[-] ERROR_DS_NAME_ERROR_NOT_UNIQUE: Name translation: Input name mapped to more than one output name

Question

[-] ERROR_DS_NAME_ERROR_NOT_UNIQUE: Name translation: Input name mapped to more than one output name

CaledoniaProject opened this issue 6 years ago · 1 comments

This happened in Windows 2016 DC + Exchange 2016:

[+] Authenticating against ldap://172.16.177.130 as CORP\MAIL01$ SUCCEED
[*] Enumerating relayed user's privileges. This may take a while on large domains
[*] User privileges found: Create user
[*] User privileges found: Modifying domain ACL
[*] Querying domain security descriptor
[+] Success! User X now has Replication-Get-Changes-All privileges on the domain
[*] Try using DCSync with secretsdump.py and this user :)
[*] Dumping Domain Credentials (domain\uid:rid:lmhash:nthash)
[*] Using the DRSUAPI method to get NTDS.DIT secrets
[-] ERROR_DS_NAME_ERROR_NOT_UNIQUE: Name translation: Input name mapped to more than one output name.
[*] Cleaning up...

What does ERROR_DS_NAME_ERROR_NOT_UNIQUE: Name translation: Input name mapped to more than one output name mean?

The dcsync privilege is granted and works with other tools now, but can you take a look at it?

Answer 1 · 2019-02-07T04:03:06.000Z

@CaledoniaProject have a look at this: fortra/impacket#320