Problem adding approved domain
Published: August 7, 2023 - 4:51 PM
Hello Tranquil IT members
, this is my first post, I hope I'm clear and concise.
Here's my infrastructure:
2 different domains that I want to trust together and 4 domain controllers running Samba.
Domain A:
co-cob.local
co-cob-pdc1: 192.168.1.237
co-cob-pdc2: 192.168.36.209
Domain B:
vw-cob.local
vw-cob-pdc1: 192.168.5.209
vw-cob-pdc2: 192.168.6.209
I modified the smb.conf file to add a forwarder capable of resolving these two domain names on all 4 PDCs.
When I try to trust the vw-cob.local domain on co-cob-pdc1, I get this error message on the last line.
root@co-cob-pdc1:/home/cobredia# samba-tool domain trust create VW-COB-PDC1 --type=external --direction=both --create-location=both -U administrator@VW-COB.LOCAL
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'http_negotiate' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Using binding ncalrpc:CO-COB-PDC1[,auth_type=ncalrpc_as_system]
LocalDomain Netbios[CO-COB] DNS[co-cob.local] SID[S-1-5-21-1035937396-3187240211-587002400]
resolve_lmhosts: Attempting lmhosts lookup for name VW-COB-PDC1
RemoteDC Netbios[VW-COB-PDC1] DNS[vw-cob-pdc1.vw-cob.local] ServerType[PDC,GC,LDAP,DS,KDC,TIMESERV,CLOSEST,WRITABLE,GOOD_TIMESERV,FULL_SECRET_DOMAIN_6]
Using binding ncacn_np:vw-cob-pdc1.vw-cob.local
resolve_lmhosts: Attempting lmhosts lookup for name vw-cob-pdc1.vw-cob.local
Password for [administrator@VW-COB.LOCAL]:
RemoteDomain Netbios[VW-COB] DNS[vw-cob.local] SID[S-1-5-21-4019542943-1451400438-4094348130]
Using binding ncalrpc:CO-COB-PDC1[,auth_type=ncalrpc_as_system]
Using binding ncacn_np:vw-cob-pdc1.vw-cob.local
resolve_lmhosts: Attempting lmhosts lookup for name vw-cob-pdc1.vw-cob.local
Creating remote TDO.
Remote TDO created.
Setting supported encryption types on remote TDO.
Creating local TDO.
Local TDO created
Setting supported encryption types on local TDO.
Validating outgoing trust...
ERROR: LocalValidation: DC[] CONNECTION[WERR_NO_LOGON_SERVERS] TRUST[WERR_NO_LOGON_SERVERS] VERIFY_STATUS_RETURNED
Do you have any idea how to unblock this?
Thank you for your help
, this is my first post, I hope I'm clear and concise.
Here's my infrastructure:
2 different domains that I want to trust together and 4 domain controllers running Samba.
Domain A:
co-cob.local
co-cob-pdc1: 192.168.1.237
co-cob-pdc2: 192.168.36.209
Domain B:
vw-cob.local
vw-cob-pdc1: 192.168.5.209
vw-cob-pdc2: 192.168.6.209
I modified the smb.conf file to add a forwarder capable of resolving these two domain names on all 4 PDCs.
When I try to trust the vw-cob.local domain on co-cob-pdc1, I get this error message on the last line.
root@co-cob-pdc1:/home/cobredia# samba-tool domain trust create VW-COB-PDC1 --type=external --direction=both --create-location=both -U administrator@VW-COB.LOCAL
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'http_negotiate' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Using binding ncalrpc:CO-COB-PDC1[,auth_type=ncalrpc_as_system]
LocalDomain Netbios[CO-COB] DNS[co-cob.local] SID[S-1-5-21-1035937396-3187240211-587002400]
resolve_lmhosts: Attempting lmhosts lookup for name VW-COB-PDC1
RemoteDC Netbios[VW-COB-PDC1] DNS[vw-cob-pdc1.vw-cob.local] ServerType[PDC,GC,LDAP,DS,KDC,TIMESERV,CLOSEST,WRITABLE,GOOD_TIMESERV,FULL_SECRET_DOMAIN_6]
Using binding ncacn_np:vw-cob-pdc1.vw-cob.local
resolve_lmhosts: Attempting lmhosts lookup for name vw-cob-pdc1.vw-cob.local
Password for [administrator@VW-COB.LOCAL]:
RemoteDomain Netbios[VW-COB] DNS[vw-cob.local] SID[S-1-5-21-4019542943-1451400438-4094348130]
Using binding ncalrpc:CO-COB-PDC1[,auth_type=ncalrpc_as_system]
Using binding ncacn_np:vw-cob-pdc1.vw-cob.local
resolve_lmhosts: Attempting lmhosts lookup for name vw-cob-pdc1.vw-cob.local
Creating remote TDO.
Remote TDO created.
Setting supported encryption types on remote TDO.
Creating local TDO.
Local TDO created
Setting supported encryption types on local TDO.
Validating outgoing trust...
ERROR: LocalValidation: DC[] CONNECTION[WERR_NO_LOGON_SERVERS] TRUST[WERR_NO_LOGON_SERVERS] VERIFY_STATUS_RETURNED
Do you have any idea how to unblock this?
Thank you for your help