[Samba] Failed to bind to uuid NT_STATUS_LOGON_FAILURE
Omnis ludis - games
sergey.gortinsc17 at gmail.com
Wed Jun 5 12:50:55 UTC 2024
klist -ke /etc/krb5.keytab
Keytab name: FILE:/etc/krb5.keytab
KVNO Principal
----
--------------------------------------------------------------------------
1 host/dc1.test.dom at test.dom (aes256-cts-hmac-sha1-96)
1 host/DC1 at test.dom (aes256-cts-hmac-sha1-96)
1 host/dc1.test.dom at test.dom (aes128-cts-hmac-sha1-96)
1 host/DC1 at test.dom (aes128-cts-hmac-sha1-96)
1 host/dc1.test.dom at test.dom (DEPRECATED:arcfour-hmac)
1 host/DC1 at test.dom (DEPRECATED:arcfour-hmac)
1 ldap/dc1.test.dom at test.dom (aes256-cts-hmac-sha1-96)
1 ldap/DC1 at test.dom (aes256-cts-hmac-sha1-96)
1 ldap/dc1.test.dom at test.dom (aes128-cts-hmac-sha1-96)
1 ldap/DC1 at test.dom (aes128-cts-hmac-sha1-96)
1 ldap/dc1.test.dom at test.dom (DEPRECATED:arcfour-hmac)
1 ldap/DC1 at test.dom (DEPRECATED:arcfour-hmac)
1 gc/dc1.test.dom at test.dom (aes256-cts-hmac-sha1-96)
1 gc/DC1 at test.dom (aes256-cts-hmac-sha1-96)
1 gc/dc1.test.dom at test.dom (aes128-cts-hmac-sha1-96)
1 gc/DC1 at test.dom (aes128-cts-hmac-sha1-96)
1 gc/dc1.test.dom at test.dom (DEPRECATED:arcfour-hmac)
1 gc/DC1 at test.dom (DEPRECATED:arcfour-hmac)
1 e3514235-4b06-11d1-ab04-00c04fc2dcd2/dc1.test.dom at test.dom
(aes256-cts-hmac-sha1-96)
1 e3514235-4b06-11d1-ab04-00c04fc2dcd2/DC1 at test.dom
(aes256-cts-hmac-sha1-96)
1 e3514235-4b06-11d1-ab04-00c04fc2dcd2/dc1.test.dom at test.dom
(aes128-cts-hmac-sha1-96)
1 e3514235-4b06-11d1-ab04-00c04fc2dcd2/DC1 at test.dom
(aes128-cts-hmac-sha1-96)
1 e3514235-4b06-11d1-ab04-00c04fc2dcd2/dc1.test.dom at test.dom
(DEPRECATED:arcfour-hmac)
1 e3514235-4b06-11d1-ab04-00c04fc2dcd2/DC1 at test.dom
(DEPRECATED:arcfour-hmac)
1 restrictedkrbhost/dc1.test.dom at test.dom (aes256-cts-hmac-sha1-96)
1 restrictedkrbhost/DC1 at test.dom (aes256-cts-hmac-sha1-96)
1 restrictedkrbhost/dc1.test.dom at test.dom (aes128-cts-hmac-sha1-96)
1 restrictedkrbhost/DC1 at test.dom (aes128-cts-hmac-sha1-96)
1 restrictedkrbhost/dc1.test.dom at test.dom (DEPRECATED:arcfour-hmac)
1 restrictedkrbhost/DC1 at test.dom (DEPRECATED:arcfour-hmac)
1 DC1$@test.dom (aes256-cts-hmac-sha1-96)
1 DC1$@test.dom (aes128-cts-hmac-sha1-96)
1 DC1$@test.dom (DEPRECATED:arcfour-hmac)
2 DC1$@test.dom (DEPRECATED:arcfour-hmac)
2 DC1$@test.dom (aes128-cts-hmac-sha1-96)
2 DC1$@test.dom (aes256-cts-hmac-sha1-96)
2 host/dc1.test.dom at test.dom (DEPRECATED:arcfour-hmac)
2 host/dc1.test.dom at test.dom (aes128-cts-hmac-sha1-96)
2 host/dc1.test.dom at test.dom (aes256-cts-hmac-sha1-96)
2 host/DC1 at test.dom (DEPRECATED:arcfour-hmac)
2 host/DC1 at test.dom (aes128-cts-hmac-sha1-96)
2 host/DC1 at test.dom (aes256-cts-hmac-sha1-96)
2 ldap/dc1.test.dom at test.dom (DEPRECATED:arcfour-hmac)
2 ldap/dc1.test.dom at test.dom (aes128-cts-hmac-sha1-96)
2 ldap/dc1.test.dom at test.dom (aes256-cts-hmac-sha1-96)
2 ldap/DC1 at test.dom (DEPRECATED:arcfour-hmac)
2 ldap/DC1 at test.dom (aes128-cts-hmac-sha1-96)
2 ldap/DC1 at test.dom (aes256-cts-hmac-sha1-96)
2 gc/dc1.test.dom at test.dom (DEPRECATED:arcfour-hmac)
2 gc/dc1.test.dom at test.dom (aes128-cts-hmac-sha1-96)
2 gc/dc1.test.dom at test.dom (aes256-cts-hmac-sha1-96)
2 gc/DC1 at test.dom (DEPRECATED:arcfour-hmac)
2 gc/DC1 at test.dom (aes128-cts-hmac-sha1-96)
2 gc/DC1 at test.dom (aes256-cts-hmac-sha1-96)
2 e3514235-4b06-11d1-ab04-00c04fc2dcd2/dc1.test.dom at test.dom
(DEPRECATED:arcfour-hmac)
2 e3514235-4b06-11d1-ab04-00c04fc2dcd2/dc1.test.dom at test.dom
(aes128-cts-hmac-sha1-96)
2 e3514235-4b06-11d1-ab04-00c04fc2dcd2/dc1.test.dom at test.dom
(aes256-cts-hmac-sha1-96)
2 e3514235-4b06-11d1-ab04-00c04fc2dcd2/DC1 at test.dom
(DEPRECATED:arcfour-hmac)
2 e3514235-4b06-11d1-ab04-00c04fc2dcd2/DC1 at test.dom
(aes128-cts-hmac-sha1-96)
2 e3514235-4b06-11d1-ab04-00c04fc2dcd2/DC1 at test.dom
(aes256-cts-hmac-sha1-96)
2 restrictedkrbhost/dc1.test.dom at test.dom (DEPRECATED:arcfour-hmac)
2 restrictedkrbhost/dc1.test.dom at test.dom (aes128-cts-hmac-sha1-96)
2 restrictedkrbhost/dc1.test.dom at test.dom (aes256-cts-hmac-sha1-96)
2 restrictedkrbhost/DC1 at test.dom (DEPRECATED:arcfour-hmac)
2 restrictedkrbhost/DC1 at test.dom (aes128-cts-hmac-sha1-96)
2 restrictedkrbhost/DC1 at test.dom (aes256-cts-hmac-sha1-96)
2 HOST/dc1.test.dom/dc1.test.dom at test.dom (DEPRECATED:arcfour-hmac)
2 HOST/dc1.test.dom/dc1.test.dom at test.dom (aes128-cts-hmac-sha1-96)
2 HOST/dc1.test.dom/dc1.test.dom at test.dom (aes256-cts-hmac-sha1-96)
2 HOST/dc1.test.dom/RED-SOFT at test.dom (DEPRECATED:arcfour-hmac)
2 HOST/dc1.test.dom/RED-SOFT at test.dom (aes128-cts-hmac-sha1-96)
2 HOST/dc1.test.dom/RED-SOFT at test.dom (aes256-cts-hmac-sha1-96)
2 ldap/dc1.test.dom/RED-SOFT at test.dom (DEPRECATED:arcfour-hmac)
2 ldap/dc1.test.dom/RED-SOFT at test.dom (aes128-cts-hmac-sha1-96)
2 ldap/dc1.test.dom/RED-SOFT at test.dom (aes256-cts-hmac-sha1-96)
2 GC/dc1.test.dom/test.dom at test.dom (DEPRECATED:arcfour-hmac)
2 GC/dc1.test.dom/test.dom at test.dom (aes128-cts-hmac-sha1-96)
2 GC/dc1.test.dom/test.dom at test.dom (aes256-cts-hmac-sha1-96)
2 HOST/dc1.test.dom/test.dom at test.dom (DEPRECATED:arcfour-hmac)
2 HOST/dc1.test.dom/test.dom at test.dom (aes128-cts-hmac-sha1-96)
2 HOST/dc1.test.dom/test.dom at test.dom (aes256-cts-hmac-sha1-96)
2 ldap/dc1.test.dom/test.dom at test.dom (DEPRECATED:arcfour-hmac)
2 ldap/dc1.test.dom/test.dom at test.dom (aes128-cts-hmac-sha1-96)
2 ldap/dc1.test.dom/test.dom at test.dom (aes256-cts-hmac-sha1-96)
2
E3514235-4B06-11D1-AB04-00C04FC2DCD2/7b51045d-a81d-457b-a74a-19ef609cb1fe/test.dom at test.dom
(DEPRECATED:arcfour-hmac)
2
E3514235-4B06-11D1-AB04-00C04FC2DCD2/7b51045d-a81d-457b-a74a-19ef609cb1fe/test.dom at test.dom
(aes128-cts-hmac-sha1-96)
2
E3514235-4B06-11D1-AB04-00C04FC2DCD2/7b51045d-a81d-457b-a74a-19ef609cb1fe/test.dom at test.dom
(aes256-cts-hmac-sha1-96)
2 ldap/7b51045d-a81d-457b-a74a-19ef609cb1fe._msdcs.test.dom at test.dom
(DEPRECATED:arcfour-hmac)
2 ldap/7b51045d-a81d-457b-a74a-19ef609cb1fe._msdcs.test.dom at test.dom
(aes128-cts-hmac-sha1-96)
2 ldap/7b51045d-a81d-457b-a74a-19ef609cb1fe._msdcs.test.dom at test.dom
(aes256-cts-hmac-sha1-96)
2 ldap/dc1.test.dom/DomainDnsZones.test.dom at test.dom
(DEPRECATED:arcfour-hmac)
2 ldap/dc1.test.dom/DomainDnsZones.test.dom at test.dom
(aes128-cts-hmac-sha1-96)
2 ldap/dc1.test.dom/DomainDnsZones.test.dom at test.dom
(aes256-cts-hmac-sha1-96)
2 ldap/dc1.test.dom/ForestDnsZones.test.dom at test.dom
(DEPRECATED:arcfour-hmac)
2 ldap/dc1.test.dom/ForestDnsZones.test.dom at test.dom
(aes128-cts-hmac-sha1-96)
2 ldap/dc1.test.dom/ForestDnsZones.test.dom at test.dom
(aes256-cts-hmac-sha1-96)
klist -ke /opt/reddc/private/secrets.keytab
Keytab name: FILE:/opt/reddc/private/secrets.keytab
KVNO Principal
----
--------------------------------------------------------------------------
1 HOST/dc1 at test.dom (aes256-cts-hmac-sha1-96)
1 HOST/dc1.test.dom at test.dom (aes256-cts-hmac-sha1-96)
1 DC1$@test.dom (aes256-cts-hmac-sha1-96)
1 HOST/dc1 at test.dom (aes128-cts-hmac-sha1-96)
1 HOST/dc1.test.dom at test.dom (aes128-cts-hmac-sha1-96)
1 DC1$@test.dom (aes128-cts-hmac-sha1-96)
1 HOST/dc1 at test.dom (DEPRECATED:arcfour-hmac)
1 HOST/dc1.test.dom at test.dom (DEPRECATED:arcfour-hmac)
1 DC1$@test.dom (DEPRECATED:arcfour-hmac)
It looks like it's been successful but mb problems kvno or something
ср, 5 июн. 2024 г. в 15:41, Christian Naumer via samba <
samba at lists.samba.org>:
> Am 05.06.24 um 14:33 schrieb Omnis ludis - games via samba:
> > this is the only controller in the domain, it is on its own, yes, I use
> > krb5.keytab to log domain administrator accounts on the machine, it seems
> > to me there must be some way to defeat this and restore the controller's
> > functionality
>
> what does
>
> klist -ke
>
>
> show?
>
> and is there "secrets.keytab" in the PRIVATE_DIR eg
> "/usr/local/samba/private/" ?
>
> And is yes what does
>
> klist -ke secrets.keytab
>
>
> show?
>
> Regards
>
>
> Christian
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list