samba - Jun 2024 - Failed to bind to uuid NT_STATUS_LOGON_FAILURE

is there anyone here who works closely with keytab files and with samba
authentication, tell me about this problem, how could samba be forced to
accept the changed password of the domain controller, that is, himself

??, 5 ???. 2024??. ? 16:15, Christian Naumer via samba <
samba at lists.samba.org>:
> Am 05.06.24 um 15:06 schrieb Omnis ludis - games via samba:
> > I tried to replace the secrets.keytab file, but it didn't help
solve the
> > problem somehow, the error is exactly the same, where else can
something
> be
> > used? why does samba reject the computer's request to view drs
showrepl?
> > maybe I need to somehow change the password of the domain controller
> myself?
>
> This is what I feared. Samba gets the password from the secrets.ldb
> file. I don't know how to update this with a new password from a
keytab.
> Maybe others can help there.
>
> Regards
>
>
> Christian
>
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>

May be this will work:

/usr/share/samba/scripts/chgtdcpass --help
Usage: chgtdcpass [options]

Options:
   -h, --help            show this help message and exit

   Samba Common Options:
     -s FILE, --configfile=FILE
                         Configuration file
     -d DEBUGLEVEL, --debuglevel=DEBUGLEVEL
                         debug level
     --option=OPTION     set smb.conf option from command line
     --realm=REALM       set the realm name

   Version Options:
     -V, --version       Display version number

   Credentials Options:
     --simple-bind-dn=DN
                         DN to use for a simple bind
     --password=PASSWORD
                         Password
     -U USERNAME, --username=USERNAME
                         Username
     -W WORKGROUP, --workgroup=WORKGROUP
                         Workgroup
     -N, --no-pass       Don't ask for a password
     --ipaddress=IPADDRESS
                         IP address of server
     -P, --machine-pass  Use stored machine account password
     --use-kerberos=desired|required|off
                         Use Kerberos authentication
     --use-krb5-ccache=KRB5CCNAME
                         Kerberos Credentials cache
     -A AUTHFILE, --authentication-file=AUTHFILE
                         Authentication file
     -k KERBEROS, --kerberos=KERBEROS
                         DEPRECATED: Migrate to --use-kerberos

You have to check where the script is in your installation.

Regards


Christian


Am 05.06.24 um 15:19 schrieb Omnis ludis - games via
samba:
> is there anyone here who works closely with keytab files and with samba
> authentication, tell me about this problem, how could samba be forced to
> accept the changed password of the domain controller, that is, himself
> 
> ??, 5 ???. 2024??. ? 16:15, Christian Naumer via samba <
> samba at lists.samba.org>:
> 
>> Am 05.06.24 um 15:06 schrieb Omnis ludis - games via samba:
>>> I tried to replace the secrets.keytab file, but it didn't help
solve the
>>> problem somehow, the error is exactly the same, where else can
something
>> be
>>> used? why does samba reject the computer's request to view drs
showrepl?
>>> maybe I need to somehow change the password of the domain
controller
>> myself?
>>
>> This is what I feared. Samba gets the password from the secrets.ldb
>> file. I don't know how to update this with a new password from a
keytab.
>> Maybe others can help there.
>>
>> Regards
>>
>>
>> Christian
>>
>>
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>