not sure if you solved it but the question is poorly written as usual … when they say NTLM hash they usually are referring to NT part of the hash only
It actually failed a few times, I exited out, did some enumeration of the accounts rights etc to make sure I wasn’t going crazy (a Domain Admin should be able to DCSync!), and it just worked. The exact same command as before, run from the same PowerShell session (although I had exited Mimikatz and gone back in).
So for anyone reading this: It seems like just a transitory error, but secretsdump is probably quicker.
I met mimikatz error in the windows version of this section.
ERROR kuhl_m_lsadump_dcsync ; GetNCChanges: 0x000020f7 (8439)
However, the cause of this problem is simple. The current user just does not have enough privileges.
In this questions, you can elevate your privileges by right-clicking.
FROM WINDOWS HOST
To get the flag.txt located in the ExtraSids folder you have to do as following
ls \\academy-ea-dc01.inlanefreight.local\c$\ExtraSids
And then cat it out! You know how to do it 
Now from where I found this? Actually I tried many combination such as c\ExtraSids, c\ExtraSids$, etc manually and at last got hit on it.