Beste mensen, hierbij de output van net ads leave -d9 -U Administrator@BWARE.LOCAL
INFO: Current debug levels: all: 9 tdb: 9 printdrivers: 9 lanman: 9 smb: 9 rpc_parse: 9 rpc_srv: 9 rpc_cli: 9 passdb: 9 sam: 9 auth: 9 winbind: 9 vfs: 9 idmap: 9 quota: 9 acls: 9 locking: 9 msdfs: 9 dmapi: 9 registry: 9 scavenger: 9 dns: 9 ldb: 9 tevent: 9 lp_load_ex: refreshing parameters Initialising global parameters rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) INFO: Current debug levels: all: 9 tdb: 9 printdrivers: 9 lanman: 9 smb: 9 rpc_parse: 9 rpc_srv: 9 rpc_cli: 9 passdb: 9 sam: 9 auth: 9 winbind: 9 vfs: 9 idmap: 9 quota: 9 acls: 9 locking: 9 msdfs: 9 dmapi: 9 registry: 9 scavenger: 9 dns: 9 ldb: 9 tevent: 9 Processing section "[global]" doing parameter netbios name = Debian95 doing parameter workgroup = BWARE doing parameter idmap config * : backend = tdb doing parameter idmap config BWARE : backend = ad doing parameter idmap config BWARE : range = 700-800 doing parameter log level = 2 doing parameter log file = /var/log/samba/log doing parameter security = ads doing parameter realm = BWARE.LOCAL doing parameter winbind uid = 20000-30000 doing parameter winbind gid = 20000-30000 doing parameter template shell = /bin/bash doing parameter template homedir = /home/%U doing parameter winbind use default domain = true pm_process() returned Yes lp_servicenumber: couldn't find homes Registering messaging pointer for type 2 - private_data=(nil) Registering messaging pointer for type 9 - private_data=(nil) Registered MSG_REQ_POOL_USAGE Registering messaging pointer for type 11 - private_data=(nil) Registering messaging pointer for type 12 - private_data=(nil) Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED Registering messaging pointer for type 1 - private_data=(nil) Registering messaging pointer for type 5 - private_data=(nil) lp_load_ex: refreshing parameters Freeing parametrics: Initialising global parameters rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) INFO: Current debug levels: all: 9 tdb: 9 printdrivers: 9 lanman: 9 smb: 9 rpc_parse: 9 rpc_srv: 9 rpc_cli: 9 passdb: 9 sam: 9 auth: 9 winbind: 9 vfs: 9 idmap: 9 quota: 9 acls: 9 locking: 9 msdfs: 9 dmapi: 9 registry: 9 scavenger: 9 dns: 9 ldb: 9 tevent: 9 Processing section "[global]" doing parameter netbios name = Debian95 doing parameter workgroup = BWARE doing parameter idmap config * : backend = tdb doing parameter idmap config BWARE : backend = ad doing parameter idmap config BWARE : range = 700-800 doing parameter log level = 2 doing parameter log file = /var/log/samba/log doing parameter security = ads doing parameter realm = BWARE.LOCAL doing parameter winbind uid = 20000-30000 doing parameter winbind gid = 20000-30000 doing parameter template shell = /bin/bash doing parameter template homedir = /home/%U doing parameter winbind use default domain = true pm_process() returned Yes lp_servicenumber: couldn't find homes Netbios name list:- my_netbios_names[0]="DEBIAN95" added interface enp0s3 ip=192.168.16.7 bcast=192.168.16.255 netmask=255.255.255.0 libnet_Unjoin: libnet_UnjoinCtx: struct libnet_UnjoinCtx in: struct libnet_UnjoinCtx dc_name : NULL machine_name : 'DEBIAN95' domain_name : 'BWARE.LOCAL' account_ou : NULL admin_account : 'Administrator@BWARE.LOCAL' admin_domain : NULL machine_password : NULL unjoin_flags : 0x00000005 (5) 0: WKSSVC_JOIN_FLAGS_IGNORE_UNSUPPORTED_FLAGS 0: WKSSVC_JOIN_FLAGS_JOIN_WITH_NEW_NAME 0: WKSSVC_JOIN_FLAGS_JOIN_DC_ACCOUNT 0: WKSSVC_JOIN_FLAGS_DEFER_SPN 0: WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED 0: WKSSVC_JOIN_FLAGS_JOIN_UNSECURE 0: WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED 0: WKSSVC_JOIN_FLAGS_WIN9X_UPGRADE 1: WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE 0: WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE 1: WKSSVC_JOIN_FLAGS_JOIN_TYPE delete_machine_account : 0x01 (1) modify_config : 0x00 (0) domain_sid : NULL domain_sid : (NULL SID) ads : NULL debug : 0x01 (1) use_kerberos : 0x00 (0) Opening cache file at /var/cache/samba/gencache.tdb Opening cache file at /var/run/samba/gencache_notrans.tdb sitename_fetch: Returning sitename for realm 'BWARE.LOCAL': "Default-First-Site-Name" sitename_fetch: Returning sitename for realm 'BWARE.LOCAL': "Default-First-Site-Name" name basdc1.bware.local#20 found. ads_try_connect: sending CLDAP request to 192.168.16.4 (realm: BWARE.LOCAL) Successfully contacted LDAP server 192.168.16.4 Connected to LDAP server basdc1.bware.local KDC time offset is 1 seconds Found SASL mechanism GSS-SPNEGO ads_sasl_spnego_bind: got OID=1.3.6.1.4.1.311.2.2.30 ads_sasl_spnego_bind: got OID=1.2.840.48018.1.2.2 ads_sasl_spnego_bind: got OID=1.2.840.113554.1.2.2 ads_sasl_spnego_bind: got OID=1.2.840.113554.1.2.2.3 ads_sasl_spnego_bind: got OID=1.3.6.1.4.1.311.2.2.10 GENSEC backend 'gssapi_spnego' registered GENSEC backend 'gssapi_krb5' registered GENSEC backend 'gssapi_krb5_sasl' registered GENSEC backend 'spnego' registered GENSEC backend 'schannel' registered GENSEC backend 'naclrpc_as_system' registered GENSEC backend 'sasl-EXTERNAL' registered GENSEC backend 'ntlmssp' registered GENSEC backend 'ntlmssp_resume_ccache' registered GENSEC backend 'http_basic' registered GENSEC backend 'http_ntlm' registered GENSEC backend 'krb5' registered GENSEC backend 'fake_gssapi_krb5' registered Starting GENSEC mechanism spnego Starting GENSEC submechanism gse_krb5 gss_krb5_import_cred ccache[MEMORY:net_ads] failed with [ Miscellaneous failure (see text): unknown mech-code 2 for mech 1 2 840 113554 1 2 2] -the caller may retry after a kinit. Failed to start GENSEC client mech gse_krb5: NT_STATUS_INTERNAL_ERROR kerberos_kinit_password Administrator@BWARE.LOCAL failed: Cannot contact any KDC for requested realm ads_sasl_spnego_gensec_bind(KRB5) failed for ldap/basdc1.bware.local with user[Administrator] realm=[BWARE.LOCAL]: Cannot contact any KDC for requested realm sitename_fetch: Returning sitename for realm 'BWARE.LOCAL': "Default-First-Site-Name" name basdc1.bware.local#20 found. Connecting to 192.168.16.4 at port 445 Socket options: SO_KEEPALIVE = 0 SO_REUSEADDR = 0 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 0 SO_SNDBUF = 87040 SO_RCVBUF = 372480 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 Doing spnego session setup (blob length=120) got OID=1.3.6.1.4.1.311.2.2.30 got OID=1.2.840.48018.1.2.2 got OID=1.2.840.113554.1.2.2 got OID=1.2.840.113554.1.2.2.3 got OID=1.3.6.1.4.1.311.2.2.10 got principal=not_defined_in_RFC4178@please_ignore Starting GENSEC mechanism spnego Starting GENSEC submechanism ntlmssp Got challenge flags: Got NTLMSSP neg_flags=0x62898215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_TARGET_TYPE_DOMAIN NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY NTLMSSP_NEGOTIATE_TARGET_INFO NTLMSSP_NEGOTIATE_VERSION NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH NTLMSSP: Set final flags: Got NTLMSSP neg_flags=0x62088215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY NTLMSSP_NEGOTIATE_VERSION NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH NTLMSSP Sign/Seal - Initialising with flags: Got NTLMSSP neg_flags=0x62088215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY NTLMSSP_NEGOTIATE_VERSION NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH SPNEGO login failed: Logon failure libnet_Unjoin: libnet_UnjoinCtx: struct libnet_UnjoinCtx out: struct libnet_UnjoinCtx netbios_domain_name : NULL dns_domain_name : NULL forest_name : NULL modified_config : 0x00 (0) error_string : 'failed to connect to AD: Cannot contact any KDC for requested realm' disabled_machine_account : 0x00 (0) deleted_machine_account : 0x00 (0) result : WERR_LOGON_FAILURE return code = -1 Graag ontvang ik een bevestiging retour. Met vriendelijke groet, Bas Neve bastiaann...@gmail.com 316 14 12 00 71 Op wo 29 aug. 2018 om 11:23 schreef Bas Neve <bastiaann...@gmail.com>: > Hoi Wouter, > > Welke informatie is er nog meer nodig ? > > Graag ontvang ik een bevestiging retour. > > Met vriendelijke groet, > > Bas Neve > bastiaann...@gmail.com > 316 14 12 00 71 > > > > > > > > > > Op wo 29 aug. 2018 om 11:09 schreef Bas Neve <bastiaann...@gmail.com>: > >> Beste mensen, >> >> >> net join -U Administrator >> Enter Administrator's password: >> Using short domain name -- BWARE >> Joined 'DEBIAN95' to dns domain 'bware.local' >> No DNS domain configured for debian95. Unable to perform DNS Update. >> DNS update failed: NT_STATUS_INVALID_PARAMETER >> >> net ads testjoin >> Join is OK >> >> net ads leave -U Administrator >> Enter Administrator's password: >> kerberos_kinit_password Administrator@BWARE.LOCAL failed: Cannot contact >> any KDC for requested realm >> Disabled account for 'DEBIAN95' in realm '(null)' >> >> net join -U Administrator >> Enter Administrator's password: >> Using short domain name -- BWARE >> Joined 'DEBIAN95' to dns domain 'bware.local' >> No DNS domain configured for debian95. Unable to perform DNS Update. >> DNS update failed: NT_STATUS_INVALID_PARAMETER >> >> net ads leave -U Administrator@BWARE.LOCAL >> Enter Administrator@BWARE.LOCAL's password: >> kerberos_kinit_password Administrator@BWARE.LOCAL failed: Cannot contact >> any KDC for requested realm >> Disabled account for 'DEBIAN95' in realm '(null)' >> >> >> tail /var/log/samba/log >> [2018/08/29 10:35:56.300737, 2] >> ../lib/util/tevent_debug.c:66(samba_tevent_debug) >> samba_tevent: EPOLL_CTL_DEL EBADF for fde[0x55dc6f60f6e0] >> mpx_fde[(nil)] fd[15] - disabling >> [2018/08/29 10:45:55.978689, 2] >> ../source3/smbd/server.c:794(remove_child_pid) >> Could not find child 1540 -- ignoring >> [2018/08/29 10:48:26.407062, 2] >> ../lib/util/tevent_debug.c:66(samba_tevent_debug) >> samba_tevent: EPOLL_CTL_DEL EBADF for fde[0x55dc6f5f30c0] >> mpx_fde[(nil)] fd[15] - disabling >> [2018/08/29 11:00:56.017725, 2] >> ../source3/smbd/server.c:794(remove_child_pid) >> Could not find child 1581 -- ignoring >> [2018/08/29 11:00:56.474751, 2] >> ../lib/util/tevent_debug.c:66(samba_tevent_debug) >> samba_tevent: EPOLL_CTL_DEL EBADF for fde[0x55dc6f60f6e0] >> mpx_fde[(nil)] fd[15] - disabling >> >> >> >> >> Graag ontvang ik een bevestiging retour. >> >> Met vriendelijke groet, >> >> Bas Neve >> bastiaann...@gmail.com >> 316 14 12 00 71 >> >> >> >> >> >> >> >> >> >> Op wo 29 aug. 2018 om 10:44 schreef Wouter Verhelst <wou...@debian.org>: >> >>> Hoi Bas, >>> >>> Ik vind het erg om het te moeten zeggen, maar hier kunnen we nog altijd >>> niet genoeg mee :-) >>> >>> On Wed, Aug 29, 2018 at 10:11:36AM +0200, Bas Neve wrote: >>> > Hoi Wouter, >>> > >>> > Hierbij nadere info. Ik heb in virtualbox een windows Active domain >>> controller >>> > met een domein bware.local gemaakt.. Aan dat domein heb ik een windows >>> 10 box >>> > en een redhat box toegevoegd. Op de RedHatbox kan ik inloggen via de >>> > domeincontroller.. tevens heb ik een debian9.5 machine gemaakt. >>> >>> Sure, dat wisten we al. >>> >>> > Ik heb met de >>> > Debian machine twee uitdagingen. Ik kan het domein joinen >>> >>> Jeuj. >>> >>> > maar helaas niet verlaten. >>> >>> Dit zegt zoveel als "De auto werkt niet". >>> >>> wat werkt er niet? >>> >>> "Weet ik niet, zoek het uit. Maar je mag niet aan de auto komen". >>> >>> Dat kan niet, dat begrijp je wel. >>> >>> "ik kan het domein niet verlaten". Ik ben er van overtuigd dat je dat je >>> wel kan, maar er lukt iets niet. Wat? Dat zeg je niet. >>> >>> Welk commando heb je uitgevoerd om het domein te joinen? >>> Welk commando heb je uitgevoerd om het domein weer te verlaten? >>> Krijg je foutmeldingen? Post ze dan. >>> Krijg je iets in de logs te zien (/var/log/samba)? Post dat dan. >>> >>> Alleen met dat soort informatie kan je hulp krijgen... >>> >>> P.S.: zie ook >>> https://opensource.com/life/16/10/how-ask-technical-questions voor een >>> goede gids over hoe je efficiënt technische vragen kunt stellen... >>> >>> -- >>> Could you people please use IRC like normal people?!? >>> >>> -- Amaya Rodrigo Sastre, trying to quiet down the buzz in the DebConf >>> 2008 >>> Hacklab >>> >>