Ubuntu 22.04.5 LTS Samba4.15.13 でAMD EPYC 7763 64-Core Processor 128GBに構築した Windows Server 2025 Datacenter Active Directory Domain のメンバーに参加してみた

root@2204:~# kinit administrator
Password for administrator@TEST.JP:
Warning: Your password will expire in less than one hour on 2100年09月14日 11時48分05秒
root@2204:~# net ads join -U administrator
Password for [TEST\administrator]:
Using short domain name — TEST
Joined ‘2204’ to dns domain ‘test.jp’
No DNS domain configured for 2204. Unable to perform DNS Update.
DNS update failed: NT_STATUS_INVALID_PARAMETER
root@2204:~# systemctl restart winbind
root@2204:~# wbinfo -u
TEST\administrator
TEST\guest
TEST\w11
TEST\krbtgt
TEST\chibi
root@2204:~# wbinfo -n chibi
S-1-5-21-2588218054-2522920912-1718821798-1104 SID_USER (1)
root@2204:~# net ads info
LDAP server: 192.168.1.48
LDAP server name: dc.test.jp
Realm: TEST.JP
Bind Path: dc=TEST,dc=JP
LDAP port: 389
Server time: 日, 22 12月 2024 12:05:11 JST
KDC server: 192.168.1.48
Server time offset: 1
Last machine account password change: 日, 22 12月 2024 12:04:11 JST
root@2204:~# host -t SRV _ldap._tcp.test.jp
_ldap._tcp.test.jp has SRV record 0 100 389 dc.test.jp.
root@2204:~# host -t SRV _lerberos._udp.test.jp
Host _lerberos._udp.test.jp not found: 3(NXDOMAIN)
root@2204:~# host -t SRV _kerberos._udp.test.jp
_kerberos._udp.test.jp has SRV record 0 100 88 dc.test.jp.
root@2204:~# host -t A test.jp
test.jp has address 192.168.1.48
test.jp has address 192.168.1.49
root@2204:~# cat /etc/os-release
PRETTY_NAME=”Ubuntu 22.04.5 LTS”
NAME=”Ubuntu”
VERSION_ID=”22.04″
VERSION=”22.04.5 LTS (Jammy Jellyfish)”
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL=”https://www.ubuntu.com/”
SUPPORT_URL=”https://help.ubuntu.com/”
BUG_REPORT_URL=”https://bugs.launchpad.net/ubuntu/”
PRIVACY_POLICY_URL=”https://www.ubuntu.com/legal/terms-and-policies/privacy-policy”
UBUNTU_CODENAME=jammy
root@2204:~# samba -V
Version 4.15.13-Ubuntu
root@2204:~# smbclient //192.168.1.48/netlogon -Uadministrator
Password for [TEST\administrator]:
Try “help” to get a list of possible commands.
smb: \> ls
. D 0 Sat Dec 21 05:58:06 2024
.. D 0 Sat Dec 21 06:09:10 2024

124813055 blocks of size 4096. 116163169 blocks available
smb: \> exit
root@2204:~# smbclient //192.168.1.48/sysvol -Uadministrator
Password for [TEST\administrator]:
Try “help” to get a list of possible commands.
smb: \> ls
. D 0 Sat Dec 21 05:58:06 2024
.. D 0 Sat Dec 21 05:58:06 2024
test.jp Dr 0 Sat Dec 21 05:58:06 2024

124813055 blocks of size 4096. 116163101 blocks available
smb: \> exit
root@2204:~# net ads lookup
Information for Domain Controller: 192.168.1.48

Response Type: LOGON_SAM_LOGON_RESPONSE_EX
GUID: ff03c474-80bd-410b-a4c9-5f15a4958556
Flags:
Is a PDC: yes
Is a GC of the forest: yes
Is an LDAP server: yes
Supports DS: yes
Is running a KDC: yes
Is running time services: yes
Is the closest DC: yes
Is writable: yes
Has a hardware clock: yes
Is a non-domain NC serviced by LDAP server: no
Is NT6 DC that has some secrets: no
Is NT6 DC that has all secrets: yes
Runs Active Directory Web Services: yes
Runs on Windows 2012 or later: yes
Forest: test.jp
Domain: test.jp
Domain Controller: dc.test.jp
Pre-Win2k Domain: TEST
Pre-Win2k Hostname: DC
Server Site Name: Default-First-Site-Name
Client Site Name: Default-First-Site-Name
NT Version: 5
LMNT Token: ffff
LM20 Token: ffff
root@2204:~# dig test.jp

; <<>> DiG 9.18.28-0ubuntu0.22.04.1-Ubuntu <<>> test.jp
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31744 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4000 ;; QUESTION SECTION: ;test.jp. IN A ;; ANSWER SECTION: test.jp. 600 IN A 192.168.1.49 test.jp. 600 IN A 192.168.1.48 ;; Query time: 1 msec ;; SERVER: 192.168.1.48#53(192.168.1.48) (UDP) ;; WHEN: Sun Dec 22 12:10:06 JST 2024 ;; MSG SIZE rcvd: 68 root@2204:~# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: administrator@TEST.JP Valid starting Expires Service principal 2024-12-22T12:02:59 2024-12-22T22:02:59 krbtgt/TEST.JP@TEST.JP renew until 2024-12-23T12:02:52 root@2204:~# wbinfo -t checking the trust secret for domain TEST via RPC calls succeeded root@2204:~# しょうさいはこちらです。 Ubuntu 22.04.5 LTS Samba4.15.13 でAMD EPYC 77633 64-Core Processor 128GBに構築した Windows Server 2025 Datacenter Active Directory Domain のメンバーに参加してみた

カテゴリー: ubuntu, windows パーマリンク

コメントを残す

メールアドレスが公開されることはありません。 が付いている欄は必須項目です