Problème ajout domaine approuvé
Publié : 07 août 2023 - 16:51
Bonjour les membres Tranquil IT
C'est mon premier sujet, j'espère être clair et concis.
Voilà mon infrastructure :
2 domaines différents que je souhaite approuver ensemble et 4 contrôleurs de domaines sous Samba.
Domaine A :
co-cob.local
co-cob-pdc1 : 192.168.1.237
co-cob-pdc2 : 192.168.36.209
Domain B :
vw-cob.local
vw-cob-pdc1 : 192.168.5.209
vw-cob-pdc2 : 192.168.6.209
J'ai modifié le smb.conf pour mettre un redirecteur capable de résoudre ces deux noms de domaine sur les 4 PDC.
Lorsque sur co-cob-pdc1 je souhaite approuver le domaine vw-cob.local, j'ai ce message d'erreur en dernière ligne.
root@co-cob-pdc1:/home/cobredia# samba-tool domain trust create VW-COB-PDC1 --type=external --direction=both --create-location=both -U administrator@VW-COB.LOCAL
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'http_negotiate' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Using binding ncalrpc:CO-COB-PDC1[,auth_type=ncalrpc_as_system]
LocalDomain Netbios[CO-COB] DNS[co-cob.local] SID[S-1-5-21-1035937396-3187240211-587002400]
resolve_lmhosts: Attempting lmhosts lookup for name VW-COB-PDC1<0x1c>
RemoteDC Netbios[VW-COB-PDC1] DNS[vw-cob-pdc1.vw-cob.local] ServerType[PDC,GC,LDAP,DS,KDC,TIMESERV,CLOSEST,WRITABLE,GOOD_TIMESERV,FULL_SECRET_DOMAIN_6]
Using binding ncacn_np:vw-cob-pdc1.vw-cob.local
resolve_lmhosts: Attempting lmhosts lookup for name vw-cob-pdc1.vw-cob.local<0x20>
Password for [administrator@VW-COB.LOCAL]:
RemoteDomain Netbios[VW-COB] DNS[vw-cob.local] SID[S-1-5-21-4019542943-1451400438-4094348130]
Using binding ncalrpc:CO-COB-PDC1[,auth_type=ncalrpc_as_system]
Using binding ncacn_np:vw-cob-pdc1.vw-cob.local
resolve_lmhosts: Attempting lmhosts lookup for name vw-cob-pdc1.vw-cob.local<0x20>
Creating remote TDO.
Remote TDO created.
Setting supported encryption types on remote TDO.
Creating local TDO.
Local TDO created
Setting supported encryption types on local TDO.
Validating outgoing trust...
ERROR: LocalValidation: DC[] CONNECTION[WERR_NO_LOGON_SERVERS] TRUST[WERR_NO_LOGON_SERVERS] VERIFY_STATUS_RETURNED
Auriez vous une idée de comment débloquer ceci?
Merci pour votre aide
C'est mon premier sujet, j'espère être clair et concis.
Voilà mon infrastructure :
2 domaines différents que je souhaite approuver ensemble et 4 contrôleurs de domaines sous Samba.
Domaine A :
co-cob.local
co-cob-pdc1 : 192.168.1.237
co-cob-pdc2 : 192.168.36.209
Domain B :
vw-cob.local
vw-cob-pdc1 : 192.168.5.209
vw-cob-pdc2 : 192.168.6.209
J'ai modifié le smb.conf pour mettre un redirecteur capable de résoudre ces deux noms de domaine sur les 4 PDC.
Lorsque sur co-cob-pdc1 je souhaite approuver le domaine vw-cob.local, j'ai ce message d'erreur en dernière ligne.
root@co-cob-pdc1:/home/cobredia# samba-tool domain trust create VW-COB-PDC1 --type=external --direction=both --create-location=both -U administrator@VW-COB.LOCAL
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'http_negotiate' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Using binding ncalrpc:CO-COB-PDC1[,auth_type=ncalrpc_as_system]
LocalDomain Netbios[CO-COB] DNS[co-cob.local] SID[S-1-5-21-1035937396-3187240211-587002400]
resolve_lmhosts: Attempting lmhosts lookup for name VW-COB-PDC1<0x1c>
RemoteDC Netbios[VW-COB-PDC1] DNS[vw-cob-pdc1.vw-cob.local] ServerType[PDC,GC,LDAP,DS,KDC,TIMESERV,CLOSEST,WRITABLE,GOOD_TIMESERV,FULL_SECRET_DOMAIN_6]
Using binding ncacn_np:vw-cob-pdc1.vw-cob.local
resolve_lmhosts: Attempting lmhosts lookup for name vw-cob-pdc1.vw-cob.local<0x20>
Password for [administrator@VW-COB.LOCAL]:
RemoteDomain Netbios[VW-COB] DNS[vw-cob.local] SID[S-1-5-21-4019542943-1451400438-4094348130]
Using binding ncalrpc:CO-COB-PDC1[,auth_type=ncalrpc_as_system]
Using binding ncacn_np:vw-cob-pdc1.vw-cob.local
resolve_lmhosts: Attempting lmhosts lookup for name vw-cob-pdc1.vw-cob.local<0x20>
Creating remote TDO.
Remote TDO created.
Setting supported encryption types on remote TDO.
Creating local TDO.
Local TDO created
Setting supported encryption types on local TDO.
Validating outgoing trust...
ERROR: LocalValidation: DC[] CONNECTION[WERR_NO_LOGON_SERVERS] TRUST[WERR_NO_LOGON_SERVERS] VERIFY_STATUS_RETURNED
Auriez vous une idée de comment débloquer ceci?
Merci pour votre aide