Rowland Penny
2023-Aug-03 12:03 UTC
[Samba] Error for I_NetLogonGetCapabilities with 0xc003000c (RPC_NT_BAD_STUB_DATA)
On 03/08/2023 12:34, Kristian via samba wrote:> Dear Samba-Team, one of my domain computers / clients is having troubles > with its machine trust / password. Leaving / renaming / rejoining the > domain didn't help, so I had to dig deeper. Any command to renew the > machine password fails (Nltest /sc_change_pwd or Test-ComputerSecureChannel > -Repair). Enabling debug logging (Nltest /DBFlag:2080FFFF) and changing the > machine password (Nltest /sc_change_pwd) shows in the logs: > > 07/31 12:57:43 [SESSION] [848] VEHITEC: NlSessionSetup: Negotiated flags > with server are 0x612fffff > 07/31 12:57:43 [SESSION] [848] VEHITEC: NlSetStatusClientSession: Set > connection status to 0 > 07/31 12:57:43 [CRITICAL] [848] NlPrintRpcDebug: Dumping extended error for > I_NetLogonGetCapabilities with 0xc003000c > 07/31 12:57:43 [CRITICAL] [848] [0] ProcessID is 792 > 07/31 12:57:43 [CRITICAL] [848] [0] System Time is: 7/31/2023 10:57:43:285 > 07/31 12:57:43 [CRITICAL] [848] [0] Generating component is 2 > 07/31 12:57:43 [CRITICAL] [848] [0] Status is 1783 > 07/31 12:57:43 [CRITICAL] [848] [0] Detection location is 1750 > 07/31 12:57:43 [CRITICAL] [848] [0] Flags is 0 > 07/31 12:57:43 [CRITICAL] [848] [0] NumberOfParameters is 1 > 07/31 12:57:43 [CRITICAL] [848] Long val: 1783 > 07/31 12:57:43 [CRITICAL] [848] VEHITEC: NlConfirmRequestedCapabilities: > denying access after status: 0xc003000c > 07/31 12:57:43 [SESSION] [848] VEHITEC: NlSessionSetup: denying access > because of unmatching capabilities > > 0xc003000c is RPC_NT_BAD_STUB_DATA. Renewing the machine password for other > machines in the same network works. Samba server is on version 4.15.9-0632.Is this machine a synology device ? If so, then I suggest you contact synology, they seem to take the Samba code and mangle it to their purposes, so what might work for the stock Samba, doesn't necessarily work with the synology Samba. The other thing is that 4.15.9 is out of Samba support, the only Samba supported versions at this time are 4.18.x , 4.17.x and 4.16.x . from early next month, when 4.19.0 is released, 4.16.x will go EOL.> Any idea how I can find out why this PC cannot renew its machine password / > which capabilities are unmatched? Full logs are attached. I am loosing > hope, so any tip is highly appreciated. Thanks so much! > >This list strips attachments, if you require someone on this list to look at your logs, you will need to post them somewhere and then post a link here. Rowland
Kristian
2023-Aug-03 12:20 UTC
[Samba] Error for I_NetLogonGetCapabilities with 0xc003000c (RPC_NT_BAD_STUB_DATA)
Hey Rowland, thanks for the quick reply. Yes, it is a Synology DS unfortunately and I didn't expect that they'd mangle with the Samba code, but thought they take stock Samba and just configure it. Lesson learned I guess. Thanks for the hint. This is also why I am stuck at 4.15.9, as this is what the Synology package comes with right now. Based on your previous comment I guess any attempt upgrading it on my own is worthless then. I will try to reach out to Synology support, but I guess they won't dig as deep as I am already, let's see. Thanks anyways.> This list strips attachments, if you require someone on this list to > look at your logs, you will need to post them somewhere and then post a > link here.The logs don't show very much more interesting in terms of the error unfortunately. I thought I could "reverse engineer" myself into why the machine thinks it received a RPC_NT_BAD_STUB_DATA, but I guess there is no longs on Samba side for that, right? Thanks again, Kristian Am Do., 3. Aug. 2023 um 14:04 Uhr schrieb Rowland Penny via samba < samba at lists.samba.org>:> > > On 03/08/2023 12:34, Kristian via samba wrote: > > Dear Samba-Team, one of my domain computers / clients is having troubles > > with its machine trust / password. Leaving / renaming / rejoining the > > domain didn't help, so I had to dig deeper. Any command to renew the > > machine password fails (Nltest /sc_change_pwd or > Test-ComputerSecureChannel > > -Repair). Enabling debug logging (Nltest /DBFlag:2080FFFF) and changing > the > > machine password (Nltest /sc_change_pwd) shows in the logs: > > > > 07/31 12:57:43 [SESSION] [848] VEHITEC: NlSessionSetup: Negotiated flags > > with server are 0x612fffff > > 07/31 12:57:43 [SESSION] [848] VEHITEC: NlSetStatusClientSession: Set > > connection status to 0 > > 07/31 12:57:43 [CRITICAL] [848] NlPrintRpcDebug: Dumping extended error > for > > I_NetLogonGetCapabilities with 0xc003000c > > 07/31 12:57:43 [CRITICAL] [848] [0] ProcessID is 792 > > 07/31 12:57:43 [CRITICAL] [848] [0] System Time is: 7/31/2023 > 10:57:43:285 > > 07/31 12:57:43 [CRITICAL] [848] [0] Generating component is 2 > > 07/31 12:57:43 [CRITICAL] [848] [0] Status is 1783 > > 07/31 12:57:43 [CRITICAL] [848] [0] Detection location is 1750 > > 07/31 12:57:43 [CRITICAL] [848] [0] Flags is 0 > > 07/31 12:57:43 [CRITICAL] [848] [0] NumberOfParameters is 1 > > 07/31 12:57:43 [CRITICAL] [848] Long val: 1783 > > 07/31 12:57:43 [CRITICAL] [848] VEHITEC: NlConfirmRequestedCapabilities: > > denying access after status: 0xc003000c > > 07/31 12:57:43 [SESSION] [848] VEHITEC: NlSessionSetup: denying access > > because of unmatching capabilities > > > > 0xc003000c is RPC_NT_BAD_STUB_DATA. Renewing the machine password for > other > > machines in the same network works. Samba server is on version > 4.15.9-0632. > > Is this machine a synology device ? > If so, then I suggest you contact synology, they seem to take the Samba > code and mangle it to their purposes, so what might work for the stock > Samba, doesn't necessarily work with the synology Samba. > > The other thing is that 4.15.9 is out of Samba support, the only Samba > supported versions at this time are 4.18.x , 4.17.x and 4.16.x . from > early next month, when 4.19.0 is released, 4.16.x will go EOL. > > > Any idea how I can find out why this PC cannot renew its machine > password / > > which capabilities are unmatched? Full logs are attached. I am loosing > > hope, so any tip is highly appreciated. Thanks so much! > > > > > > This list strips attachments, if you require someone on this list to > look at your logs, you will need to post them somewhere and then post a > link here. > > Rowland > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >