fourbe2 C'est du sarcasme ? | bah voila, j'ai gueulé victoire trop tôt
Avec un autre pc déjà sur le domaine, changement d'IP, /registerdns :
nslookup fonctionne
je fais mes modifs côté AD pour tester et je passe un coup de gpupdate sur le poste. Il tourne 15min puis se vautre sur l'application de la stratégie Ordinateur (ok pour utilisateur)... Rien dans les journaux d'événements.
Moulinette portqryui : (j'ai anonymisé mon domaine) !alerte pavé!
Code :
- =============================================
- Starting portqry.exe -n SERVEURAD -e 135 -p TCP ...
- Querying target system called:
- SERVEURAD
- Attempting to resolve IP address to a name...
- IP address resolved to SERVEURAD.mondomaine.fr
- querying...
- TCP port 135 (epmap service): LISTENING
- Using ephemeral source port
- Querying Endpoint Mapper Database...
- Server's response:
- UUID: d95afe70-a6d5-4259-822e-2c84da1ddb0d
- ncacn_ip_tcp:SERVEURAD[49152]
- UUID: 6b5bdd1e-528c-422c-af8c-a4079be4fe48 Remote Fw APIs
- ncacn_ip_tcp:SERVEURAD[49228]
- UUID: 12345678-1234-abcd-ef00-0123456789ab IPSec Policy agent endpoint
- ncacn_ip_tcp:SERVEURAD[49228]
- UUID: 367abb81-9844-35f1-ad32-98f038001003
- ncacn_ip_tcp:SERVEURAD[49225]
- UUID: 50abc2a4-574d-40b3-9d66-ee4fd5fba076
- ncacn_ip_tcp:SERVEURAD[49222]
- UUID: 6bffd098-a112-3610-9833-46c3f874532d
- ncacn_ip_tcp:SERVEURAD[49216]
- UUID: 5b821720-f63b-11d0-aad2-00c04fc324db
- ncacn_ip_tcp:SERVEURAD[49216]
- UUID: f5cc59b4-4264-101a-8c59-08002b2f8426 NtFrs Service
- ncacn_ip_tcp:SERVEURAD[49202]
- UUID: d049b186-814f-11d1-9a3c-00c04fc9b232 NtFrs API
- ncacn_ip_tcp:SERVEURAD[49202]
- UUID: a00c021c-2be2-11d2-b678-0000f87a8f8e PERFMON SERVICE
- ncacn_ip_tcp:SERVEURAD[49202]
- UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
- ncacn_np:SERVEURAD[\\pipe\\lsass]
- UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
- ncacn_np:SERVEURAD[\\PIPE\\protected_storage]
- UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
- ncacn_ip_tcp:SERVEURAD[49155]
- UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
- ncacn_http:SERVEURAD[49158]
- UUID: f5cc5a18-4264-101a-8c59-08002b2f8426 MS NT Directory NSP Interface
- ncacn_np:SERVEURAD[\\pipe\\lsass]
- UUID: f5cc5a18-4264-101a-8c59-08002b2f8426 MS NT Directory NSP Interface
- ncacn_np:SERVEURAD[\\PIPE\\protected_storage]
- UUID: f5cc5a18-4264-101a-8c59-08002b2f8426 MS NT Directory NSP Interface
- ncacn_ip_tcp:SERVEURAD[49155]
- UUID: f5cc5a18-4264-101a-8c59-08002b2f8426 MS NT Directory NSP Interface
- ncacn_http:SERVEURAD[49158]
- UUID: 12345778-1234-abcd-ef00-0123456789ab
- ncacn_np:SERVEURAD[\\pipe\\lsass]
- UUID: 12345778-1234-abcd-ef00-0123456789ab
- ncacn_np:SERVEURAD[\\PIPE\\protected_storage]
- UUID: 12345778-1234-abcd-ef00-0123456789ab
- ncacn_ip_tcp:SERVEURAD[49155]
- UUID: 12345778-1234-abcd-ef00-0123456789ab
- ncacn_http:SERVEURAD[49158]
- UUID: 12345778-1234-abcd-ef00-0123456789ac
- ncacn_np:SERVEURAD[\\pipe\\lsass]
- UUID: 12345778-1234-abcd-ef00-0123456789ac
- ncacn_np:SERVEURAD[\\PIPE\\protected_storage]
- UUID: 12345778-1234-abcd-ef00-0123456789ac
- ncacn_ip_tcp:SERVEURAD[49155]
- UUID: 12345778-1234-abcd-ef00-0123456789ac
- ncacn_http:SERVEURAD[49158]
- UUID: 12345778-1234-abcd-ef00-0123456789ac
- ncacn_ip_tcp:SERVEURAD[49159]
- UUID: 12345678-1234-abcd-ef00-01234567cffb
- ncacn_np:SERVEURAD[\\pipe\\lsass]
- UUID: 12345678-1234-abcd-ef00-01234567cffb
- ncacn_np:SERVEURAD[\\PIPE\\protected_storage]
- UUID: 12345678-1234-abcd-ef00-01234567cffb
- ncacn_ip_tcp:SERVEURAD[49155]
- UUID: 12345678-1234-abcd-ef00-01234567cffb
- ncacn_http:SERVEURAD[49158]
- UUID: 12345678-1234-abcd-ef00-01234567cffb
- ncacn_ip_tcp:SERVEURAD[49159]
- UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 KeyIso
- ncacn_np:SERVEURAD[\\pipe\\lsass]
- UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 KeyIso
- ncacn_np:SERVEURAD[\\PIPE\\protected_storage]
- UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 KeyIso
- ncacn_ip_tcp:SERVEURAD[49155]
- UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 KeyIso
- ncacn_http:SERVEURAD[49158]
- UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 KeyIso
- ncacn_ip_tcp:SERVEURAD[49159]
- UUID: 3473dd4d-2e88-4006-9cba-22570909dd10 WinHttp Auto-Proxy Service
- ncacn_np:SERVEURAD[\\PIPE\\W32TIME_ALT]
- UUID: 1ff70682-0a51-30e8-076d-740be8cee98b
- ncacn_np:SERVEURAD[\\PIPE\\atsvc]
- UUID: 378e52b0-c0a9-11cf-822d-00aa0051e40f
- ncacn_np:SERVEURAD[\\PIPE\\atsvc]
- UUID: 86d35949-83c9-4044-b424-db363231fd0c
- ncacn_np:SERVEURAD[\\PIPE\\atsvc]
- UUID: 86d35949-83c9-4044-b424-db363231fd0c
- ncacn_ip_tcp:SERVEURAD[49154]
- UUID: 98716d03-89ac-44c7-bb8c-285824e51c4a XactSrv service
- ncacn_np:SERVEURAD[\\PIPE\\atsvc]
- UUID: 98716d03-89ac-44c7-bb8c-285824e51c4a XactSrv service
- ncacn_ip_tcp:SERVEURAD[49154]
- UUID: a398e520-d59a-4bdd-aa7a-3c1e0303a511 IKE/Authip API
- ncacn_np:SERVEURAD[\\PIPE\\atsvc]
- UUID: a398e520-d59a-4bdd-aa7a-3c1e0303a511 IKE/Authip API
- ncacn_ip_tcp:SERVEURAD[49154]
- UUID: a398e520-d59a-4bdd-aa7a-3c1e0303a511 IKE/Authip API
- ncacn_np:SERVEURAD[\\PIPE\\srvsvc]
- UUID: 552d076a-cb29-4e44-8b6a-d15e59e2c0af IP Transition Configuration endpoint
- ncacn_np:SERVEURAD[\\PIPE\\atsvc]
- UUID: 552d076a-cb29-4e44-8b6a-d15e59e2c0af IP Transition Configuration endpoint
- ncacn_ip_tcp:SERVEURAD[49154]
- UUID: 552d076a-cb29-4e44-8b6a-d15e59e2c0af IP Transition Configuration endpoint
- ncacn_np:SERVEURAD[\\PIPE\\srvsvc]
- UUID: 30b044a5-a225-43f0-b3a4-e060df91f9c1
- ncacn_np:SERVEURAD[\\PIPE\\atsvc]
- UUID: 30b044a5-a225-43f0-b3a4-e060df91f9c1
- ncacn_ip_tcp:SERVEURAD[49154]
- UUID: 30b044a5-a225-43f0-b3a4-e060df91f9c1
- ncacn_np:SERVEURAD[\\PIPE\\srvsvc]
- UUID: c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 Impl friendly name
- ncacn_np:SERVEURAD[\\PIPE\\atsvc]
- UUID: c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 Impl friendly name
- ncacn_ip_tcp:SERVEURAD[49154]
- UUID: c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 Impl friendly name
- ncacn_np:SERVEURAD[\\PIPE\\srvsvc]
- UUID: f6beaff7-1e19-4fbb-9f8f-b89e2018337c Event log TCPIP
- ncacn_np:SERVEURAD[\\pipe\\eventlog]
- UUID: f6beaff7-1e19-4fbb-9f8f-b89e2018337c Event log TCPIP
- ncacn_ip_tcp:SERVEURAD[49153]
- UUID: 30adc50c-5cbc-46ce-9a0e-91914789e23c NRP server endpoint
- ncacn_np:SERVEURAD[\\pipe\\eventlog]
- UUID: 30adc50c-5cbc-46ce-9a0e-91914789e23c NRP server endpoint
- ncacn_ip_tcp:SERVEURAD[49153]
- UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 DHCPv6 Client LRPC Endpoint
- ncacn_np:SERVEURAD[\\pipe\\eventlog]
- UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 DHCPv6 Client LRPC Endpoint
- ncacn_ip_tcp:SERVEURAD[49153]
- UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 DHCP Client LRPC Endpoint
- ncacn_np:SERVEURAD[\\pipe\\eventlog]
- UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 DHCP Client LRPC Endpoint
- ncacn_ip_tcp:SERVEURAD[49153]
- UUID: 76f226c3-ec14-4325-8a99-6a46348418af
- ncacn_np:SERVEURAD[\\PIPE\\InitShutdown]
- UUID: d95afe70-a6d5-4259-822e-2c84da1ddb0d
- ncacn_np:SERVEURAD[\\PIPE\\InitShutdown]
- Total endpoints found: 66
- ==== End of RPC Endpoint Mapper query response ====
- portqry.exe -n SERVEURAD -e 135 -p TCP exits with return code 0x00000000.
- =============================================
- Starting portqry.exe -n SERVEURAD -e 389 -p BOTH ...
- Querying target system called:
- SERVEURAD
- Attempting to resolve IP address to a name...
- IP address resolved to SERVEURAD.mondomaine.fr
- querying...
- TCP port 389 (ldap service): LISTENING
- Using ephemeral source port
- Sending LDAP query to TCP port 389...
- LDAP query response:
- currentdate: 09/25/2014 09:36:41 (unadjusted GMT)
- subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=mondomaine,DC=fr
- dsServiceName: CN=NTDS Settings,CN=SERVEURAD,CN=Servers,CN=Premier-Site-par-defaut,CN=Sites,CN=Configuration,DC=mondomaine,DC=fr
- namingContexts: DC=mondomaine,DC=fr
- defaultNamingContext: DC=mondomaine,DC=fr
- schemaNamingContext: CN=Schema,CN=Configuration,DC=mondomaine,DC=fr
- configurationNamingContext: CN=Configuration,DC=mondomaine,DC=fr
- rootDomainNamingContext: DC=mondomaine,DC=fr
- supportedControl: 1.2.840.113556.1.4.319
- supportedLDAPVersion: 3
- supportedLDAPPolicies: MaxPoolThreads
- highestCommittedUSN: 41013955
- supportedSASLMechanisms: GSSAPI
- dnsHostName: SERVEURAD.mondomaine.fr
- ldapServiceName: mondomaine.fr:SERVEURAD$@mondomaine.fr
- serverName: CN=SERVEURAD,CN=Servers,CN=Premier-Site-par-defaut,CN=Sites,CN=Configuration,DC=mondomaine,DC=fr
- supportedCapabilities: 1.2.840.113556.1.4.800
- isSynchronized: TRUE
- isGlobalCatalogReady: TRUE
- domainFunctionality: 4
- forestFunctionality: 2
- domainControllerFunctionality: 4
- ======== End of LDAP query response ========
- UDP port 389 (unknown service): LISTENING or FILTERED
- Using ephemeral source port
- Sending LDAP query to UDP port 389...
- LDAP query to port 389 failed
- Server did not respond to LDAP query
- portqry.exe -n SERVEURAD -e 389 -p BOTH exits with return code 0x00000001.
- =============================================
- Starting portqry.exe -n SERVEURAD -e 636 -p TCP ...
- Querying target system called:
- SERVEURAD
- Attempting to resolve IP address to a name...
- IP address resolved to SERVEURAD.mondomaine.fr
- querying...
- TCP port 636 (ldaps service): LISTENING
- portqry.exe -n SERVEURAD -e 636 -p TCP exits with return code 0x00000000.
- =============================================
- Starting portqry.exe -n SERVEURAD -e 3268 -p TCP ...
- Querying target system called:
- SERVEURAD
- Attempting to resolve IP address to a name...
- IP address resolved to SERVEURAD.mondomaine.fr
- querying...
- TCP port 3268 (msft-gc service): LISTENING
- Using ephemeral source port
- Sending LDAP query to TCP port 3268...
- LDAP query response:
- currentdate: 09/25/2014 09:37:03 (unadjusted GMT)
- subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=mondomaine,DC=fr
- dsServiceName: CN=NTDS Settings,CN=SERVEURAD,CN=Servers,CN=Premier-Site-par-defaut,CN=Sites,CN=Configuration,DC=mondomaine,DC=fr
- namingContexts: DC=mondomaine,DC=fr
- defaultNamingContext: DC=mondomaine,DC=fr
- schemaNamingContext: CN=Schema,CN=Configuration,DC=mondomaine,DC=fr
- configurationNamingContext: CN=Configuration,DC=mondomaine,DC=fr
- rootDomainNamingContext: DC=mondomaine,DC=fr
- supportedControl: 1.2.840.113556.1.4.319
- supportedLDAPVersion: 3
- supportedLDAPPolicies: MaxPoolThreads
- highestCommittedUSN: 41013969
- supportedSASLMechanisms: GSSAPI
- dnsHostName: SERVEURAD.mondomaine.fr
- ldapServiceName: mondomaine.fr:SERVEURAD$@mondomaine.fr
- serverName: CN=SERVEURAD,CN=Servers,CN=Premier-Site-par-defaut,CN=Sites,CN=Configuration,DC=mondomaine,DC=fr
- supportedCapabilities: 1.2.840.113556.1.4.800
- isSynchronized: TRUE
- isGlobalCatalogReady: TRUE
- domainFunctionality: 4
- forestFunctionality: 2
- domainControllerFunctionality: 4
- ======== End of LDAP query response ========
- portqry.exe -n SERVEURAD -e 3268 -p TCP exits with return code 0x00000000.
- =============================================
- Starting portqry.exe -n SERVEURAD -e 3269 -p TCP ...
- Querying target system called:
- SERVEURAD
- Attempting to resolve IP address to a name...
- IP address resolved to SERVEURAD.mondomaine.fr
- querying...
- TCP port 3269 (msft-gc-ssl service): LISTENING
- portqry.exe -n SERVEURAD -e 3269 -p TCP exits with return code 0x00000000.
- =============================================
- Starting portqry.exe -n SERVEURAD -e 53 -p BOTH ...
- Querying target system called:
- SERVEURAD
- Attempting to resolve IP address to a name...
- IP address resolved to SERVEURAD.mondomaine.fr
- querying...
- TCP port 53 (domain service): LISTENING
- UDP port 53 (domain service): LISTENING
- portqry.exe -n SERVEURAD -e 53 -p BOTH exits with return code 0x00000000.
- =============================================
- Starting portqry.exe -n SERVEURAD -e 88 -p BOTH ...
- Querying target system called:
- SERVEURAD
- Attempting to resolve IP address to a name...
- IP address resolved to SERVEURAD.mondomaine.fr
- querying...
- TCP port 88 (kerberos service): LISTENING
- UDP port 88 (kerberos service): LISTENING or FILTERED
- portqry.exe -n SERVEURAD -e 88 -p BOTH exits with return code 0x00000002.
- =============================================
- Starting portqry.exe -n SERVEURAD -e 445 -p TCP ...
- Querying target system called:
- SERVEURAD
- Attempting to resolve IP address to a name...
- IP address resolved to SERVEURAD.mondomaine.fr
- querying...
- TCP port 445 (microsoft-ds service): LISTENING
- portqry.exe -n SERVEURAD -e 445 -p TCP exits with return code 0x00000000.
- =============================================
- Starting portqry.exe -n SERVEURAD -e 137 -p UDP ...
- Querying target system called:
- SERVEURAD
- Attempting to resolve IP address to a name...
- IP address resolved to SERVEURAD.mondomaine.fr
- querying...
- UDP port 137 (netbios-ns service): LISTENING or FILTERED
- Using ephemeral source port
- Attempting NETBIOS adapter status query to UDP port 137...
- Server's response: MAC address 782bcb15c519
- UDP port: LISTENING
- portqry.exe -n SERVEURAD -e 137 -p UDP exits with return code 0x00000000.
- =============================================
- Starting portqry.exe -n SERVEURAD -e 138 -p UDP ...
- Querying target system called:
- SERVEURAD
- Attempting to resolve IP address to a name...
- IP address resolved to SERVEURAD.mondomaine.fr
- querying...
- UDP port 138 (netbios-dgm service): LISTENING or FILTERED
- portqry.exe -n SERVEURAD -e 138 -p UDP exits with return code 0x00000002.
- =============================================
- Starting portqry.exe -n SERVEURAD -e 139 -p TCP ...
- Querying target system called:
- SERVEURAD
- Attempting to resolve IP address to a name...
- IP address resolved to SERVEURAD.mondomaine.fr
- querying...
- TCP port 139 (netbios-ssn service): LISTENING
- portqry.exe -n SERVEURAD -e 139 -p TCP exits with return code 0x00000000.
- =============================================
- Starting portqry.exe -n SERVEURAD -e 42 -p TCP ...
- Querying target system called:
- SERVEURAD
- Attempting to resolve IP address to a name...
- IP address resolved to SERVEURAD.mondomaine.fr
- querying...
- TCP port 42 (nameserver service): NOT LISTENING
- portqry.exe -n SERVEURAD -e 42 -p TCP exits with return code 0x00000001.
|
Par rapport au portqry du 1er PC, c'est beaucoup mieux. Ce pc est fraichement installé au Cd windows, pilotes et domainisation.
Dès que je change l'ip et que je reboot, les stratégies ne s'appliquent plus et windows chouine pour l'antivirus, wsus, le parefeu. Mstsc impossible vers ce pc mais fonctionne bien dans l'autre sens sur un nom de machine (et donc résolution dns ok) |