Author Topic: Issue with Computer Name not changing  (Read 142 times)

killmasta93

  • Zen Apprentice
  • *
  • Posts: 29
  • Karma: +5/-0
    • View Profile
Issue with Computer Name not changing
« on: January 28, 2020, 03:49:06 am »
Hi,
I was wondering if someone else has had this issue before, Currently changed name of a PC which was illustrator-pc to illustrators-pc adding the s at the end i check on zentyal web and it does not change

adding the screen shots

https://imgur.com/a/bkZRURI

Thank you

killmasta93

  • Zen Apprentice
  • *
  • Posts: 29
  • Karma: +5/-0
    • View Profile
Re: Issue with Computer Name not changing
« Reply #1 on: January 29, 2020, 05:42:37 am »
BUMP anyone?

doncamilo

  • Zen Samurai
  • ****
  • Posts: 350
  • Karma: +83/-1
    • View Profile
Re: Issue with Computer Name not changing
« Reply #2 on: January 29, 2020, 01:33:41 pm »
 :)

I never did such a change in my clients. I'm configuring a lab right now and after the meal, I'll give you some feedback.

Cheers!
"That place... is strong with the
dark side of the Force.  A domain
of evil it is.  In you must go."

Yoda.

doncamilo

  • Zen Samurai
  • ****
  • Posts: 350
  • Karma: +83/-1
    • View Profile
Re: Issue with Computer Name not changing
« Reply #3 on: January 29, 2020, 05:31:26 pm »
 :)

My results.

1- W10 client joined the eregion.lan domain



2- Changing client name



3- Viewing the ldb database record



As you can see Samba updates some of the attributes: sAMAccountName: W10S$
displayName: W10S$
dNSHostName: W10s.eregion.lan
servicePrincipalName: HOST/W10s.eregion.lan
servicePrincipalName: RestrictedKrbHost/W10s.eregion.lan
servicePrincipalName: HOST/W10S
servicePrincipalName: RestrictedKrbHost/W10S
But some others can't be updated without change the DN of the object (it means without removing this object and re-crating another new one)
cn: W10 -> dn: CN=W10,CN=Computers,DC=eregion,DC=lan

So, I' try to use ldbrename to change the machine account name:

Code: [Select]
root@lothlorien:~# ldbrename -H ldap://127.0.0.1 -U admindc%admindc 'CN=W10,CN=Computers,DC=eregion,DC=lan' 'CN=W10s,CN=Computers,DC=eregion,DC=lan'
GENSEC backend 'gssapi_spnego' registered
GENSEC backend 'gssapi_krb5' registered
GENSEC backend 'gssapi_krb5_sasl' registered
GENSEC backend 'spnego' registered
GENSEC backend 'schannel' registered
GENSEC backend 'naclrpc_as_system' registered
GENSEC backend 'sasl-EXTERNAL' registered
GENSEC backend 'ntlmssp' registered
GENSEC backend 'ntlmssp_resume_ccache' registered
GENSEC backend 'http_basic' registered
GENSEC backend 'http_ntlm' registered
GENSEC backend 'krb5' registered
GENSEC backend 'fake_gssapi_krb5' registered
Cannot do GSSAPI to an IP address
Got challenge flags:
Got NTLMSSP neg_flags=0x62898235
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x62088235
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x62088235
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x62088235
Renamed 1 record

Re-stating samba:

Code: [Select]
root@lothlorien:~# zs samba restart



I'll restart my client W10s and I'll try to open theShire resource:



Please, do your own trial in lab before to apply this in production. It's the first time I do it, and I'm amazed because it seems to run.

Cheers












"That place... is strong with the
dark side of the Force.  A domain
of evil it is.  In you must go."

Yoda.

killmasta93

  • Zen Apprentice
  • *
  • Posts: 29
  • Karma: +5/-0
    • View Profile
Re: Issue with Computer Name not changing
« Reply #4 on: January 31, 2020, 04:59:04 am »
Thank you so much for the reply, very interesting approach i was looking around and install the RSAT tool on a windows called editor ADSI and i rename to the pc and seems to refresh it but not sure if its the right approach?  Out of curiosity how come it does not update automatically?

Thank you

doncamilo

  • Zen Samurai
  • ****
  • Posts: 350
  • Karma: +83/-1
    • View Profile
Re: Issue with Computer Name not changing
« Reply #5 on: January 31, 2020, 04:31:04 pm »
Thank you so much for the reply, very interesting approach i was looking around and install the RSAT tool on a windows called editor ADSI and i rename to the pc and seems to refresh it but not sure if its the right approach?  Out of curiosity how come it does not update automatically?

ADSIEDIT is a powerful tool, but I have ever some fear when working with mixed samba/server environments. Samba and Ms. Windows Server (especially beyond Ms. Windows Server 2008 R) doesn't have a  symmetrical relationship. I try ever the samba way when I have been doomed to work on mixed active directory domains.

Why the CN isn't automatically changed? I think that it could be a consequence of the positional nature of the LDAP directories.

Changin a CN suppose, actually,  to remove the old entry and create another new one. And this operation supposes to check another time the LDAP to avoid collisions and a different type of replication between domain controllers preserving the SID, etc to avoid to broke the trusted relationship...  I don't know why the samba designers chose this way of doing, but it's the only explanation I can imagine.

Cheers!
"That place... is strong with the
dark side of the Force.  A domain
of evil it is.  In you must go."

Yoda.

killmasta93

  • Zen Apprentice
  • *
  • Posts: 29
  • Karma: +5/-0
    • View Profile
Re: Issue with Computer Name not changing
« Reply #6 on: February 01, 2020, 06:19:43 pm »
Thanks for the reply, your method above worked flawless  ran the commands and it changed the pc name, its funny though on ASSIEDIT works also but its better your method as its directly on zentyal, Currently i only use RSAT tools for GPO and creating users

Thank you again for the help