My original attempts with addcomputer.py were failing because, despite having valid Domain Admin Kerberos credentials, the build of Impacket has a bug causing SAMR (SMB) computer creation to always return STATUS_ACCESS_DENIED.
I had to use -method LDAPS to bypass SAMR entirely, allowing me to create the computer over secure LDAP with Kerberos, which works reliably and avoids the Impacket SMB bug.
The command python3 addcomputer.py -computer-name lowprivPC -computer-pass $computer-pass -k -no-pass -dc-ip 192.168.2.4 doazlab.com/doadmin:'$doadminpass'@192.168.2.4 -dc-host dc01 also fails as it combines -no-pass (Kerberos) and then specifies NTLM credentials to use.
Example of working command below:
KRB5CCNAME=/opt/impacket/examples/doadmin.ccache python3 addcomputer.py -method LDAPS -computer-name lowprivPC -computer-pass L0wPr1VSys -k -no-pass -dc-host dc01.doazlab.com doazlab.com/doadmin
My original attempts with addcomputer.py were failing because, despite having valid Domain Admin Kerberos credentials, the build of Impacket has a bug causing SAMR (SMB) computer creation to always return STATUS_ACCESS_DENIED.
I had to use -method LDAPS to bypass SAMR entirely, allowing me to create the computer over secure LDAP with Kerberos, which works reliably and avoids the Impacket SMB bug.
The command
python3 addcomputer.py -computer-name lowprivPC -computer-pass $computer-pass -k -no-pass -dc-ip 192.168.2.4 doazlab.com/doadmin:'$doadminpass'@192.168.2.4 -dc-host dc01also fails as it combines -no-pass (Kerberos) and then specifies NTLM credentials to use.Example of working command below:
KRB5CCNAME=/opt/impacket/examples/doadmin.ccache python3 addcomputer.py -method LDAPS -computer-name lowprivPC -computer-pass L0wPr1VSys -k -no-pass -dc-host dc01.doazlab.com doazlab.com/doadmin