[Samba] Using net ads user to get child domain users on Samba 4.10.7

Jeremy jeremy55662004 at gmail.com
Tue Sep 10 09:24:05 UTC 2019 

Hi Rowland,

Thank you for your reply. Yes, i have tried "net ads user -w HARDWARE -P",
but it's still fail.
I have add -d10 to llookup the debug mode and got the info below:

ads_find_dc: (ldap) looking for realm '' and falling back to domain
'HARDWARE'
Opening cache file at /mnt/pool/SYSPOOL/cache/samba/lock/gencache.tdb
sitename_fetch: Returning sitename for realm 'QSAN.AD.COM':
"Default-First-Site-Name"
ads_dc_name: domain=HARDWARE
resolve_and_ping_netbios: (cldap) looking for domain 'HARDWARE'
get_sorted_dc_list: attempting lookup for name HARDWARE (sitename NULL)
saf_fetch: Returning "WIN-CLGRS20I3FM.hardware.qsan.ad.com" for "HARDWARE"
domain
get_dc_list: preferred server list: "WIN-CLGRS20I3FM.hardware.qsan.ad.com,
*"
internal_resolve_name: looking up HARDWARE#1c (sitename (null))
name HARDWARE#1C found.
remove_duplicate_addrs2: looking for duplicate address/port pairs
Adding 1 DC's from auto lookup
sitename_fetch: Returning sitename for realm 'QSAN.AD.COM':
"Default-First-Site-Name"
internal_resolve_name: looking up WIN-CLGRS20I3FM.hardware.qsan.ad.com#20
(sitename Default-First-Site-Name)
name WIN-CLGRS20I3FM.hardware.qsan.ad.com#20 found.
remove_duplicate_addrs2: looking for duplicate address/port pairs
check_negative_conn_cache returning result -1073741823 for domain HARDWARE
server 192.168.133.201
get_dc_list: negative entry WIN-CLGRS20I3FM.hardware.qsan.ad.com removed
from DC list
check_negative_conn_cache returning result -1073741823 for domain HARDWARE
server 192.168.133.201
get_dc_list: negative entry 192.168.133.201 removed from DC list
remove_duplicate_addrs2: looking for duplicate address/port pairs
get_dc_list: returning 0 ip addresses in an unordered list
get_dc_list:
ads_find_dc: name resolution for realm '' (domain 'HARDWARE') failed:
NT_STATUS_NO_LOGON_SERVERS
get_sorted_dc_list: attempting lookup for name HARDWARE (sitename NULL)
saf_fetch: Returning "WIN-CLGRS20I3FM.hardware.qsan.ad.com" for "HARDWARE"
domain
get_dc_list: preferred server list: "WIN-CLGRS20I3FM.hardware.qsan.ad.com,
*"
internal_resolve_name: looking up HARDWARE#1c (sitename (null))
name HARDWARE#1C found.
remove_duplicate_addrs2: looking for duplicate address/port pairs
Adding 1 DC's from auto lookup
sitename_fetch: Returning sitename for realm 'QSAN.AD.COM':
"Default-First-Site-Name"
internal_resolve_name: looking up WIN-CLGRS20I3FM.hardware.qsan.ad.com#20
(sitename Default-First-Site-Name)
name WIN-CLGRS20I3FM.hardware.qsan.ad.com#20 found.
remove_duplicate_addrs2: looking for duplicate address/port pairs
check_negative_conn_cache returning result -1073741823 for domain HARDWARE
server 192.168.133.201
get_dc_list: negative entry WIN-CLGRS20I3FM.hardware.qsan.ad.com removed
from DC list
check_negative_conn_cache returning result -1073741823 for domain HARDWARE
server 192.168.133.201
get_dc_list: negative entry 192.168.133.201 removed from DC list
remove_duplicate_addrs2: looking for duplicate address/port pairs
get_dc_list: returning 0 ip addresses in an unordered list
get_dc_list:
Could not look up dc's for domain HARDWARE
ads_connect: No logon servers are currently available to service the logon
request.
ads_find_dc: (ldap) looking for realm '' and falling back to domain
'HARDWARE'
sitename_fetch: Returning sitename for realm 'QSAN.AD.COM':
"Default-First-Site-Name"
ads_dc_name: domain=HARDWARE
resolve_and_ping_netbios: (cldap) looking for domain 'HARDWARE'
get_sorted_dc_list: attempting lookup for name HARDWARE (sitename NULL)
saf_fetch: Returning "WIN-CLGRS20I3FM.hardware.qsan.ad.com" for "HARDWARE"
domain
get_dc_list: preferred server list: "WIN-CLGRS20I3FM.hardware.qsan.ad.com,
*"
internal_resolve_name: looking up HARDWARE#1c (sitename (null))
name HARDWARE#1C found.
remove_duplicate_addrs2: looking for duplicate address/port pairs
Adding 1 DC's from auto lookup
sitename_fetch: Returning sitename for realm 'QSAN.AD.COM':
"Default-First-Site-Name"
internal_resolve_name: looking up WIN-CLGRS20I3FM.hardware.qsan.ad.com#20
(sitename Default-First-Site-Name)
name WIN-CLGRS20I3FM.hardware.qsan.ad.com#20 found.
remove_duplicate_addrs2: looking for duplicate address/port pairs
check_negative_conn_cache returning result -1073741823 for domain HARDWARE
server 192.168.133.201
get_dc_list: negative entry WIN-CLGRS20I3FM.hardware.qsan.ad.com removed
from DC list
check_negative_conn_cache returning result -1073741823 for domain HARDWARE
server 192.168.133.201
get_dc_list: negative entry 192.168.133.201 removed from DC list
remove_duplicate_addrs2: looking for duplicate address/port pairs
get_dc_list: returning 0 ip addresses in an unordered list
get_dc_list:
ads_find_dc: name resolution for realm '' (domain 'HARDWARE') failed:
NT_STATUS_NO_LOGON_SERVERS
get_sorted_dc_list: attempting lookup for name HARDWARE (sitename NULL)
saf_fetch: Returning "WIN-CLGRS20I3FM.hardware.qsan.ad.com" for "HARDWARE"
domain
get_dc_list: preferred server list: "WIN-CLGRS20I3FM.hardware.qsan.ad.com,
*"
internal_resolve_name: looking up HARDWARE#1c (sitename (null))
name HARDWARE#1C found.
remove_duplicate_addrs2: looking for duplicate address/port pairs
Adding 1 DC's from auto lookup
sitename_fetch: Returning sitename for realm 'QSAN.AD.COM':
"Default-First-Site-Name"
internal_resolve_name: looking up WIN-CLGRS20I3FM.hardware.qsan.ad.com#20
(sitename Default-First-Site-Name)
name WIN-CLGRS20I3FM.hardware.qsan.ad.com#20 found.
remove_duplicate_addrs2: looking for duplicate address/port pairs
check_negative_conn_cache returning result -1073741823 for domain HARDWARE
server 192.168.133.201
get_dc_list: negative entry WIN-CLGRS20I3FM.hardware.qsan.ad.com removed
from DC list
check_negative_conn_cache returning result -1073741823 for domain HARDWARE
server 192.168.133.201
get_dc_list: negative entry 192.168.133.201 removed from DC list
remove_duplicate_addrs2: looking for duplicate address/port pairs
get_dc_list: returning 0 ip addresses in an unordered list
get_dc_list:
Could not look up dc's for domain HARDWARE
ads_connect: No logon servers are currently available to service the logon
request.
return code = -1

it says " Could not look up dc's for domain HARDWARE ". Did i have the
wrong configs or others else?

Thank you so much


Jeremy

More information about the samba mailing list