I'm migrating an old Windows Server 2003 AD hosted on a VM to a new one based on Windows Server 2016 (also on a VM).
The Server 2003 (let's call it OLD-AD) was the only Domain Controller. Now I'm migrating this server by installing Active Directory on a new server (let's call it NEW-AD) and adding it as a Domain Controller.
So I followed this step-by-step guide : https://blogs.technet.microsoft.com/canitpro/2014/04/01/step-by-step-active-directory-migration-from-windows-server-2003-to-windows-server-2012-r2/
Except I didn't dcpromo OLD-AD yet to remove it as a DC.
It seems to work (rough translation of the message, our workstations/servers are not in english) :
$> nltest /dclist:mydomain.local
Get the list of domain controllers of « mydomain.local » from « \\OLD-
AD.mydomain.local ».
OLD-AD.mydomain.local [DS] Site : Default-First-Site
NEW-AD.mydomain.local [PDC] [DS] Site : Default-First-Site
But when I shut down OLD-AD, I'm not able to contact a DC for authentification anymore.
Also, this doesn't work :
$> nltest /dcname:mydomain.local
NetGetDCName failed : Status = 2453 0x995 NERR_DCNotFound
I have no idea where to look to get more informations and diagnose this issue. Any pointers will be appreciated !
I've seen this error before. It has nothing to do with your migration procedure. I've reproduced the error then ran it slightly differently with success. Run command like this instead and it will work:
nltest /dcname:mydomain
See example screenshot below:
Related
I have a school projet that require me to emulate the CVE-2020-1472 (Zerologon) on a local environment.
I am currently trying to test following github script but I am facing some issue that I haven't been able to solve since then.
To sumerize, I have a :
Ubuntu 16.04 machine with Samba 4.3.8 Domain Controller Active Directory
Windows Server 2019 that joined the domain EXAMPLE.COM that I created with Samba.
I've made several test and I can succesfully modify the password of the "Administrator" account with first part of the POC :
./cve-2020-1472-exploit.py -n EXAMPLE-DC -t 1.2.3.4
Problem comes when trying to run impacket to extract some data from the domain :
secretsdump.py -no-pass -just-dc Domain/'DC_NETBIOS_NAME$'#DC_IP_ADDR
It sucesfully log in but then I get this message :
Password:
[*] Dumping Domain Credentials (domain\uid:rid:lmhash:nthash)
[*] Using the DRSUAPI method to get NTDS.DIT secrets
[-] DRSR SessionError: code: 0x20e4 - ERROR_DS_CANT_FIND_EXPECTED_NC - The naming context could not be found.
[*] Something wen't wrong with the DRSUAPI approach. Try again with -use-vss parameter
[*] Cleaning up...
UPDATE 1 :
I also tried to use the -use-vss option but it also fails after login in.
[-] RemoteOperations failed: DCERPC Runtime Error: code: 0x5 - rpc_s_access_denied
[*] Searching for NTDS.dit
[-] 'NoneType' object has no attribute 'request'
[*] Cleaning up...
I tried to get some information about the DRSR SessionError: code: 0x20e4 - ERROR_DS_CANT_FIND_EXPECTED_NC but I didn't found any usefull informations on internet..
I hope someone have already faced this error or have knowledge regarding Active Directory because I'm really stuck
Thanks in advance and have a good week !
UPDATE 2:
I made a post on impacket's github and it seems like the DRSUAPI approach hasn't been tested against a non Windows AD before. So secretsdump wont works.
Every page mentioned SAMBA as vulnerable so I wonder if they really tested to exploit the vulnerability or if it was just a theoretical assumption.
I am trying to publish sharepoint2016 website including Power View reports which created by SQL server services service (SSRS). there is top level site and bi center as sub-site; both are working fine but problem is that when I try to view the report it said the error:
"the web application at [url] could not be found. verify that you have typed the url correctly. if the url should be serving existing content, the system administrator may need to add a new request url mapping to the intended application."I search about the error but It does not reach my target.
https://forums.asp.net/t/1970799.aspx?SQL+Reporting+Service+Runtime+Error+The+item+reports+Report1+cannot+be+found+rsItemNotFound+
note that the whole site is working fine in domain.
Please help...
Thanks...
Sorry for late guys...
i found that Power shell of SP cannot execute any command related to SSRS
it just need to reinstall SSRS service compatible with SP2016. then every thing is fine.
I been searching for an answer for this for a long time now. There are a zillion discussions but none seems to have helped me (I have tried everything I have read).
I have an ASP.net website that send apple push notifications. I created a Console app using push sharp - run it on my server, the push notifications get sent/received successfully. I run the console on my local dev system, it also works. I run my 'website' from IIS Express on my local system - the push notifications are also successful. But running in IIS on my server, I am getting the dreaded 'The credentials supplied to the package were not recognized' - any help at this point would be fantastic. Thanks
Previously, every time I have run into this issue, I have had to delete the cert out of my local machine cert store and re-import it. Then it all seems happy. I can't see how it could be a global permissions issue or invalid cert if simply re-importing it fixes the issue.
How I finally fixed it was using the winhttpcertcfg tool from the Windows Resource Kit to grant permission to the specific user that was using the cert.
The syntax would be:
"C:\Program Files (x86)\Windows Resource Kits\Tools\winhttpcertcfg" -i cert.p12 -c LOCAL_MACHINE\My -a UserWhoUsesTheCert -p passwordforp12
I tried to set up WordPress under Google App Engine earlier tonight (following the instructions here: https://developers.google.com/appengine/articles/wordpress).
It runs fine locally, but when I push to remote I get a database error (visible at https://wp-dot-frontiermediag.appspot.com/). If we throw on a /wp_admin/install.php you get:
This either means that the username and password information in your
wp-config.php file is incorrect or we can't contact the database server
at :/cloudsql/frontiermediag:fmwp. This could mean your host's database
server is down.
Here's the relevant code in wp-config:
/** MySQL hostname */
if(isset($_SERVER['SERVER_SOFTWARE']) && strpos($_SERVER['SERVER_SOFTWARE'],'Google App Engine') !== false) {
define('DB_HOST', ':/cloudsql/frontiermediag:fmwp');
}else{
define('DB_HOST', 'localhost');
}
frontiermediag:fmwp is showing "Status Runnable" in Developers Console > Cloud SQL.
I did this once before and it worked so I'm not sure what I'm missing here. I thought it might have been because I'm using WP 3.8.1. but rolled back to 3.5.1 and same thing's happening.
Any ideas? frontiermediag is listed as an authorized application on the :fmwp ACL.
This situation happened to me earlier.However, I edited my Cloud SQL instance , and set "Preferred Location" as "Follow App Engine App" from Google Developers Console. This database connection problem was solved in my case.
I tried the instructions with wordpress 3.5.1 and the instructions seem to work for me. The code snippet you have above seems right and I am not sure what could be wrong without looking at rest of your code. Can you try the instructions from the beginning one more time with 3.5.1?
I had this issue, because "Follow App Engine App" doesn't seem to be an option for second generation instances in my case, and so the instance connection name includes the region setting.
Look at the instance details, and under properties, find "Instance connection name". That is the text that should follow :cloudsql/.
This question may be a dublicate, but no recent post leads to a working answer for my case.
I have a Sharepoint 2013 running on a Windows Server 2012. Following issue appeared:
I made a new Site-Collection as wiki. Everything (links,...) works fine on the server but when I want to access the wiki from outside (not localhost) the server runs in a 404 Not found error.
http://localhost/sites/wiki/Pages/Home.aspx - works fine(localhost)
http://10.38.0.15/sites/wiki/Pages/Home.aspx - doesn't work.
I checked the IIS settings, all servers are up and running. The log file has no errors in it.
Does anyone know, how to solve this problem?
thx
Jürgen
The most common cause for this is that you don't have the IIS host header configured correctly. The 404 will appear because you are hitting a different IIS web site and not the one you intended to.
If you go into IIS Manager and click on "Sites" in the right hand pane there will be a column called bindings and a column called ID.
IIS will check in the order of ID for the first site that matches. Make sure the default site is stopped. If you see bindings that look like the following:
ID 1: Bindings: *:80
ID 2: Bindings: www.yoursite.com:80
www.othersite.com will match ID 1. Any other site that doesn't specify a port or https: will be directed to ID 2. You need to ensure that the site you are trying to access matches your bindings. The "www.yoursite.com" is added to the site via "New Web Application" in SharePoint. There is a field called Host: in Central Administration. This should match what you are typing from inside and outside the server. If you need the site to respond to multiple names, you need to extend the web application.
Assuming you used the default of claims authentication, here are the instructions for that:
http://technet.microsoft.com/en-us/library/gg276325.aspx
I am not sure if this is still required in Server 2012, but disabling the loopback check might also help, although this usually results in a 401, and repeated attempts to log in. Here are the instructions for that.
http://support.microsoft.com/kb/896861
Сheck the alternate access mapping in SharePoint administrator.
It should be something like this:
http://yourservername default
http://10.10.1.30:80 internet
http:// so on ..