We're starting to see Win10 test systems show up on our network and currently our splendid mechanism of using winexe to connect to Windows systems simply fails to work.
Win10 clients cause winexe-1.1 to return
ERROR: StartService failed. NT_STATUS_BAD_INITIAL_PC.
I have downloaded winexe via git onto my CentOS-6/64bit system along with the git release of Samba as instructed. I had to downgrade samba to a previous version as per #64 in order to get it to compile - and had to manually add "-lgnutls" on the end to get the winexe-static binary - but to no avail - that version still triggers the same fault against Win10
I suspect we have to use the newer samba source code in order to get Win10 support? But as per #64 that isn't possible?
Any other ideas how to get Win10 support working?
Thanks!
Jason
hm... PC on win 10 without domain.
(Windows 10 Enterprise x64)
winexe-1.1 connected. Debian
test pstools, he works fine to me too.
root@localhost:/opt/winexe/winexe-winexe-waf/source/build# ./winexe //10.0.0.158 -U NOTEK53/Valerij --system cmd -d99
INFO: Current debug levels:
all: 99
tdb: 99
printdrivers: 99
lanman: 99
smb: 99
rpc_parse: 99
rpc_srv: 99
rpc_cli: 99
passdb: 99
sam: 99
auth: 99
winbind: 99
vfs: 99
idmap: 99
quota: 99
acls: 99
locking: 99
msdfs: 99
dmapi: 99
registry: 99
Enter password:
winexe version 1.1
This program may be freely redistributed under the terms of the GNU GPLv3
added interface venet0:0 ip=10.0.0. bcast=10.0.0. netmask=255.255.255.255
added interface venet0 ip=127.0.0.2 bcast=127.0.0.2 netmask=255.255.255.255
added interface venet0:0 ip=10.0.0. bcast=10.0.0. netmask=255.255.255.255
added interface venet0 ip=127.0.0.2 bcast=127.0.0.2 netmask=255.255.255.255
Socket options:
SO_KEEPALIVE = 0
SO_REUSEADDR = 0
SO_BROADCAST = 0
TCP_NODELAY = 1
TCP_KEEPCNT = 9
TCP_KEEPIDLE = 7200
TCP_KEEPINTVL = 75
IPTOS_LOWDELAY = 0
IPTOS_THROUGHPUT = 0
SO_SNDBUF = 24360
SO_RCVBUF = 87380
SO_SNDLOWAT = 1
SO_RCVLOWAT = 1
Could not test socket option SO_SNDTIMEO.
Could not test socket option SO_RCVTIMEO.
TCP_QUICKACK = 1
TCP_DEFER_ACCEPT = 0
Starting GENSEC mechanism spnego
Starting GENSEC submechanism ntlmssp
negotiate: struct NEGOTIATE_MESSAGE
Signature : 'NTLMSSP'
MessageType : NtLmNegotiate (1)
NegotiateFlags : 0x60088215 (1611170325)
1: NTLMSSP_NEGOTIATE_UNICODE
0: NTLMSSP_NEGOTIATE_OEM
1: NTLMSSP_REQUEST_TARGET
1: NTLMSSP_NEGOTIATE_SIGN
0: NTLMSSP_NEGOTIATE_SEAL
0: NTLMSSP_NEGOTIATE_DATAGRAM
0: NTLMSSP_NEGOTIATE_LM_KEY
0: NTLMSSP_NEGOTIATE_NETWARE
1: NTLMSSP_NEGOTIATE_NTLM
0: NTLMSSP_NEGOTIATE_NT_ONLY
0: NTLMSSP_ANONYMOUS
0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL
1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN
0: NTLMSSP_TARGET_TYPE_DOMAIN
0: NTLMSSP_TARGET_TYPE_SERVER
0: NTLMSSP_TARGET_TYPE_SHARE
1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
0: NTLMSSP_NEGOTIATE_IDENTIFY
0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY
0: NTLMSSP_NEGOTIATE_TARGET_INFO
0: NTLMSSP_NEGOTIATE_VERSION
1: NTLMSSP_NEGOTIATE_128
1: NTLMSSP_NEGOTIATE_KEY_EXCH
0: NTLMSSP_NEGOTIATE_56
DomainNameLen : 0x0009 (9)
DomainNameMaxLen : 0x0009 (9)
DomainName :
DomainName : 'WORKGROUP'
WorkstationLen : 0x0009 (9)
WorkstationMaxLen : 0x0009 (9)
Workstation :
Workstation : 'LOCALHOST'
Got challenge flags:
Got NTLMSSP neg_flags=0x628a8215
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_SIGN
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_NEGOTIATE_NTLM2
NTLMSSP_NEGOTIATE_TARGET_INFO
NTLMSSP_NEGOTIATE_VERSION
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x60088215
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_SIGN
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_NEGOTIATE_NTLM2
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
IN: async_open(\ahexec, 2)
IN: async_open_recv
CTRL: Sending command: get version
CTRL: Received: version 0x0064
CTRL: Sending command: set system 1
run cmd
CTRL: Received: std_io_err 06880001
IN: async_open(\ahexec_stdin06880001, 2)
IN: async_open(\ahexec_stdout06880001, 2)
IN: async_open(\ahexec_stderr06880001, 2)
IN: async_open_recv
IN: async_open_recv
IN: async_open_recv
Microsoft Windows [Version 10.0.10240]
(c) ▒▒௮▒▒▒ ▒▒▒▒▒▒▒▒ (Microsoft Corporation), 2015 ▒. ▒▒ ▒ࠢ▒ ▒▒▒饭▒.
C:\WINDOWS\system32>
Last edit: Andrew Rusanov 2015-08-17
Yeah - sorry I forgot to get back about this - it's a bit more complicated.
Basically the problem is real - but it doesn't affect all Win10 systems - just one that is based on an dev ISO from several months ago and then went through several upgrades. ie we have some win10 systems where winexe works, but one where it doesn't - but in all cases psexec works just fine