Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
attempted samba domain join as DC
# samba-tool domain join ad.netdirect.ca DC -Uadministrator --realm=AD.NETDIRECT.CA -W AD -d 9
INFO: Current debug levels:
all: 9
tdb: 9
printdrivers: 9
lanman: 9
smb: 9
rpc_parse: 9
rpc_srv: 9
rpc_cli: 9
passdb: 9
sam: 9
auth: 9
winbind: 9
vfs: 9
idmap: 9
quota: 9
acls: 9
locking: 9
msdfs: 9
dmapi: 9
registry: 9
lpcfg_load: refreshing parameters from /etc/samba/smb.conf
params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
Processing section "[global]"
Processing section "[printers]"
Processing section "[print$]"
Processing section "[sysvol]"
Processing section "[netlogon]"
pm_process() returned Yes
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'schannel' registered
GENSEC backend 'spnego' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
added interface eth0 ip=fe80::5054:ff:feb1:7675%eth0 bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
added interface eth0 ip=192.168.101.4 bcast=192.168.101.255 netmask=255.255.255.0
added interface eth0 ip=fe80::5054:ff:feb1:7675%eth0 bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
added interface eth0 ip=192.168.101.4 bcast=192.168.101.255 netmask=255.255.255.0
added interface eth0 ip=fe80::5054:ff:feb1:7675%eth0 bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
added interface eth0 ip=192.168.101.4 bcast=192.168.101.255 netmask=255.255.255.0
added interface eth0 ip=fe80::5054:ff:feb1:7675%eth0 bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
added interface eth0 ip=192.168.101.4 bcast=192.168.101.255 netmask=255.255.255.0
Finding a writeable DC for domain 'ad.netdirect.ca'
added interface eth0 ip=fe80::5054:ff:feb1:7675%eth0 bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
added interface eth0 ip=192.168.101.4 bcast=192.168.101.255 netmask=255.255.255.0
added interface eth0 ip=fe80::5054:ff:feb1:7675%eth0 bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
added interface eth0 ip=192.168.101.4 bcast=192.168.101.255 netmask=255.255.255.0
finddcs: searching for a DC by DNS domain ad.netdirect.ca
finddcs: looking for SRV records for _ldap._tcp.ad.netdirect.ca
ads_dns_lookup_srv: 2 records returned in the answer section.
finddcs: DNS SRV response 0 at '192.168.101.3'
finddcs: DNS SRV response 1 at '192.168.101.2'
finddcs: performing CLDAP query on 192.168.101.3
finddcs: Found matching DC 192.168.101.3 with server_type=0x0000f1fc
Found DC AD2.ad.netdirect.ca
lpcfg_servicenumber: couldn't find ldb
added interface eth0 ip=fe80::5054:ff:feb1:7675%eth0 bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
added interface eth0 ip=192.168.101.4 bcast=192.168.101.255 netmask=255.255.255.0
added interface eth0 ip=fe80::5054:ff:feb1:7675%eth0 bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
added interface eth0 ip=192.168.101.4 bcast=192.168.101.255 netmask=255.255.255.0
Starting GENSEC mechanism spnego
Starting GENSEC submechanism gssapi_krb5
Password for [AD\administrator]:
Received smb_krb5 packet of length 163
Received smb_krb5 packet of length 102
gensec_gssapi: credentials were delegated
GSSAPI Connection will be cryptographically sealed
workgroup is AD
realm is ad.netdirect.ca
checking sAMAccountName
Adding CN=SAMBA1,OU=Domain Controllers,DC=ad,DC=netdirect,DC=ca
Adding CN=SAMBA1,CN=Servers,CN=Lab,CN=Sites,CN=Configuration,DC=ad,DC=netdirect,DC=ca
Adding CN=NTDS Settings,CN=SAMBA1,CN=Servers,CN=Lab,CN=Sites,CN=Configuration,DC=ad,DC=netdirect,DC=ca
Using binding ncacn_ip_tcp:AD2.ad.netdirect.ca[,seal,print]
Mapped to DCERPC endpoint 135
added interface eth0 ip=fe80::5054:ff:feb1:7675%eth0 bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
added interface eth0 ip=192.168.101.4 bcast=192.168.101.255 netmask=255.255.255.0
added interface eth0 ip=fe80::5054:ff:feb1:7675%eth0 bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
added interface eth0 ip=192.168.101.4 bcast=192.168.101.255 netmask=255.255.255.0
Mapped to DCERPC endpoint 49155
added interface eth0 ip=fe80::5054:ff:feb1:7675%eth0 bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
added interface eth0 ip=192.168.101.4 bcast=192.168.101.255 netmask=255.255.255.0
added interface eth0 ip=fe80::5054:ff:feb1:7675%eth0 bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
added interface eth0 ip=192.168.101.4 bcast=192.168.101.255 netmask=255.255.255.0
Starting GENSEC mechanism spnego
Starting GENSEC submechanism gssapi_krb5
GSSAPI credentials for administrator@AD.NETDIRECT.CA will expire in 36000 secs
../librpc/rpc/dcerpc_util.c:140: auth_pad_length 0
gensec_gssapi: credentials were delegated
GSSAPI Connection will be cryptographically sealed
../librpc/rpc/dcerpc_util.c:140: auth_pad_length 0
drsuapi_DsBind: struct drsuapi_DsBind
in: struct drsuapi_DsBind
bind_guid : *
bind_guid : e24d201a-4fd6-11d1-a3da-0000f875ae0d
bind_info : *
bind_info: struct drsuapi_DsBindInfoCtr
length : 0x0000001c (28)
info : union drsuapi_DsBindInfo(case 28)
info28: struct drsuapi_DsBindInfo28
supported_extensions : 0x0fefff7f (267386751)
1: DRSUAPI_SUPPORTED_EXTENSION_BASE
1: DRSUAPI_SUPPORTED_EXTENSION_ASYNC_REPLICATION
1: DRSUAPI_SUPPORTED_EXTENSION_REMOVEAPI
1: DRSUAPI_SUPPORTED_EXTENSION_MOVEREQ_V2
1: DRSUAPI_SUPPORTED_EXTENSION_GETCHG_COMPRESS
1: DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V1
1: DRSUAPI_SUPPORTED_EXTENSION_RESTORE_USN_OPTIMIZATION
0: DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY
1: DRSUAPI_SUPPORTED_EXTENSION_KCC_EXECUTE
1: DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY_V2
1: DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATION
1: DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V2
1: DRSUAPI_SUPPORTED_EXTENSION_INSTANCE_TYPE_NOT_REQ_ON_MOD
1: DRSUAPI_SUPPORTED_EXTENSION_CRYPTO_BIND
1: DRSUAPI_SUPPORTED_EXTENSION_GET_REPL_INFO
1: DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTION
1: DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V01
1: DRSUAPI_SUPPORTED_EXTENSION_TRANSITIVE_MEMBERSHIP
1: DRSUAPI_SUPPORTED_EXTENSION_ADD_SID_HISTORY
1: DRSUAPI_SUPPORTED_EXTENSION_POST_BETA3
0: DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V5
1: DRSUAPI_SUPPORTED_EXTENSION_GET_MEMBERSHIPS2
1: DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V6
1: DRSUAPI_SUPPORTED_EXTENSION_NONDOMAIN_NCS
1: DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8
1: DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V5
1: DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V6
1: DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3
1: DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7
1: DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT
0: DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS
0: DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V10
0: DRSUAPI_SUPPORTED_EXTENSION_RESERVED_PART2
0: DRSUAPI_SUPPORTED_EXTENSION_RESERVED_PART3
site_guid : 00000000-0000-0000-0000-000000000000
pid : 0x00000000 (0)
repl_epoch : 0x00000000 (0)
../librpc/rpc/dcerpc_util.c:140: auth_pad_length 8
drsuapi_DsBind: struct drsuapi_DsBind
out: struct drsuapi_DsBind
bind_info : *
bind_info: struct drsuapi_DsBindInfoCtr
length : 0x00000034 (52)
info : union drsuapi_DsBindInfo(case 52)
FallBack: struct drsuapi_DsBindInfoFallBack
info : DATA_BLOB length=52
[0000] 7F FF FF 3F 15 59 B1 57 D8 33 E1 4C 9B 8D FA 5A ...?.Y.W .3.L...Z
[0010] 35 1F 0F 8B C8 01 00 00 00 00 00 00 0A 00 00 00 5....... ........
[0020] 4C D8 C5 8F 77 2B CD 4C A0 69 27 DA C7 C1 92 FB L...w+.L .i'.....
[0030] 7F 00 00 00 ....
bind_handle : *
bind_handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid : af9ee909-e8f9-4046-b93a-c06322aa0456
result : WERR_OK
Join failed - cleaning up
checking sAMAccountName
Deleted CN=SAMBA1,OU=Domain Controllers,DC=ad,DC=netdirect,DC=ca
Deleted CN=SAMBA1,CN=Servers,CN=Lab,CN=Sites,CN=Configuration,DC=ad,DC=netdirect,DC=ca
ERROR(<type 'exceptions.AttributeError'>): uncaught exception - 'drsuapi.DsBindInfoFallBack' object has no attribute 'supported_extensions'
File "/usr/lib/python2.7/dist-packages/samba/netcmd/__init__.py", line 175, in _run
return self.run(*args, **kwargs)
File "/usr/lib/python2.7/dist-packages/samba/netcmd/domain.py", line 552, in run
machinepass=machinepass, use_ntvfs=use_ntvfs, dns_backend=dns_backend)
File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1104, in join_DC
ctx.do_join()
File "/usr/lib/python2.7/dist-packages/samba/join.py", line 1007, in do_join
ctx.join_add_objects()
File "/usr/lib/python2.7/dist-packages/samba/join.py", line 525, in join_add_objects
ctx.join_add_ntdsdsa()
File "/usr/lib/python2.7/dist-packages/samba/join.py", line 458, in join_add_ntdsdsa
ctx.DsAddEntry([rec])
File "/usr/lib/python2.7/dist-packages/samba/join.py", line 368, in DsAddEntry
ctx.drsuapi_connect()
File "/usr/lib/python2.7/dist-packages/samba/join.py", line 347, in drsuapi_connect
(ctx.drsuapi_handle, ctx.bind_supported_extensions) = drs_utils.drs_DsBind(ctx.drsuapi)
File "/usr/lib/python2.7/dist-packages/samba/drs_utils.py", line 144, in drs_DsBind
return (handle, info.info.supported_extensions)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.