MS-NRPC based RPC-client running on linux getting 0xC0000022

eskay01 1 Reputation point
2021-01-27T17:01:07.89+00:00

Hi,

I have implemented MS-NRPC based RPC client which runs on my linux machine. Using this RPC-client, I joined my linux machine into my domain (running on 2012R2 machine).
After a successful bind operation, am trying to authenticate a user, via my RPC-client, using Netlogon RPC calls. This is working for some time. But intermittently, am getting the error code STATUS_ACCESS_DENIED (0xC0000022) as a response to my RPC-client.

At this time, on my DC I executed the command “nltest /DBFlag:0x2080FFFF" and in the the Netlogon log, I found below:

01/21 14:38:20 [LOGON] [6516] SamLogon: Network logon of user1@testdomain.com from linuxmachine$ (via e2qZxXsbAqRpwgh) Entered
01/21 14:38:20 [LOGON] [6516] SamLogon: Network logon of user1@testdomain.com from linuxmachine$ (via e2qZxXsbAqRpwgh) Returns 0xC0000022

This is getting resolved after recreating the machine account for my linux box in DC using MS-RPC API.

After some exploration, I found this error code (0xC0000022) could be due to some problem in schannel created between domain member (linux machine in my case) and DC. Recreating the schannel by removing and adding the machine account for my linux client is solving the issue.

Appreciate any pointers on why this issue occurs intermittently after some period of time.

Thanks in advance,
Eskay.

Windows Open Specifications
Windows Open Specifications
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.Open Specifications: Technical documents for protocols, computer languages, standards support, and data portability. The goal with Open Specifications is to help developers open new opportunities to interoperate with Windows, SQL, Office, and SharePoint.
42 questions
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.