hi @tigerboy, if you connect without a ticket, you can connect using credentials using the following command:
smbclient.py carole.rose@dc01.inlanefreight.local
But this will not give you anything, because we need to get the admin hash and we need to carry out an attack like in the section to reset the hashes.
if we add options (-k -no-pass) to the command above then we will get an error “[-] [Errno Connection error (INLANEFREIGHT.LOCAL:88)] [Errno 111] Connection refused”