thr3ads.net - samba - [Samba] Failed to bind to uuid NT_STATUS_LOGON

If this information is useful, please help other people find it:
Share via:

Christian Naumer

2024-Jun-05 12:39 UTC

[Samba] Failed to bind to uuid NT_STATUS_LOGON_FAILURE

Am 05.06.24 um 14:33 schrieb Omnis ludis - games via
samba:> this is the only controller in the domain, it is on its own, yes, I use
> krb5.keytab to log domain administrator accounts on the machine, it seems
> to me there must be some way to defeat this and restore the
controller's
> functionality
what does

klist -ke


show?

and is there "secrets.keytab" in the PRIVATE_DIR eg 
"/usr/local/samba/private/" ?

And is yes what does

klist -ke secrets.keytab


show?

Regards


Christian

Omnis ludis - games

2024-Jun-05 12:50 UTC

head link

[Samba] Failed to bind to uuid NT_STATUS_LOGON_FAILURE

klist -ke /etc/krb5.keytab
Keytab name: FILE:/etc/krb5.keytab
KVNO Principal
----
--------------------------------------------------------------------------
   1 host/dc1.test.dom at test.dom (aes256-cts-hmac-sha1-96)
   1 host/DC1 at test.dom (aes256-cts-hmac-sha1-96)
   1 host/dc1.test.dom at test.dom (aes128-cts-hmac-sha1-96)
   1 host/DC1 at test.dom (aes128-cts-hmac-sha1-96)
   1 host/dc1.test.dom at test.dom (DEPRECATED:arcfour-hmac)
   1 host/DC1 at test.dom (DEPRECATED:arcfour-hmac)
   1 ldap/dc1.test.dom at test.dom (aes256-cts-hmac-sha1-96)
   1 ldap/DC1 at test.dom (aes256-cts-hmac-sha1-96)
   1 ldap/dc1.test.dom at test.dom (aes128-cts-hmac-sha1-96)
   1 ldap/DC1 at test.dom (aes128-cts-hmac-sha1-96)
   1 ldap/dc1.test.dom at test.dom (DEPRECATED:arcfour-hmac)
   1 ldap/DC1 at test.dom (DEPRECATED:arcfour-hmac)
   1 gc/dc1.test.dom at test.dom (aes256-cts-hmac-sha1-96)
   1 gc/DC1 at test.dom (aes256-cts-hmac-sha1-96)
   1 gc/dc1.test.dom at test.dom (aes128-cts-hmac-sha1-96)
   1 gc/DC1 at test.dom (aes128-cts-hmac-sha1-96)
   1 gc/dc1.test.dom at test.dom (DEPRECATED:arcfour-hmac)
   1 gc/DC1 at test.dom (DEPRECATED:arcfour-hmac)
   1 e3514235-4b06-11d1-ab04-00c04fc2dcd2/dc1.test.dom at test.dom
(aes256-cts-hmac-sha1-96)
   1 e3514235-4b06-11d1-ab04-00c04fc2dcd2/DC1 at test.dom
(aes256-cts-hmac-sha1-96)
   1 e3514235-4b06-11d1-ab04-00c04fc2dcd2/dc1.test.dom at test.dom
(aes128-cts-hmac-sha1-96)
   1 e3514235-4b06-11d1-ab04-00c04fc2dcd2/DC1 at test.dom
(aes128-cts-hmac-sha1-96)
   1 e3514235-4b06-11d1-ab04-00c04fc2dcd2/dc1.test.dom at test.dom
(DEPRECATED:arcfour-hmac)
   1 e3514235-4b06-11d1-ab04-00c04fc2dcd2/DC1 at test.dom
(DEPRECATED:arcfour-hmac)
   1 restrictedkrbhost/dc1.test.dom at test.dom (aes256-cts-hmac-sha1-96)
   1 restrictedkrbhost/DC1 at test.dom (aes256-cts-hmac-sha1-96)
   1 restrictedkrbhost/dc1.test.dom at test.dom (aes128-cts-hmac-sha1-96)
   1 restrictedkrbhost/DC1 at test.dom (aes128-cts-hmac-sha1-96)
   1 restrictedkrbhost/dc1.test.dom at test.dom (DEPRECATED:arcfour-hmac)
   1 restrictedkrbhost/DC1 at test.dom (DEPRECATED:arcfour-hmac)
   1 DC1$@test.dom (aes256-cts-hmac-sha1-96)
   1 DC1$@test.dom (aes128-cts-hmac-sha1-96)
   1 DC1$@test.dom (DEPRECATED:arcfour-hmac)
   2 DC1$@test.dom (DEPRECATED:arcfour-hmac)
   2 DC1$@test.dom (aes128-cts-hmac-sha1-96)
   2 DC1$@test.dom (aes256-cts-hmac-sha1-96)
   2 host/dc1.test.dom at test.dom (DEPRECATED:arcfour-hmac)
   2 host/dc1.test.dom at test.dom (aes128-cts-hmac-sha1-96)
   2 host/dc1.test.dom at test.dom (aes256-cts-hmac-sha1-96)
   2 host/DC1 at test.dom (DEPRECATED:arcfour-hmac)
   2 host/DC1 at test.dom (aes128-cts-hmac-sha1-96)
   2 host/DC1 at test.dom (aes256-cts-hmac-sha1-96)
   2 ldap/dc1.test.dom at test.dom (DEPRECATED:arcfour-hmac)
   2 ldap/dc1.test.dom at test.dom (aes128-cts-hmac-sha1-96)
   2 ldap/dc1.test.dom at test.dom (aes256-cts-hmac-sha1-96)
   2 ldap/DC1 at test.dom (DEPRECATED:arcfour-hmac)
   2 ldap/DC1 at test.dom (aes128-cts-hmac-sha1-96)
   2 ldap/DC1 at test.dom (aes256-cts-hmac-sha1-96)
   2 gc/dc1.test.dom at test.dom (DEPRECATED:arcfour-hmac)
   2 gc/dc1.test.dom at test.dom (aes128-cts-hmac-sha1-96)
   2 gc/dc1.test.dom at test.dom (aes256-cts-hmac-sha1-96)
   2 gc/DC1 at test.dom (DEPRECATED:arcfour-hmac)
   2 gc/DC1 at test.dom (aes128-cts-hmac-sha1-96)
   2 gc/DC1 at test.dom (aes256-cts-hmac-sha1-96)
   2 e3514235-4b06-11d1-ab04-00c04fc2dcd2/dc1.test.dom at test.dom
(DEPRECATED:arcfour-hmac)
   2 e3514235-4b06-11d1-ab04-00c04fc2dcd2/dc1.test.dom at test.dom
(aes128-cts-hmac-sha1-96)
   2 e3514235-4b06-11d1-ab04-00c04fc2dcd2/dc1.test.dom at test.dom
(aes256-cts-hmac-sha1-96)
   2 e3514235-4b06-11d1-ab04-00c04fc2dcd2/DC1 at test.dom
(DEPRECATED:arcfour-hmac)
   2 e3514235-4b06-11d1-ab04-00c04fc2dcd2/DC1 at test.dom
(aes128-cts-hmac-sha1-96)
   2 e3514235-4b06-11d1-ab04-00c04fc2dcd2/DC1 at test.dom
(aes256-cts-hmac-sha1-96)
   2 restrictedkrbhost/dc1.test.dom at test.dom (DEPRECATED:arcfour-hmac)
   2 restrictedkrbhost/dc1.test.dom at test.dom (aes128-cts-hmac-sha1-96)
   2 restrictedkrbhost/dc1.test.dom at test.dom (aes256-cts-hmac-sha1-96)
   2 restrictedkrbhost/DC1 at test.dom (DEPRECATED:arcfour-hmac)
   2 restrictedkrbhost/DC1 at test.dom (aes128-cts-hmac-sha1-96)
   2 restrictedkrbhost/DC1 at test.dom (aes256-cts-hmac-sha1-96)
   2 HOST/dc1.test.dom/dc1.test.dom at test.dom (DEPRECATED:arcfour-hmac)
   2 HOST/dc1.test.dom/dc1.test.dom at test.dom (aes128-cts-hmac-sha1-96)
   2 HOST/dc1.test.dom/dc1.test.dom at test.dom (aes256-cts-hmac-sha1-96)
   2 HOST/dc1.test.dom/RED-SOFT at test.dom (DEPRECATED:arcfour-hmac)
   2 HOST/dc1.test.dom/RED-SOFT at test.dom (aes128-cts-hmac-sha1-96)
   2 HOST/dc1.test.dom/RED-SOFT at test.dom (aes256-cts-hmac-sha1-96)
   2 ldap/dc1.test.dom/RED-SOFT at test.dom (DEPRECATED:arcfour-hmac)
   2 ldap/dc1.test.dom/RED-SOFT at test.dom (aes128-cts-hmac-sha1-96)
   2 ldap/dc1.test.dom/RED-SOFT at test.dom (aes256-cts-hmac-sha1-96)
   2 GC/dc1.test.dom/test.dom at test.dom (DEPRECATED:arcfour-hmac)
   2 GC/dc1.test.dom/test.dom at test.dom (aes128-cts-hmac-sha1-96)
   2 GC/dc1.test.dom/test.dom at test.dom (aes256-cts-hmac-sha1-96)
   2 HOST/dc1.test.dom/test.dom at test.dom (DEPRECATED:arcfour-hmac)
   2 HOST/dc1.test.dom/test.dom at test.dom (aes128-cts-hmac-sha1-96)
   2 HOST/dc1.test.dom/test.dom at test.dom (aes256-cts-hmac-sha1-96)
   2 ldap/dc1.test.dom/test.dom at test.dom (DEPRECATED:arcfour-hmac)
   2 ldap/dc1.test.dom/test.dom at test.dom (aes128-cts-hmac-sha1-96)
   2 ldap/dc1.test.dom/test.dom at test.dom (aes256-cts-hmac-sha1-96)
   2
E3514235-4B06-11D1-AB04-00C04FC2DCD2/7b51045d-a81d-457b-a74a-19ef609cb1fe/test.dom
at test.dom
(DEPRECATED:arcfour-hmac)
   2
E3514235-4B06-11D1-AB04-00C04FC2DCD2/7b51045d-a81d-457b-a74a-19ef609cb1fe/test.dom
at test.dom
(aes128-cts-hmac-sha1-96)
   2
E3514235-4B06-11D1-AB04-00C04FC2DCD2/7b51045d-a81d-457b-a74a-19ef609cb1fe/test.dom
at test.dom
(aes256-cts-hmac-sha1-96)
   2 ldap/7b51045d-a81d-457b-a74a-19ef609cb1fe._msdcs.test.dom at test.dom
(DEPRECATED:arcfour-hmac)
   2 ldap/7b51045d-a81d-457b-a74a-19ef609cb1fe._msdcs.test.dom at test.dom
(aes128-cts-hmac-sha1-96)
   2 ldap/7b51045d-a81d-457b-a74a-19ef609cb1fe._msdcs.test.dom at test.dom
(aes256-cts-hmac-sha1-96)
   2 ldap/dc1.test.dom/DomainDnsZones.test.dom at test.dom
(DEPRECATED:arcfour-hmac)
   2 ldap/dc1.test.dom/DomainDnsZones.test.dom at test.dom
(aes128-cts-hmac-sha1-96)
   2 ldap/dc1.test.dom/DomainDnsZones.test.dom at test.dom
(aes256-cts-hmac-sha1-96)
   2 ldap/dc1.test.dom/ForestDnsZones.test.dom at test.dom
(DEPRECATED:arcfour-hmac)
   2 ldap/dc1.test.dom/ForestDnsZones.test.dom at test.dom
(aes128-cts-hmac-sha1-96)
   2 ldap/dc1.test.dom/ForestDnsZones.test.dom at test.dom
(aes256-cts-hmac-sha1-96)

klist -ke /opt/reddc/private/secrets.keytab
Keytab name: FILE:/opt/reddc/private/secrets.keytab
KVNO Principal
----
--------------------------------------------------------------------------
   1 HOST/dc1 at test.dom (aes256-cts-hmac-sha1-96)
   1 HOST/dc1.test.dom at test.dom (aes256-cts-hmac-sha1-96)
   1 DC1$@test.dom (aes256-cts-hmac-sha1-96)
   1 HOST/dc1 at test.dom (aes128-cts-hmac-sha1-96)
   1 HOST/dc1.test.dom at test.dom (aes128-cts-hmac-sha1-96)
   1 DC1$@test.dom (aes128-cts-hmac-sha1-96)
   1 HOST/dc1 at test.dom (DEPRECATED:arcfour-hmac)
   1 HOST/dc1.test.dom at test.dom (DEPRECATED:arcfour-hmac)
   1 DC1$@test.dom (DEPRECATED:arcfour-hmac)

It looks like it's been successful but mb problems kvno or something

??, 5 ???. 2024??. ? 15:41, Christian Naumer via samba <
samba at lists.samba.org>:
> Am 05.06.24 um 14:33 schrieb Omnis ludis - games via samba:
> > this is the only controller in the domain, it is on its own, yes, I
use
> > krb5.keytab to log domain administrator accounts on the machine, it
seems
> > to me there must be some way to defeat this and restore the
controller's
> > functionality
>
> what does
>
> klist -ke
>
>
> show?
>
> and is there "secrets.keytab" in the PRIVATE_DIR eg
> "/usr/local/samba/private/" ?
>
> And is yes what does
>
> klist -ke secrets.keytab
>
>
> show?
>
> Regards
>
>
> Christian
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

samba - Jun 2024 - Failed to bind to uuid NT_STATUS_LOGON_FAILURE

[Samba] Failed to bind to uuid NT_STATUS_LOGON_FAILURE

[Samba] Failed to bind to uuid NT_STATUS_LOGON_FAILURE