[2015/08/14 19:16:41.620981, 0] ../lib/util/pidfile.c:153(pidfile_unlink) Failed to delete pidfile /var/run/samba/smbd.pid. Error was No such file or directory [2015/08/14 19:16:42, 0] ../source3/smbd/server.c:1189(main) smbd version 4.1.13-Ubuntu started. Copyright Andrew Tridgell and the Samba Team 1992-2013 [2015/08/14 19:16:42, 5, pid=12293, effective(0, 0), real(0, 0)] ../lib/util/debug.c:334(debug_dump_status) INFO: Current debug levels: all: 10 tdb: 10 printdrivers: 10 lanman: 10 smb: 10 rpc_parse: 10 rpc_srv: 10 rpc_cli: 10 passdb: 10 sam: 10 auth: 10 winbind: 10 vfs: 10 idmap: 10 quota: 10 acls: 10 locking: 10 msdfs: 10 dmapi: 10 registry: 10 scavenger: 10 dns: 10 ldb: 10 doing parameter read raw = no doing parameter obey pam restrictions = yes doing parameter ea support = Yes doing parameter panic action = /usr/share/samba/panic-action %d doing parameter write raw = no doing parameter server role = standalone server doing parameter log file = /var/log/samba/log.%m doing parameter max log size = 1000 doing parameter passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . doing parameter passdb backend = tdbsam doing parameter workgroup = WORKGROUP doing parameter map to guest = bad user doing parameter syslog = 0 doing parameter usershare allow guests = yes doing parameter passwd program = /usr/bin/passwd %u [2015/08/14 19:16:42, 4, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:4878(lp_load_ex) pm_process() returned Yes [2015/08/14 19:16:42, 7, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:5168(lp_servicenumber) lp_servicenumber: couldn't find homes [2015/08/14 19:16:42, 5, pid=12293, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:293(messaging_register) Registering messaging pointer for type 2 - private_data=(nil) [2015/08/14 19:16:42, 5, pid=12293, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:293(messaging_register) Registering messaging pointer for type 9 - private_data=(nil) [2015/08/14 19:16:42, 2, pid=12293, effective(0, 0), real(0, 0)] ../source3/lib/tallocmsg.c:124(register_msg_pool_usage) Registered MSG_REQ_POOL_USAGE [2015/08/14 19:16:42, 5, pid=12293, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:293(messaging_register) Registering messaging pointer for type 11 - private_data=(nil) [2015/08/14 19:16:42, 5, pid=12293, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:293(messaging_register) Registering messaging pointer for type 12 - private_data=(nil) [2015/08/14 19:16:42, 2, pid=12293, effective(0, 0), real(0, 0)] ../source3/lib/dmallocmsg.c:78(register_dmalloc_msgs) Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED [2015/08/14 19:16:42, 5, pid=12293, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:293(messaging_register) Registering messaging pointer for type 1 - private_data=(nil) [2015/08/14 19:16:42, 5, pid=12293, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:293(messaging_register) Registering messaging pointer for type 5 - private_data=(nil) [2015/08/14 19:16:42.767498, 3, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:4839(lp_load_ex) lp_load_ex: refreshing parameters [2015/08/14 19:16:42.767522, 5, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1488(free_param_opts) Freeing parametrics: [2015/08/14 19:16:42.767556, 3, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:750(init_globals) Initialising global parameters [2015/08/14 19:16:42.767582, 2, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:543(max_open_files) rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) [2015/08/14 19:16:42.767629, 3, pid=12293, effective(0, 0), real(0, 0)] ../lib/util/params.c:550(pm_process) params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" [2015/08/14 19:16:42.767656, 3, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:3565(do_section) Processing section "[global]" doing parameter unix password sync = yes doing parameter pam password change = yes doing parameter dns proxy = no doing parameter server string = %h server (Samba, Ubuntu) doing parameter debug level = 10 [2015/08/14 19:16:42.767744, 5, pid=12293, effective(0, 0), real(0, 0)] ../lib/util/debug.c:334(debug_dump_status) INFO: Current debug levels: all: 10 tdb: 10 printdrivers: 10 lanman: 10 smb: 10 rpc_parse: 10 rpc_srv: 10 rpc_cli: 10 passdb: 10 sam: 10 auth: 10 winbind: 10 vfs: 10 idmap: 10 quota: 10 acls: 10 locking: 10 msdfs: 10 dmapi: 10 registry: 10 scavenger: 10 dns: 10 ldb: 10 doing parameter read raw = no doing parameter obey pam restrictions = yes doing parameter ea support = Yes doing parameter panic action = /usr/share/samba/panic-action %d doing parameter write raw = no doing parameter server role = standalone server doing parameter log file = /var/log/samba/log.%m doing parameter max log size = 1000 doing parameter passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . doing parameter passdb backend = tdbsam doing parameter workgroup = WORKGROUP doing parameter map to guest = bad user doing parameter syslog = 0 doing parameter usershare allow guests = yes doing parameter passwd program = /usr/bin/passwd %u [2015/08/14 19:16:42.768134, 2, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:3582(do_section) Processing section "[printers]" [2015/08/14 19:16:42.768175, 8, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1620(add_a_service) add_a_service: Creating snum = 0 for printers [2015/08/14 19:16:42.768197, 10, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1661(hash_a_service) hash_a_service: creating servicehash [2015/08/14 19:16:42.768222, 10, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1670(hash_a_service) hash_a_service: hashing index 0 for service name printers doing parameter comment = All Printers doing parameter browseable = no doing parameter path = /var/spool/samba doing parameter printable = yes doing parameter guest ok = no doing parameter read only = yes doing parameter create mask = 0700 [2015/08/14 19:16:42.768353, 2, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:3582(do_section) Processing section "[print$]" [2015/08/14 19:16:42.768396, 8, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1620(add_a_service) add_a_service: Creating snum = 1 for print$ [2015/08/14 19:16:42.768419, 10, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1670(hash_a_service) hash_a_service: hashing index 1 for service name print$ doing parameter comment = Printer Drivers doing parameter path = /var/lib/samba/printers doing parameter browseable = yes doing parameter read only = yes doing parameter guest ok = no [2015/08/14 19:16:42.768501, 2, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:3582(do_section) Processing section "[documents]" [2015/08/14 19:16:42.768535, 8, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1620(add_a_service) add_a_service: Creating snum = 2 for documents [2015/08/14 19:16:42.768556, 10, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1670(hash_a_service) hash_a_service: hashing index 2 for service name documents doing parameter writeable = yes doing parameter path = /NAS/documents doing parameter write list = julie,psmedley [2015/08/14 19:16:42.768624, 2, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:3582(do_section) Processing section "[Public]" [2015/08/14 19:16:42.768658, 8, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1620(add_a_service) add_a_service: Creating snum = 3 for Public [2015/08/14 19:16:42.768685, 10, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1670(hash_a_service) hash_a_service: hashing index 3 for service name Public doing parameter writeable = yes doing parameter public = yes doing parameter path = /NAS/Public doing parameter write list = julie,psmedley [2015/08/14 19:16:42.768754, 2, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:3582(do_section) Processing section "[Multimedia]" [2015/08/14 19:16:42.768791, 8, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1620(add_a_service) add_a_service: Creating snum = 4 for Multimedia [2015/08/14 19:16:42.768813, 10, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1670(hash_a_service) hash_a_service: hashing index 4 for service name Multimedia doing parameter writeable = yes doing parameter path = /NAS/Multimedia doing parameter write list = julie,psmedley [2015/08/14 19:16:42.768868, 2, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:3582(do_section) Processing section "[Download]" [2015/08/14 19:16:42.768902, 8, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1620(add_a_service) add_a_service: Creating snum = 5 for Download [2015/08/14 19:16:42.768924, 10, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1670(hash_a_service) hash_a_service: hashing index 5 for service name Download doing parameter writeable = yes doing parameter path = /NAS/Download doing parameter write list = julie,psmedley [2015/08/14 19:16:42.768979, 2, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:3582(do_section) Processing section "[Web]" [2015/08/14 19:16:42.769013, 8, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1620(add_a_service) add_a_service: Creating snum = 6 for Web [2015/08/14 19:16:42.769034, 10, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1670(hash_a_service) hash_a_service: hashing index 6 for service name Web doing parameter writeable = yes doing parameter path = /www doing parameter write list = julie,psmedley [2015/08/14 19:16:42.769091, 4, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:4878(lp_load_ex) pm_process() returned Yes [2015/08/14 19:16:42.769122, 7, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:5168(lp_servicenumber) lp_servicenumber: couldn't find homes [2015/08/14 19:16:42.769158, 8, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1620(add_a_service) add_a_service: Creating snum = 7 for IPC$ [2015/08/14 19:16:42.769179, 10, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1670(hash_a_service) hash_a_service: hashing index 7 for service name IPC$ [2015/08/14 19:16:42.769204, 3, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1774(lp_add_ipc) adding IPC service [2015/08/14 19:16:42.769239, 6, pid=12293, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:2658(lp_file_list_changed) lp_file_list_changed() file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Fri Aug 14 19:16:36 2015 [2015/08/14 19:16:42.769526, 2, pid=12293, effective(0, 0), real(0, 0)] ../source3/lib/interface.c:341(add_interface) added interface eth0 ip=2001:470:67:5b0:a21d:48ff:fec7:ff5c bcast= netmask=ffff:ffff:ffff:ffff:: [2015/08/14 19:16:42.769567, 2, pid=12293, effective(0, 0), real(0, 0)] ../source3/lib/interface.c:341(add_interface) added interface eth0 ip=192.168.1.200 bcast=192.168.1.255 netmask=255.255.255.0 [2015/08/14 19:16:42.769617, 3, pid=12293, effective(0, 0), real(0, 0)] ../source3/smbd/server.c:1248(main) loaded services [2015/08/14 19:16:42.769647, 5, pid=12293, effective(0, 0), real(0, 0)] ../source3/lib/util_names.c:144(init_names) Netbios name list:- my_netbios_names[0]="NAS" [2015/08/14 19:16:42.769739, 3, pid=12293, effective(0, 0), real(0, 0)] ../source3/smbd/server.c:1280(main) Becoming a daemon. [2015/08/14 19:16:42.770565, 8, pid=12294, effective(0, 0), real(0, 0)] ../lib/util/util.c:391(fcntl_lock) fcntl_lock 10 6 0 1 1 [2015/08/14 19:16:42.770689, 8, pid=12294, effective(0, 0), real(0, 0)] ../lib/util/util.c:426(fcntl_lock) fcntl_lock: Lock call successful [2015/08/14 19:16:42.770984, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:77(smb_register_passdb) Attempting to register passdb backend smbpasswd [2015/08/14 19:16:42.771027, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:90(smb_register_passdb) Successfully added passdb backend 'smbpasswd' [2015/08/14 19:16:42.771053, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:77(smb_register_passdb) Attempting to register passdb backend tdbsam [2015/08/14 19:16:42.771079, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:90(smb_register_passdb) Successfully added passdb backend 'tdbsam' [2015/08/14 19:16:42.771100, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:77(smb_register_passdb) Attempting to register passdb backend wbc_sam [2015/08/14 19:16:42.771122, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:90(smb_register_passdb) Successfully added passdb backend 'wbc_sam' [2015/08/14 19:16:42.771142, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:77(smb_register_passdb) Attempting to register passdb backend samba_dsdb [2015/08/14 19:16:42.771166, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:90(smb_register_passdb) Successfully added passdb backend 'samba_dsdb' [2015/08/14 19:16:42.771186, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:77(smb_register_passdb) Attempting to register passdb backend samba4 [2015/08/14 19:16:42.771207, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:90(smb_register_passdb) Successfully added passdb backend 'samba4' [2015/08/14 19:16:42.771228, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:77(smb_register_passdb) Attempting to register passdb backend ldapsam [2015/08/14 19:16:42.771248, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:90(smb_register_passdb) Successfully added passdb backend 'ldapsam' [2015/08/14 19:16:42.771268, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:77(smb_register_passdb) Attempting to register passdb backend NDS_ldapsam [2015/08/14 19:16:42.771288, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:90(smb_register_passdb) Successfully added passdb backend 'NDS_ldapsam' [2015/08/14 19:16:42.771308, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:77(smb_register_passdb) Attempting to register passdb backend IPA_ldapsam [2015/08/14 19:16:42.771328, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:90(smb_register_passdb) Successfully added passdb backend 'IPA_ldapsam' [2015/08/14 19:16:42.771353, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:153(make_pdb_method_name) Attempting to find a passdb backend to match tdbsam (tdbsam) [2015/08/14 19:16:42.771375, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:174(make_pdb_method_name) Found pdb backend tdbsam [2015/08/14 19:16:42.771408, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:185(make_pdb_method_name) pdb backend tdbsam has a valid init [2015/08/14 19:16:42.771587, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:187(dbwrap_check_lock_order) check lock order 1 for /var/run/samba/smbXsrv_version_global.tdb [2015/08/14 19:16:42.771625, 10, pid=12294, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1:/var/run/samba/smbXsrv_version_global.tdb 2: 3: [2015/08/14 19:16:42.771654, 10, pid=12294, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 736D62587372765F7665 [2015/08/14 19:16:42.771687, 10, pid=12294, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x7f7a46227830 [2015/08/14 19:16:42.771823, 10, pid=12294, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 736D62587372765F7665 [2015/08/14 19:16:42.771854, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 1 for /var/run/samba/smbXsrv_version_global.tdb [2015/08/14 19:16:42.771877, 10, pid=12294, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2015/08/14 19:16:42.771900, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_version.c:245(smbXsrv_version_global_init) smbXsrv_version_global_init [2015/08/14 19:16:42.771920, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_version.c:246(smbXsrv_version_global_init) [2015/08/14 19:16:42.771935, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:296(ndr_print_debug) &global_blob: struct smbXsrv_version_globalB version : SMBXSRV_VERSION_0 (0) seqnum : 0x00000001 (1) info : union smbXsrv_version_globalU(case 0) info0 : * info0: struct smbXsrv_version_global0 db_rec : NULL num_nodes : 0x00000001 (1) nodes: ARRAY(1) nodes: struct smbXsrv_version_node0 server_id: struct server_id pid : 0x0000000000003006 (12294) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xa566ff877ac3c58f (-6528249652481636977) min_version : SMBXSRV_VERSION_0 (0) max_version : SMBXSRV_VERSION_0 (0) current_version : SMBXSRV_VERSION_0 (0) [2015/08/14 19:16:42.776789, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:293(messaging_register) Registering messaging pointer for type 784 - private_data=0x7f7a4622a5d0 [2015/08/14 19:16:42.776865, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:293(messaging_register) Registering messaging pointer for type 788 - private_data=0x7f7a4622ba60 [2015/08/14 19:16:42.776904, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:293(messaging_register) Registering messaging pointer for type 789 - private_data=0x7f7a4622c5f0 [2015/08/14 19:16:42.776999, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:759(regdb_init) regdb_init: registry db openend. refcount reset (1) [2015/08/14 19:16:42.777039, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:70(reghook_cache_init) reghook_cache_init: new tree with default ops 0x7f7a4516a440 for key [] [2015/08/14 19:16:42.777155, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1891(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports] [2015/08/14 19:16:42.777203, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[0]: name[Samba Printer Port] len[2] [2015/08/14 19:16:42.777240, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1891(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers] [2015/08/14 19:16:42.777273, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[0]: name[DefaultSpoolDirectory] len[70] [2015/08/14 19:16:42.777297, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1891(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] [2015/08/14 19:16:42.777327, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[0]: name[DisplayName] len[20] [2015/08/14 19:16:42.777352, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[1]: name[ErrorControl] len[4] [2015/08/14 19:16:42.777376, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1891(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] [2015/08/14 19:16:42.777405, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[0]: name[DisplayName] len[20] [2015/08/14 19:16:42.777428, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[1]: name[ErrorControl] len[4] [2015/08/14 19:16:42.777462, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:94(reghook_cache_add) reghook_cache_add: Adding ops 0x7f7a45679f80 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Printers] [2015/08/14 19:16:42.777487, 8, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:215(pathtree_add) pathtree_add: Enter [2015/08/14 19:16:42.777517, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:282(pathtree_add) pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Control\Print\Printers] to tree [2015/08/14 19:16:42.777539, 8, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:284(pathtree_add) pathtree_add: Exit [2015/08/14 19:16:42.777561, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:94(reghook_cache_add) reghook_cache_add: Adding ops 0x7f7a4516a440 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers] [2015/08/14 19:16:42.777583, 8, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:215(pathtree_add) pathtree_add: Enter [2015/08/14 19:16:42.777608, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:282(pathtree_add) pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers] to tree [2015/08/14 19:16:42.777630, 8, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:284(pathtree_add) pathtree_add: Exit [2015/08/14 19:16:42.777650, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:94(reghook_cache_add) reghook_cache_add: Adding ops 0x7f7a4516a440 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports] [2015/08/14 19:16:42.777671, 8, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:215(pathtree_add) pathtree_add: Enter [2015/08/14 19:16:42.777693, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:282(pathtree_add) pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports] to tree [2015/08/14 19:16:42.777714, 8, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:284(pathtree_add) pathtree_add: Exit [2015/08/14 19:16:42.777740, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:94(reghook_cache_add) reghook_cache_add: Adding ops 0x7f7a4567a000 for key [\HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares] [2015/08/14 19:16:42.777762, 8, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:215(pathtree_add) pathtree_add: Enter [2015/08/14 19:16:42.777786, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:282(pathtree_add) pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares] to tree [2015/08/14 19:16:42.777806, 8, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:284(pathtree_add) pathtree_add: Exit [2015/08/14 19:16:42.777827, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:94(reghook_cache_add) reghook_cache_add: Adding ops 0x7f7a441a1c40 for key [\HKLM\SOFTWARE\Samba\smbconf] [2015/08/14 19:16:42.777847, 8, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:215(pathtree_add) pathtree_add: Enter [2015/08/14 19:16:42.777868, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:282(pathtree_add) pathtree_add: Successfully added node [HKLM\SOFTWARE\Samba\smbconf] to tree [2015/08/14 19:16:42.777889, 8, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:284(pathtree_add) pathtree_add: Exit [2015/08/14 19:16:42.777909, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:94(reghook_cache_add) reghook_cache_add: Adding ops 0x7f7a4567a080 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] [2015/08/14 19:16:42.777930, 8, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:215(pathtree_add) pathtree_add: Enter [2015/08/14 19:16:42.777952, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:282(pathtree_add) pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] to tree [2015/08/14 19:16:42.777973, 8, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:284(pathtree_add) pathtree_add: Exit [2015/08/14 19:16:42.777994, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:94(reghook_cache_add) reghook_cache_add: Adding ops 0x7f7a4567a100 for key [\HKLM\SYSTEM\CurrentControlSet\Control\ProductOptions] [2015/08/14 19:16:42.778014, 8, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:215(pathtree_add) pathtree_add: Enter [2015/08/14 19:16:42.778036, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:282(pathtree_add) pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Control\ProductOptions] to tree [2015/08/14 19:16:42.778057, 8, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:284(pathtree_add) pathtree_add: Exit [2015/08/14 19:16:42.778077, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:94(reghook_cache_add) reghook_cache_add: Adding ops 0x7f7a4567a180 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] [2015/08/14 19:16:42.778098, 8, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:215(pathtree_add) pathtree_add: Enter [2015/08/14 19:16:42.778120, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:282(pathtree_add) pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] to tree [2015/08/14 19:16:42.778141, 8, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:284(pathtree_add) pathtree_add: Exit [2015/08/14 19:16:42.778161, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:94(reghook_cache_add) reghook_cache_add: Adding ops 0x7f7a4567a200 for key [\HKPT] [2015/08/14 19:16:42.778182, 8, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:215(pathtree_add) pathtree_add: Enter [2015/08/14 19:16:42.778207, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:282(pathtree_add) pathtree_add: Successfully added node [HKPT] to tree [2015/08/14 19:16:42.778228, 8, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:284(pathtree_add) pathtree_add: Exit [2015/08/14 19:16:42.778248, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:94(reghook_cache_add) reghook_cache_add: Adding ops 0x7f7a4567a280 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion] [2015/08/14 19:16:42.778269, 8, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:215(pathtree_add) pathtree_add: Enter [2015/08/14 19:16:42.778290, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:282(pathtree_add) pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion] to tree [2015/08/14 19:16:42.778310, 8, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:284(pathtree_add) pathtree_add: Exit [2015/08/14 19:16:42.778331, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:94(reghook_cache_add) reghook_cache_add: Adding ops 0x7f7a4567a300 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib] [2015/08/14 19:16:42.778352, 8, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:215(pathtree_add) pathtree_add: Enter [2015/08/14 19:16:42.778373, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:282(pathtree_add) pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib] to tree [2015/08/14 19:16:42.778394, 8, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:284(pathtree_add) pathtree_add: Exit [2015/08/14 19:16:42.778417, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (1->0) [2015/08/14 19:16:42.778620, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc) Finding user nobody [2015/08/14 19:16:42.778653, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is nobody [2015/08/14 19:16:42.779302, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals) Get_Pwnam_internals did find user [nobody]! [2015/08/14 19:16:42.779370, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc) Finding user NAS\nobody [2015/08/14 19:16:42.779394, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is nas\nobody [2015/08/14 19:16:42.780953, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:128(Get_Pwnam_internals) Trying _Get_Pwnam(), username as given is NAS\nobody [2015/08/14 19:16:42.781020, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:141(Get_Pwnam_internals) Trying _Get_Pwnam(), username as uppercase is NAS\NOBODY [2015/08/14 19:16:42.781066, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:153(Get_Pwnam_internals) Checking combinations of 0 uppercase letters in nas\nobody [2015/08/14 19:16:42.781088, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals) Get_Pwnam_internals didn't find user [NAS\nobody]! [2015/08/14 19:16:42.781110, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc) Finding user nobody [2015/08/14 19:16:42.781131, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is nobody [2015/08/14 19:16:42.781153, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals) Get_Pwnam_internals did find user [nobody]! [2015/08/14 19:16:42.781210, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:224(create_local_nt_token_from_info3) Create local NT token for nobody [2015/08/14 19:16:42.781613, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc) Finding user nobody [2015/08/14 19:16:42.781651, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is nobody [2015/08/14 19:16:42.781674, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals) Get_Pwnam_internals did find user [nobody]! [2015/08/14 19:16:42.781714, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/system_smbd.c:176(sys_getgrouplist) sys_getgrouplist: user [nobody] [2015/08/14 19:16:42.781844, 5, pid=12294, effective(0, 0), real(0, 0), class=tdb] ../source3/lib/gencache.c:67(gencache_init) Opening cache file at /var/cache/samba/gencache.tdb [2015/08/14 19:16:42.781950, 5, pid=12294, effective(0, 0), real(0, 0), class=tdb] ../source3/lib/gencache.c:110(gencache_init) Opening cache file at /var/run/samba/gencache_notrans.tdb [2015/08/14 19:16:42.782020, 10, pid=12294, effective(0, 0), real(0, 0), class=tdb] ../source3/lib/gencache.c:296(gencache_set_data_blob) Adding cache entry with key=[IDMAP/GID2SID/65534] and timeout=[Thu Jan 1 09:30:00 1970 ACST] (-1439545602 seconds in the past) [2015/08/14 19:16:42.782524, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1212(gid_to_sid) gid_to_sid: winbind failed to find a sid for gid 65534 [2015/08/14 19:16:42.782594, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.782627, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:485(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2015/08/14 19:16:42.782653, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.782679, 5, pid=12294, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2015/08/14 19:16:42.782704, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:629(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2015/08/14 19:16:42.782821, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2015/08/14 19:16:42.783821, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1075(legacy_gid_to_sid) LEGACY: gid 65534 -> sid S-1-22-2-65534 [2015/08/14 19:16:42.785353, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1442(sid_to_gid) sid S-1-5-32-544 -> gid 4294967295 [2015/08/14 19:16:42.785895, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1442(sid_to_gid) sid S-1-5-32-545 -> gid 4294967295 [2015/08/14 19:16:42.785965, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.785991, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:485(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2015/08/14 19:16:42.786013, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.786033, 5, pid=12294, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2015/08/14 19:16:42.786054, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:629(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2015/08/14 19:16:42.786150, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2015/08/14 19:16:42.786249, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-2926930320-515016158-3918064283-501] [2015/08/14 19:16:42.786283, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-2926930320-515016158-3918064283-514] [2015/08/14 19:16:42.786310, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges) get_privileges: No privileges assigned to SID [S-1-22-2-65534] [2015/08/14 19:16:42.786337, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:176(get_privileges_for_sids) get_privileges_for_sids: sid = S-1-1-0 Privilege set: 0x0 [2015/08/14 19:16:42.786370, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-2] [2015/08/14 19:16:42.786396, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-32-546] [2015/08/14 19:16:42.786442, 10, pid=12294, effective(0, 0), real(0, 0), class=tdb] ../source3/lib/gencache.c:296(gencache_set_data_blob) Adding cache entry with key=[IDMAP/SID2XID/S-1-5-21-2926930320-515016158-3918064283-501] and timeout=[Thu Jan 1 09:30:00 1970 ACST] (-1439545602 seconds in the past) [2015/08/14 19:16:42.787483, 10, pid=12294, effective(0, 0), real(0, 0), class=tdb] ../source3/lib/gencache.c:296(gencache_set_data_blob) Adding cache entry with key=[IDMAP/SID2XID/S-1-5-21-2926930320-515016158-3918064283-514] and timeout=[Thu Jan 1 09:30:00 1970 ACST] (-1439545602 seconds in the past) [2015/08/14 19:16:42.787974, 10, pid=12294, effective(0, 0), real(0, 0), class=tdb] ../source3/lib/gencache.c:296(gencache_set_data_blob) Adding cache entry with key=[IDMAP/SID2XID/S-1-5-32-546] and timeout=[Thu Jan 1 09:30:00 1970 ACST] (-1439545602 seconds in the past) [2015/08/14 19:16:42.789756, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.789820, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:485(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2015/08/14 19:16:42.789844, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.789866, 5, pid=12294, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2015/08/14 19:16:42.789887, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:629(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2015/08/14 19:16:42.789943, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1712(lookup_global_sam_rid) lookup_global_sam_rid: looking up RID 501. [2015/08/14 19:16:42.789972, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2015/08/14 19:16:42.789993, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:485(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2015/08/14 19:16:42.790014, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2015/08/14 19:16:42.790035, 5, pid=12294, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2015/08/14 19:16:42.790055, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:629(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2015/08/14 19:16:42.790087, 6, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:413(pdb_getsampwsid) pdb_getsampwsid: Building guest account [2015/08/14 19:16:42.790123, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc) Finding user nobody [2015/08/14 19:16:42.790146, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is nobody [2015/08/14 19:16:42.790169, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals) Get_Pwnam_internals did find user [nobody]! [2015/08/14 19:16:42.790193, 10, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:570(pdb_set_username) pdb_set_username: setting username nobody, was [2015/08/14 19:16:42.790221, 10, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:639(pdb_set_fullname) pdb_set_full_name: setting full name nobody, was [2015/08/14 19:16:42.790246, 10, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:593(pdb_set_domain) pdb_set_domain: setting domain NAS, was [2015/08/14 19:16:42.790271, 10, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:495(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-2926930320-515016158-3918064283-501 [2015/08/14 19:16:42.790296, 10, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_compat.c:73(pdb_set_user_sid_from_rid) pdb_set_user_sid_from_rid: setting user sid S-1-5-21-2926930320-515016158-3918064283-501 from rid 501 [2015/08/14 19:16:42.790331, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.790356, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc) Finding user nobody [2015/08/14 19:16:42.790377, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is nobody [2015/08/14 19:16:42.790398, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals) Get_Pwnam_internals did find user [nobody]! [2015/08/14 19:16:42.790421, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2015/08/14 19:16:42.790443, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.790463, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:485(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2015/08/14 19:16:42.790483, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.790503, 5, pid=12294, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2015/08/14 19:16:42.790523, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:629(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2015/08/14 19:16:42.790555, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1712(lookup_global_sam_rid) lookup_global_sam_rid: looking up RID 501. [2015/08/14 19:16:42.790578, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2015/08/14 19:16:42.790598, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:485(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2015/08/14 19:16:42.790618, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2015/08/14 19:16:42.790638, 5, pid=12294, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2015/08/14 19:16:42.790663, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:629(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2015/08/14 19:16:42.790695, 6, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:413(pdb_getsampwsid) pdb_getsampwsid: Building guest account [2015/08/14 19:16:42.790716, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc) Finding user nobody [2015/08/14 19:16:42.790736, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is nobody [2015/08/14 19:16:42.790757, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals) Get_Pwnam_internals did find user [nobody]! [2015/08/14 19:16:42.790778, 10, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:570(pdb_set_username) pdb_set_username: setting username nobody, was [2015/08/14 19:16:42.790799, 10, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:639(pdb_set_fullname) pdb_set_full_name: setting full name nobody, was [2015/08/14 19:16:42.790820, 10, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:593(pdb_set_domain) pdb_set_domain: setting domain NAS, was [2015/08/14 19:16:42.790843, 10, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:495(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-2926930320-515016158-3918064283-501 [2015/08/14 19:16:42.790866, 10, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_compat.c:73(pdb_set_user_sid_from_rid) pdb_set_user_sid_from_rid: setting user sid S-1-5-21-2926930320-515016158-3918064283-501 from rid 501 [2015/08/14 19:16:42.790899, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.790922, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc) Finding user nobody [2015/08/14 19:16:42.790943, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is nobody [2015/08/14 19:16:42.790963, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals) Get_Pwnam_internals did find user [nobody]! [2015/08/14 19:16:42.790986, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2015/08/14 19:16:42.791008, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.791028, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:485(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2015/08/14 19:16:42.791048, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.791068, 5, pid=12294, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2015/08/14 19:16:42.791087, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:629(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2015/08/14 19:16:42.791118, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1712(lookup_global_sam_rid) lookup_global_sam_rid: looking up RID 514. [2015/08/14 19:16:42.791140, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2015/08/14 19:16:42.791161, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:485(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2015/08/14 19:16:42.791189, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2015/08/14 19:16:42.791209, 5, pid=12294, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2015/08/14 19:16:42.791229, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:629(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2015/08/14 19:16:42.791320, 4, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_tdb.c:552(tdbsam_open) tdbsam_open: successfully opened /var/lib/samba/private/passdb.tdb [2015/08/14 19:16:42.791350, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_tdb.c:646(tdbsam_getsampwrid) pdb_getsampwrid (TDB): error looking up RID 514 by key RID_00000202. [2015/08/14 19:16:42.791386, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.791411, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1788(lookup_global_sam_rid) Can't find a unix id for an unmapped group [2015/08/14 19:16:42.791431, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1498(pdb_default_sid_to_id) SID S-1-5-21-2926930320-515016158-3918064283-514 is or domain, but is unmapped [2015/08/14 19:16:42.791456, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2015/08/14 19:16:42.791477, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1094(legacy_sid_to_unixid) LEGACY: mapping failed for sid S-1-5-21-2926930320-515016158-3918064283-514 [2015/08/14 19:16:42.791500, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.791520, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:485(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2015/08/14 19:16:42.791541, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.791561, 5, pid=12294, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2015/08/14 19:16:42.791580, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:629(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2015/08/14 19:16:42.791612, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1712(lookup_global_sam_rid) lookup_global_sam_rid: looking up RID 514. [2015/08/14 19:16:42.791634, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2015/08/14 19:16:42.791655, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:485(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2015/08/14 19:16:42.791675, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2015/08/14 19:16:42.791695, 5, pid=12294, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2015/08/14 19:16:42.791714, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:629(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2015/08/14 19:16:42.791747, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_tdb.c:646(tdbsam_getsampwrid) pdb_getsampwrid (TDB): error looking up RID 514 by key RID_00000202. [2015/08/14 19:16:42.791782, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.791805, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1788(lookup_global_sam_rid) Can't find a unix id for an unmapped group [2015/08/14 19:16:42.791825, 5, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1498(pdb_default_sid_to_id) SID S-1-5-21-2926930320-515016158-3918064283-514 is or domain, but is unmapped [2015/08/14 19:16:42.791850, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2015/08/14 19:16:42.791871, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1094(legacy_sid_to_unixid) LEGACY: mapping failed for sid S-1-5-21-2926930320-515016158-3918064283-514 [2015/08/14 19:16:42.791893, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.791913, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:485(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2015/08/14 19:16:42.791933, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.791953, 5, pid=12294, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2015/08/14 19:16:42.791972, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:629(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2015/08/14 19:16:42.792010, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2015/08/14 19:16:42.792033, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1094(legacy_sid_to_unixid) LEGACY: mapping failed for sid S-1-1-0 [2015/08/14 19:16:42.792055, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.792075, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:485(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2015/08/14 19:16:42.792095, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.792115, 5, pid=12294, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2015/08/14 19:16:42.792134, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:629(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2015/08/14 19:16:42.792167, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2015/08/14 19:16:42.792189, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1094(legacy_sid_to_unixid) LEGACY: mapping failed for sid S-1-1-0 [2015/08/14 19:16:42.792211, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.792231, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:485(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2015/08/14 19:16:42.792251, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.792271, 5, pid=12294, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2015/08/14 19:16:42.792290, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:629(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2015/08/14 19:16:42.792328, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2015/08/14 19:16:42.792349, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1094(legacy_sid_to_unixid) LEGACY: mapping failed for sid S-1-5-2 [2015/08/14 19:16:42.792371, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.792391, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:485(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2015/08/14 19:16:42.792411, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.792430, 5, pid=12294, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2015/08/14 19:16:42.792450, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:629(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2015/08/14 19:16:42.792482, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2015/08/14 19:16:42.792503, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1094(legacy_sid_to_unixid) LEGACY: mapping failed for sid S-1-5-2 [2015/08/14 19:16:42.792524, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.792544, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:485(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2015/08/14 19:16:42.792563, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.792601, 5, pid=12294, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2015/08/14 19:16:42.792621, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:629(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2015/08/14 19:16:42.792660, 10, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1526(pdb_default_sid_to_id) Could not find map for sid S-1-5-32-546 [2015/08/14 19:16:42.792687, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2015/08/14 19:16:42.792708, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1094(legacy_sid_to_unixid) LEGACY: mapping failed for sid S-1-5-32-546 [2015/08/14 19:16:42.792729, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.792750, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:485(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2015/08/14 19:16:42.792770, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.792791, 5, pid=12294, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2015/08/14 19:16:42.792811, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:629(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2015/08/14 19:16:42.792847, 10, pid=12294, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1526(pdb_default_sid_to_id) Could not find map for sid S-1-5-32-546 [2015/08/14 19:16:42.792873, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2015/08/14 19:16:42.792899, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1094(legacy_sid_to_unixid) LEGACY: mapping failed for sid S-1-5-32-546 [2015/08/14 19:16:42.792922, 10, pid=12294, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_util.c:585(create_local_token) Could not convert SID S-1-5-21-2926930320-515016158-3918064283-514 to gid, ignoring it [2015/08/14 19:16:42.792949, 10, pid=12294, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_util.c:585(create_local_token) Could not convert SID S-1-1-0 to gid, ignoring it [2015/08/14 19:16:42.792971, 10, pid=12294, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_util.c:585(create_local_token) Could not convert SID S-1-5-2 to gid, ignoring it [2015/08/14 19:16:42.792992, 10, pid=12294, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_util.c:585(create_local_token) Could not convert SID S-1-5-32-546 to gid, ignoring it [2015/08/14 19:16:42.793023, 10, pid=12294, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:63(security_token_debug) Security token SIDs (7): SID[ 0]: S-1-5-21-2926930320-515016158-3918064283-501 SID[ 1]: S-1-5-21-2926930320-515016158-3918064283-514 SID[ 2]: S-1-22-2-65534 SID[ 3]: S-1-1-0 SID[ 4]: S-1-5-2 SID[ 5]: S-1-5-32-546 SID[ 6]: S-1-22-1-65534 Privileges (0x 0): Rights (0x 0): [2015/08/14 19:16:42.793198, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:629(debug_unix_user_token) UNIX token of user 65534 Primary group is 65534 and contains 1 supplementary groups Group[ 0]: 65534 [2015/08/14 19:16:42.801112, 3, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/rpc_server/svcctl/srv_svcctl_reg.c:565(svcctl_init_winreg) Initialise the svcctl registry keys if needed. [2015/08/14 19:16:42.801182, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.801207, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:485(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2015/08/14 19:16:42.801229, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.801250, 5, pid=12294, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2015/08/14 19:16:42.801272, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:629(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2015/08/14 19:16:42.801369, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2015/08/14 19:16:42.801397, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:866(regdb_open) regdb_open: registry db opened. refcount reset (1) [2015/08/14 19:16:42.801503, 4, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_ncacn_np.c:60(make_internal_rpc_pipe_p) Create pipe requested \winreg [2015/08/14 19:16:42.801538, 10, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:221(init_pipe_handles) init_pipe_handle_list: created handle list for pipe \winreg [2015/08/14 19:16:42.801561, 10, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:238(init_pipe_handles) init_pipe_handle_list: pipe_handles ref count = 1 for pipe \winreg [2015/08/14 19:16:42.801728, 4, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_ncacn_np.c:100(make_internal_rpc_pipe_p) Created internal pipe \winreg [2015/08/14 19:16:42.801805, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_OpenHKLM: struct winreg_OpenHKLM in: struct winreg_OpenHKLM system_name : NULL access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY [2015/08/14 19:16:42.803568, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [HKLM] [2015/08/14 19:16:42.803611, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (1->2) [2015/08/14 19:16:42.803639, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM] [2015/08/14 19:16:42.803663, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM] [2015/08/14 19:16:42.803685, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.803706, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM] [2015/08/14 19:16:42.803782, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:302(create_rpc_handle_internal) Opened policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.803839, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_OpenHKLM: struct winreg_OpenHKLM out: struct winreg_OpenHKLM handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-cd55-02b906300000 result : WERR_OK [2015/08/14 19:16:42.804044, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_OpenKey: struct winreg_OpenKey in: struct winreg_OpenKey parent_handle : * parent_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-cd55-02b906300000 keyname: struct winreg_String name_len : 0x0044 (68) name_size : 0x0044 (68) name : * name : 'SYSTEM\CurrentControlSet\Services' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY [2015/08/14 19:16:42.804329, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.804391, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [SYSTEM] [2015/08/14 19:16:42.804414, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (2->3) [2015/08/14 19:16:42.804437, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] [2015/08/14 19:16:42.804457, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM] [2015/08/14 19:16:42.804478, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.804498, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM] [2015/08/14 19:16:42.804530, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [CurrentControlSet] [2015/08/14 19:16:42.804554, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (3->4) [2015/08/14 19:16:42.804593, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.804617, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.804638, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.804657, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.804688, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Services] [2015/08/14 19:16:42.804711, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.804732, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.804752, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.804774, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.804793, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.804834, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.804858, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (4->3) [2015/08/14 19:16:42.804879, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:302(create_rpc_handle_internal) Opened policy hnd[2] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.804931, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_OpenKey: struct winreg_OpenKey out: struct winreg_OpenKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-cd55-02b906300000 result : WERR_OK [2015/08/14 19:16:42.805038, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_QueryInfoKey: struct winreg_QueryInfoKey in: struct winreg_QueryInfoKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-cd55-02b906300000 classname : * classname: struct winreg_String name_len : 0x0000 (0) name_size : 0x0000 (0) name : NULL [2015/08/14 19:16:42.805160, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.805210, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_dispatcher.c:151(fetch_reg_values) fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services' (ops 0x7f7a4516a440) [2015/08/14 19:16:42.805232, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1891(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.805258, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc) regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.805298, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_QueryInfoKey: struct winreg_QueryInfoKey out: struct winreg_QueryInfoKey classname : * classname: struct winreg_String name_len : 0x0000 (0) name_size : 0x0000 (0) name : NULL num_subkeys : * num_subkeys : 0x00000007 (7) max_subkeylen : * max_subkeylen : 0x0000001c (28) max_classlen : * max_classlen : 0x00000000 (0) num_values : * num_values : 0x00000000 (0) max_valnamelen : * max_valnamelen : 0x00000002 (2) max_valbufsize : * max_valbufsize : 0x00000000 (0) secdescsize : * secdescsize : 0x00000078 (120) last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK [2015/08/14 19:16:42.805572, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey in: struct winreg_EnumKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-cd55-02b906300000 enum_index : 0x00000000 (0) name : * name: struct winreg_StringBuf length : 0x0000 (0) size : 0x001e (30) name : * name : '' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) [2015/08/14 19:16:42.806728, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.806777, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:422(_winreg_EnumKey) _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.806801, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey out: struct winreg_EnumKey name : * name: struct winreg_StringBuf length : 0x001a (26) size : 0x001e (30) name : * name : 'LanmanServer' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK [2015/08/14 19:16:42.806987, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey in: struct winreg_EnumKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-cd55-02b906300000 enum_index : 0x00000001 (1) name : * name: struct winreg_StringBuf length : 0x0000 (0) size : 0x001e (30) name : * name : '' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) [2015/08/14 19:16:42.807193, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.807244, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:422(_winreg_EnumKey) _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.807267, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey out: struct winreg_EnumKey name : * name: struct winreg_StringBuf length : 0x0012 (18) size : 0x001e (30) name : * name : 'Eventlog' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK [2015/08/14 19:16:42.807447, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey in: struct winreg_EnumKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-cd55-02b906300000 enum_index : 0x00000002 (2) name : * name: struct winreg_StringBuf length : 0x0000 (0) size : 0x001e (30) name : * name : '' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) [2015/08/14 19:16:42.807650, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.807696, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:422(_winreg_EnumKey) _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.807717, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey out: struct winreg_EnumKey name : * name: struct winreg_StringBuf length : 0x000c (12) size : 0x001e (30) name : * name : 'Tcpip' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK [2015/08/14 19:16:42.807893, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey in: struct winreg_EnumKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-cd55-02b906300000 enum_index : 0x00000003 (3) name : * name: struct winreg_StringBuf length : 0x0000 (0) size : 0x001e (30) name : * name : '' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) [2015/08/14 19:16:42.808102, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.808148, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:422(_winreg_EnumKey) _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.808169, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey out: struct winreg_EnumKey name : * name: struct winreg_StringBuf length : 0x0012 (18) size : 0x001e (30) name : * name : 'Netlogon' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK [2015/08/14 19:16:42.808345, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey in: struct winreg_EnumKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-cd55-02b906300000 enum_index : 0x00000004 (4) name : * name: struct winreg_StringBuf length : 0x0000 (0) size : 0x001e (30) name : * name : '' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) [2015/08/14 19:16:42.808550, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.808659, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:422(_winreg_EnumKey) _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.808682, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey out: struct winreg_EnumKey name : * name: struct winreg_StringBuf length : 0x0010 (16) size : 0x001e (30) name : * name : 'Spooler' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK [2015/08/14 19:16:42.808862, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey in: struct winreg_EnumKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-cd55-02b906300000 enum_index : 0x00000005 (5) name : * name: struct winreg_StringBuf length : 0x0000 (0) size : 0x001e (30) name : * name : '' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) [2015/08/14 19:16:42.809064, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.809110, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:422(_winreg_EnumKey) _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.809131, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey out: struct winreg_EnumKey name : * name: struct winreg_StringBuf length : 0x001e (30) size : 0x001e (30) name : * name : 'RemoteRegistry' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK [2015/08/14 19:16:42.809311, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey in: struct winreg_EnumKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-cd55-02b906300000 enum_index : 0x00000006 (6) name : * name: struct winreg_StringBuf length : 0x0000 (0) size : 0x001e (30) name : * name : '' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) [2015/08/14 19:16:42.809514, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.809560, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:422(_winreg_EnumKey) _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.809581, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey out: struct winreg_EnumKey name : * name: struct winreg_StringBuf length : 0x000a (10) size : 0x001e (30) name : * name : 'WINS' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK [2015/08/14 19:16:42.809781, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0054 (84) name_size : 0x0054 (84) name : * name : 'SYSTEM\CurrentControlSet\Services\Spooler' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_ACTION_NONE (0) [2015/08/14 19:16:42.810106, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.810153, 10, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:785(_winreg_CreateKey) _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\Spooler' [2015/08/14 19:16:42.810187, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.810214, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.810236, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [SYSTEM] [2015/08/14 19:16:42.810257, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (3->4) [2015/08/14 19:16:42.810279, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] [2015/08/14 19:16:42.810300, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM] [2015/08/14 19:16:42.810321, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.810341, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM] [2015/08/14 19:16:42.810376, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.810401, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [CurrentControlSet] [2015/08/14 19:16:42.810422, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.810444, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.810464, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.810485, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.810505, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.810537, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.810565, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.810587, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Services] [2015/08/14 19:16:42.810608, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.810630, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.810650, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.810671, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.810690, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.810730, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.810753, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Spooler] [2015/08/14 19:16:42.810774, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.810796, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] [2015/08/14 19:16:42.810816, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] [2015/08/14 19:16:42.810838, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.810857, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] [2015/08/14 19:16:42.810887, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.810910, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:302(create_rpc_handle_internal) Opened policy hnd[3] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.810956, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-cd55-02b906300000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK [2015/08/14 19:16:42.811089, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x000c (12) name_size : 0x000c (12) name : * name : 'Start' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x02 (2) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2015/08/14 19:16:42.811296, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.811342, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:Start] [2015/08/14 19:16:42.811366, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.811388, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_dispatcher.c:151(fetch_reg_values) fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\Spooler' (ops 0x7f7a4516a440) [2015/08/14 19:16:42.811410, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1891(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler] [2015/08/14 19:16:42.811441, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[0]: name[Start] len[4] [2015/08/14 19:16:42.811465, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[1]: name[Type] len[4] [2015/08/14 19:16:42.811488, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[2]: name[ErrorControl] len[4] [2015/08/14 19:16:42.811510, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[3]: name[ObjectName] len[24] [2015/08/14 19:16:42.811532, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[4]: name[DisplayName] len[28] [2015/08/14 19:16:42.811554, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[5]: name[Description] len[106] [2015/08/14 19:16:42.811576, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[6]: name[ImagePath] len[88] [2015/08/14 19:16:42.811599, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.811652, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x000a (10) name_size : 0x000a (10) name : * name : 'Type' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x10 (16) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2015/08/14 19:16:42.811849, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.811895, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:Type] [2015/08/14 19:16:42.811917, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.811939, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.811990, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x001a (26) name_size : 0x001a (26) name : * name : 'ErrorControl' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2015/08/14 19:16:42.812179, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.812225, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:ErrorControl] [2015/08/14 19:16:42.812247, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.812269, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.812339, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0016 (22) name_size : 0x0016 (22) name : * name : 'ObjectName' type : REG_SZ (1) data : * data: ARRAY(24) [0] : 0x4c (76) [1] : 0x00 (0) [2] : 0x6f (111) [3] : 0x00 (0) [4] : 0x63 (99) [5] : 0x00 (0) [6] : 0x61 (97) [7] : 0x00 (0) [8] : 0x6c (108) [9] : 0x00 (0) [10] : 0x53 (83) [11] : 0x00 (0) [12] : 0x79 (121) [13] : 0x00 (0) [14] : 0x73 (115) [15] : 0x00 (0) [16] : 0x74 (116) [17] : 0x00 (0) [18] : 0x65 (101) [19] : 0x00 (0) [20] : 0x6d (109) [21] : 0x00 (0) [22] : 0x00 (0) [23] : 0x00 (0) size : 0x00000018 (24) [2015/08/14 19:16:42.812887, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.812934, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:ObjectName] [2015/08/14 19:16:42.812957, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.812979, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.813039, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'DisplayName' type : REG_SZ (1) data : * data: ARRAY(28) [0] : 0x50 (80) [1] : 0x00 (0) [2] : 0x72 (114) [3] : 0x00 (0) [4] : 0x69 (105) [5] : 0x00 (0) [6] : 0x6e (110) [7] : 0x00 (0) [8] : 0x74 (116) [9] : 0x00 (0) [10] : 0x20 (32) [11] : 0x00 (0) [12] : 0x53 (83) [13] : 0x00 (0) [14] : 0x70 (112) [15] : 0x00 (0) [16] : 0x6f (111) [17] : 0x00 (0) [18] : 0x6f (111) [19] : 0x00 (0) [20] : 0x6c (108) [21] : 0x00 (0) [22] : 0x65 (101) [23] : 0x00 (0) [24] : 0x72 (114) [25] : 0x00 (0) [26] : 0x00 (0) [27] : 0x00 (0) size : 0x0000001c (28) [2015/08/14 19:16:42.813462, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.813508, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:DisplayName] [2015/08/14 19:16:42.813530, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.813553, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.813605, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0014 (20) name_size : 0x0014 (20) name : * name : 'ImagePath' type : REG_SZ (1) data : * data: ARRAY(88) [0] : 0x2f (47) [1] : 0x00 (0) [2] : 0x75 (117) [3] : 0x00 (0) [4] : 0x73 (115) [5] : 0x00 (0) [6] : 0x72 (114) [7] : 0x00 (0) [8] : 0x2f (47) [9] : 0x00 (0) [10] : 0x6c (108) [11] : 0x00 (0) [12] : 0x69 (105) [13] : 0x00 (0) [14] : 0x62 (98) [15] : 0x00 (0) [16] : 0x2f (47) [17] : 0x00 (0) [18] : 0x78 (120) [19] : 0x00 (0) [20] : 0x38 (56) [21] : 0x00 (0) [22] : 0x36 (54) [23] : 0x00 (0) [24] : 0x5f (95) [25] : 0x00 (0) [26] : 0x36 (54) [27] : 0x00 (0) [28] : 0x34 (52) [29] : 0x00 (0) [30] : 0x2d (45) [31] : 0x00 (0) [32] : 0x6c (108) [33] : 0x00 (0) [34] : 0x69 (105) [35] : 0x00 (0) [36] : 0x6e (110) [37] : 0x00 (0) [38] : 0x75 (117) [39] : 0x00 (0) [40] : 0x78 (120) [41] : 0x00 (0) [42] : 0x2d (45) [43] : 0x00 (0) [44] : 0x67 (103) [45] : 0x00 (0) [46] : 0x6e (110) [47] : 0x00 (0) [48] : 0x75 (117) [49] : 0x00 (0) [50] : 0x2f (47) [51] : 0x00 (0) [52] : 0x73 (115) [53] : 0x00 (0) [54] : 0x61 (97) [55] : 0x00 (0) [56] : 0x6d (109) [57] : 0x00 (0) [58] : 0x62 (98) [59] : 0x00 (0) [60] : 0x61 (97) [61] : 0x00 (0) [62] : 0x2f (47) [63] : 0x00 (0) [64] : 0x73 (115) [65] : 0x00 (0) [66] : 0x76 (118) [67] : 0x00 (0) [68] : 0x63 (99) [69] : 0x00 (0) [70] : 0x63 (99) [71] : 0x00 (0) [72] : 0x74 (116) [73] : 0x00 (0) [74] : 0x6c (108) [75] : 0x00 (0) [76] : 0x2f (47) [77] : 0x00 (0) [78] : 0x73 (115) [79] : 0x00 (0) [80] : 0x6d (109) [81] : 0x00 (0) [82] : 0x62 (98) [83] : 0x00 (0) [84] : 0x64 (100) [85] : 0x00 (0) [86] : 0x00 (0) [87] : 0x00 (0) size : 0x00000058 (88) [2015/08/14 19:16:42.814601, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.814647, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:ImagePath] [2015/08/14 19:16:42.814669, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.814692, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.814743, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'Description' type : REG_SZ (1) data : * data: ARRAY(106) [0] : 0x49 (73) [1] : 0x00 (0) [2] : 0x6e (110) [3] : 0x00 (0) [4] : 0x74 (116) [5] : 0x00 (0) [6] : 0x65 (101) [7] : 0x00 (0) [8] : 0x72 (114) [9] : 0x00 (0) [10] : 0x6e (110) [11] : 0x00 (0) [12] : 0x61 (97) [13] : 0x00 (0) [14] : 0x6c (108) [15] : 0x00 (0) [16] : 0x20 (32) [17] : 0x00 (0) [18] : 0x73 (115) [19] : 0x00 (0) [20] : 0x65 (101) [21] : 0x00 (0) [22] : 0x72 (114) [23] : 0x00 (0) [24] : 0x76 (118) [25] : 0x00 (0) [26] : 0x69 (105) [27] : 0x00 (0) [28] : 0x63 (99) [29] : 0x00 (0) [30] : 0x65 (101) [31] : 0x00 (0) [32] : 0x20 (32) [33] : 0x00 (0) [34] : 0x66 (102) [35] : 0x00 (0) [36] : 0x6f (111) [37] : 0x00 (0) [38] : 0x72 (114) [39] : 0x00 (0) [40] : 0x20 (32) [41] : 0x00 (0) [42] : 0x73 (115) [43] : 0x00 (0) [44] : 0x70 (112) [45] : 0x00 (0) [46] : 0x6f (111) [47] : 0x00 (0) [48] : 0x6f (111) [49] : 0x00 (0) [50] : 0x6c (108) [51] : 0x00 (0) [52] : 0x69 (105) [53] : 0x00 (0) [54] : 0x6e (110) [55] : 0x00 (0) [56] : 0x67 (103) [57] : 0x00 (0) [58] : 0x20 (32) [59] : 0x00 (0) [60] : 0x66 (102) [61] : 0x00 (0) [62] : 0x69 (105) [63] : 0x00 (0) [64] : 0x6c (108) [65] : 0x00 (0) [66] : 0x65 (101) [67] : 0x00 (0) [68] : 0x73 (115) [69] : 0x00 (0) [70] : 0x20 (32) [71] : 0x00 (0) [72] : 0x74 (116) [73] : 0x00 (0) [74] : 0x6f (111) [75] : 0x00 (0) [76] : 0x20 (32) [77] : 0x00 (0) [78] : 0x70 (112) [79] : 0x00 (0) [80] : 0x72 (114) [81] : 0x00 (0) [82] : 0x69 (105) [83] : 0x00 (0) [84] : 0x6e (110) [85] : 0x00 (0) [86] : 0x74 (116) [87] : 0x00 (0) [88] : 0x20 (32) [89] : 0x00 (0) [90] : 0x64 (100) [91] : 0x00 (0) [92] : 0x65 (101) [93] : 0x00 (0) [94] : 0x76 (118) [95] : 0x00 (0) [96] : 0x69 (105) [97] : 0x00 (0) [98] : 0x63 (99) [99] : 0x00 (0) [100] : 0x65 (101) [101] : 0x00 (0) [102] : 0x73 (115) [103] : 0x00 (0) [104] : 0x00 (0) [105] : 0x00 (0) size : 0x0000006a (106) [2015/08/14 19:16:42.815909, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.815956, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:Description] [2015/08/14 19:16:42.815978, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.816001, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.816066, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-cd55-02b906300000 [2015/08/14 19:16:42.816138, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.816185, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.816230, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:386(close_policy_hnd) Closed policy [2015/08/14 19:16:42.816252, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (4->3) [2015/08/14 19:16:42.816273, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK [2015/08/14 19:16:42.816364, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0066 (102) name_size : 0x0066 (102) name : * name : 'SYSTEM\CurrentControlSet\Services\Spooler\Security' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) [2015/08/14 19:16:42.816710, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.816758, 10, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:785(_winreg_CreateKey) _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\Spooler\Security' [2015/08/14 19:16:42.816781, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.816803, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.816824, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [SYSTEM] [2015/08/14 19:16:42.816846, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (3->4) [2015/08/14 19:16:42.816868, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] [2015/08/14 19:16:42.816888, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM] [2015/08/14 19:16:42.816909, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.816929, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM] [2015/08/14 19:16:42.816961, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.816984, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [CurrentControlSet] [2015/08/14 19:16:42.817005, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.817032, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.817053, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.817073, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.817093, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.817124, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.817147, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.817168, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Services] [2015/08/14 19:16:42.817189, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.817211, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.817231, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.817252, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.817272, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.817312, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.817335, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.817356, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Spooler] [2015/08/14 19:16:42.817377, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.817398, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] [2015/08/14 19:16:42.817418, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] [2015/08/14 19:16:42.817440, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.817460, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] [2015/08/14 19:16:42.817490, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.817517, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Security] [2015/08/14 19:16:42.817538, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.817560, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security] [2015/08/14 19:16:42.817580, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security] [2015/08/14 19:16:42.817601, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.817621, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security] [2015/08/14 19:16:42.817648, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.817670, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:302(create_rpc_handle_internal) Opened policy hnd[3] [0000] 00 00 00 00 04 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.817716, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000004-0000-0000-cd55-02b906300000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK [2015/08/14 19:16:42.817861, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000004-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0012 (18) name_size : 0x0012 (18) name : * name : 'Security' type : REG_BINARY (3) data : * data: ARRAY(120) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x04 (4) [3] : 0x80 (128) [4] : 0x00 (0) [5] : 0x00 (0) [6] : 0x00 (0) [7] : 0x00 (0) [8] : 0x00 (0) [9] : 0x00 (0) [10] : 0x00 (0) [11] : 0x00 (0) [12] : 0x00 (0) [13] : 0x00 (0) [14] : 0x00 (0) [15] : 0x00 (0) [16] : 0x14 (20) [17] : 0x00 (0) [18] : 0x00 (0) [19] : 0x00 (0) [20] : 0x02 (2) [21] : 0x00 (0) [22] : 0x64 (100) [23] : 0x00 (0) [24] : 0x04 (4) [25] : 0x00 (0) [26] : 0x00 (0) [27] : 0x00 (0) [28] : 0x00 (0) [29] : 0x00 (0) [30] : 0x14 (20) [31] : 0x00 (0) [32] : 0x8d (141) [33] : 0x01 (1) [34] : 0x02 (2) [35] : 0x00 (0) [36] : 0x01 (1) [37] : 0x01 (1) [38] : 0x00 (0) [39] : 0x00 (0) [40] : 0x00 (0) [41] : 0x00 (0) [42] : 0x00 (0) [43] : 0x01 (1) [44] : 0x00 (0) [45] : 0x00 (0) [46] : 0x00 (0) [47] : 0x00 (0) [48] : 0x00 (0) [49] : 0x00 (0) [50] : 0x18 (24) [51] : 0x00 (0) [52] : 0xfd (253) [53] : 0x01 (1) [54] : 0x02 (2) [55] : 0x00 (0) [56] : 0x01 (1) [57] : 0x02 (2) [58] : 0x00 (0) [59] : 0x00 (0) [60] : 0x00 (0) [61] : 0x00 (0) [62] : 0x00 (0) [63] : 0x05 (5) [64] : 0x20 (32) [65] : 0x00 (0) [66] : 0x00 (0) [67] : 0x00 (0) [68] : 0x23 (35) [69] : 0x02 (2) [70] : 0x00 (0) [71] : 0x00 (0) [72] : 0x00 (0) [73] : 0x00 (0) [74] : 0x18 (24) [75] : 0x00 (0) [76] : 0xff (255) [77] : 0x01 (1) [78] : 0x0f (15) [79] : 0x00 (0) [80] : 0x01 (1) [81] : 0x02 (2) [82] : 0x00 (0) [83] : 0x00 (0) [84] : 0x00 (0) [85] : 0x00 (0) [86] : 0x00 (0) [87] : 0x05 (5) [88] : 0x20 (32) [89] : 0x00 (0) [90] : 0x00 (0) [91] : 0x00 (0) [92] : 0x25 (37) [93] : 0x02 (2) [94] : 0x00 (0) [95] : 0x00 (0) [96] : 0x00 (0) [97] : 0x00 (0) [98] : 0x18 (24) [99] : 0x00 (0) [100] : 0xff (255) [101] : 0x01 (1) [102] : 0x0f (15) [103] : 0x00 (0) [104] : 0x01 (1) [105] : 0x02 (2) [106] : 0x00 (0) [107] : 0x00 (0) [108] : 0x00 (0) [109] : 0x00 (0) [110] : 0x00 (0) [111] : 0x05 (5) [112] : 0x20 (32) [113] : 0x00 (0) [114] : 0x00 (0) [115] : 0x00 (0) [116] : 0x20 (32) [117] : 0x02 (2) [118] : 0x00 (0) [119] : 0x00 (0) size : 0x00000078 (120) [2015/08/14 19:16:42.819160, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 04 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.819208, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security:Security] [2015/08/14 19:16:42.819231, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.819252, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_dispatcher.c:151(fetch_reg_values) fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security' (ops 0x7f7a4516a440) [2015/08/14 19:16:42.819274, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1891(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security] [2015/08/14 19:16:42.819302, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[0]: name[Security] len[120] [2015/08/14 19:16:42.819325, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.819376, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000004-0000-0000-cd55-02b906300000 [2015/08/14 19:16:42.819452, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 04 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.819498, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 04 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.819544, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:386(close_policy_hnd) Closed policy [2015/08/14 19:16:42.819565, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (4->3) [2015/08/14 19:16:42.819586, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK [2015/08/14 19:16:42.819677, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0056 (86) name_size : 0x0056 (86) name : * name : 'SYSTEM\CurrentControlSet\Services\NETLOGON' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_ACTION_NONE (0) [2015/08/14 19:16:42.819990, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.820037, 10, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:785(_winreg_CreateKey) _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\NETLOGON' [2015/08/14 19:16:42.820063, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.820086, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.820107, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [SYSTEM] [2015/08/14 19:16:42.820128, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (3->4) [2015/08/14 19:16:42.820150, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] [2015/08/14 19:16:42.820171, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM] [2015/08/14 19:16:42.820191, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.820211, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM] [2015/08/14 19:16:42.820241, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.820264, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [CurrentControlSet] [2015/08/14 19:16:42.820285, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.820306, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.820326, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.820346, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.820366, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.820396, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.820420, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.820441, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Services] [2015/08/14 19:16:42.820462, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.820483, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.820503, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.820524, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.820548, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.820597, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.820622, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [NETLOGON] [2015/08/14 19:16:42.820643, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.820665, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] [2015/08/14 19:16:42.820685, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] [2015/08/14 19:16:42.820706, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.820726, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] [2015/08/14 19:16:42.820757, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.820781, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:302(create_rpc_handle_internal) Opened policy hnd[3] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.820827, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-cd55-02b906300000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK [2015/08/14 19:16:42.820937, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x000c (12) name_size : 0x000c (12) name : * name : 'Start' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x02 (2) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2015/08/14 19:16:42.821130, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.821182, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:Start] [2015/08/14 19:16:42.821204, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.821225, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_dispatcher.c:151(fetch_reg_values) fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON' (ops 0x7f7a4516a440) [2015/08/14 19:16:42.821247, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1891(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] [2015/08/14 19:16:42.821274, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[0]: name[Start] len[4] [2015/08/14 19:16:42.821298, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[1]: name[Type] len[4] [2015/08/14 19:16:42.821320, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[2]: name[ErrorControl] len[4] [2015/08/14 19:16:42.821342, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[3]: name[ObjectName] len[24] [2015/08/14 19:16:42.821365, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[4]: name[DisplayName] len[20] [2015/08/14 19:16:42.821388, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[5]: name[Description] len[164] [2015/08/14 19:16:42.821410, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[6]: name[ImagePath] len[88] [2015/08/14 19:16:42.821432, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.821485, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x000a (10) name_size : 0x000a (10) name : * name : 'Type' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x10 (16) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2015/08/14 19:16:42.821675, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.821726, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:Type] [2015/08/14 19:16:42.821749, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.821771, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.821823, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x001a (26) name_size : 0x001a (26) name : * name : 'ErrorControl' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2015/08/14 19:16:42.822013, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.822059, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:ErrorControl] [2015/08/14 19:16:42.822081, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.822103, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.822155, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0016 (22) name_size : 0x0016 (22) name : * name : 'ObjectName' type : REG_SZ (1) data : * data: ARRAY(24) [0] : 0x4c (76) [1] : 0x00 (0) [2] : 0x6f (111) [3] : 0x00 (0) [4] : 0x63 (99) [5] : 0x00 (0) [6] : 0x61 (97) [7] : 0x00 (0) [8] : 0x6c (108) [9] : 0x00 (0) [10] : 0x53 (83) [11] : 0x00 (0) [12] : 0x79 (121) [13] : 0x00 (0) [14] : 0x73 (115) [15] : 0x00 (0) [16] : 0x74 (116) [17] : 0x00 (0) [18] : 0x65 (101) [19] : 0x00 (0) [20] : 0x6d (109) [21] : 0x00 (0) [22] : 0x00 (0) [23] : 0x00 (0) size : 0x00000018 (24) [2015/08/14 19:16:42.822540, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.822586, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:ObjectName] [2015/08/14 19:16:42.822608, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.822630, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.822684, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'DisplayName' type : REG_SZ (1) data : * data: ARRAY(20) [0] : 0x4e (78) [1] : 0x00 (0) [2] : 0x65 (101) [3] : 0x00 (0) [4] : 0x74 (116) [5] : 0x00 (0) [6] : 0x20 (32) [7] : 0x00 (0) [8] : 0x4c (76) [9] : 0x00 (0) [10] : 0x6f (111) [11] : 0x00 (0) [12] : 0x67 (103) [13] : 0x00 (0) [14] : 0x6f (111) [15] : 0x00 (0) [16] : 0x6e (110) [17] : 0x00 (0) [18] : 0x00 (0) [19] : 0x00 (0) size : 0x00000014 (20) [2015/08/14 19:16:42.823033, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.823079, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:DisplayName] [2015/08/14 19:16:42.823101, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.823124, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.823175, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0014 (20) name_size : 0x0014 (20) name : * name : 'ImagePath' type : REG_SZ (1) data : * data: ARRAY(88) [0] : 0x2f (47) [1] : 0x00 (0) [2] : 0x75 (117) [3] : 0x00 (0) [4] : 0x73 (115) [5] : 0x00 (0) [6] : 0x72 (114) [7] : 0x00 (0) [8] : 0x2f (47) [9] : 0x00 (0) [10] : 0x6c (108) [11] : 0x00 (0) [12] : 0x69 (105) [13] : 0x00 (0) [14] : 0x62 (98) [15] : 0x00 (0) [16] : 0x2f (47) [17] : 0x00 (0) [18] : 0x78 (120) [19] : 0x00 (0) [20] : 0x38 (56) [21] : 0x00 (0) [22] : 0x36 (54) [23] : 0x00 (0) [24] : 0x5f (95) [25] : 0x00 (0) [26] : 0x36 (54) [27] : 0x00 (0) [28] : 0x34 (52) [29] : 0x00 (0) [30] : 0x2d (45) [31] : 0x00 (0) [32] : 0x6c (108) [33] : 0x00 (0) [34] : 0x69 (105) [35] : 0x00 (0) [36] : 0x6e (110) [37] : 0x00 (0) [38] : 0x75 (117) [39] : 0x00 (0) [40] : 0x78 (120) [41] : 0x00 (0) [42] : 0x2d (45) [43] : 0x00 (0) [44] : 0x67 (103) [45] : 0x00 (0) [46] : 0x6e (110) [47] : 0x00 (0) [48] : 0x75 (117) [49] : 0x00 (0) [50] : 0x2f (47) [51] : 0x00 (0) [52] : 0x73 (115) [53] : 0x00 (0) [54] : 0x61 (97) [55] : 0x00 (0) [56] : 0x6d (109) [57] : 0x00 (0) [58] : 0x62 (98) [59] : 0x00 (0) [60] : 0x61 (97) [61] : 0x00 (0) [62] : 0x2f (47) [63] : 0x00 (0) [64] : 0x73 (115) [65] : 0x00 (0) [66] : 0x76 (118) [67] : 0x00 (0) [68] : 0x63 (99) [69] : 0x00 (0) [70] : 0x63 (99) [71] : 0x00 (0) [72] : 0x74 (116) [73] : 0x00 (0) [74] : 0x6c (108) [75] : 0x00 (0) [76] : 0x2f (47) [77] : 0x00 (0) [78] : 0x73 (115) [79] : 0x00 (0) [80] : 0x6d (109) [81] : 0x00 (0) [82] : 0x62 (98) [83] : 0x00 (0) [84] : 0x64 (100) [85] : 0x00 (0) [86] : 0x00 (0) [87] : 0x00 (0) size : 0x00000058 (88) [2015/08/14 19:16:42.824164, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.824210, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:ImagePath] [2015/08/14 19:16:42.824232, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.824255, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.824313, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'Description' type : REG_SZ (1) data : * data: ARRAY(164) [0] : 0x46 (70) [1] : 0x00 (0) [2] : 0x69 (105) [3] : 0x00 (0) [4] : 0x6c (108) [5] : 0x00 (0) [6] : 0x65 (101) [7] : 0x00 (0) [8] : 0x20 (32) [9] : 0x00 (0) [10] : 0x73 (115) [11] : 0x00 (0) [12] : 0x65 (101) [13] : 0x00 (0) [14] : 0x72 (114) [15] : 0x00 (0) [16] : 0x76 (118) [17] : 0x00 (0) [18] : 0x69 (105) [19] : 0x00 (0) [20] : 0x63 (99) [21] : 0x00 (0) [22] : 0x65 (101) [23] : 0x00 (0) [24] : 0x20 (32) [25] : 0x00 (0) [26] : 0x70 (112) [27] : 0x00 (0) [28] : 0x72 (114) [29] : 0x00 (0) [30] : 0x6f (111) [31] : 0x00 (0) [32] : 0x76 (118) [33] : 0x00 (0) [34] : 0x69 (105) [35] : 0x00 (0) [36] : 0x64 (100) [37] : 0x00 (0) [38] : 0x69 (105) [39] : 0x00 (0) [40] : 0x6e (110) [41] : 0x00 (0) [42] : 0x67 (103) [43] : 0x00 (0) [44] : 0x20 (32) [45] : 0x00 (0) [46] : 0x61 (97) [47] : 0x00 (0) [48] : 0x63 (99) [49] : 0x00 (0) [50] : 0x63 (99) [51] : 0x00 (0) [52] : 0x65 (101) [53] : 0x00 (0) [54] : 0x73 (115) [55] : 0x00 (0) [56] : 0x73 (115) [57] : 0x00 (0) [58] : 0x20 (32) [59] : 0x00 (0) [60] : 0x74 (116) [61] : 0x00 (0) [62] : 0x6f (111) [63] : 0x00 (0) [64] : 0x20 (32) [65] : 0x00 (0) [66] : 0x70 (112) [67] : 0x00 (0) [68] : 0x6f (111) [69] : 0x00 (0) [70] : 0x6c (108) [71] : 0x00 (0) [72] : 0x69 (105) [73] : 0x00 (0) [74] : 0x63 (99) [75] : 0x00 (0) [76] : 0x79 (121) [77] : 0x00 (0) [78] : 0x20 (32) [79] : 0x00 (0) [80] : 0x61 (97) [81] : 0x00 (0) [82] : 0x6e (110) [83] : 0x00 (0) [84] : 0x64 (100) [85] : 0x00 (0) [86] : 0x20 (32) [87] : 0x00 (0) [88] : 0x70 (112) [89] : 0x00 (0) [90] : 0x72 (114) [91] : 0x00 (0) [92] : 0x6f (111) [93] : 0x00 (0) [94] : 0x66 (102) [95] : 0x00 (0) [96] : 0x69 (105) [97] : 0x00 (0) [98] : 0x6c (108) [99] : 0x00 (0) [100] : 0x65 (101) [101] : 0x00 (0) [102] : 0x20 (32) [103] : 0x00 (0) [104] : 0x64 (100) [105] : 0x00 (0) [106] : 0x61 (97) [107] : 0x00 (0) [108] : 0x74 (116) [109] : 0x00 (0) [110] : 0x61 (97) [111] : 0x00 (0) [112] : 0x20 (32) [113] : 0x00 (0) [114] : 0x28 (40) [115] : 0x00 (0) [116] : 0x6e (110) [117] : 0x00 (0) [118] : 0x6f (111) [119] : 0x00 (0) [120] : 0x74 (116) [121] : 0x00 (0) [122] : 0x72 (114) [123] : 0x00 (0) [124] : 0x65 (101) [125] : 0x00 (0) [126] : 0x6d (109) [127] : 0x00 (0) [128] : 0x6f (111) [129] : 0x00 (0) [130] : 0x74 (116) [131] : 0x00 (0) [132] : 0x65 (101) [133] : 0x00 (0) [134] : 0x6c (108) [135] : 0x00 (0) [136] : 0x79 (121) [137] : 0x00 (0) [138] : 0x20 (32) [139] : 0x00 (0) [140] : 0x6d (109) [141] : 0x00 (0) [142] : 0x61 (97) [143] : 0x00 (0) [144] : 0x6e (110) [145] : 0x00 (0) [146] : 0x61 (97) [147] : 0x00 (0) [148] : 0x67 (103) [149] : 0x00 (0) [150] : 0x65 (101) [151] : 0x00 (0) [152] : 0x61 (97) [153] : 0x00 (0) [154] : 0x62 (98) [155] : 0x00 (0) [156] : 0x6c (108) [157] : 0x00 (0) [158] : 0x65 (101) [159] : 0x00 (0) [160] : 0x29 (41) [161] : 0x00 (0) [162] : 0x00 (0) [163] : 0x00 (0) size : 0x000000a4 (164) [2015/08/14 19:16:42.826192, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.826240, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:Description] [2015/08/14 19:16:42.826263, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.826286, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.826338, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-cd55-02b906300000 [2015/08/14 19:16:42.826409, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.826460, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.826506, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:386(close_policy_hnd) Closed policy [2015/08/14 19:16:42.826528, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (4->3) [2015/08/14 19:16:42.826549, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK [2015/08/14 19:16:42.826641, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0068 (104) name_size : 0x0068 (104) name : * name : 'SYSTEM\CurrentControlSet\Services\NETLOGON\Security' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) [2015/08/14 19:16:42.826955, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.827001, 10, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:785(_winreg_CreateKey) _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\NETLOGON\Security' [2015/08/14 19:16:42.827024, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.827046, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.827072, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [SYSTEM] [2015/08/14 19:16:42.827094, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (3->4) [2015/08/14 19:16:42.827116, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] [2015/08/14 19:16:42.827136, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM] [2015/08/14 19:16:42.827157, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.827177, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM] [2015/08/14 19:16:42.827208, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.827230, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [CurrentControlSet] [2015/08/14 19:16:42.827252, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.827273, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.827293, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.827314, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.827333, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.827364, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.827387, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.827408, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Services] [2015/08/14 19:16:42.827428, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.827450, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.827470, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.827491, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.827511, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.827554, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.827578, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.827599, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [NETLOGON] [2015/08/14 19:16:42.827620, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.827642, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] [2015/08/14 19:16:42.827662, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] [2015/08/14 19:16:42.827683, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.827703, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] [2015/08/14 19:16:42.827734, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.827757, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Security] [2015/08/14 19:16:42.827778, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.827800, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security] [2015/08/14 19:16:42.827820, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security] [2015/08/14 19:16:42.827842, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.827862, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security] [2015/08/14 19:16:42.827888, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.827911, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:302(create_rpc_handle_internal) Opened policy hnd[3] [0000] 00 00 00 00 06 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.827957, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000006-0000-0000-cd55-02b906300000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK [2015/08/14 19:16:42.828076, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000006-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0012 (18) name_size : 0x0012 (18) name : * name : 'Security' type : REG_BINARY (3) data : * data: ARRAY(120) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x04 (4) [3] : 0x80 (128) [4] : 0x00 (0) [5] : 0x00 (0) [6] : 0x00 (0) [7] : 0x00 (0) [8] : 0x00 (0) [9] : 0x00 (0) [10] : 0x00 (0) [11] : 0x00 (0) [12] : 0x00 (0) [13] : 0x00 (0) [14] : 0x00 (0) [15] : 0x00 (0) [16] : 0x14 (20) [17] : 0x00 (0) [18] : 0x00 (0) [19] : 0x00 (0) [20] : 0x02 (2) [21] : 0x00 (0) [22] : 0x64 (100) [23] : 0x00 (0) [24] : 0x04 (4) [25] : 0x00 (0) [26] : 0x00 (0) [27] : 0x00 (0) [28] : 0x00 (0) [29] : 0x00 (0) [30] : 0x14 (20) [31] : 0x00 (0) [32] : 0x8d (141) [33] : 0x01 (1) [34] : 0x02 (2) [35] : 0x00 (0) [36] : 0x01 (1) [37] : 0x01 (1) [38] : 0x00 (0) [39] : 0x00 (0) [40] : 0x00 (0) [41] : 0x00 (0) [42] : 0x00 (0) [43] : 0x01 (1) [44] : 0x00 (0) [45] : 0x00 (0) [46] : 0x00 (0) [47] : 0x00 (0) [48] : 0x00 (0) [49] : 0x00 (0) [50] : 0x18 (24) [51] : 0x00 (0) [52] : 0xfd (253) [53] : 0x01 (1) [54] : 0x02 (2) [55] : 0x00 (0) [56] : 0x01 (1) [57] : 0x02 (2) [58] : 0x00 (0) [59] : 0x00 (0) [60] : 0x00 (0) [61] : 0x00 (0) [62] : 0x00 (0) [63] : 0x05 (5) [64] : 0x20 (32) [65] : 0x00 (0) [66] : 0x00 (0) [67] : 0x00 (0) [68] : 0x23 (35) [69] : 0x02 (2) [70] : 0x00 (0) [71] : 0x00 (0) [72] : 0x00 (0) [73] : 0x00 (0) [74] : 0x18 (24) [75] : 0x00 (0) [76] : 0xff (255) [77] : 0x01 (1) [78] : 0x0f (15) [79] : 0x00 (0) [80] : 0x01 (1) [81] : 0x02 (2) [82] : 0x00 (0) [83] : 0x00 (0) [84] : 0x00 (0) [85] : 0x00 (0) [86] : 0x00 (0) [87] : 0x05 (5) [88] : 0x20 (32) [89] : 0x00 (0) [90] : 0x00 (0) [91] : 0x00 (0) [92] : 0x25 (37) [93] : 0x02 (2) [94] : 0x00 (0) [95] : 0x00 (0) [96] : 0x00 (0) [97] : 0x00 (0) [98] : 0x18 (24) [99] : 0x00 (0) [100] : 0xff (255) [101] : 0x01 (1) [102] : 0x0f (15) [103] : 0x00 (0) [104] : 0x01 (1) [105] : 0x02 (2) [106] : 0x00 (0) [107] : 0x00 (0) [108] : 0x00 (0) [109] : 0x00 (0) [110] : 0x00 (0) [111] : 0x05 (5) [112] : 0x20 (32) [113] : 0x00 (0) [114] : 0x00 (0) [115] : 0x00 (0) [116] : 0x20 (32) [117] : 0x02 (2) [118] : 0x00 (0) [119] : 0x00 (0) size : 0x00000078 (120) [2015/08/14 19:16:42.829390, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 06 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.829441, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security:Security] [2015/08/14 19:16:42.829464, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.829486, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_dispatcher.c:151(fetch_reg_values) fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security' (ops 0x7f7a4516a440) [2015/08/14 19:16:42.829508, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1891(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security] [2015/08/14 19:16:42.829536, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[0]: name[Security] len[120] [2015/08/14 19:16:42.829559, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.829611, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000006-0000-0000-cd55-02b906300000 [2015/08/14 19:16:42.829683, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 06 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.829730, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 06 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.829775, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:386(close_policy_hnd) Closed policy [2015/08/14 19:16:42.829796, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (4->3) [2015/08/14 19:16:42.829817, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK [2015/08/14 19:16:42.829908, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0062 (98) name_size : 0x0062 (98) name : * name : 'SYSTEM\CurrentControlSet\Services\RemoteRegistry' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_ACTION_NONE (0) [2015/08/14 19:16:42.830224, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.830271, 10, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:785(_winreg_CreateKey) _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\RemoteRegistry' [2015/08/14 19:16:42.830294, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.830315, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.830337, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [SYSTEM] [2015/08/14 19:16:42.830358, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (3->4) [2015/08/14 19:16:42.830379, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] [2015/08/14 19:16:42.830400, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM] [2015/08/14 19:16:42.830420, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.830440, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM] [2015/08/14 19:16:42.830471, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.830493, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [CurrentControlSet] [2015/08/14 19:16:42.830514, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.830535, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.830559, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.830581, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.830601, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.830632, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.830655, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.830676, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Services] [2015/08/14 19:16:42.830697, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.830718, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.830738, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.830759, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.830779, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.830817, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.830841, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [RemoteRegistry] [2015/08/14 19:16:42.830861, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.830883, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] [2015/08/14 19:16:42.830903, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] [2015/08/14 19:16:42.830925, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.830944, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] [2015/08/14 19:16:42.830973, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.830997, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:302(create_rpc_handle_internal) Opened policy hnd[3] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.831042, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-cd55-02b906300000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK [2015/08/14 19:16:42.831157, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x000c (12) name_size : 0x000c (12) name : * name : 'Start' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x02 (2) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2015/08/14 19:16:42.831351, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.831397, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:Start] [2015/08/14 19:16:42.831419, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.831441, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_dispatcher.c:151(fetch_reg_values) fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry' (ops 0x7f7a4516a440) [2015/08/14 19:16:42.831462, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1891(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] [2015/08/14 19:16:42.831490, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[0]: name[Start] len[4] [2015/08/14 19:16:42.831513, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[1]: name[Type] len[4] [2015/08/14 19:16:42.831535, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[2]: name[ErrorControl] len[4] [2015/08/14 19:16:42.831557, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[3]: name[ObjectName] len[24] [2015/08/14 19:16:42.831579, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[4]: name[DisplayName] len[48] [2015/08/14 19:16:42.831602, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[5]: name[Description] len[126] [2015/08/14 19:16:42.831628, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[6]: name[ImagePath] len[88] [2015/08/14 19:16:42.831650, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.831703, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x000a (10) name_size : 0x000a (10) name : * name : 'Type' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x10 (16) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2015/08/14 19:16:42.831893, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.831939, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:Type] [2015/08/14 19:16:42.831961, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.831983, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.832034, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x001a (26) name_size : 0x001a (26) name : * name : 'ErrorControl' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2015/08/14 19:16:42.832223, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.832273, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:ErrorControl] [2015/08/14 19:16:42.832296, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.832318, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.832371, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0016 (22) name_size : 0x0016 (22) name : * name : 'ObjectName' type : REG_SZ (1) data : * data: ARRAY(24) [0] : 0x4c (76) [1] : 0x00 (0) [2] : 0x6f (111) [3] : 0x00 (0) [4] : 0x63 (99) [5] : 0x00 (0) [6] : 0x61 (97) [7] : 0x00 (0) [8] : 0x6c (108) [9] : 0x00 (0) [10] : 0x53 (83) [11] : 0x00 (0) [12] : 0x79 (121) [13] : 0x00 (0) [14] : 0x73 (115) [15] : 0x00 (0) [16] : 0x74 (116) [17] : 0x00 (0) [18] : 0x65 (101) [19] : 0x00 (0) [20] : 0x6d (109) [21] : 0x00 (0) [22] : 0x00 (0) [23] : 0x00 (0) size : 0x00000018 (24) [2015/08/14 19:16:42.832760, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.832806, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:ObjectName] [2015/08/14 19:16:42.832828, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.832851, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.832909, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'DisplayName' type : REG_SZ (1) data : * data: ARRAY(48) [0] : 0x52 (82) [1] : 0x00 (0) [2] : 0x65 (101) [3] : 0x00 (0) [4] : 0x6d (109) [5] : 0x00 (0) [6] : 0x6f (111) [7] : 0x00 (0) [8] : 0x74 (116) [9] : 0x00 (0) [10] : 0x65 (101) [11] : 0x00 (0) [12] : 0x20 (32) [13] : 0x00 (0) [14] : 0x52 (82) [15] : 0x00 (0) [16] : 0x65 (101) [17] : 0x00 (0) [18] : 0x67 (103) [19] : 0x00 (0) [20] : 0x69 (105) [21] : 0x00 (0) [22] : 0x73 (115) [23] : 0x00 (0) [24] : 0x74 (116) [25] : 0x00 (0) [26] : 0x72 (114) [27] : 0x00 (0) [28] : 0x79 (121) [29] : 0x00 (0) [30] : 0x20 (32) [31] : 0x00 (0) [32] : 0x53 (83) [33] : 0x00 (0) [34] : 0x65 (101) [35] : 0x00 (0) [36] : 0x72 (114) [37] : 0x00 (0) [38] : 0x76 (118) [39] : 0x00 (0) [40] : 0x69 (105) [41] : 0x00 (0) [42] : 0x63 (99) [43] : 0x00 (0) [44] : 0x65 (101) [45] : 0x00 (0) [46] : 0x00 (0) [47] : 0x00 (0) size : 0x00000030 (48) [2015/08/14 19:16:42.833523, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.833570, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:DisplayName] [2015/08/14 19:16:42.833597, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.833619, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.833672, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0014 (20) name_size : 0x0014 (20) name : * name : 'ImagePath' type : REG_SZ (1) data : * data: ARRAY(88) [0] : 0x2f (47) [1] : 0x00 (0) [2] : 0x75 (117) [3] : 0x00 (0) [4] : 0x73 (115) [5] : 0x00 (0) [6] : 0x72 (114) [7] : 0x00 (0) [8] : 0x2f (47) [9] : 0x00 (0) [10] : 0x6c (108) [11] : 0x00 (0) [12] : 0x69 (105) [13] : 0x00 (0) [14] : 0x62 (98) [15] : 0x00 (0) [16] : 0x2f (47) [17] : 0x00 (0) [18] : 0x78 (120) [19] : 0x00 (0) [20] : 0x38 (56) [21] : 0x00 (0) [22] : 0x36 (54) [23] : 0x00 (0) [24] : 0x5f (95) [25] : 0x00 (0) [26] : 0x36 (54) [27] : 0x00 (0) [28] : 0x34 (52) [29] : 0x00 (0) [30] : 0x2d (45) [31] : 0x00 (0) [32] : 0x6c (108) [33] : 0x00 (0) [34] : 0x69 (105) [35] : 0x00 (0) [36] : 0x6e (110) [37] : 0x00 (0) [38] : 0x75 (117) [39] : 0x00 (0) [40] : 0x78 (120) [41] : 0x00 (0) [42] : 0x2d (45) [43] : 0x00 (0) [44] : 0x67 (103) [45] : 0x00 (0) [46] : 0x6e (110) [47] : 0x00 (0) [48] : 0x75 (117) [49] : 0x00 (0) [50] : 0x2f (47) [51] : 0x00 (0) [52] : 0x73 (115) [53] : 0x00 (0) [54] : 0x61 (97) [55] : 0x00 (0) [56] : 0x6d (109) [57] : 0x00 (0) [58] : 0x62 (98) [59] : 0x00 (0) [60] : 0x61 (97) [61] : 0x00 (0) [62] : 0x2f (47) [63] : 0x00 (0) [64] : 0x73 (115) [65] : 0x00 (0) [66] : 0x76 (118) [67] : 0x00 (0) [68] : 0x63 (99) [69] : 0x00 (0) [70] : 0x63 (99) [71] : 0x00 (0) [72] : 0x74 (116) [73] : 0x00 (0) [74] : 0x6c (108) [75] : 0x00 (0) [76] : 0x2f (47) [77] : 0x00 (0) [78] : 0x73 (115) [79] : 0x00 (0) [80] : 0x6d (109) [81] : 0x00 (0) [82] : 0x62 (98) [83] : 0x00 (0) [84] : 0x64 (100) [85] : 0x00 (0) [86] : 0x00 (0) [87] : 0x00 (0) size : 0x00000058 (88) [2015/08/14 19:16:42.834667, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.834714, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:ImagePath] [2015/08/14 19:16:42.834736, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.834758, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.834809, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'Description' type : REG_SZ (1) data : * data: ARRAY(126) [0] : 0x49 (73) [1] : 0x00 (0) [2] : 0x6e (110) [3] : 0x00 (0) [4] : 0x74 (116) [5] : 0x00 (0) [6] : 0x65 (101) [7] : 0x00 (0) [8] : 0x72 (114) [9] : 0x00 (0) [10] : 0x6e (110) [11] : 0x00 (0) [12] : 0x61 (97) [13] : 0x00 (0) [14] : 0x6c (108) [15] : 0x00 (0) [16] : 0x20 (32) [17] : 0x00 (0) [18] : 0x73 (115) [19] : 0x00 (0) [20] : 0x65 (101) [21] : 0x00 (0) [22] : 0x72 (114) [23] : 0x00 (0) [24] : 0x76 (118) [25] : 0x00 (0) [26] : 0x69 (105) [27] : 0x00 (0) [28] : 0x63 (99) [29] : 0x00 (0) [30] : 0x65 (101) [31] : 0x00 (0) [32] : 0x20 (32) [33] : 0x00 (0) [34] : 0x70 (112) [35] : 0x00 (0) [36] : 0x72 (114) [37] : 0x00 (0) [38] : 0x6f (111) [39] : 0x00 (0) [40] : 0x76 (118) [41] : 0x00 (0) [42] : 0x69 (105) [43] : 0x00 (0) [44] : 0x64 (100) [45] : 0x00 (0) [46] : 0x69 (105) [47] : 0x00 (0) [48] : 0x6e (110) [49] : 0x00 (0) [50] : 0x67 (103) [51] : 0x00 (0) [52] : 0x20 (32) [53] : 0x00 (0) [54] : 0x72 (114) [55] : 0x00 (0) [56] : 0x65 (101) [57] : 0x00 (0) [58] : 0x6d (109) [59] : 0x00 (0) [60] : 0x6f (111) [61] : 0x00 (0) [62] : 0x74 (116) [63] : 0x00 (0) [64] : 0x65 (101) [65] : 0x00 (0) [66] : 0x20 (32) [67] : 0x00 (0) [68] : 0x61 (97) [69] : 0x00 (0) [70] : 0x63 (99) [71] : 0x00 (0) [72] : 0x63 (99) [73] : 0x00 (0) [74] : 0x65 (101) [75] : 0x00 (0) [76] : 0x73 (115) [77] : 0x00 (0) [78] : 0x73 (115) [79] : 0x00 (0) [80] : 0x20 (32) [81] : 0x00 (0) [82] : 0x74 (116) [83] : 0x00 (0) [84] : 0x6f (111) [85] : 0x00 (0) [86] : 0x20 (32) [87] : 0x00 (0) [88] : 0x74 (116) [89] : 0x00 (0) [90] : 0x68 (104) [91] : 0x00 (0) [92] : 0x65 (101) [93] : 0x00 (0) [94] : 0x20 (32) [95] : 0x00 (0) [96] : 0x53 (83) [97] : 0x00 (0) [98] : 0x61 (97) [99] : 0x00 (0) [100] : 0x6d (109) [101] : 0x00 (0) [102] : 0x62 (98) [103] : 0x00 (0) [104] : 0x61 (97) [105] : 0x00 (0) [106] : 0x20 (32) [107] : 0x00 (0) [108] : 0x72 (114) [109] : 0x00 (0) [110] : 0x65 (101) [111] : 0x00 (0) [112] : 0x67 (103) [113] : 0x00 (0) [114] : 0x69 (105) [115] : 0x00 (0) [116] : 0x73 (115) [117] : 0x00 (0) [118] : 0x74 (116) [119] : 0x00 (0) [120] : 0x72 (114) [121] : 0x00 (0) [122] : 0x79 (121) [123] : 0x00 (0) [124] : 0x00 (0) [125] : 0x00 (0) size : 0x0000007e (126) [2015/08/14 19:16:42.836175, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.836225, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:Description] [2015/08/14 19:16:42.836248, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.836271, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.836320, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-cd55-02b906300000 [2015/08/14 19:16:42.836391, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.836437, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.836482, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:386(close_policy_hnd) Closed policy [2015/08/14 19:16:42.836504, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (4->3) [2015/08/14 19:16:42.836525, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK [2015/08/14 19:16:42.836777, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0074 (116) name_size : 0x0074 (116) name : * name : 'SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) [2015/08/14 19:16:42.837096, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.837143, 10, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:785(_winreg_CreateKey) _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security' [2015/08/14 19:16:42.837166, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.837188, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.837209, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [SYSTEM] [2015/08/14 19:16:42.837230, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (3->4) [2015/08/14 19:16:42.837252, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] [2015/08/14 19:16:42.837272, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM] [2015/08/14 19:16:42.837292, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.837312, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM] [2015/08/14 19:16:42.837343, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.837366, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [CurrentControlSet] [2015/08/14 19:16:42.837387, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.837408, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.837428, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.837448, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.837468, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.837498, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.837522, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.837548, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Services] [2015/08/14 19:16:42.837569, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.837590, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.837610, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.837631, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.837651, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.837693, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.837716, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.837737, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [RemoteRegistry] [2015/08/14 19:16:42.837758, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.837779, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] [2015/08/14 19:16:42.837800, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] [2015/08/14 19:16:42.837821, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.837841, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] [2015/08/14 19:16:42.837870, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.837893, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Security] [2015/08/14 19:16:42.837914, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.837935, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security] [2015/08/14 19:16:42.837956, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security] [2015/08/14 19:16:42.837977, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.837996, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security] [2015/08/14 19:16:42.838027, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.838050, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:302(create_rpc_handle_internal) Opened policy hnd[3] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.838096, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000008-0000-0000-cd55-02b906300000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK [2015/08/14 19:16:42.838210, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000008-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0012 (18) name_size : 0x0012 (18) name : * name : 'Security' type : REG_BINARY (3) data : * data: ARRAY(120) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x04 (4) [3] : 0x80 (128) [4] : 0x00 (0) [5] : 0x00 (0) [6] : 0x00 (0) [7] : 0x00 (0) [8] : 0x00 (0) [9] : 0x00 (0) [10] : 0x00 (0) [11] : 0x00 (0) [12] : 0x00 (0) [13] : 0x00 (0) [14] : 0x00 (0) [15] : 0x00 (0) [16] : 0x14 (20) [17] : 0x00 (0) [18] : 0x00 (0) [19] : 0x00 (0) [20] : 0x02 (2) [21] : 0x00 (0) [22] : 0x64 (100) [23] : 0x00 (0) [24] : 0x04 (4) [25] : 0x00 (0) [26] : 0x00 (0) [27] : 0x00 (0) [28] : 0x00 (0) [29] : 0x00 (0) [30] : 0x14 (20) [31] : 0x00 (0) [32] : 0x8d (141) [33] : 0x01 (1) [34] : 0x02 (2) [35] : 0x00 (0) [36] : 0x01 (1) [37] : 0x01 (1) [38] : 0x00 (0) [39] : 0x00 (0) [40] : 0x00 (0) [41] : 0x00 (0) [42] : 0x00 (0) [43] : 0x01 (1) [44] : 0x00 (0) [45] : 0x00 (0) [46] : 0x00 (0) [47] : 0x00 (0) [48] : 0x00 (0) [49] : 0x00 (0) [50] : 0x18 (24) [51] : 0x00 (0) [52] : 0xfd (253) [53] : 0x01 (1) [54] : 0x02 (2) [55] : 0x00 (0) [56] : 0x01 (1) [57] : 0x02 (2) [58] : 0x00 (0) [59] : 0x00 (0) [60] : 0x00 (0) [61] : 0x00 (0) [62] : 0x00 (0) [63] : 0x05 (5) [64] : 0x20 (32) [65] : 0x00 (0) [66] : 0x00 (0) [67] : 0x00 (0) [68] : 0x23 (35) [69] : 0x02 (2) [70] : 0x00 (0) [71] : 0x00 (0) [72] : 0x00 (0) [73] : 0x00 (0) [74] : 0x18 (24) [75] : 0x00 (0) [76] : 0xff (255) [77] : 0x01 (1) [78] : 0x0f (15) [79] : 0x00 (0) [80] : 0x01 (1) [81] : 0x02 (2) [82] : 0x00 (0) [83] : 0x00 (0) [84] : 0x00 (0) [85] : 0x00 (0) [86] : 0x00 (0) [87] : 0x05 (5) [88] : 0x20 (32) [89] : 0x00 (0) [90] : 0x00 (0) [91] : 0x00 (0) [92] : 0x25 (37) [93] : 0x02 (2) [94] : 0x00 (0) [95] : 0x00 (0) [96] : 0x00 (0) [97] : 0x00 (0) [98] : 0x18 (24) [99] : 0x00 (0) [100] : 0xff (255) [101] : 0x01 (1) [102] : 0x0f (15) [103] : 0x00 (0) [104] : 0x01 (1) [105] : 0x02 (2) [106] : 0x00 (0) [107] : 0x00 (0) [108] : 0x00 (0) [109] : 0x00 (0) [110] : 0x00 (0) [111] : 0x05 (5) [112] : 0x20 (32) [113] : 0x00 (0) [114] : 0x00 (0) [115] : 0x00 (0) [116] : 0x20 (32) [117] : 0x02 (2) [118] : 0x00 (0) [119] : 0x00 (0) size : 0x00000078 (120) [2015/08/14 19:16:42.839507, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.839553, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security:Security] [2015/08/14 19:16:42.839576, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.839597, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_dispatcher.c:151(fetch_reg_values) fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security' (ops 0x7f7a4516a440) [2015/08/14 19:16:42.839619, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1891(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security] [2015/08/14 19:16:42.839648, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[0]: name[Security] len[120] [2015/08/14 19:16:42.839671, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.839721, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000008-0000-0000-cd55-02b906300000 [2015/08/14 19:16:42.839792, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.839838, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.839883, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:386(close_policy_hnd) Closed policy [2015/08/14 19:16:42.839908, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (4->3) [2015/08/14 19:16:42.839929, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK [2015/08/14 19:16:42.840073, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x004e (78) name_size : 0x004e (78) name : * name : 'SYSTEM\CurrentControlSet\Services\WINS' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_ACTION_NONE (0) [2015/08/14 19:16:42.840390, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.840437, 10, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:785(_winreg_CreateKey) _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\WINS' [2015/08/14 19:16:42.840460, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.840482, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.840503, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [SYSTEM] [2015/08/14 19:16:42.840524, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (3->4) [2015/08/14 19:16:42.840546, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] [2015/08/14 19:16:42.840570, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM] [2015/08/14 19:16:42.840606, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.840627, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM] [2015/08/14 19:16:42.840658, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.840680, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [CurrentControlSet] [2015/08/14 19:16:42.840701, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.840723, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.840743, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.840763, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.840783, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.840813, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.840836, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.840857, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Services] [2015/08/14 19:16:42.840878, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.840900, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.840920, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.840941, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.840960, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.840999, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.841023, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [WINS] [2015/08/14 19:16:42.841044, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.841065, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] [2015/08/14 19:16:42.841090, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] [2015/08/14 19:16:42.841112, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.841132, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] [2015/08/14 19:16:42.841160, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.841184, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:302(create_rpc_handle_internal) Opened policy hnd[3] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.841230, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-cd55-02b906300000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK [2015/08/14 19:16:42.841340, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x000c (12) name_size : 0x000c (12) name : * name : 'Start' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x02 (2) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2015/08/14 19:16:42.841533, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.841579, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:Start] [2015/08/14 19:16:42.841601, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.841623, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_dispatcher.c:151(fetch_reg_values) fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\WINS' (ops 0x7f7a4516a440) [2015/08/14 19:16:42.841644, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1891(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\WINS] [2015/08/14 19:16:42.841676, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[0]: name[Start] len[4] [2015/08/14 19:16:42.841700, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[1]: name[Type] len[4] [2015/08/14 19:16:42.841722, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[2]: name[ErrorControl] len[4] [2015/08/14 19:16:42.841744, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[3]: name[ObjectName] len[24] [2015/08/14 19:16:42.841766, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[4]: name[DisplayName] len[74] [2015/08/14 19:16:42.841788, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[5]: name[Description] len[178] [2015/08/14 19:16:42.841810, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[6]: name[ImagePath] len[88] [2015/08/14 19:16:42.841832, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.841885, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x000a (10) name_size : 0x000a (10) name : * name : 'Type' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x10 (16) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2015/08/14 19:16:42.842074, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.842120, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:Type] [2015/08/14 19:16:42.842142, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.842164, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.842214, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x001a (26) name_size : 0x001a (26) name : * name : 'ErrorControl' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2015/08/14 19:16:42.842407, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.842453, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:ErrorControl] [2015/08/14 19:16:42.842475, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.842497, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.842549, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0016 (22) name_size : 0x0016 (22) name : * name : 'ObjectName' type : REG_SZ (1) data : * data: ARRAY(24) [0] : 0x4c (76) [1] : 0x00 (0) [2] : 0x6f (111) [3] : 0x00 (0) [4] : 0x63 (99) [5] : 0x00 (0) [6] : 0x61 (97) [7] : 0x00 (0) [8] : 0x6c (108) [9] : 0x00 (0) [10] : 0x53 (83) [11] : 0x00 (0) [12] : 0x79 (121) [13] : 0x00 (0) [14] : 0x73 (115) [15] : 0x00 (0) [16] : 0x74 (116) [17] : 0x00 (0) [18] : 0x65 (101) [19] : 0x00 (0) [20] : 0x6d (109) [21] : 0x00 (0) [22] : 0x00 (0) [23] : 0x00 (0) size : 0x00000018 (24) [2015/08/14 19:16:42.842933, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.842979, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:ObjectName] [2015/08/14 19:16:42.843001, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.843023, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.843079, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'DisplayName' type : REG_SZ (1) data : * data: ARRAY(74) [0] : 0x57 (87) [1] : 0x00 (0) [2] : 0x69 (105) [3] : 0x00 (0) [4] : 0x6e (110) [5] : 0x00 (0) [6] : 0x64 (100) [7] : 0x00 (0) [8] : 0x6f (111) [9] : 0x00 (0) [10] : 0x77 (119) [11] : 0x00 (0) [12] : 0x73 (115) [13] : 0x00 (0) [14] : 0x20 (32) [15] : 0x00 (0) [16] : 0x49 (73) [17] : 0x00 (0) [18] : 0x6e (110) [19] : 0x00 (0) [20] : 0x74 (116) [21] : 0x00 (0) [22] : 0x65 (101) [23] : 0x00 (0) [24] : 0x72 (114) [25] : 0x00 (0) [26] : 0x6e (110) [27] : 0x00 (0) [28] : 0x65 (101) [29] : 0x00 (0) [30] : 0x74 (116) [31] : 0x00 (0) [32] : 0x20 (32) [33] : 0x00 (0) [34] : 0x4e (78) [35] : 0x00 (0) [36] : 0x61 (97) [37] : 0x00 (0) [38] : 0x6d (109) [39] : 0x00 (0) [40] : 0x65 (101) [41] : 0x00 (0) [42] : 0x20 (32) [43] : 0x00 (0) [44] : 0x53 (83) [45] : 0x00 (0) [46] : 0x65 (101) [47] : 0x00 (0) [48] : 0x72 (114) [49] : 0x00 (0) [50] : 0x76 (118) [51] : 0x00 (0) [52] : 0x69 (105) [53] : 0x00 (0) [54] : 0x63 (99) [55] : 0x00 (0) [56] : 0x65 (101) [57] : 0x00 (0) [58] : 0x20 (32) [59] : 0x00 (0) [60] : 0x28 (40) [61] : 0x00 (0) [62] : 0x57 (87) [63] : 0x00 (0) [64] : 0x49 (73) [65] : 0x00 (0) [66] : 0x4e (78) [67] : 0x00 (0) [68] : 0x53 (83) [69] : 0x00 (0) [70] : 0x29 (41) [71] : 0x00 (0) [72] : 0x00 (0) [73] : 0x00 (0) size : 0x0000004a (74) [2015/08/14 19:16:42.843941, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.843987, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:DisplayName] [2015/08/14 19:16:42.844009, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.844031, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.844083, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0014 (20) name_size : 0x0014 (20) name : * name : 'ImagePath' type : REG_SZ (1) data : * data: ARRAY(88) [0] : 0x2f (47) [1] : 0x00 (0) [2] : 0x75 (117) [3] : 0x00 (0) [4] : 0x73 (115) [5] : 0x00 (0) [6] : 0x72 (114) [7] : 0x00 (0) [8] : 0x2f (47) [9] : 0x00 (0) [10] : 0x6c (108) [11] : 0x00 (0) [12] : 0x69 (105) [13] : 0x00 (0) [14] : 0x62 (98) [15] : 0x00 (0) [16] : 0x2f (47) [17] : 0x00 (0) [18] : 0x78 (120) [19] : 0x00 (0) [20] : 0x38 (56) [21] : 0x00 (0) [22] : 0x36 (54) [23] : 0x00 (0) [24] : 0x5f (95) [25] : 0x00 (0) [26] : 0x36 (54) [27] : 0x00 (0) [28] : 0x34 (52) [29] : 0x00 (0) [30] : 0x2d (45) [31] : 0x00 (0) [32] : 0x6c (108) [33] : 0x00 (0) [34] : 0x69 (105) [35] : 0x00 (0) [36] : 0x6e (110) [37] : 0x00 (0) [38] : 0x75 (117) [39] : 0x00 (0) [40] : 0x78 (120) [41] : 0x00 (0) [42] : 0x2d (45) [43] : 0x00 (0) [44] : 0x67 (103) [45] : 0x00 (0) [46] : 0x6e (110) [47] : 0x00 (0) [48] : 0x75 (117) [49] : 0x00 (0) [50] : 0x2f (47) [51] : 0x00 (0) [52] : 0x73 (115) [53] : 0x00 (0) [54] : 0x61 (97) [55] : 0x00 (0) [56] : 0x6d (109) [57] : 0x00 (0) [58] : 0x62 (98) [59] : 0x00 (0) [60] : 0x61 (97) [61] : 0x00 (0) [62] : 0x2f (47) [63] : 0x00 (0) [64] : 0x73 (115) [65] : 0x00 (0) [66] : 0x76 (118) [67] : 0x00 (0) [68] : 0x63 (99) [69] : 0x00 (0) [70] : 0x63 (99) [71] : 0x00 (0) [72] : 0x74 (116) [73] : 0x00 (0) [74] : 0x6c (108) [75] : 0x00 (0) [76] : 0x2f (47) [77] : 0x00 (0) [78] : 0x6e (110) [79] : 0x00 (0) [80] : 0x6d (109) [81] : 0x00 (0) [82] : 0x62 (98) [83] : 0x00 (0) [84] : 0x64 (100) [85] : 0x00 (0) [86] : 0x00 (0) [87] : 0x00 (0) size : 0x00000058 (88) [2015/08/14 19:16:42.845091, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.845137, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:ImagePath] [2015/08/14 19:16:42.845159, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.845182, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.845234, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'Description' type : REG_SZ (1) data : * data: ARRAY(178) [0] : 0x49 (73) [1] : 0x00 (0) [2] : 0x6e (110) [3] : 0x00 (0) [4] : 0x74 (116) [5] : 0x00 (0) [6] : 0x65 (101) [7] : 0x00 (0) [8] : 0x72 (114) [9] : 0x00 (0) [10] : 0x6e (110) [11] : 0x00 (0) [12] : 0x61 (97) [13] : 0x00 (0) [14] : 0x6c (108) [15] : 0x00 (0) [16] : 0x20 (32) [17] : 0x00 (0) [18] : 0x73 (115) [19] : 0x00 (0) [20] : 0x65 (101) [21] : 0x00 (0) [22] : 0x72 (114) [23] : 0x00 (0) [24] : 0x76 (118) [25] : 0x00 (0) [26] : 0x69 (105) [27] : 0x00 (0) [28] : 0x63 (99) [29] : 0x00 (0) [30] : 0x65 (101) [31] : 0x00 (0) [32] : 0x20 (32) [33] : 0x00 (0) [34] : 0x70 (112) [35] : 0x00 (0) [36] : 0x72 (114) [37] : 0x00 (0) [38] : 0x6f (111) [39] : 0x00 (0) [40] : 0x76 (118) [41] : 0x00 (0) [42] : 0x69 (105) [43] : 0x00 (0) [44] : 0x64 (100) [45] : 0x00 (0) [46] : 0x69 (105) [47] : 0x00 (0) [48] : 0x6e (110) [49] : 0x00 (0) [50] : 0x67 (103) [51] : 0x00 (0) [52] : 0x20 (32) [53] : 0x00 (0) [54] : 0x61 (97) [55] : 0x00 (0) [56] : 0x20 (32) [57] : 0x00 (0) [58] : 0x4e (78) [59] : 0x00 (0) [60] : 0x65 (101) [61] : 0x00 (0) [62] : 0x74 (116) [63] : 0x00 (0) [64] : 0x42 (66) [65] : 0x00 (0) [66] : 0x49 (73) [67] : 0x00 (0) [68] : 0x4f (79) [69] : 0x00 (0) [70] : 0x53 (83) [71] : 0x00 (0) [72] : 0x20 (32) [73] : 0x00 (0) [74] : 0x70 (112) [75] : 0x00 (0) [76] : 0x6f (111) [77] : 0x00 (0) [78] : 0x69 (105) [79] : 0x00 (0) [80] : 0x6e (110) [81] : 0x00 (0) [82] : 0x74 (116) [83] : 0x00 (0) [84] : 0x2d (45) [85] : 0x00 (0) [86] : 0x74 (116) [87] : 0x00 (0) [88] : 0x6f (111) [89] : 0x00 (0) [90] : 0x2d (45) [91] : 0x00 (0) [92] : 0x70 (112) [93] : 0x00 (0) [94] : 0x6f (111) [95] : 0x00 (0) [96] : 0x69 (105) [97] : 0x00 (0) [98] : 0x6e (110) [99] : 0x00 (0) [100] : 0x74 (116) [101] : 0x00 (0) [102] : 0x20 (32) [103] : 0x00 (0) [104] : 0x6e (110) [105] : 0x00 (0) [106] : 0x61 (97) [107] : 0x00 (0) [108] : 0x6d (109) [109] : 0x00 (0) [110] : 0x65 (101) [111] : 0x00 (0) [112] : 0x20 (32) [113] : 0x00 (0) [114] : 0x73 (115) [115] : 0x00 (0) [116] : 0x65 (101) [117] : 0x00 (0) [118] : 0x72 (114) [119] : 0x00 (0) [120] : 0x76 (118) [121] : 0x00 (0) [122] : 0x65 (101) [123] : 0x00 (0) [124] : 0x72 (114) [125] : 0x00 (0) [126] : 0x28 (40) [127] : 0x00 (0) [128] : 0x6e (110) [129] : 0x00 (0) [130] : 0x6f (111) [131] : 0x00 (0) [132] : 0x74 (116) [133] : 0x00 (0) [134] : 0x20 (32) [135] : 0x00 (0) [136] : 0x72 (114) [137] : 0x00 (0) [138] : 0x65 (101) [139] : 0x00 (0) [140] : 0x6d (109) [141] : 0x00 (0) [142] : 0x6f (111) [143] : 0x00 (0) [144] : 0x74 (116) [145] : 0x00 (0) [146] : 0x65 (101) [147] : 0x00 (0) [148] : 0x6c (108) [149] : 0x00 (0) [150] : 0x79 (121) [151] : 0x00 (0) [152] : 0x20 (32) [153] : 0x00 (0) [154] : 0x6d (109) [155] : 0x00 (0) [156] : 0x61 (97) [157] : 0x00 (0) [158] : 0x6e (110) [159] : 0x00 (0) [160] : 0x61 (97) [161] : 0x00 (0) [162] : 0x67 (103) [163] : 0x00 (0) [164] : 0x65 (101) [165] : 0x00 (0) [166] : 0x61 (97) [167] : 0x00 (0) [168] : 0x62 (98) [169] : 0x00 (0) [170] : 0x6c (108) [171] : 0x00 (0) [172] : 0x65 (101) [173] : 0x00 (0) [174] : 0x29 (41) [175] : 0x00 (0) [176] : 0x00 (0) [177] : 0x00 (0) size : 0x000000b2 (178) [2015/08/14 19:16:42.847090, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.847137, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:Description] [2015/08/14 19:16:42.847159, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.847181, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.847231, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-cd55-02b906300000 [2015/08/14 19:16:42.847304, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.847350, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.847395, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:386(close_policy_hnd) Closed policy [2015/08/14 19:16:42.847417, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (4->3) [2015/08/14 19:16:42.847438, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK [2015/08/14 19:16:42.847534, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0060 (96) name_size : 0x0060 (96) name : * name : 'SYSTEM\CurrentControlSet\Services\WINS\Security' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) [2015/08/14 19:16:42.847846, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.847893, 10, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:785(_winreg_CreateKey) _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\WINS\Security' [2015/08/14 19:16:42.847915, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.847937, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.847958, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [SYSTEM] [2015/08/14 19:16:42.847980, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (3->4) [2015/08/14 19:16:42.848002, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] [2015/08/14 19:16:42.848022, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM] [2015/08/14 19:16:42.848042, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.848063, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM] [2015/08/14 19:16:42.848097, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.848120, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [CurrentControlSet] [2015/08/14 19:16:42.848141, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.848163, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.848183, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.848204, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.848224, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.848255, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.848278, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.848299, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Services] [2015/08/14 19:16:42.848320, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.848342, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.848362, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.848383, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.848403, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.848444, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.848470, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 [2015/08/14 19:16:42.848491, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [WINS] [2015/08/14 19:16:42.848512, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.848533, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] [2015/08/14 19:16:42.848553, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] [2015/08/14 19:16:42.848591, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.848615, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] [2015/08/14 19:16:42.848646, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.848669, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Security] [2015/08/14 19:16:42.848690, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.848712, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security] [2015/08/14 19:16:42.848732, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security] [2015/08/14 19:16:42.848753, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.848773, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security] [2015/08/14 19:16:42.848799, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.848821, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:302(create_rpc_handle_internal) Opened policy hnd[3] [0000] 00 00 00 00 0A 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.848867, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000a-0000-0000-cd55-02b906300000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK [2015/08/14 19:16:42.848983, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000a-0000-0000-cd55-02b906300000 name: struct winreg_String name_len : 0x0012 (18) name_size : 0x0012 (18) name : * name : 'Security' type : REG_BINARY (3) data : * data: ARRAY(120) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x04 (4) [3] : 0x80 (128) [4] : 0x00 (0) [5] : 0x00 (0) [6] : 0x00 (0) [7] : 0x00 (0) [8] : 0x00 (0) [9] : 0x00 (0) [10] : 0x00 (0) [11] : 0x00 (0) [12] : 0x00 (0) [13] : 0x00 (0) [14] : 0x00 (0) [15] : 0x00 (0) [16] : 0x14 (20) [17] : 0x00 (0) [18] : 0x00 (0) [19] : 0x00 (0) [20] : 0x02 (2) [21] : 0x00 (0) [22] : 0x64 (100) [23] : 0x00 (0) [24] : 0x04 (4) [25] : 0x00 (0) [26] : 0x00 (0) [27] : 0x00 (0) [28] : 0x00 (0) [29] : 0x00 (0) [30] : 0x14 (20) [31] : 0x00 (0) [32] : 0x8d (141) [33] : 0x01 (1) [34] : 0x02 (2) [35] : 0x00 (0) [36] : 0x01 (1) [37] : 0x01 (1) [38] : 0x00 (0) [39] : 0x00 (0) [40] : 0x00 (0) [41] : 0x00 (0) [42] : 0x00 (0) [43] : 0x01 (1) [44] : 0x00 (0) [45] : 0x00 (0) [46] : 0x00 (0) [47] : 0x00 (0) [48] : 0x00 (0) [49] : 0x00 (0) [50] : 0x18 (24) [51] : 0x00 (0) [52] : 0xfd (253) [53] : 0x01 (1) [54] : 0x02 (2) [55] : 0x00 (0) [56] : 0x01 (1) [57] : 0x02 (2) [58] : 0x00 (0) [59] : 0x00 (0) [60] : 0x00 (0) [61] : 0x00 (0) [62] : 0x00 (0) [63] : 0x05 (5) [64] : 0x20 (32) [65] : 0x00 (0) [66] : 0x00 (0) [67] : 0x00 (0) [68] : 0x23 (35) [69] : 0x02 (2) [70] : 0x00 (0) [71] : 0x00 (0) [72] : 0x00 (0) [73] : 0x00 (0) [74] : 0x18 (24) [75] : 0x00 (0) [76] : 0xff (255) [77] : 0x01 (1) [78] : 0x0f (15) [79] : 0x00 (0) [80] : 0x01 (1) [81] : 0x02 (2) [82] : 0x00 (0) [83] : 0x00 (0) [84] : 0x00 (0) [85] : 0x00 (0) [86] : 0x00 (0) [87] : 0x05 (5) [88] : 0x20 (32) [89] : 0x00 (0) [90] : 0x00 (0) [91] : 0x00 (0) [92] : 0x25 (37) [93] : 0x02 (2) [94] : 0x00 (0) [95] : 0x00 (0) [96] : 0x00 (0) [97] : 0x00 (0) [98] : 0x18 (24) [99] : 0x00 (0) [100] : 0xff (255) [101] : 0x01 (1) [102] : 0x0f (15) [103] : 0x00 (0) [104] : 0x01 (1) [105] : 0x02 (2) [106] : 0x00 (0) [107] : 0x00 (0) [108] : 0x00 (0) [109] : 0x00 (0) [110] : 0x00 (0) [111] : 0x05 (5) [112] : 0x20 (32) [113] : 0x00 (0) [114] : 0x00 (0) [115] : 0x00 (0) [116] : 0x20 (32) [117] : 0x02 (2) [118] : 0x00 (0) [119] : 0x00 (0) size : 0x00000078 (120) [2015/08/14 19:16:42.850288, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 0A 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.850335, 8, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security:Security] [2015/08/14 19:16:42.850357, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:65(tdb_wrap_log) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 [2015/08/14 19:16:42.850379, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_dispatcher.c:151(fetch_reg_values) fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security' (ops 0x7f7a4516a440) [2015/08/14 19:16:42.850401, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1891(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security] [2015/08/14 19:16:42.850428, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[0]: name[Security] len[120] [2015/08/14 19:16:42.850456, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2015/08/14 19:16:42.850506, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000a-0000-0000-cd55-02b906300000 [2015/08/14 19:16:42.850577, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 0A 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.850623, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 0A 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.850668, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:386(close_policy_hnd) Closed policy [2015/08/14 19:16:42.850689, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (4->3) [2015/08/14 19:16:42.850709, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK [2015/08/14 19:16:42.850794, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-cd55-02b906300000 [2015/08/14 19:16:42.850864, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.850910, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.850955, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:386(close_policy_hnd) Closed policy [2015/08/14 19:16:42.850976, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (3->2) [2015/08/14 19:16:42.850997, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK [2015/08/14 19:16:42.851092, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (2->1) [2015/08/14 19:16:42.851123, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (1->0) [2015/08/14 19:16:42.851162, 10, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:416(close_policy_by_pipe) Deleted handle list for RPC connection \winreg [2015/08/14 19:16:42.851208, 3, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/rpc_server/eventlog/srv_eventlog_reg.c:59(eventlog_init_winreg) Initialise the eventlog registry keys if needed. [2015/08/14 19:16:42.851239, 4, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_ncacn_np.c:60(make_internal_rpc_pipe_p) Create pipe requested \winreg [2015/08/14 19:16:42.851263, 10, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:221(init_pipe_handles) init_pipe_handle_list: created handle list for pipe \winreg [2015/08/14 19:16:42.851285, 10, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:238(init_pipe_handles) init_pipe_handle_list: pipe_handles ref count = 1 for pipe \winreg [2015/08/14 19:16:42.851331, 4, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_ncacn_np.c:100(make_internal_rpc_pipe_p) Created internal pipe \winreg [2015/08/14 19:16:42.851361, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_OpenHKLM: struct winreg_OpenHKLM in: struct winreg_OpenHKLM system_name : NULL access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY [2015/08/14 19:16:42.851485, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [HKLM] [2015/08/14 19:16:42.851508, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:216(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.851531, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:485(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2015/08/14 19:16:42.851552, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2015/08/14 19:16:42.851573, 5, pid=12294, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2015/08/14 19:16:42.851594, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:629(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2015/08/14 19:16:42.851677, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:424(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2015/08/14 19:16:42.851703, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:866(regdb_open) regdb_open: registry db opened. refcount reset (1) [2015/08/14 19:16:42.851726, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM] [2015/08/14 19:16:42.851747, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM] [2015/08/14 19:16:42.851772, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.851793, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM] [2015/08/14 19:16:42.851830, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:302(create_rpc_handle_internal) Opened policy hnd[1] [0000] 00 00 00 00 0B 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.851879, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_OpenHKLM: struct winreg_OpenHKLM out: struct winreg_OpenHKLM handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000b-0000-0000-cd55-02b906300000 result : WERR_OK [2015/08/14 19:16:42.851973, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_OpenKey: struct winreg_OpenKey in: struct winreg_OpenKey parent_handle : * parent_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000b-0000-0000-cd55-02b906300000 keyname: struct winreg_String name_len : 0x0056 (86) name_size : 0x0056 (86) name : * name : 'SYSTEM\CurrentControlSet\Services\Eventlog' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY [2015/08/14 19:16:42.852215, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 0B 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.852264, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [SYSTEM] [2015/08/14 19:16:42.852285, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (1->2) [2015/08/14 19:16:42.852307, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] [2015/08/14 19:16:42.852327, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM] [2015/08/14 19:16:42.852348, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.852368, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM] [2015/08/14 19:16:42.852404, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [CurrentControlSet] [2015/08/14 19:16:42.852429, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (2->3) [2015/08/14 19:16:42.852450, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.852471, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.852491, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.852511, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet] [2015/08/14 19:16:42.852544, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Services] [2015/08/14 19:16:42.852568, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (3->4) [2015/08/14 19:16:42.852598, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.852619, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.852640, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.852660, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet\Services] [2015/08/14 19:16:42.852702, 7, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Eventlog] [2015/08/14 19:16:42.852725, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:846(regdb_open) regdb_open: incrementing refcount (4->5) [2015/08/14 19:16:42.852747, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] [2015/08/14 19:16:42.852767, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] [2015/08/14 19:16:42.852789, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2015/08/14 19:16:42.852808, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x7f7a4516a440 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] [2015/08/14 19:16:42.852838, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (5->4) [2015/08/14 19:16:42.852861, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (4->3) [2015/08/14 19:16:42.852882, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (3->2) [2015/08/14 19:16:42.852908, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:302(create_rpc_handle_internal) Opened policy hnd[2] [0000] 00 00 00 00 0C 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.852955, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_OpenKey: struct winreg_OpenKey out: struct winreg_OpenKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000c-0000-0000-cd55-02b906300000 result : WERR_OK [2015/08/14 19:16:42.853047, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_QueryInfoKey: struct winreg_QueryInfoKey in: struct winreg_QueryInfoKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000c-0000-0000-cd55-02b906300000 classname : * classname: struct winreg_String name_len : 0x0000 (0) name_size : 0x0000 (0) name : NULL [2015/08/14 19:16:42.853165, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 0C 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.853213, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_dispatcher.c:151(fetch_reg_values) fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\Eventlog' (ops 0x7f7a4516a440) [2015/08/14 19:16:42.853235, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1891(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] [2015/08/14 19:16:42.853265, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[0]: name[DisplayName] len[20] [2015/08/14 19:16:42.853289, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1836(regdb_unpack_values) regdb_unpack_values: value[1]: name[ErrorControl] len[4] [2015/08/14 19:16:42.853311, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:2074(regdb_get_secdesc) regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] [2015/08/14 19:16:42.853342, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_QueryInfoKey: struct winreg_QueryInfoKey out: struct winreg_QueryInfoKey classname : * classname: struct winreg_String name_len : 0x0000 (0) name_size : 0x0000 (0) name : NULL num_subkeys : * num_subkeys : 0x00000000 (0) max_subkeylen : * max_subkeylen : 0x00000000 (0) max_classlen : * max_classlen : 0x00000000 (0) num_values : * num_values : 0x00000002 (2) max_valnamelen : * max_valnamelen : 0x0000001a (26) max_valbufsize : * max_valbufsize : 0x00000014 (20) secdescsize : * secdescsize : 0x00000078 (120) last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK [2015/08/14 19:16:42.853589, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000c-0000-0000-cd55-02b906300000 [2015/08/14 19:16:42.853663, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 0C 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.853709, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:337(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 0C 00 00 00 00 00 00 00 CD 55 02 B9 ........ .....U.. [0010] 06 30 00 00 .0.. [2015/08/14 19:16:42.853755, 6, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:386(close_policy_hnd) Closed policy [2015/08/14 19:16:42.853775, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (2->1) [2015/08/14 19:16:42.853797, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:333(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK [2015/08/14 19:16:42.853882, 10, pid=12294, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:883(regdb_close) regdb_close: decrementing refcount (1->0) [2015/08/14 19:16:42.853916, 10, pid=12294, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:416(close_policy_by_pipe) Deleted handle list for RPC connection \winreg [2015/08/14 19:16:42.853951, 0, pid=12294, effective(0, 0), real(0, 0)] ../lib/util/become_daemon.c:136(daemon_ready) STATUS=daemon 'smbd' finished starting up and ready to serve connectionsRegistering messaging pointer for type 515 - private_data=(nil) [2015/08/14 19:16:42.855101, 3, pid=12294, effective(0, 0), real(0, 0)] ../source3/printing/queue_process.c:335(start_background_queue) start_background_queue: Starting background LPQ thread [2015/08/14 19:16:42.855766, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/util_sock.c:499(open_socket_in) bind succeeded on port 445 [2015/08/14 19:16:42.855814, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) [2015/08/14 19:16:42.855760, 5, pid=12314, effective(0, 0), real(0, 0)] ../source3/printing/queue_process.c:371(start_background_queue) Socket options: SO_KEEPALIVE = 1 start_background_queue: background LPQ thread started SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 0 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 16384 SO_RCVBUF = 87380 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:42.856001, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 16384 SO_RCVBUF = 87380 [2015/08/14 19:16:42.856112, 10, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/events.c:483(event_add_idle) SO_SNDLOWAT = 1 event_add_idle: idle_evt(print_queue_housekeeping) 0x7f7a46232000 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:42.856203, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/util_sock.c:499(open_socket_in) bind succeeded on port 139 [2015/08/14 19:16:42.856215, 5, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:187(dbwrap_check_lock_order) [2015/08/14 19:16:42.856231, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) check lock order 2 for /var/run/samba/serverid.tdb Socket options: SO_KEEPALIVE = 1 [2015/08/14 19:16:42.856249, 10, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) SO_REUSEADDR = 1 lock order: 1: 2:/var/run/samba/serverid.tdb 3: SO_BROADCAST = 0 TCP_NODELAY = 0 [2015/08/14 19:16:42.856280, 10, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) TCP_KEEPCNT = 9 Locking key 1A30000000000000FFFF TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 [2015/08/14 19:16:42.856310, 10, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) IPTOS_THROUGHPUT = 0 Allocated locked data 0x0x7f7a46235760 SO_REUSEPORT = 1 SO_SNDBUF = 16384 SO_RCVBUF = 87380 [2015/08/14 19:16:42.856345, 10, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) SO_SNDLOWAT = 1 Unlocking key 1A30000000000000FFFF SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 [2015/08/14 19:16:42.856369, 5, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) SO_RCVTIMEO = 0 release lock order 2 for /var/run/samba/serverid.tdb TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:42.856391, 10, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2015/08/14 19:16:42.856404, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: [2015/08/14 19:16:42.856419, 5, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:293(messaging_register) SO_KEEPALIVE = 1 Registering messaging pointer for type 33 - private_data=0x7f7a46222e10 SO_REUSEADDR = 1 SO_BROADCAST = 0 [2015/08/14 19:16:42.856442, 5, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:293(messaging_register) TCP_NODELAY = 1 Registering messaging pointer for type 517 - private_data=(nil) TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 [2015/08/14 19:16:42.856466, 5, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:340(messaging_deregister) TCP_KEEPINTVL = 75 Deregistering messaging pointer for type 515 - private_data=(nil) IPTOS_LOWDELAY = 0 [2015/08/14 19:16:42.856488, 5, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:293(messaging_register) IPTOS_THROUGHPUT = 0 Registering messaging pointer for type 515 - private_data=(nil) SO_REUSEPORT = 1 SO_SNDBUF = 16384 SO_RCVBUF = 87380 SO_SNDLOWAT = 1 [2015/08/14 19:16:42.856519, 3, pid=12314, effective(0, 0), real(0, 0)] ../source3/printing/pcap.c:140(pcap_cache_reload) SO_RCVLOWAT = 1 reloading printcap cache SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 [2015/08/14 19:16:42.856547, 5, pid=12314, effective(0, 0), real(0, 0)] ../source3/printing/print_cups.c:449(cups_pcap_load_async) TCP_QUICKACK = 1 cups_pcap_load_async: asynchronously loading cups printers TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:42.856607, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/util_sock.c:499(open_socket_in) bind succeeded on port 445 [2015/08/14 19:16:42.856642, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 0 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 16384 SO_RCVBUF = 87380 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:42.856812, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 16384 SO_RCVBUF = 87380 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:42.856991, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/util_sock.c:499(open_socket_in) bind succeeded on port 139 [2015/08/14 19:16:42.857016, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 0 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 16384 SO_RCVBUF = 87380 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:42.857184, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 16384 SO_RCVBUF = 87380 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 [2015/08/14 19:16:42.857315, 10, pid=12314, effective(0, 0), real(0, 0)] ../source3/printing/print_cups.c:466(cups_pcap_load_async) TCP_DEFER_ACCEPT = 0 cups_pcap_load_async: child pid = 12315 [2015/08/14 19:16:42.857363, 10, pid=12314, effective(0, 0), real(0, 0)] ../source3/printing/print_cups.c:586(cups_cache_reload) cups_cache_reload: async read on fd 9 [2015/08/14 19:16:42.857384, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:187(dbwrap_check_lock_order) [2015/08/14 19:16:42.857387, 3, pid=12314, effective(0, 0), real(0, 0)] ../source3/printing/pcap.c:185(pcap_cache_reload) check lock order 2 for /var/run/samba/serverid.tdb reload status: ok [2015/08/14 19:16:42.857412, 5, pid=12314, effective(0, 0), real(0, 0)] ../source3/printing/queue_process.c:426(start_background_queue) [2015/08/14 19:16:42.857412, 10, pid=12294, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) start_background_queue: background LPQ thread waiting for messages lock order: 1: 2:/var/run/samba/serverid.tdb 3: [2015/08/14 19:16:42.857441, 10, pid=12294, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 0630000000000000FFFF [2015/08/14 19:16:42.857471, 10, pid=12294, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x7f7a462355e0 [2015/08/14 19:16:42.857505, 10, pid=12294, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 0630000000000000FFFF [2015/08/14 19:16:42.857529, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 2 for /var/run/samba/serverid.tdb [2015/08/14 19:16:42.857551, 10, pid=12294, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2015/08/14 19:16:42.857581, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:293(messaging_register) Registering messaging pointer for type 13 - private_data=(nil) [2015/08/14 19:16:42.857604, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:293(messaging_register) Registering messaging pointer for type 33 - private_data=0x7f7a46222e10 [2015/08/14 19:16:42.857625, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:293(messaging_register) Registering messaging pointer for type 783 - private_data=(nil) [2015/08/14 19:16:42.857645, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:293(messaging_register) Registering messaging pointer for type 1 - private_data=(nil) [2015/08/14 19:16:42.857665, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:308(messaging_register) Overriding messaging pointer for type 1 - private_data=(nil) [2015/08/14 19:16:42.857686, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:293(messaging_register) Registering messaging pointer for type 785 - private_data=(nil) [2015/08/14 19:16:42.857675, 5, pid=12315, effective(0, 0), real(0, 0)] ../source3/printing/print_cups.c:318(cups_cache_reload_async) [2015/08/14 19:16:42.857707, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:293(messaging_register) reloading cups printcap cache Registering messaging pointer for type 770 - private_data=(nil) [2015/08/14 19:16:42.857728, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:293(messaging_register) Registering messaging pointer for type 15 - private_data=(nil) [2015/08/14 19:16:42.857748, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:293(messaging_register) Registering messaging pointer for type 16 - private_data=(nil) [2015/08/14 19:16:42.857785, 1, pid=12294, effective(0, 0), real(0, 0)] ../source3/printing/printer_list.c:226(printer_list_get_last_refresh) Failed to fetch record! [2015/08/14 19:16:42.857821, 2, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/server.c:929(smbd_parent_loop) waiting for connections [2015/08/14 19:16:42.858033, 10, pid=12315, effective(0, 0), real(0, 0)] ../source3/printing/print_cups.c:130(cups_connect) connecting to cups server /var/run/cups/cups.sock:631 [2015/08/14 19:16:42.859865, 10, pid=12315, effective(0, 0), real(0, 0)] ../source3/printing/print_cups.c:171(send_pcap_blob) [2015/08/14 19:16:42.859881, 5, pid=12314, effective(0, 0), real(0, 0)] ../source3/printing/print_cups.c:512(cups_async_callback) successfully sent blob of len 98 cups_async_callback: callback received for printer data. fd = 9 [2015/08/14 19:16:42.859942, 10, pid=12314, effective(0, 0), real(0, 0)] ../source3/printing/print_cups.c:196(recv_pcap_blob) successfully recvd blob of len 98 [2015/08/14 19:16:42.860059, 5, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:187(dbwrap_check_lock_order) check lock order 1 for /var/run/samba/printer_list.tdb [2015/08/14 19:16:42.860092, 10, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1:/var/run/samba/printer_list.tdb 2: 3: [2015/08/14 19:16:42.860118, 10, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 5052494E5445524C4953 [2015/08/14 19:16:42.860149, 10, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x7f7a46238000 [2015/08/14 19:16:42.860212, 10, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 5052494E5445524C4953 [2015/08/14 19:16:42.860238, 5, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 1 for /var/run/samba/printer_list.tdb [2015/08/14 19:16:42.860259, 10, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2015/08/14 19:16:42.860304, 5, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:187(dbwrap_check_lock_order) check lock order 1 for /var/run/samba/printer_list.tdb [2015/08/14 19:16:42.860329, 10, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1:/var/run/samba/printer_list.tdb 2: 3: [2015/08/14 19:16:42.860353, 10, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 5052494E5445524C4953 [2015/08/14 19:16:42.860376, 10, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x7f7a46237dc0 [2015/08/14 19:16:42.860402, 10, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 5052494E5445524C4953 [2015/08/14 19:16:42.860425, 5, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 1 for /var/run/samba/printer_list.tdb [2015/08/14 19:16:42.860445, 10, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2015/08/14 19:16:42.860865, 7, pid=12314, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:5168(lp_servicenumber) lp_servicenumber: couldn't find Photosmart_7510 [2015/08/14 19:16:42.860945, 8, pid=12314, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1620(add_a_service) add_a_service: Creating snum = 8 for Photosmart_7510 [2015/08/14 19:16:42.860970, 10, pid=12314, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1670(hash_a_service) hash_a_service: hashing index 8 for service name Photosmart_7510 [2015/08/14 19:16:42.860997, 3, pid=12314, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1811(lp_add_printer) adding printer service Photosmart_7510 [2015/08/14 19:16:42.861033, 10, pid=12314, effective(0, 0), real(0, 0)] ../source3/smbd/server_reload.c:87(delete_and_reload_printers) reloading printer services from pcap cache [2015/08/14 19:16:42.861162, 10, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:320(messaging_tdb_store) messaging_tdb_store: [2015/08/14 19:16:42.861191, 1, pid=12314, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:296(ndr_print_debug) array: struct messaging_array num_messages : 0x00000001 (1) messages: ARRAY(1) messages: struct messaging_rec msg_version : 0x00000002 (2) msg_type : MSG_PRINTER_PCAP (519) dest: struct server_id pid : 0x000000000000f8bd (63677) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0x48c1ed982f4a3661 (5242732679120172641) src: struct server_id pid : 0x000000000000301a (12314) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xa566ff877ac3c58f (-6528249652481636977) buf : DATA_BLOB length=0 [2015/08/14 19:16:42.861402, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:378(message_notify) message to process 63677 failed - No such process [2015/08/14 19:16:42.861511, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:468(messaging_tdb_send) pid 63677 doesn't exist - deleting messages record [2015/08/14 19:16:42.861548, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:131(traverse_fn) pid 63677 doesn't exist [2015/08/14 19:16:42.861591, 10, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:320(messaging_tdb_store) messaging_tdb_store: [2015/08/14 19:16:42.861615, 1, pid=12314, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:296(ndr_print_debug) array: struct messaging_array num_messages : 0x00000001 (1) messages: ARRAY(1) messages: struct messaging_rec msg_version : 0x00000002 (2) msg_type : MSG_PRINTER_PCAP (519) dest: struct server_id pid : 0x000000000000f8be (63678) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xbbed04bca27fefcf (-4905259210909945905) src: struct server_id pid : 0x000000000000301a (12314) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xa566ff877ac3c58f (-6528249652481636977) buf : DATA_BLOB length=0 [2015/08/14 19:16:42.861801, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:378(message_notify) message to process 63678 failed - No such process [2015/08/14 19:16:42.861826, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:468(messaging_tdb_send) pid 63678 doesn't exist - deleting messages record [2015/08/14 19:16:42.861850, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:131(traverse_fn) pid 63678 doesn't exist [2015/08/14 19:16:42.861884, 10, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:320(messaging_tdb_store) messaging_tdb_store: [2015/08/14 19:16:42.861906, 1, pid=12314, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:296(ndr_print_debug) array: struct messaging_array num_messages : 0x00000001 (1) messages: ARRAY(1) messages: struct messaging_rec msg_version : 0x00000002 (2) msg_type : MSG_PRINTER_PCAP (519) dest: struct server_id pid : 0x0000000000004466 (17510) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0x9f47de844c237ba3 (-6969357238538110045) src: struct server_id pid : 0x000000000000301a (12314) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xa566ff877ac3c58f (-6528249652481636977) buf : DATA_BLOB length=0 [2015/08/14 19:16:42.862077, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:378(message_notify) message to process 17510 failed - No such process [2015/08/14 19:16:42.862100, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:468(messaging_tdb_send) pid 17510 doesn't exist - deleting messages record [2015/08/14 19:16:42.862124, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:131(traverse_fn) pid 17510 doesn't exist [2015/08/14 19:16:42.862160, 10, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:320(messaging_tdb_store) messaging_tdb_store: [2015/08/14 19:16:42.862182, 1, pid=12314, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:296(ndr_print_debug) array: struct messaging_array num_messages : 0x00000001 (1) messages: ARRAY(1) messages: struct messaging_rec msg_version : 0x00000002 (2) msg_type : MSG_PRINTER_PCAP (519) dest: struct server_id pid : 0x000000000000f8bc (63676) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0x04443888760aaa45 (307432833315154501) src: struct server_id pid : 0x000000000000301a (12314) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xa566ff877ac3c58f (-6528249652481636977) buf : DATA_BLOB length=0 [2015/08/14 19:16:42.862358, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:378(message_notify) message to process 63676 failed - No such process [2015/08/14 19:16:42.862381, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:468(messaging_tdb_send) pid 63676 doesn't exist - deleting messages record [2015/08/14 19:16:42.862405, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:131(traverse_fn) pid 63676 doesn't exist [2015/08/14 19:16:42.862438, 10, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:320(messaging_tdb_store) messaging_tdb_store: [2015/08/14 19:16:42.862460, 1, pid=12314, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:296(ndr_print_debug) array: struct messaging_array num_messages : 0x00000001 (1) messages: ARRAY(1) messages: struct messaging_rec msg_version : 0x00000002 (2) msg_type : MSG_PRINTER_PCAP (519) dest: struct server_id pid : 0x0000000000004468 (17512) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xfc5705df8c3964bd (-263735595489467203) src: struct server_id pid : 0x000000000000301a (12314) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xa566ff877ac3c58f (-6528249652481636977) buf : DATA_BLOB length=0 [2015/08/14 19:16:42.862631, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:378(message_notify) message to process 17512 failed - No such process [2015/08/14 19:16:42.862655, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:468(messaging_tdb_send) pid 17512 doesn't exist - deleting messages record [2015/08/14 19:16:42.862688, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:131(traverse_fn) pid 17512 doesn't exist [2015/08/14 19:16:42.862722, 10, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:320(messaging_tdb_store) messaging_tdb_store: [2015/08/14 19:16:42.862743, 1, pid=12314, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:296(ndr_print_debug) array: struct messaging_array num_messages : 0x00000001 (1) messages: ARRAY(1) messages: struct messaging_rec msg_version : 0x00000002 (2) msg_type : MSG_PRINTER_PCAP (519) dest: struct server_id pid : 0x0000000000002b3d (11069) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0x5afd0bef00362ca9 (6556409753649949865) src: struct server_id pid : 0x000000000000301a (12314) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xa566ff877ac3c58f (-6528249652481636977) buf : DATA_BLOB length=0 [2015/08/14 19:16:42.862920, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:378(message_notify) message to process 11069 failed - No such process [2015/08/14 19:16:42.862943, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:468(messaging_tdb_send) pid 11069 doesn't exist - deleting messages record [2015/08/14 19:16:42.862967, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:131(traverse_fn) pid 11069 doesn't exist [2015/08/14 19:16:42.863003, 10, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:320(messaging_tdb_store) messaging_tdb_store: [2015/08/14 19:16:42.863025, 1, pid=12314, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:296(ndr_print_debug) array: struct messaging_array num_messages : 0x00000001 (1) messages: ARRAY(1) messages: struct messaging_rec msg_version : 0x00000002 (2) msg_type : MSG_PRINTER_PCAP (519) dest: struct server_id pid : 0x0000000000003006 (12294) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xa566ff877ac3c58f (-6528249652481636977) src: struct server_id pid : 0x000000000000301a (12314) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xa566ff877ac3c58f (-6528249652481636977) buf : DATA_BLOB length=0 [2015/08/14 19:16:42.863211, 10, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:320(messaging_tdb_store) messaging_tdb_store: [2015/08/14 19:16:42.863235, 1, pid=12314, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:296(ndr_print_debug) array: struct messaging_array num_messages : 0x00000001 (1) messages: ARRAY(1) messages: struct messaging_rec [2015/08/14 19:16:42.863254, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:76(messaging_tdb_signal_handler) msg_version : 0x00000002 (2) msg_type : MSG_PRINTER_PCAP (519) messaging_tdb_signal_handler: sig[10] count[1] msgs[1] dest: struct server_id pid : 0x000000000000f843 (63555) [2015/08/14 19:16:42.863309, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:534(message_dispatch) task_id : 0x00000000 (0) message_dispatch: received_messages = 1 vnn : 0xffffffff (4294967295) unique_id : 0x8584d56a91881b10 (-8825694716054463728) src: struct server_id pid : 0x000000000000301a (12314) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) [2015/08/14 19:16:42.863377, 10, pid=12294, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:280(messaging_tdb_fetch) unique_id : 0xa566ff877ac3c58f (-6528249652481636977) messaging_tdb_fetch: buf : DATA_BLOB length=0 [2015/08/14 19:16:42.863405, 1, pid=12294, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:296(ndr_print_debug) [2015/08/14 19:16:42.863406, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:378(message_notify) message to process 63555 failed - No such process result: struct messaging_array [2015/08/14 19:16:42.863435, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:468(messaging_tdb_send) num_messages : 0x00000001 (1) pid 63555 doesn't exist - deleting messages record messages: ARRAY(1) messages: struct messaging_rec [2015/08/14 19:16:42.863460, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:131(traverse_fn) msg_version : 0x00000002 (2) pid 63555 doesn't exist msg_type : MSG_PRINTER_PCAP (519) dest: struct server_id [2015/08/14 19:16:42.863493, 10, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:320(messaging_tdb_store) pid : 0x0000000000003006 (12294) messaging_tdb_store: task_id : 0x00000000 (0) [2015/08/14 19:16:42.863515, 1, pid=12314, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:296(ndr_print_debug) vnn : 0xffffffff (4294967295) array: struct messaging_array unique_id : 0xa566ff877ac3c58f (-6528249652481636977) num_messages : 0x00000001 (1) src: struct server_id messages: ARRAY(1) pid : 0x000000000000301a (12314) messages: struct messaging_rec task_id : 0x00000000 (0) msg_version : 0x00000002 (2) vnn : 0xffffffff (4294967295) msg_type : MSG_PRINTER_PCAP (519) unique_id : 0xa566ff877ac3c58f (-6528249652481636977) dest: struct server_id pid : 0x0000000000004469 (17513) buf : DATA_BLOB length=0 task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0x95b884725fac0dc1 (-7658225539577279039) src: struct server_id pid : 0x000000000000301a (12314) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xa566ff877ac3c58f (-6528249652481636977) buf : DATA_BLOB length=0 [2015/08/14 19:16:42.863690, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:378(message_notify) message to process 17513 failed - No such process [2015/08/14 19:16:42.863713, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:468(messaging_tdb_send) pid 17513 doesn't exist - deleting messages record [2015/08/14 19:16:42.863737, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:131(traverse_fn) pid 17513 doesn't exist [2015/08/14 19:16:42.863769, 10, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:320(messaging_tdb_store) messaging_tdb_store: [2015/08/14 19:16:42.863791, 1, pid=12314, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:296(ndr_print_debug) array: struct messaging_array num_messages : 0x00000001 (1) messages: ARRAY(1) messages: struct messaging_rec msg_version : 0x00000002 (2) msg_type : MSG_PRINTER_PCAP (519) dest: struct server_id pid : 0x000000000000301a (12314) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xa566ff877ac3c58f (-6528249652481636977) src: struct server_id pid : 0x000000000000301a (12314) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xa566ff877ac3c58f (-6528249652481636977) buf : DATA_BLOB length=0 [2015/08/14 19:16:42.863983, 10, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:320(messaging_tdb_store) messaging_tdb_store: [2015/08/14 19:16:42.864006, 1, pid=12314, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:296(ndr_print_debug) array: struct messaging_array num_messages : 0x00000001 (1) messages: ARRAY(1) messages: struct messaging_rec msg_version : 0x00000002 (2) msg_type : MSG_PRINTER_PCAP (519) dest: struct server_id pid : 0x0000000000004467 (17511) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0x5d595dd9eee61e77 (6726510709051891319) src: struct server_id pid : 0x000000000000301a (12314) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xa566ff877ac3c58f (-6528249652481636977) buf : DATA_BLOB length=0 [2015/08/14 19:16:42.864175, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:378(message_notify) message to process 17511 failed - No such process [2015/08/14 19:16:42.864198, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:468(messaging_tdb_send) pid 17511 doesn't exist - deleting messages record [2015/08/14 19:16:42.864222, 2, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:131(traverse_fn) pid 17511 doesn't exist [2015/08/14 19:16:42.864256, 10, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:76(messaging_tdb_signal_handler) messaging_tdb_signal_handler: sig[10] count[1] msgs[1] [2015/08/14 19:16:42.864279, 10, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:534(message_dispatch) message_dispatch: received_messages = 1 [2015/08/14 19:16:42.864325, 10, pid=12314, effective(0, 0), real(0, 0)] ../source3/lib/messages_local.c:280(messaging_tdb_fetch) messaging_tdb_fetch: [2015/08/14 19:16:42.864348, 1, pid=12314, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:296(ndr_print_debug) result: struct messaging_array num_messages : 0x00000001 (1) messages: ARRAY(1) messages: struct messaging_rec msg_version : 0x00000002 (2) msg_type : MSG_PRINTER_PCAP (519) dest: struct server_id pid : 0x000000000000301a (12314) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xa566ff877ac3c58f (-6528249652481636977) src: struct server_id pid : 0x000000000000301a (12314) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xa566ff877ac3c58f (-6528249652481636977) buf : DATA_BLOB length=0 [2015/08/14 19:16:42.864532, 6, pid=12314, effective(0, 0), real(0, 0)] ../source3/printing/queue_process.c:275(bq_sig_chld_handler) Bq child process 12315 terminated with 0 [2015/08/14 19:16:44.634875, 5, pid=12333, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:187(dbwrap_check_lock_order) check lock order 2 for /var/run/samba/serverid.tdb [2015/08/14 19:16:44.634975, 10, pid=12333, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2:/var/run/samba/serverid.tdb 3: [2015/08/14 19:16:44.635006, 10, pid=12333, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 2D30000000000000FFFF [2015/08/14 19:16:44.635039, 10, pid=12333, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x7f7a46236350 [2015/08/14 19:16:44.635070, 10, pid=12333, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 2D30000000000000FFFF [2015/08/14 19:16:44.635093, 5, pid=12333, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 2 for /var/run/samba/serverid.tdb [2015/08/14 19:16:44.635114, 10, pid=12333, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2015/08/14 19:16:44.635155, 5, pid=12333, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 87040 SO_RCVBUF = 374400 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:44.635337, 5, pid=12333, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 87040 SO_RCVBUF = 374400 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:44.635625, 5, pid=12334, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:187(dbwrap_check_lock_order) check lock order 2 for /var/run/samba/serverid.tdb [2015/08/14 19:16:44.635695, 10, pid=12334, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2:/var/run/samba/serverid.tdb 3: [2015/08/14 19:16:44.635726, 10, pid=12334, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 2E30000000000000FFFF [2015/08/14 19:16:44.635756, 10, pid=12334, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x7f7a46236350 [2015/08/14 19:16:44.635786, 10, pid=12334, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 2E30000000000000FFFF [2015/08/14 19:16:44.635809, 5, pid=12334, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 2 for /var/run/samba/serverid.tdb [2015/08/14 19:16:44.635830, 10, pid=12334, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2015/08/14 19:16:44.635866, 5, pid=12334, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 87040 SO_RCVBUF = 374400 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:44.636044, 5, pid=12334, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 87040 SO_RCVBUF = 374400 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:44.642135, 5, pid=12335, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:187(dbwrap_check_lock_order) check lock order 2 for /var/run/samba/serverid.tdb [2015/08/14 19:16:44.642226, 10, pid=12335, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2:/var/run/samba/serverid.tdb 3: [2015/08/14 19:16:44.642257, 10, pid=12335, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 2F30000000000000FFFF [2015/08/14 19:16:44.642289, 10, pid=12335, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x7f7a46236350 [2015/08/14 19:16:44.642320, 10, pid=12335, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 2F30000000000000FFFF [2015/08/14 19:16:44.642342, 5, pid=12335, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 2 for /var/run/samba/serverid.tdb [2015/08/14 19:16:44.642363, 10, pid=12335, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2015/08/14 19:16:44.642402, 5, pid=12335, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 87040 SO_RCVBUF = 374400 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:44.642580, 5, pid=12335, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 87040 SO_RCVBUF = 374400 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:44.654164, 5, pid=12336, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:187(dbwrap_check_lock_order) check lock order 2 for /var/run/samba/serverid.tdb [2015/08/14 19:16:44.654259, 10, pid=12336, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2:/var/run/samba/serverid.tdb 3: [2015/08/14 19:16:44.654290, 10, pid=12336, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 3030000000000000FFFF [2015/08/14 19:16:44.654322, 10, pid=12336, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x7f7a46236350 [2015/08/14 19:16:44.654353, 10, pid=12336, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 3030000000000000FFFF [2015/08/14 19:16:44.654376, 5, pid=12336, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 2 for /var/run/samba/serverid.tdb [2015/08/14 19:16:44.654397, 10, pid=12336, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2015/08/14 19:16:44.654438, 5, pid=12336, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 87040 SO_RCVBUF = 374400 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:44.654629, 5, pid=12336, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 87040 SO_RCVBUF = 374400 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:44.655199, 5, pid=12337, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:187(dbwrap_check_lock_order) check lock order 2 for /var/run/samba/serverid.tdb [2015/08/14 19:16:44.655268, 10, pid=12337, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2:/var/run/samba/serverid.tdb 3: [2015/08/14 19:16:44.655299, 10, pid=12337, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 3130000000000000FFFF [2015/08/14 19:16:44.655331, 10, pid=12337, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x7f7a46236350 [2015/08/14 19:16:44.655362, 10, pid=12337, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 3130000000000000FFFF [2015/08/14 19:16:44.655385, 5, pid=12337, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 2 for /var/run/samba/serverid.tdb [2015/08/14 19:16:44.655406, 10, pid=12337, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2015/08/14 19:16:44.655443, 5, pid=12337, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 87040 SO_RCVBUF = 374400 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:44.655632, 5, pid=12337, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 87040 SO_RCVBUF = 374400 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:44.658284, 5, pid=12338, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:187(dbwrap_check_lock_order) check lock order 2 for /var/run/samba/serverid.tdb [2015/08/14 19:16:44.658377, 10, pid=12338, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2:/var/run/samba/serverid.tdb 3: [2015/08/14 19:16:44.658407, 10, pid=12338, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 3230000000000000FFFF [2015/08/14 19:16:44.658438, 10, pid=12338, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x7f7a46236350 [2015/08/14 19:16:44.658469, 10, pid=12338, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 3230000000000000FFFF [2015/08/14 19:16:44.658491, 5, pid=12338, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 2 for /var/run/samba/serverid.tdb [2015/08/14 19:16:44.658512, 10, pid=12338, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2015/08/14 19:16:44.658561, 5, pid=12338, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 87040 SO_RCVBUF = 374400 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:44.658740, 5, pid=12338, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 87040 SO_RCVBUF = 374400 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:44.675181, 5, pid=12339, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:187(dbwrap_check_lock_order) check lock order 2 for /var/run/samba/serverid.tdb [2015/08/14 19:16:44.675276, 10, pid=12339, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2:/var/run/samba/serverid.tdb 3: [2015/08/14 19:16:44.675306, 10, pid=12339, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 3330000000000000FFFF [2015/08/14 19:16:44.675339, 10, pid=12339, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x7f7a46236350 [2015/08/14 19:16:44.675370, 10, pid=12339, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 3330000000000000FFFF [2015/08/14 19:16:44.675393, 5, pid=12339, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 2 for /var/run/samba/serverid.tdb [2015/08/14 19:16:44.675413, 10, pid=12339, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2015/08/14 19:16:44.675454, 5, pid=12339, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 87040 SO_RCVBUF = 374400 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:44.675634, 5, pid=12339, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 87040 SO_RCVBUF = 374400 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:44.676259, 5, pid=12340, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:187(dbwrap_check_lock_order) check lock order 2 for /var/run/samba/serverid.tdb [2015/08/14 19:16:44.676328, 10, pid=12340, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2:/var/run/samba/serverid.tdb 3: [2015/08/14 19:16:44.676359, 10, pid=12340, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 3430000000000000FFFF [2015/08/14 19:16:44.676391, 10, pid=12340, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x7f7a46236350 [2015/08/14 19:16:44.676422, 10, pid=12340, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 3430000000000000FFFF [2015/08/14 19:16:44.676446, 5, pid=12340, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 2 for /var/run/samba/serverid.tdb [2015/08/14 19:16:44.676473, 10, pid=12340, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2015/08/14 19:16:44.676511, 5, pid=12340, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 87040 SO_RCVBUF = 374400 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:44.676719, 5, pid=12340, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 87040 SO_RCVBUF = 374400 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:53.135722, 5, pid=12342, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:187(dbwrap_check_lock_order) check lock order 2 for /var/run/samba/serverid.tdb [2015/08/14 19:16:53.135817, 10, pid=12342, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2:/var/run/samba/serverid.tdb 3: [2015/08/14 19:16:53.135850, 10, pid=12342, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 3630000000000000FFFF [2015/08/14 19:16:53.135882, 10, pid=12342, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x7f7a46235700 [2015/08/14 19:16:53.135912, 10, pid=12342, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 3630000000000000FFFF [2015/08/14 19:16:53.135935, 5, pid=12342, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 2 for /var/run/samba/serverid.tdb [2015/08/14 19:16:53.135956, 10, pid=12342, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2015/08/14 19:16:53.135996, 5, pid=12342, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 87040 SO_RCVBUF = 374400 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:16:53.136175, 5, pid=12342, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:848(print_socket_options) Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 1 SO_SNDBUF = 87040 SO_RCVBUF = 374400 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 TCP_DEFER_ACCEPT = 0 [2015/08/14 19:17:01.966838, 4, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2015/08/14 19:17:01.966898, 5, pid=12294, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2015/08/14 19:17:01.966923, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:629(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2015/08/14 19:17:01.966973, 5, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2015/08/14 19:17:01.967013, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:187(dbwrap_check_lock_order) check lock order 2 for /var/run/samba/serverid.tdb [2015/08/14 19:17:01.967037, 10, pid=12294, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2:/var/run/samba/serverid.tdb 3: [2015/08/14 19:17:01.967064, 10, pid=12294, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 0630000000000000FFFF [2015/08/14 19:17:01.967097, 10, pid=12294, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x7f7a46235f00 [2015/08/14 19:17:01.967141, 10, pid=12294, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 0630000000000000FFFF [2015/08/14 19:17:01.967166, 5, pid=12294, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 2 for /var/run/samba/serverid.tdb [2015/08/14 19:17:01.967187, 10, pid=12294, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2015/08/14 19:17:01.967304, 3, pid=12294, effective(0, 0), real(0, 0)] ../source3/smbd/server_exit.c:221(exit_server_common) Server exit (termination signal) [2015/08/14 19:17:01.979273, 4, pid=12314, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:316(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2015/08/14 19:17:01.979347, 5, pid=12314, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2015/08/14 19:17:01.979370, 5, pid=12314, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:629(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2015/08/14 19:17:01.979412, 5, pid=12314, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2015/08/14 19:17:01.979456, 5, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:187(dbwrap_check_lock_order) check lock order 2 for /var/run/samba/serverid.tdb [2015/08/14 19:17:01.979481, 10, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2:/var/run/samba/serverid.tdb 3: [2015/08/14 19:17:01.979507, 10, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 1A30000000000000FFFF [2015/08/14 19:17:01.979540, 10, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x7f7a46238230 [2015/08/14 19:17:01.979571, 10, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 1A30000000000000FFFF [2015/08/14 19:17:01.979594, 5, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 2 for /var/run/samba/serverid.tdb [2015/08/14 19:17:01.979615, 10, pid=12314, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2015/08/14 19:17:01.980687, 3, pid=12314, effective(0, 0), real(0, 0)] ../source3/smbd/server_exit.c:221(exit_server_common) Server exit (termination signal) [2015/08/14 19:17:01.980737, 0, pid=12314, effective(0, 0), real(0, 0)] ../lib/util/pidfile.c:153(pidfile_unlink) Failed to delete pidfile /var/run/samba/smbd.pid. Error was No such file or directory