Re: [cifs-protocol] [MS-SAMR] SamrSetInformationUser2 over an authenticated DCERPC connection [119040819792364]

Fri, 12 Apr 2019 14:25:50 -0700 

Hi Andreas:
Thanks.
This is enough to get me started. The piece I need to debug is same for both 
success and failure so that should be enough for me.

Regards,
Obaid Farooqi
Escalation Engineer | Microsoft

-----Original Message-----
From: Andreas Schneider <a...@samba.org> 
Sent: Friday, April 12, 2019 4:15 PM
To: Obaid Farooqi <oba...@microsoft.com>
Cc: cifs-protocol <cifs-protocol@lists.samba.org>; 
supp...@mail.support.microsoft.com
Subject: Re: [MS-SAMR] SamrSetInformationUser2 over an authenticated DCERPC 
connection [119040819792364]

On Friday, 12 April 2019 22:10:00 CEST Obaid Farooqi wrote:
> Hi Andreas:

Hi Obaid,

> I need to dig deeper into this to find out what is happening.
> Can you please send me instructions on how to setup a Linux client to 
> run the test you ran?
> 
> My plan is to use Windows Subsystem for Linux (WSL) running Ubuntu to 
> accomplish this but that is not a requirement, just a convenience as 
> I'll not have to install Linux on a new VM.

if you're interesting in the case were the password change fails, you just need 
to install samba-client on WSL running Ubuntu.

First create a user e.g. bob1 on an AD DC.

Then go to a console on WSL Ubuntu and run:

$ sudo apt-get install samba-client

Once you have that installed you can execute:

$ rpcclient ncacn_np:<windows ad server>[seal] -U Administrator%<admin 
password> 
-c "setuserinfo2  bob1 26 P@ssword0"

Where <windows ad server> is the dns domain name of your windows ad dc.

This will fail with an error NT_STATUS_WRONG_PASSWORD as it uses the wrong 
session key.

If you want to use TCP/IP:

$ rpcclient ncacn_ip_tcp:<windows ad server>[seal] -U Administrator%<admin 
password> -c "setuserinfo2  bob1 26 P@ssword0"

This will fail with an error NT_STATUS_WRONG_PASSWORD as it uses the wrong 
session key.

I can send you the instructions how to build samba with my changes to use 
"SystemLibraryDTC" as the session key. Then the above commands will succeed. 
But as you need to clone the git repo and compile it, I need to lookup the 
packages you need to install for Ubuntu first. I can do that on Monday.

Have a nice weekend,


        Andreas



_______________________________________________
cifs-protocol mailing list
cifs-protocol@lists.samba.org
https://lists.samba.org/mailman/listinfo/cifs-protocol

Reply via email to