[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

HS : Différence entre net rpc testjoin et net ads testjoin 

Bonjour,

Je dois mettre en place un proxy avec authetification AD. Le proxy seul
fonctionne (Squid, clamav et squidguard).
Je me bat actuellement pour l'intégration de la machine dans le domain
2003 natif.

J'ai bien rejoint le domain avec un net join ads.
Wbinfo -t me dit "checking the trust secret via RPC calls succeeded".
Wbinfo -u et wbinfo -g me donne bien les users et groups.
Je fais un wbinfo -a UnUserAD%SomPassword, ça fonctionne.
Je fais un wbinfo -a MonDoima+UnUserAD%SomPassword, ça fonctionne (+ étant
mon séparateur).

Parcontre, un net ads testjoin me dit "have ads_connect: No logon servers
				       Join to domain is not valid: No logon servers"

Le un debug de niveau 3 donne :
With a Debug Level 3, I recieve this messages.
[2010/04/21 14:36:21, 3] param/loadparm.c:lp_load(5069)
  lp_load: refreshing parameters
[2010/04/21 14:36:21, 3] param/loadparm.c:init_globals(1440)
  Initialising global parameters
[2010/04/21 14:36:21, 3] param/params.c:pm_process(572)
  params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
[2010/04/21 14:36:21, 3] param/loadparm.c:do_section(3808)
  Processing section "[global]"
[2010/04/21 14:36:21, 2] lib/interface.c:add_interface(81)
  added interface ip=192.168.120.2 bcast=192.168.255.255 nmask=255.255.0.0
[2010/04/21 14:36:21, 3] libsmb/namequery.c:get_dc_list(1495)
  get_dc_list: preferred server list: ", *"
[2010/04/21 14:36:21, 1] libads/cldap.c:recv_cldap_netlogon(247)
  Failed to parse cldap reply
[2010/04/21 14:36:21, 3] libads/ldap.c:ads_try_connect(189)
  ads_try_connect: CLDAP request 192.168.10.116 failed.
[2010/04/21 14:36:21, 1] libads/cldap.c:recv_cldap_netlogon(247)
  Failed to parse cldap reply
[2010/04/21 14:36:21, 3] libads/ldap.c:ads_try_connect(189)
  ads_try_connect: CLDAP request 192.168.10.110 failed.
[2010/04/21 14:36:21, 1] libads/cldap.c:recv_cldap_netlogon(247)
  Failed to parse cldap reply
[2010/04/21 14:36:21, 3] libads/ldap.c:ads_try_connect(189)
  ads_try_connect: CLDAP request 192.168.50.75 failed.
[2010/04/21 14:36:28, 1] libads/cldap.c:recv_cldap_netlogon(219)
  no reply received to cldap netlogon
[2010/04/21 14:36:28, 3] libads/ldap.c:ads_try_connect(189)
  ads_try_connect: CLDAP request 10.10.10.116 failed.
[2010/04/21 14:36:35, 1] libads/cldap.c:recv_cldap_netlogon(219)
  no reply received to cldap netlogon
[2010/04/21 14:36:35, 3] libads/ldap.c:ads_try_connect(189)
  ads_try_connect: CLDAP request 10.10.10.110 failed.
[2010/04/21 14:36:35, 0] utils/net_ads.c:ads_startup_int(286)
  ads_connect: No logon servers
Join to domain is not valid: No logon servers
[2010/04/21 14:36:35, 2] utils/net.c:main(1075)
  return code = -1

Maintenant, je fais un net rpc testjoin......... Ca fonctionne !!!!!!!!!!

 net rpc testjoin -d3

[2010/04/22 14:37:04, 3] param/loadparm.c:lp_load(5069)
  lp_load: refreshing parameters
[2010/04/22 14:37:04, 3] param/loadparm.c:init_globals(1440)
  Initialising global parameters
[2010/04/22 14:37:04, 3] param/params.c:pm_process(572)
  params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
[2010/04/22 14:37:04, 3] param/loadparm.c:do_section(3808)
  Processing section "[global]"
[2010/04/22 14:37:04, 2] lib/interface.c:add_interface(81)
  added interface ip=192.168.120.2 bcast=192.168.255.255 nmask=255.255.0.0
[2010/04/22 14:37:04, 3] libsmb/cliconnect.c:cli_start_connection(1563)
  Connecting to host=DC001
[2010/04/22 14:37:04, 3] lib/util_sock.c:open_socket_out(866)
  Connecting to 192.168.10.110 at port 445
[2010/04/22 14:37:04, 3] libsmb/cliconnect.c:cli_session_setup_spnego(805)
  Doing spnego session setup (blob length=119)
[2010/04/22 14:37:04, 3] libsmb/cliconnect.c:cli_session_setup_spnego(832)
  got OID=1 2 840 48018 1 2 2
[2010/04/22 14:37:04, 3] libsmb/cliconnect.c:cli_session_setup_spnego(832)
  got OID=1 2 840 113554 1 2 2
[2010/04/22 14:37:04, 3] libsmb/cliconnect.c:cli_session_setup_spnego(832)
  got OID=1 2 840 113554 1 2 2 3
[2010/04/22 14:37:04, 3] libsmb/cliconnect.c:cli_session_setup_spnego(832)
  got OID=1 3 6 1 4 1 311 2 2 10
[2010/04/22 14:37:04, 3] libsmb/cliconnect.c:cli_session_setup_spnego(840)
  got principal=dc001$@MonDomain
[2010/04/22 14:37:04, 3] libsmb/ntlmssp.c:ntlmssp_client_challenge(1018)
  Got challenge flags:
[2010/04/22 14:37:04, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63)
  Got NTLMSSP neg_flags=0x62898215
[2010/04/22 14:37:04, 3] libsmb/ntlmssp.c:ntlmssp_client_challenge(1040)
  NTLMSSP: Set final flags:
[2010/04/22 14:37:04, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63)
  Got NTLMSSP neg_flags=0x60088215
[2010/04/22 14:37:04, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(338)
  NTLMSSP Sign/Seal - Initialising with flags:
[2010/04/22 14:37:04, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63)
  Got NTLMSSP neg_flags=0x60088215
[2010/04/22 14:37:04, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2082)
  rpc_pipe_bind: Remote machine DC001 pipe \NETLOGON fnum 0x8009 bind
request returned ok.
[2010/04/22 14:37:04, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2082)
  rpc_pipe_bind: Remote machine DC001 pipe \NETLOGON fnum 0x800a bind
request returned ok.
Join to 'MonDomain' is OK
[2010/04/22 14:37:04, 2] utils/net.c:main(1075)
  return code = 0

Outre le fait que l'un fonctionne et que l'autre pas. Je remarque que :
- L'un utilise libads, l'autre libsmb.
- L'un travaille uniquement avec les IP, l'autre avec les noms de machines.

Je voudrais comprendre la différence entre rpc et ads.
Ce comportement est-il normal ?
Si il n'est pas normal, qu'elles pourraient en être la raison ?

Merci


-- 
Thierry Leurent
Reply to: