root@2004:~# kinit administrator Password for administrator@TEST.JP: root@2004:~# net ads join -U administrator Enter administrator's password: Using short domain name -- TEST Joined '2004' to dns domain 'test.jp' No DNS domain configured for 2004. Unable to perform DNS Update. DNS update failed: NT_STATUS_INVALID_PARAMETER root@2004:~# systemctl restart winbind root@2004:~# wbinfo -u TEST\guest TEST\administrator TEST\krbtgt TEST\chibi root@2004:~# wbinfo -n administrator S-1-5-21-531816203-730215079-1526157293-500 SID_USER (1) root@2004:~# net ads info LDAP server: 192.168.1.143 LDAP server name: dc2.test.jp Realm: TEST.JP Bind Path: dc=TEST,dc=JP LDAP port: 389 Server time: 土, 28 11月 2020 16:40:49 JST KDC server: 192.168.1.143 Server time offset: -2 Last machine account password change: 土, 28 11月 2020 16:39:55 JST root@2004:~# host -4 dc dc.test.jp has address 192.168.1.34 dc.test.jp has address 192.168.1.24 dc.test.jp has IPv6 address 2400:4052:46e0:b700:78ff:d4cf:8f24:c7aa dc.test.jp has IPv6 address 2400:4052:46e0:b700:55c4:a495:cffa:fa8c root@2004:~# host -4 dc1 dc1.test.jp has address 192.168.1.42 dc1.test.jp has IPv6 address 2400:4052:46e0:b700:8ca1:4fc6:8897:27c2 root@2004:~# host -4 dc2 dc2.test.jp has address 192.168.1.143 dc2.test.jp has IPv6 address 2400:4052:46e0:b700:4187:ee03:b5e:34e1 root@2004:~# host -t SRV _ldap._tcp.test.jp _ldap._tcp.test.jp has SRV record 0 100 389 dc2.test.jp. _ldap._tcp.test.jp has SRV record 0 100 389 dc.test.jp. _ldap._tcp.test.jp has SRV record 0 100 389 dc1.test.jp. root@2004:~# host -t SRV _kerberos._udp.test.jp _kerberos._udp.test.jp has SRV record 0 100 88 dc1.test.jp. _kerberos._udp.test.jp has SRV record 0 100 88 dc2.test.jp. _kerberos._udp.test.jp has SRV record 0 100 88 dc.test.jp. root@2004:~# host -t A test.jp test.jp has address 192.168.1.34 test.jp has address 192.168.1.24 test.jp has address 192.168.1.42 test.jp has address 192.168.1.143 root@2004:~# cat /etc/os-release NAME="Ubuntu" VERSION="20.04.1 LTS (Focal Fossa)" ID=ubuntu ID_LIKE=debian PRETTY_NAME="Ubuntu 20.04.1 LTS" VERSION_ID="20.04" HOME_URL="https://www.ubuntu.com/" SUPPORT_URL="https://help.ubuntu.com/" BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/" PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy" VERSION_CODENAME=focal UBUNTU_CODENAME=focal root@2004:~# samba -V Version 4.11.6-Ubuntu root@2004:~# smbclient -L localhost -U% Sharename Type Comment --------- ---- ------- netlogon Disk sysvol Disk print$ Disk Printer Drivers IPC$ IPC IPC Service (Samba 4.11.6-Ubuntu) SMB1 disabled -- no workgroup available root@2004:~# smbclient //192.168.1.24/netlogon -Uadministrator Enter TEST\administrator's password: Try "help" to get a list of possible commands. smb: \> ls . D 0 Sat Nov 28 06:54:46 2020 .. D 0 Sat Nov 28 06:54:46 2020 124869119 blocks of size 4096. 110670062 blocks available smb: \> exit root@2004:~# smbclient //192.168.1.24/sysvol -Uadministrator Enter TEST\administrator's password: Try "help" to get a list of possible commands. smb: \> ls . D 0 Sat Nov 28 06:54:46 2020 .. D 0 Sat Nov 28 06:54:46 2020 test.jp D 0 Sat Nov 28 06:54:46 2020 124869119 blocks of size 4096. 110670062 blocks available smb: \> exit root@2004:~# net ads lookup Information for Domain Controller: 192.168.1.143 Response Type: LOGON_SAM_LOGON_RESPONSE_EX GUID: feabb66c-dd8b-489d-8e9a-8c72474ce583 Flags: Is a PDC: no Is a GC of the forest: yes Is an LDAP server: yes Supports DS: yes Is running a KDC: yes Is running time services: yes Is the closest DC: yes Is writable: yes Has a hardware clock: no Is a non-domain NC serviced by LDAP server: no Is NT6 DC that has some secrets: no Is NT6 DC that has all secrets: yes Runs Active Directory Web Services: yes Runs on Windows 2012 or later: yes Forest: test.jp Domain: test.jp Domain Controller: dc2.test.jp Pre-Win2k Domain: TEST Pre-Win2k Hostname: DC2 Server Site Name: Default-First-Site-Name Client Site Name: Default-First-Site-Name NT Version: 5 LMNT Token: ffff LM20 Token: ffff root@2004:~# dig test.jp ; <<>> DiG 9.16.1-Ubuntu <<>> test.jp ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43989 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4000 ;; QUESTION SECTION: ;test.jp. IN A ;; ANSWER SECTION: test.jp. 600 IN A 192.168.1.24 test.jp. 600 IN A 192.168.1.42 test.jp. 600 IN A 192.168.1.34 test.jp. 600 IN A 192.168.1.143 ;; Query time: 4 msec ;; SERVER: 192.168.1.24#53(192.168.1.24) ;; WHEN: 土 11月 28 16:46:28 JST 2020 ;; MSG SIZE rcvd: 100 root@2004:~# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: administrator@TEST.JP Valid starting Expires Service principal 2020-11-28T16:39:28 2020-11-29T02:39:28 krbtgt/TEST.JP@TEST.JP renew until 2020-11-29T16:39:23 root@2004:~# wbinfo -t checking the trust secret for domain TEST via RPC calls succeeded root@2004:~# wbinfo -g TEST\domain computers TEST\cert publishers TEST\domain users TEST\domain guests TEST\ras and ias servers TEST\allowed rodc password replication group TEST\enterprise read-only domain controllers TEST\cloneable domain controllers TEST\protected users TEST\key admins TEST\enterprise key admins TEST\domain controllers TEST\read-only domain controllers TEST\denied rodc password replication group TEST\group policy creator owners TEST\enterprise admins TEST\domain admins TEST\schema admins TEST\dnsadmins TEST\dnsupdateproxy root@2004:~#