Open extrafu opened 2 years ago
Quick update, I've added:
dce.set_auth_level(RPC_C_AUTHN_LEVEL_PKT_PRIVACY)
dce.set_auth_type(RPC_C_AUTHN_WINNT)
and still get the access denied error. I also get the error with:
dce.set_auth_level(RPC_C_AUTHN_LEVEL_PKT_PRIVACY)
dce.set_auth_type(RPC_C_AUTHN_NETLOGON)
dce.set_credentials(*(rpctransport.get_credentials()))
From https://github.com/SecureAuthCorp/impacket/commit/ecc3008d3bad6e53204d38e93f3bda1d99b0000c -- @0xdeaddood it looks like it's expected to fail since a secure RPC session is required. What is required here to establish one? Thanks
Any updates on this? Getting the same error even after adding the machine to the GPO.
Hello,
Using impacket v0.10 with AD 2022. When trying to do an LogonNetworkTransitive using the code below, I get the following error:
impacket.dcerpc.v5.nrpc.DCERPCSessionError: NRPC SessionError: code: 0xc0000022 - STATUS_ACCESS_DENIED - {Access Denied} A process has requested access to an object but has not been granted those access rights.
From AD's GPO editor, if I add the machine_user (cluster1 in my case) to "Domain controller: Allow vulnerable Netlogon secure channel connections", everything works as expected. So my question is what can be changed in the code below so that it works without adding the machine_user to that exception list? A secure channel is supposedly already established.