Imposibilidad de unirse a dominio Windows 2000
Estoy teniendo problemas para unirme al dominio, y eso que lo he hecho
muchas veces en años anteriores.
De hecho, hasta hace un mes, estaba unido sin problemas. Una rotura de
disco me obligó a instalar todo de nuevo.
Ya intenté todo lo posble y lo que he estudiado.
¿Alguno me puede tirar una idea de cuál puede ser el problema?
Van todo los datos y configuraciones de importancia.
Gracias
Javier
-----------------------------------------------
host: station91
usuario: win-user5
password: win-pass
dominio: company
realm: local.company
KDC administrative server: serverpdc1
KDC secondary server: serverbdc7
-----------------------------------------------
# /etc/network/interfaces
#
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# LOCAL
allow-hotplug eth0
auto eth0
iface eth0 inet dhcp
post-up route del default gw 10.111.1.254
post-up route del -net 10.111.1.0 netmask 255.255.255.0 dev eth0
post-up route add -net 10.0.0.0 netmask 255.0.0.0 dev eth0
post-up net time set -S serverpdc1
-----------------------------------------------
# /etc/krb5.conf
[libdefaults]
default_realm = LOCAL.COMPANY
# The following krb5.conf variables are only for MIT Kerberos.
krb4_config = /etc/krb.conf
krb4_realms = /etc/krb.realms
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
[realms]
LOCAL.COMPANY = {
kdc = serverbdc7
kdc = serverpdc1
kdc = serverbdc2
kdc = serverbdc5
admin_server = serverpdc1
}
[domain_realm]
.local.company = LOCAL.COMPANY
local.company = LOCAL.COMPANY
[login]
krb4_convert = true
krb4_get_tickets = false
-----------------------------------------------
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: files winbind ldap
group: files winbind ldap
shadow: files
hosts: files wins mdns4_minimal [NOTFOUND=return] dns mdns4
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
-----------------------------------------------
# /etc/samba/smb.conf
# Samba config file created using SWAT
# from UNKNOWN (��t)
# Date: 2009/09/02 08:30:38
[global]
ldap ssl ads = Yes
idmap gid = 10000-20000
passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
obey pam restrictions = Yes
browse list = No
dns proxy = No
idmap uid = 10000-20000
local master = No
workgroup = COMPANY
os level = 0
winbind refresh tickets = Yes
update encrypted = Yes
printcap name = cups
security = ADS
winbind separator = +
max log size = 1000
lanman auth = Yes
log file = /var/log/samba/log.%m
include = /etc/samba/dhcp.conf
wins server = eth0:10.111.1.201
auth methods = winbind, krb5, ldap, guest, sam
interfaces = eth0
username map = /etc/samba/smbusers
domain master = No
winbind trusted domains only = yes
realm = LOCAL.COMPANY
winbind use default domain = Yes
server string = %h - Jefe Almacenaje (13-6922)
password server = serverbdc7, serverpdc1, *
unix password sync = Yes
template homedir = /home/%U
syslog = 0
panic action = /usr/share/samba/panic-action %d
pam password change = Yes
[homes]
comment = Home Directories
valid users = %S
create mask = 0700
directory mask = 0700
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
create mask = 0700
printable = Yes
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/printers
[homes]
comment = Home Directories
valid users = %S
create mask = 0700
directory mask = 0700
browseable = No
-----------------------------------------------
station91:~# wbinfo -m --verbose
Domain Name DNS Domain Trust Type Transitive In Out
BUILTIN None Yes Yes Yes
IBPBW91 None Yes Yes Yes
COMPANY LOCAL.COMPANY None Yes Yes Yes
-----------------------------------------------
station91:~# wbinfo -u –verbose
(do nothing!!)
-----------------------------------------------
station91:~# wbinfo -g --verbose
BUILTIN+administrators
BUILTIN+users
-----------------------------------------------
station91:~# wbinfo -u --verbose -K win-user5%win-pass
plaintext kerberos password authentication for [win-user5%win-pass]
failed (requesting cctype: FILE)
error code was NT_STATUS_LOGON_FAILURE (0xc000006d)
error messsage was: Logon failure
Could not authenticate user [win-user5%win-pass] with Kerberos (ccache:
FILE)
-----------------------------------------------
station91:~# kinit win-user5
Password for win-user5@LOCAL.COMPANY:
station91:~# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: win-user5@LOCAL.COMPANY
Valid starting Expires Service principal
09/02/09 10:07:00 09/02/09 20:07:17 krbtgt/LOCAL.COMPANY@LOCAL.COMPANY
renew until 09/03/09 10:07:00
-----------------------------------------------
station91:~# net rpc oldjoin -U win-user5%win-pass -S serverpdc1 -d 3
[2009/09/02 10:36:21, 3] param/loadparm.c:lp_load_ex(8818)
lp_load_ex: refreshing parameters
[2009/09/02 10:36:21, 3] param/loadparm.c:init_globals(4653)
Initialising global parameters
[2009/09/02 10:36:21, 3] param/params.c:pm_process(569)
params.c:pm_process() - Processing configuration file
"/etc/samba/smb.conf"
[2009/09/02 10:36:21, 3] param/loadparm.c:do_section(7481)
Processing section "[global]"
[2009/09/02 10:36:21, 3] param/params.c:pm_process(569)
params.c:pm_process() - Processing configuration file
"/etc/samba/dhcp.conf"
[2009/09/02 10:36:21, 2] lib/interface.c:add_interface(340)
added interface eth0 ip=fe80::219:d1ff:fe97:92a7%eth0
bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
[2009/09/02 10:36:21, 2] lib/interface.c:add_interface(340)
added interface eth0 ip=10.111.1.192 bcast=10.111.1.255
netmask=255.255.255.0
[2009/09/02 10:36:21, 3] libsmb/cliconnect.c:cli_start_connection(1649)
Connecting to host=serverpdc1
[2009/09/02 10:36:21, 3] lib/util_sock.c:open_socket_out(1400)
Connecting to 10.1.0.231 at port 445
[2009/09/02 10:36:21, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2234)
rpc_pipe_bind: host serverpdc1, pipe \lsarpc, fnum 0x4000 bind
request returned ok.
[2009/09/02 10:36:21, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2234)
rpc_pipe_bind: host serverpdc1, pipe \NETLOGON, fnum 0x4001 bind
request returned ok.
[2009/09/02 10:36:21, 3]
rpc_client/cli_netlogon.c:rpccli_netlogon_set_trust_password(573)
rpccli_netlogon_set_trust_password: unable to setup creds
(NT_STATUS_ACCESS_DENIED)!
[2009/09/02 10:36:21, 1] utils/net_rpc.c:run_rpc_command(193)
rpc command function failed! (NT_STATUS_ACCESS_DENIED)
Failed to join domain
[2009/09/02 10:36:21, 2] utils/net.c:main(770)
return code = -1
-----------------------------------------------
station91:~# net ads join -U win-user5%win-pass -S serverpdc1 -d 3
[2009/09/02 10:38:12, 3] param/loadparm.c:lp_load_ex(8818)
lp_load_ex: refreshing parameters
[2009/09/02 10:38:12, 3] param/loadparm.c:init_globals(4653)
Initialising global parameters
[2009/09/02 10:38:12, 3] param/params.c:pm_process(569)
params.c:pm_process() - Processing configuration file
"/etc/samba/smb.conf"
[2009/09/02 10:38:12, 3] param/loadparm.c:do_section(7481)
Processing section "[global]"
[2009/09/02 10:38:12, 3] param/params.c:pm_process(569)
params.c:pm_process() - Processing configuration file
"/etc/samba/dhcp.conf"
[2009/09/02 10:38:12, 2] lib/interface.c:add_interface(340)
added interface eth0 ip=fe80::219:d1ff:fe97:92a7%eth0
bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
[2009/09/02 10:38:12, 2] lib/interface.c:add_interface(340)
added interface eth0 ip=10.111.1.192 bcast=10.111.1.255
netmask=255.255.255.0
[2009/09/02 10:38:12, 1] libnet/libnet_join.c:libnet_Join(1871)
libnet_Join:
libnet_JoinCtx: struct libnet_JoinCtx
in: struct libnet_JoinCtx
dc_name : 'serverpdc1'
machine_name : 'IBPBW91'
domain_name : *
domain_name : 'LOCAL.COMPANY'
account_ou : NULL
admin_account : 'win-user5'
admin_password : *
machine_password : NULL
join_flags : 0x00000023 (35)
0: WKSSVC_JOIN_FLAGS_JOIN_WITH_NEW_NAME
0: WKSSVC_JOIN_FLAGS_JOIN_DC_ACCOUNT
0: WKSSVC_JOIN_FLAGS_DEFER_SPN
0: WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED
0: WKSSVC_JOIN_FLAGS_JOIN_UNSECURE
1: WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED
0: WKSSVC_JOIN_FLAGS_WIN9X_UPGRADE
0: WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE
1: WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE
1: WKSSVC_JOIN_FLAGS_JOIN_TYPE
os_version : NULL
os_name : NULL
create_upn : 0x00 (0)
upn : NULL
modify_config : 0x00 (0)
ads : NULL
debug : 0x01 (1)
use_kerberos : 0x00 (0)
secure_channel_type : SEC_CHAN_WKSTA (2)
[2009/09/02 10:38:12, 3] libsmb/cliconnect.c:cli_start_connection(1649)
Connecting to host=serverpdc1
[2009/09/02 10:38:12, 3] lib/util_sock.c:open_socket_out(1400)
Connecting to 10.1.0.231 at port 445
[2009/09/02 10:38:12, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(823)
Doing spnego session setup (blob length=108)
[2009/09/02 10:38:12, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(850)
got OID=1 2 840 48018 1 2 2
[2009/09/02 10:38:12, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(850)
got OID=1 2 840 113554 1 2 2
[2009/09/02 10:38:12, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(850)
got OID=1 2 840 113554 1 2 2 3
[2009/09/02 10:38:12, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(850)
got OID=1 3 6 1 4 1 311 2 2 10
[2009/09/02 10:38:12, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(858)
got principal=serverpdc1$@LOCAL.COMPANY
[2009/09/02 10:38:12, 3]
libsmb/ntlmssp.c:ntlmssp_client_challenge(1027)
Got challenge flags:
[2009/09/02 10:38:12, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
Got NTLMSSP neg_flags=0x62898215
[2009/09/02 10:38:12, 3]
libsmb/ntlmssp.c:ntlmssp_client_challenge(1049)
NTLMSSP: Set final flags:
[2009/09/02 10:38:12, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
Got NTLMSSP neg_flags=0x60088215
[2009/09/02 10:38:12, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(337)
NTLMSSP Sign/Seal - Initialising with flags:
[2009/09/02 10:38:12, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
Got NTLMSSP neg_flags=0x60088215
[2009/09/02 10:38:12, 3] libsmb/cliconnect.c:cli_session_setup(1055)
SPNEGO login failed: Logon failure
[2009/09/02 10:38:12, 1] libsmb/cliconnect.c:cli_full_connection(1754)
failed session setup with NT_STATUS_LOGON_FAILURE
[2009/09/02 10:38:12, 1] libnet/libnet_join.c:libnet_Join(1902)
libnet_Join:
libnet_JoinCtx: struct libnet_JoinCtx
out: struct libnet_JoinCtx
account_name : NULL
netbios_domain_name : NULL
dns_domain_name : NULL
forest_name : NULL
dn : NULL
domain_sid : NULL
domain_sid : (NULL SID)
modified_config : 0x00 (0)
error_string : 'failed to lookup DC info for
domain 'LOCAL.COMPANY' over rpc: Logon failure'
domain_is_ad : 0x00 (0)
result : WERR_LOGON_FAILURE
Failed to join domain: failed to lookup DC info for domain
'LOCAL.COMPANY' over rpc: Logon failure
[2009/09/02 10:38:12, 2] utils/net.c:main(770)
return code = -1
-----------------------------------------------
station91:~# net rpc join -U win-user5%win-pass -S serverpdc1 -d 3
[2009/09/02 10:40:30, 3] param/loadparm.c:lp_load_ex(8818)
lp_load_ex: refreshing parameters
[2009/09/02 10:40:30, 3] param/loadparm.c:init_globals(4653)
Initialising global parameters
[2009/09/02 10:40:30, 3] param/params.c:pm_process(569)
params.c:pm_process() - Processing configuration file
"/etc/samba/smb.conf"
[2009/09/02 10:40:30, 3] param/loadparm.c:do_section(7481)
Processing section "[global]"
[2009/09/02 10:40:30, 3] param/params.c:pm_process(569)
params.c:pm_process() - Processing configuration file
"/etc/samba/dhcp.conf"
[2009/09/02 10:40:30, 2] lib/interface.c:add_interface(340)
added interface eth0 ip=fe80::219:d1ff:fe97:92a7%eth0
bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
[2009/09/02 10:40:30, 2] lib/interface.c:add_interface(340)
added interface eth0 ip=10.111.1.192 bcast=10.111.1.255
netmask=255.255.255.0
[2009/09/02 10:40:30, 3] libsmb/cliconnect.c:cli_start_connection(1649)
Connecting to host=serverpdc1
[2009/09/02 10:40:30, 3] lib/util_sock.c:open_socket_out(1400)
Connecting to 10.1.0.231 at port 445
[2009/09/02 10:40:31, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2234)
rpc_pipe_bind: host serverpdc1, pipe \lsarpc, fnum 0x4000 bind
request returned ok.
[2009/09/02 10:40:31, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2234)
rpc_pipe_bind: host serverpdc1, pipe \NETLOGON, fnum 0x4001 bind
request returned ok.
[2009/09/02 10:40:31, 3]
rpc_client/cli_netlogon.c:rpccli_netlogon_set_trust_password(573)
rpccli_netlogon_set_trust_password: unable to setup creds
(NT_STATUS_ACCESS_DENIED)!
[2009/09/02 10:40:31, 1] utils/net_rpc.c:run_rpc_command(193)
rpc command function failed! (NT_STATUS_ACCESS_DENIED)
[2009/09/02 10:40:31, 3] libsmb/cliconnect.c:cli_start_connection(1649)
Connecting to host=serverpdc1
[2009/09/02 10:40:31, 3] lib/util_sock.c:open_socket_out(1400)
Connecting to 10.1.0.231 at port 445
[2009/09/02 10:40:31, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(823)
Doing spnego session setup (blob length=108)
[2009/09/02 10:40:31, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(850)
got OID=1 2 840 48018 1 2 2
[2009/09/02 10:40:31, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(850)
got OID=1 2 840 113554 1 2 2
[2009/09/02 10:40:31, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(850)
got OID=1 2 840 113554 1 2 2 3
[2009/09/02 10:40:31, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(850)
got OID=1 3 6 1 4 1 311 2 2 10
[2009/09/02 10:40:31, 3]
libsmb/cliconnect.c:cli_session_setup_spnego(858)
got principal=serverpdc1$@LOCAL.COMPANY
[2009/09/02 10:40:31, 3]
libsmb/ntlmssp.c:ntlmssp_client_challenge(1027)
Got challenge flags:
[2009/09/02 10:40:31, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
Got NTLMSSP neg_flags=0x62898215
[2009/09/02 10:40:31, 3] libsmb/ntlmssp.c:ntlmssp_client_challenge(1049)
NTLMSSP: Set final flags:
[2009/09/02 10:40:31, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
Got NTLMSSP neg_flags=0x60088215
[2009/09/02 10:40:31, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(337)
NTLMSSP Sign/Seal - Initialising with flags:
[2009/09/02 10:40:31, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
Got NTLMSSP neg_flags=0x60088215
[2009/09/02 10:40:31, 3] libsmb/cliconnect.c:cli_session_setup(1055)
SPNEGO login failed: Logon failure
[2009/09/02 10:40:31, 1] libsmb/cliconnect.c:cli_full_connection(1754)
failed session setup with NT_STATUS_LOGON_FAILURE
Could not connect to server serverpdc1
The username or password was not correct.
Connection failed: NT_STATUS_LOGON_FAILURE
[2009/09/02 10:40:31, 2] utils/net.c:main(770)
return code = 1
Reply to: