auth/ntlmssp/ntlmssp_sign.c:236(ntlmssp_check_packet)
NTLMSSP NTLM2 packet check failed due to invalid signature!
[2018/05/21 17:05:15.328495, 2] ../source4/smbd/process_standard.c:473(standard_terminate)
standard_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_IO_DEVICE_ERROR]
[2018/05/21 17:05:15.333242, 2] ../source4/smbd/process_standard.c:157(standard_child_pipe_handler)
Child 27553 () exited with status 0
[Multiple times]
Then when I open the security tab, and force close after the hang of the MMC, I get this.
[2018/05/21 17:05:36.549449, 2] ../source4/smbd/process_standard.c:473(standard_terminate)
[2018/05/21 17:05:36.549762, 2] ../source4/smbd/process_standard.c:473(standard_terminate)
[2018/05/21 17:05:36.549967, 2] ../source4/smbd/process_standard.c:473(standard_terminate)
standard_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_RESET]
standard_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_RESET]
standard_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_RESET]
[2018/05/21 17:05:36.550139, 2] ../source4/smbd/process_standard.c:473(standard_terminate)
standard_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_RESET]
[2018/05/21 17:05:36.565558, 2] ../source4/smbd/process_standard.c:157(standard_child_pipe_handler)
Child 27531 () exited with status 0
[2018/05/21 17:05:36.565742, 2] ../source4/smbd/process_standard.c:157(standard_child_pipe_handler)
Child 27524 () exited with status 0
[2018/05/21 17:05:36.565877, 2] ../source4/smbd/process_standard.c:157(standard_child_pipe_handler)
Child 27561 () exited with status 0
[2018/05/21 17:05:36.566021, 2] ../source4/smbd/process_standard.c:157(standard_child_pipe_handler)
Child 27552 () exited with status 0
Not sure if any of that is helpful, but lets see. I'll keep digging too.
-Greg
More information about the samba
mailing list