The Samba-Bugzilla – Attachment 11909 Details for
Bug 11787
Winbind cannot parse ADS domain local groups when using a Windows 2012 KDC with SID compression enabled.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
samba log output 2012
smb log ip hostnaam.txt (text/plain), 158.14 KB, created by
Riny Meester
on 2016-03-11 11:24:01 UTC
(
hide
)
Description:
samba log output 2012
Filename:
MIME Type:
Creator:
Riny Meester
Created:
2016-03-11 11:24:01 UTC
Size:
158.14 KB
patch
obsolete
>[2016/02/25 13:25:31.135322, 6] param/loadparm.c:7490(lp_file_list_changed) > lp_file_list_changed() > file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Thu Feb 25 12:41:16 2016 > >[2016/02/25 13:25:31.135504, 3] lib/access.c:338(allow_access) > Allowed connection from 172.18.0.241 (172.18.0.241) >[2016/02/25 13:25:31.135558, 10] smbd/process.c:3020(smbd_process) > Connection allowed from ipv4:172.18.0.241:52031 to ipv4:172.18.0.111:445 >[2016/02/25 13:25:31.135670, 3] smbd/oplock.c:922(init_oplocks) > init_oplocks: initializing messages. >[2016/02/25 13:25:31.135813, 3] smbd/oplock_linux.c:239(linux_init_kernel_oplocks) > Linux kernel oplocks enabled >[2016/02/25 13:25:31.135883, 5] lib/messages.c:332(messaging_deregister) > Deregistering messaging pointer for type 1 - private_data=(nil) >[2016/02/25 13:25:31.135979, 10] smbd/process.c:920(event_add_idle) > event_add_idle: idle_evt(keepalive) 0x2b14ce434210 >[2016/02/25 13:25:31.136040, 10] smbd/process.c:920(event_add_idle) > event_add_idle: idle_evt(deadtime) 0x2b14ce43fed0 >[2016/02/25 13:25:31.136097, 10] smbd/process.c:920(event_add_idle) > event_add_idle: idle_evt(housekeeping) 0x2b14ce43cbe0 >[2016/02/25 13:25:31.136221, 10] lib/util_sock.c:519(read_smb_length_return_keepalive) > got smb length of 155 >[2016/02/25 13:25:31.136293, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x9b >[2016/02/25 13:25:31.136342, 3] smbd/process.c:1662(process_smb) > Transaction 0 of length 159 (0 toread) >[2016/02/25 13:25:31.136388, 5] lib/util.c:332(show_msg) >[2016/02/25 13:25:31.136415, 5] lib/util.c:342(show_msg) > size=155 > smb_com=0x72 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51283 > smb_tid=65535 > smb_pid=65279 > smb_uid=0 > smb_mid=0 > smt_wct=0 > smb_bcc=120 >[2016/02/25 13:25:31.136677, 10] ../lib/util/util.c:415(dump_data) > [0000] 02 50 43 20 4E 45 54 57 4F 52 4B 20 50 52 4F 47 .PC NETW ORK PROG > [0010] 52 41 4D 20 31 2E 30 00 02 4C 41 4E 4D 41 4E 31 RAM 1.0. .LANMAN1 > [0020] 2E 30 00 02 57 69 6E 64 6F 77 73 20 66 6F 72 20 .0..Wind ows for > [0030] 57 6F 72 6B 67 72 6F 75 70 73 20 33 2E 31 61 00 Workgrou ps 3.1a. > [0040] 02 4C 4D 31 2E 32 58 30 30 32 00 02 4C 41 4E 4D .LM1.2X0 02..LANM > [0050] 41 4E 32 2E 31 00 02 4E 54 20 4C 4D 20 30 2E 31 AN2.1..N T LM 0.1 > [0060] 32 00 02 53 4D 42 20 32 2E 30 30 32 00 02 53 4D 2..SMB 2 .002..SM > [0070] 42 20 32 2E 3F 3F 3F 00 B 2.???. >[2016/02/25 13:25:31.137128, 3] smbd/process.c:1467(switch_message) > switch message SMBnegprot (pid 4881) conn 0x0 >[2016/02/25 13:25:31.137202, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:31.137267, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:31.137322, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:31.137412, 5] smbd/uid.c:400(change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) >[2016/02/25 13:25:31.138088, 3] smbd/negprot.c:598(reply_negprot) > Requested protocol [PC NETWORK PROGRAM 1.0] >[2016/02/25 13:25:31.138168, 3] smbd/negprot.c:598(reply_negprot) > Requested protocol [LANMAN1.0] >[2016/02/25 13:25:31.138224, 3] smbd/negprot.c:598(reply_negprot) > Requested protocol [Windows for Workgroups 3.1a] >[2016/02/25 13:25:31.138276, 3] smbd/negprot.c:598(reply_negprot) > Requested protocol [LM1.2X002] >[2016/02/25 13:25:31.138326, 3] smbd/negprot.c:598(reply_negprot) > Requested protocol [LANMAN2.1] >[2016/02/25 13:25:31.138375, 3] smbd/negprot.c:598(reply_negprot) > Requested protocol [NT LM 0.12] >[2016/02/25 13:25:31.138424, 3] smbd/negprot.c:598(reply_negprot) > Requested protocol [SMB 2.002] >[2016/02/25 13:25:31.138497, 3] smbd/negprot.c:598(reply_negprot) > Requested protocol [SMB 2.???] >[2016/02/25 13:25:31.138553, 10] lib/util.c:1624(set_remote_arch) > set_remote_arch: Client arch is 'Win2K' >[2016/02/25 13:25:31.138657, 6] param/loadparm.c:7490(lp_file_list_changed) > lp_file_list_changed() > file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Thu Feb 25 12:41:16 2016 > >[2016/02/25 13:25:31.138767, 10] lib/dbwrap_tdb.c:102(db_tdb_fetch_locked) > Locking key 11130000FFFFFFFF >[2016/02/25 13:25:31.138868, 10] lib/dbwrap_tdb.c:131(db_tdb_fetch_locked) > Allocated locked data 0x0x2b14c6126ef0 >[2016/02/25 13:25:31.138923, 10] lib/dbwrap_tdb.c:44(db_tdb_record_destr) > Unlocking key 11130000FFFFFFFF >[2016/02/25 13:25:31.139014, 6] param/loadparm.c:7490(lp_file_list_changed) > lp_file_list_changed() > file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Thu Feb 25 12:41:16 2016 > >[2016/02/25 13:25:31.139166, 3] smbd/negprot.c:419(reply_nt1) > using SPNEGO >[2016/02/25 13:25:31.139217, 3] smbd/negprot.c:704(reply_negprot) > Selected protocol NT LM 0.12 >[2016/02/25 13:25:31.139263, 5] smbd/negprot.c:711(reply_negprot) > negprot index=5 >[2016/02/25 13:25:31.139310, 5] lib/util.c:332(show_msg) >[2016/02/25 13:25:31.139338, 5] lib/util.c:342(show_msg) > size=181 > smb_com=0x72 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51283 > smb_tid=65535 > smb_pid=65279 > smb_uid=0 > smb_mid=0 > smt_wct=17 > smb_vwv[ 0]= 5 (0x5) > smb_vwv[ 1]=12803 (0x3203) > smb_vwv[ 2]= 256 (0x100) > smb_vwv[ 3]= 1024 (0x400) > smb_vwv[ 4]= 65 (0x41) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 256 (0x100) > smb_vwv[ 7]= 4352 (0x1100) > smb_vwv[ 8]= 19 (0x13) > smb_vwv[ 9]=64768 (0xFD00) > smb_vwv[10]= 243 (0xF3) > smb_vwv[11]=65152 (0xFE80) > smb_vwv[12]= 3753 (0xEA9) > smb_vwv[13]=51102 (0xC79E) > smb_vwv[14]=53615 (0xD16F) > smb_vwv[15]=50177 (0xC401) > smb_vwv[16]= 255 (0xFF) > smb_bcc=112 >[2016/02/25 13:25:31.139963, 10] ../lib/util/util.c:415(dump_data) > [0000] 73 75 6E 65 77 73 70 69 6C 6F 74 30 34 00 00 00 sunewspi lot04... > [0010] 60 5E 06 06 2B 06 01 05 05 02 A0 54 30 52 A0 24 `^..+... ...T0R.$ > [0020] 30 22 06 09 2A 86 48 86 F7 12 01 02 02 06 09 2A 0"..*.H. .......* > [0030] 86 48 82 F7 12 01 02 02 06 0A 2B 06 01 04 01 82 .H...... ..+..... > [0040] 37 02 02 0A A3 2A 30 28 A0 26 1B 24 6E 6F 74 5F 7....*0( .&.$not_ > [0050] 64 65 66 69 6E 65 64 5F 69 6E 5F 52 46 43 34 31 defined_ in_RFC41 > [0060] 37 38 40 70 6C 65 61 73 65 5F 69 67 6E 6F 72 65 78@pleas e_ignore >[2016/02/25 13:25:31.660900, 10] lib/util_sock.c:519(read_smb_length_return_keepalive) > got smb length of 1948 >[2016/02/25 13:25:31.661060, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x79c >[2016/02/25 13:25:31.661121, 3] smbd/process.c:1662(process_smb) > Transaction 1 of length 1952 (0 toread) >[2016/02/25 13:25:31.661170, 5] lib/util.c:332(show_msg) >[2016/02/25 13:25:31.661198, 5] lib/util.c:342(show_msg) > size=1948 > smb_com=0x73 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51207 > smb_tid=65535 > smb_pid=65279 > smb_uid=0 > smb_mid=64 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]=16644 (0x4104) > smb_vwv[ 3]= 50 (0x32) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 1885 (0x75D) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 212 (0xD4) > smb_vwv[11]=40960 (0xA000) > smb_bcc=1889 >[2016/02/25 13:25:31.661722, 10] ../lib/util/util.c:415(dump_data) > [0000] 60 82 07 59 06 06 2B 06 01 05 05 02 A0 82 07 4D `..Y..+. .......M > [0010] 30 82 07 49 A0 30 30 2E 06 09 2A 86 48 82 F7 12 0..I.00. ..*.H... > [0020] 01 02 02 06 09 2A 86 48 86 F7 12 01 02 02 06 0A .....*.H ........ > [0030] 2B 06 01 04 01 82 37 02 02 1E 06 0A 2B 06 01 04 +.....7. ....+... > [0040] 01 82 37 02 02 0A A2 82 07 13 04 82 07 0F 60 82 ..7..... ......`. > [0050] 07 0B 06 09 2A 86 48 86 F7 12 01 02 02 01 00 6E ....*.H. .......n > [0060] 82 06 FA 30 82 06 F6 A0 03 02 01 05 A1 03 02 01 ...0.... ........ > [0070] 0E A2 07 03 05 00 20 00 00 00 A3 82 05 84 61 82 ...... . ......a. > [0080] 05 80 30 82 05 7C A0 03 02 01 05 A1 07 1B 05 46 ..0..|.. .......F > [0090] 44 2E 4E 4C A2 20 30 1E A0 03 02 01 02 A1 17 30 D.NL. 0. .......0 > [00A0] 15 1B 04 63 69 66 73 1B 0D 73 75 6E 65 77 73 70 ...cifs. .sunewsp > [00B0] 69 6C 6F 74 30 34 A3 82 05 48 30 82 05 44 A0 03 ilot04.. .H0..D.. > [00C0] 02 01 17 A1 04 02 02 00 9D A2 82 05 35 04 82 05 ........ ....5... > [00D0] 31 F2 9B F6 4A DD 31 3F B2 0E 91 88 A3 A2 AE 24 1...J.1? .......$ > [00E0] 60 53 54 C9 DB 8E CD B4 95 80 FD 1A 2D 46 6D 9E `ST..... ....-Fm. > [00F0] D1 73 F4 70 71 0A E7 65 DE F1 55 9E 9E F7 35 1D .s.pq..e ..U...5. > [0100] 79 C2 1F D0 B5 C0 5D FC 68 E0 B7 21 F9 AD 08 37 y.....]. h..!...7 > [0110] 6D FB DA 9E BC 9D DE 1D C7 08 A2 77 01 31 2C 7D m....... ...w.1,} > [0120] AE 3C A8 58 CC 0D 13 72 F9 F0 26 DD 56 C6 59 B2 .<.X...r ..&.V.Y. > [0130] 85 AF E2 A3 E8 01 AD 44 56 A0 FF F0 4F 5F 0F 8D .......D V...O_.. > [0140] 3D 87 7F D1 BD 85 15 02 3E CD 03 BE 06 D6 0C D2 =....... >....... > [0150] 3F 66 F2 CB FE E9 1E E1 A4 51 A4 A7 BC 85 C3 38 ?f...... .Q.....8 > [0160] 98 40 F2 9E 41 C9 3A 3F 04 53 67 62 9D F2 12 90 .@..A.:? .Sgb.... > [0170] 69 79 E5 65 19 10 21 4D 55 3D 03 03 1F 8D 29 9E iy.e..!M U=....). > [0180] A0 A3 CF 8B DE 85 B8 64 E5 CE 81 26 6E 77 CC 52 .......d ...&nw.R > [0190] 6C 7D 32 37 CA 0C BF 58 2D E0 AF 0F A3 DC 32 09 l}27...X -.....2. > [01A0] AD C4 34 1C 65 57 56 67 43 8D E0 7D A9 87 59 70 ..4.eWVg C..}..Yp > [01B0] 71 0D 10 8C 1F 22 CB 17 14 FF 20 C3 C5 22 45 1B q....".. .. .."E. > [01C0] A3 94 96 C3 0A FC 42 64 14 7B 3E 1F 83 7E FB 60 ......Bd .{>..~.` > [01D0] C2 61 AB 44 02 5A 31 0B 09 8E 59 59 04 C0 21 C7 .a.D.Z1. ..YY..!. > [01E0] E8 6E 5D DB 71 04 17 7A 14 50 66 BC A4 0D 92 BE .n].q..z .Pf..... > [01F0] FD 3C 44 3F ED 4C C8 D2 B5 9A 80 83 B4 5A 65 1C .<D?.L.. .....Ze. >[2016/02/25 13:25:31.663234, 3] smbd/process.c:1467(switch_message) > switch message SMBsesssetupX (pid 4881) conn 0x0 >[2016/02/25 13:25:31.663295, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:31.663346, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:31.663444, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:31.663534, 5] smbd/uid.c:400(change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) >[2016/02/25 13:25:31.663597, 3] smbd/sesssetup.c:1333(reply_sesssetup_and_X) > wct=12 flg2=0xc807 >[2016/02/25 13:25:31.663653, 2] smbd/sesssetup.c:1279(setup_new_vc_session) > setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. >[2016/02/25 13:25:31.663707, 3] smbd/sesssetup.c:1065(reply_sesssetup_and_X_spnego) > Doing spnego session setup >[2016/02/25 13:25:31.663791, 3] smbd/sesssetup.c:1107(reply_sesssetup_and_X_spnego) > NativeOS=[] NativeLanMan=[] PrimaryDomain=[] >[2016/02/25 13:25:31.663877, 10] lib/util.c:1624(set_remote_arch) > set_remote_arch: Client arch is 'Vista' >[2016/02/25 13:25:31.663935, 10] smbd/password.c:199(register_initial_vuid) > register_initial_vuid: allocated vuid = 100 >[2016/02/25 13:25:31.664041, 5] smbd/sesssetup.c:607(parse_spnego_mechanisms) > parse_spnego_mechanisms: Got OID 1.2.840.48018.1.2.2 >[2016/02/25 13:25:31.664100, 5] smbd/sesssetup.c:607(parse_spnego_mechanisms) > parse_spnego_mechanisms: Got OID 1.2.840.113554.1.2.2 >[2016/02/25 13:25:31.664146, 5] smbd/sesssetup.c:607(parse_spnego_mechanisms) > parse_spnego_mechanisms: Got OID 1.3.6.1.4.1.311.2.2.30 >[2016/02/25 13:25:31.664192, 5] smbd/sesssetup.c:607(parse_spnego_mechanisms) > parse_spnego_mechanisms: Got OID 1.3.6.1.4.1.311.2.2.10 >[2016/02/25 13:25:31.664237, 3] smbd/sesssetup.c:660(reply_spnego_negotiate) > reply_spnego_negotiate: Got secblob of size 1807 >[2016/02/25 13:25:31.665345, 10] libads/kerberos_verify.c:386(ads_secrets_verify_ticket) > libads/kerberos_verify.c:386: found previous password >[2016/02/25 13:25:31.696091, 10] libads/kerberos_verify.c:435(ads_secrets_verify_ticket) > libads/kerberos_verify.c:435: enc type [18] failed to decrypt with error Bad encryption type >[2016/02/25 13:25:31.711237, 10] libads/kerberos_verify.c:435(ads_secrets_verify_ticket) > libads/kerberos_verify.c:435: enc type [17] failed to decrypt with error Bad encryption type >[2016/02/25 13:25:31.716134, 10] libads/kerberos_verify.c:423(ads_secrets_verify_ticket) > libads/kerberos_verify.c:423: enc type [23] decrypted message ! >[2016/02/25 13:25:31.716389, 10] libsmb/clikrb5.c:955(get_krb5_smb_session_key) > Got KRB5 session key of length 16 >[2016/02/25 13:25:31.716687, 3] libads/authdata.c:332(decode_pac_data) > Found account name from PAC: infomaker [infomaker] >[2016/02/25 13:25:31.716764, 10] libads/authdata.c:334(decode_pac_data) > Successfully validated Kerberos PAC > pac_data: struct PAC_DATA > num_buffers : 0x00000005 (5) > version : 0x00000000 (0) > buffers: ARRAY(5) > buffers: struct PAC_BUFFER > type : PAC_TYPE_LOGON_INFO (1) > _ndr_size : 0x000002f0 (752) > info : * > info : union PAC_INFO(case 1) > logon_info: struct PAC_LOGON_INFO_CTR > info : * > info: struct PAC_LOGON_INFO > info3: struct netr_SamInfo3 > base: struct netr_SamBaseInfo > last_logon : Thu Feb 25 11:59:35 AM 2016 CET > last_logoff : Thu Sep 14 03:48:05 AM 30828 CET > acct_expiry : Thu Sep 14 03:48:05 AM 30828 CET > last_password_change : Wed Nov 6 03:01:35 PM 2013 CET > allow_password_change : Thu Nov 7 03:01:35 PM 2013 CET > force_password_change : Thu Sep 14 03:48:05 AM 30828 CET > account_name: struct lsa_String > length : 0x0012 (18) > size : 0x0012 (18) > string : * > string : 'infomaker' > full_name: struct lsa_String > length : 0x0012 (18) > size : 0x0012 (18) > string : * > string : 'infomaker' > logon_script: struct lsa_String > length : 0x0012 (18) > size : 0x0012 (18) > string : * > string : 'logon.bat' > profile_path: struct lsa_String > length : 0x0000 (0) > size : 0x0000 (0) > string : * > string : '' > home_directory: struct lsa_String > length : 0x0000 (0) > size : 0x0000 (0) > string : * > string : '' > home_drive: struct lsa_String > length : 0x0000 (0) > size : 0x0000 (0) > string : * > string : '' > logon_count : 0x005f (95) > bad_password_count : 0x0000 (0) > rid : 0x000040c6 (16582) > primary_gid : 0x00000201 (513) > groups: struct samr_RidWithAttributeArray > count : 0x0000000b (11) > rids : * > rids: ARRAY(11) > rids: struct samr_RidWithAttribute > rid : 0x000029fa (10746) > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x00003a1c (14876) > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x0000536d (21357) > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x00005a46 (23110) > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x0000522f (21039) > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x000051b6 (20918) > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x00003a9e (15006) > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x00000201 (513) > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x00005a2a (23082) > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x000019a2 (6562) > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x00005230 (21040) > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > user_flags : 0x00000220 (544) > 0: NETLOGON_GUEST > 0: NETLOGON_NOENCRYPTION > 0: NETLOGON_CACHED_ACCOUNT > 0: NETLOGON_USED_LM_PASSWORD > 1: NETLOGON_EXTRA_SIDS > 0: NETLOGON_SUBAUTH_SESSION_KEY > 0: NETLOGON_SERVER_TRUST_ACCOUNT > 0: NETLOGON_NTLMV2_ENABLED > 1: NETLOGON_RESOURCE_GROUPS > 0: NETLOGON_PROFILE_PATH_RETURNED > 0: NETLOGON_GRACE_LOGON > key: struct netr_UserSessionKey > key : 00000000000000000000000000000000 > logon_server: struct lsa_StringLarge > length : 0x000c (12) > size : 0x000e (14) > string : * > string : 'SWDC05' > domain: struct lsa_StringLarge > length : 0x000c (12) > size : 0x000e (14) > string : * > string : 'WNTHFD' > domain_sid : * > domain_sid : S-1-5-21-2138249453-1736393925-328618392 > LMSessKey: struct netr_LMSessionKey > key : 0000000000000000 > acct_flags : 0x00000210 (528) > 0: ACB_DISABLED > 0: ACB_HOMDIRREQ > 0: ACB_PWNOTREQ > 0: ACB_TEMPDUP > 1: ACB_NORMAL > 0: ACB_MNS > 0: ACB_DOMTRUST > 0: ACB_WSTRUST > 0: ACB_SVRTRUST > 1: ACB_PWNOEXP > 0: ACB_AUTOLOCK > 0: ACB_ENC_TXT_PWD_ALLOWED > 0: ACB_SMARTCARD_REQUIRED > 0: ACB_TRUSTED_FOR_DELEGATION > 0: ACB_NOT_DELEGATED > 0: ACB_USE_DES_KEY_ONLY > 0: ACB_DONT_REQUIRE_PREAUTH > 0: ACB_PW_EXPIRED > 0: ACB_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION > 0: ACB_NO_AUTH_DATA_REQD > 0: ACB_PARTIAL_SECRETS_ACCOUNT > 0: ACB_USE_AES_KEYS > unknown: ARRAY(7) > unknown : 0x00000000 (0) > unknown : 0x00000000 (0) > unknown : 0x00000000 (0) > unknown : 0x00000000 (0) > unknown : 0x00000000 (0) > unknown : 0x00000000 (0) > unknown : 0x00000000 (0) > sidcount : 0x00000001 (1) > sids : * > sids: ARRAY(1) > sids: struct netr_SidAttr > sid : * > sid : S-1-18-1 > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > res_group_dom_sid : * > res_group_dom_sid : S-1-5-21-2138249453-1736393925-328618392 > res_groups: struct samr_RidWithAttributeArray > count : 0x00000013 (19) > rids : * > rids: ARRAY(19) > rids: struct samr_RidWithAttribute > rid : 0x00003978 (14712) > attributes : 0x20000007 (536870919) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 1: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x00003a9b (15003) > attributes : 0x20000007 (536870919) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 1: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x000053c9 (21449) > attributes : 0x20000007 (536870919) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 1: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x00003a1d (14877) > attributes : 0x20000007 (536870919) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 1: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x000051b3 (20915) > attributes : 0x20000007 (536870919) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 1: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x00005a47 (23111) > attributes : 0x20000007 (536870919) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 1: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x00005a32 (23090) > attributes : 0x20000007 (536870919) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 1: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x00005a28 (23080) > attributes : 0x20000007 (536870919) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 1: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x00003a32 (14898) > attributes : 0x20000007 (536870919) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 1: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x00004b9c (19356) > attributes : 0x20000007 (536870919) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 1: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x0000522d (21037) > attributes : 0x20000007 (536870919) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 1: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x00005a27 (23079) > attributes : 0x20000007 (536870919) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 1: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x00003979 (14713) > attributes : 0x20000007 (536870919) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 1: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x000051b2 (20914) > attributes : 0x20000007 (536870919) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 1: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x000029fb (10747) > attributes : 0x20000007 (536870919) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 1: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x00005a29 (23081) > attributes : 0x20000007 (536870919) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 1: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x00003977 (14711) > attributes : 0x20000007 (536870919) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 1: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x0000407f (16511) > attributes : 0x20000007 (536870919) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 1: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x0000522e (21038) > attributes : 0x20000007 (536870919) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 1: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > _pad : 0x00000000 (0) > buffers: struct PAC_BUFFER > type : PAC_TYPE_LOGON_NAME (10) > _ndr_size : 0x0000001c (28) > info : * > info : union PAC_INFO(case 10) > logon_name: struct PAC_LOGON_NAME > logon_time : Thu Feb 25 01:25:30 PM 2016 CET > size : 0x0012 (18) > account_name : 'infomaker' > _pad : 0x00000000 (0) > buffers: struct PAC_BUFFER > type : PAC_TYPE_UNKNOWN_12 (12) > _ndr_size : 0x00000040 (64) > info : * > info : union PAC_INFO(case 12) > unknown: struct DATA_BLOB_REM > remaining : DATA_BLOB length=64 > [0000] 1E 00 10 00 0A 00 30 00 00 00 00 00 00 00 00 00 ......0. ........ > [0010] 69 00 6E 00 66 00 6F 00 6D 00 61 00 6B 00 65 00 i.n.f.o. m.a.k.e. > [0020] 72 00 40 00 66 00 64 00 2E 00 6E 00 6C 00 00 00 r.@.f.d. ..n.l... > [0030] 46 00 44 00 2E 00 4E 00 4C 00 00 00 00 00 00 00 F.D...N. L....... > _pad : 0x00000000 (0) > buffers: struct PAC_BUFFER > type : PAC_TYPE_SRV_CHECKSUM (6) > _ndr_size : 0x00000014 (20) > info : * > info : union PAC_INFO(case 6) > srv_cksum: struct PAC_SIGNATURE_DATA > type : 0xffffff76 (4294967158) > signature : DATA_BLOB length=16 > [0000] 13 97 3F 9D 56 ED AC B5 60 41 8D 1A 4C D6 EB 3A ..?.V... `A..L..: > _pad : 0x00000000 (0) > buffers: struct PAC_BUFFER > type : PAC_TYPE_KDC_CHECKSUM (7) > _ndr_size : 0x00000014 (20) > info : * > info : union PAC_INFO(case 7) > kdc_cksum: struct PAC_SIGNATURE_DATA > type : 0xffffff76 (4294967158) > signature : DATA_BLOB length=16 > [0000] 4F 00 E7 C2 C3 76 7A 6C 57 E0 A7 E2 20 85 66 76 O....vzl W... .fv > _pad : 0x00000000 (0) > >[2016/02/25 13:25:31.730015, 3] auth/user_krb5.c:50(get_user_from_kerberos_info) > Kerberos ticket principal name is [infomaker@FD.NL] >[2016/02/25 13:25:31.730093, 10] auth/user_krb5.c:82(get_user_from_kerberos_info) > Domain is [WNTHFD] (using PAC) >[2016/02/25 13:25:31.730162, 5] lib/username.c:171(Get_Pwnam_alloc) > Finding user WNTHFD+infomaker >[2016/02/25 13:25:31.730211, 5] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is wnthfd+infomaker >[2016/02/25 13:25:31.769656, 5] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [WNTHFD+infomaker]! >[2016/02/25 13:25:31.770032, 10] libsmb/samlogon_cache.c:155(netsamlogon_cache_store) > netsamlogon_cache_store: SID [S-1-5-21-2138249453-1736393925-328618392-16582] >[2016/02/25 13:25:31.770104, 1] ../librpc/ndr/ndr.c:247(ndr_print_debug) > &r: struct netsamlogoncache_entry > timestamp : Thu Feb 25 01:25:31 PM 2016 CET > info3: struct netr_SamInfo3 > base: struct netr_SamBaseInfo > last_logon : Thu Feb 25 11:59:35 AM 2016 CET > last_logoff : Thu Sep 14 03:48:05 AM 30828 CET > acct_expiry : Thu Sep 14 03:48:05 AM 30828 CET > last_password_change : Wed Nov 6 03:01:35 PM 2013 CET > allow_password_change : Thu Nov 7 03:01:35 PM 2013 CET > force_password_change : Thu Sep 14 03:48:05 AM 30828 CET > account_name: struct lsa_String > length : 0x0012 (18) > size : 0x0012 (18) > string : * > string : 'infomaker' > full_name: struct lsa_String > length : 0x0012 (18) > size : 0x0012 (18) > string : * > string : 'infomaker' > logon_script: struct lsa_String > length : 0x0012 (18) > size : 0x0012 (18) > string : * > string : 'logon.bat' > profile_path: struct lsa_String > length : 0x0000 (0) > size : 0x0000 (0) > string : * > string : '' > home_directory: struct lsa_String > length : 0x0000 (0) > size : 0x0000 (0) > string : * > string : '' > home_drive: struct lsa_String > length : 0x0000 (0) > size : 0x0000 (0) > string : * > string : '' > logon_count : 0x005f (95) > bad_password_count : 0x0000 (0) > rid : 0x000040c6 (16582) > primary_gid : 0x00000201 (513) > groups: struct samr_RidWithAttributeArray > count : 0x0000000b (11) > rids : * > rids: ARRAY(11) > rids: struct samr_RidWithAttribute > rid : 0x000029fa (10746) > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x00003a1c (14876) > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x0000536d (21357) > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x00005a46 (23110) > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x0000522f (21039) > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x000051b6 (20918) > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x00003a9e (15006) > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x00000201 (513) > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x00005a2a (23082) > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x000019a2 (6562) > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > rids: struct samr_RidWithAttribute > rid : 0x00005230 (21040) > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) > user_flags : 0x00000220 (544) > 0: NETLOGON_GUEST > 0: NETLOGON_NOENCRYPTION > 0: NETLOGON_CACHED_ACCOUNT > 0: NETLOGON_USED_LM_PASSWORD > 1: NETLOGON_EXTRA_SIDS > 0: NETLOGON_SUBAUTH_SESSION_KEY > 0: NETLOGON_SERVER_TRUST_ACCOUNT > 0: NETLOGON_NTLMV2_ENABLED > 1: NETLOGON_RESOURCE_GROUPS > 0: NETLOGON_PROFILE_PATH_RETURNED > 0: NETLOGON_GRACE_LOGON > key: struct netr_UserSessionKey > key : 00000000000000000000000000000000 > logon_server: struct lsa_StringLarge > length : 0x000c (12) > size : 0x000e (14) > string : * > string : 'SWDC05' > domain: struct lsa_StringLarge > length : 0x000c (12) > size : 0x000e (14) > string : * > string : 'WNTHFD' > domain_sid : * > domain_sid : S-1-5-21-2138249453-1736393925-328618392 > LMSessKey: struct netr_LMSessionKey > key : 0000000000000000 > acct_flags : 0x00000210 (528) > 0: ACB_DISABLED > 0: ACB_HOMDIRREQ > 0: ACB_PWNOTREQ > 0: ACB_TEMPDUP > 1: ACB_NORMAL > 0: ACB_MNS > 0: ACB_DOMTRUST > 0: ACB_WSTRUST > 0: ACB_SVRTRUST > 1: ACB_PWNOEXP > 0: ACB_AUTOLOCK > 0: ACB_ENC_TXT_PWD_ALLOWED > 0: ACB_SMARTCARD_REQUIRED > 0: ACB_TRUSTED_FOR_DELEGATION > 0: ACB_NOT_DELEGATED > 0: ACB_USE_DES_KEY_ONLY > 0: ACB_DONT_REQUIRE_PREAUTH > 0: ACB_PW_EXPIRED > 0: ACB_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION > 0: ACB_NO_AUTH_DATA_REQD > 0: ACB_PARTIAL_SECRETS_ACCOUNT > 0: ACB_USE_AES_KEYS > unknown: ARRAY(7) > unknown : 0x00000000 (0) > unknown : 0x00000000 (0) > unknown : 0x00000000 (0) > unknown : 0x00000000 (0) > unknown : 0x00000000 (0) > unknown : 0x00000000 (0) > unknown : 0x00000000 (0) > sidcount : 0x00000001 (1) > sids : * > sids: ARRAY(1) > sids: struct netr_SidAttr > sid : * > sid : S-1-18-1 > attributes : 0x00000007 (7) > 1: SE_GROUP_MANDATORY > 1: SE_GROUP_ENABLED_BY_DEFAULT > 1: SE_GROUP_ENABLED > 0: SE_GROUP_OWNER > 0: SE_GROUP_USE_FOR_DENY_ONLY > 0: SE_GROUP_RESOURCE > 0x00: SE_GROUP_LOGON_ID (0) >[2016/02/25 13:25:31.776004, 6] param/loadparm.c:7490(lp_file_list_changed) > lp_file_list_changed() > file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Thu Feb 25 12:41:16 2016 > >[2016/02/25 13:25:31.776143, 5] lib/username.c:171(Get_Pwnam_alloc) > Finding user WNTHFD+infomaker >[2016/02/25 13:25:31.776198, 5] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is wnthfd+infomaker >[2016/02/25 13:25:31.776252, 5] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [WNTHFD+infomaker]! >[2016/02/25 13:25:31.776937, 10] auth/token_util.c:223(create_local_nt_token_from_info3) > Create local NT token for infomaker >[2016/02/25 13:25:31.777053, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:31.777117, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2016/02/25 13:25:31.777171, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:31.777218, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:31.777265, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:31.777609, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:31.777689, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-2138249453-1736393925-328618392-16582] >[2016/02/25 13:25:31.777754, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-2138249453-1736393925-328618392-513] >[2016/02/25 13:25:31.777816, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-2138249453-1736393925-328618392-10746] >[2016/02/25 13:25:31.777922, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-2138249453-1736393925-328618392-14876] >[2016/02/25 13:25:31.777984, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-2138249453-1736393925-328618392-21357] >[2016/02/25 13:25:31.778046, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-2138249453-1736393925-328618392-23110] >[2016/02/25 13:25:31.778105, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-2138249453-1736393925-328618392-21039] >[2016/02/25 13:25:31.778163, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-2138249453-1736393925-328618392-20918] >[2016/02/25 13:25:31.778222, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-2138249453-1736393925-328618392-15006] >[2016/02/25 13:25:31.778281, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-2138249453-1736393925-328618392-23082] >[2016/02/25 13:25:31.778340, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-2138249453-1736393925-328618392-6562] >[2016/02/25 13:25:31.778423, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-2138249453-1736393925-328618392-21040] >[2016/02/25 13:25:31.778485, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-18-1] >[2016/02/25 13:25:31.778547, 5] lib/privileges.c:175(get_privileges_for_sids) > get_privileges_for_sids: sid = S-1-1-0 > Privilege set: 0x0 >[2016/02/25 13:25:31.778623, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-2] >[2016/02/25 13:25:31.778682, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-11] >[2016/02/25 13:25:31.778755, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-32-545] >[2016/02/25 13:25:31.781716, 10] passdb/lookup_sid.c:1280(legacy_sid_to_gid) > LEGACY: mapping failed for sid S-1-18-1 >[2016/02/25 13:25:31.781796, 10] passdb/lookup_sid.c:1218(legacy_sid_to_uid) > LEGACY: mapping failed for sid S-1-18-1 >[2016/02/25 13:25:31.781856, 10] auth/auth_util.c:505(create_local_token) > Could not convert SID S-1-18-1 to gid, ignoring it >[2016/02/25 13:25:31.781971, 10] ../libcli/security/security_token.c:63(security_token_debug) > Security token SIDs (33): > SID[ 0]: S-1-5-21-2138249453-1736393925-328618392-16582 > SID[ 1]: S-1-5-21-2138249453-1736393925-328618392-513 > SID[ 2]: S-1-5-21-2138249453-1736393925-328618392-10746 > SID[ 3]: S-1-5-21-2138249453-1736393925-328618392-14876 > SID[ 4]: S-1-5-21-2138249453-1736393925-328618392-21357 > SID[ 5]: S-1-5-21-2138249453-1736393925-328618392-23110 > SID[ 6]: S-1-5-21-2138249453-1736393925-328618392-21039 > SID[ 7]: S-1-5-21-2138249453-1736393925-328618392-20918 > SID[ 8]: S-1-5-21-2138249453-1736393925-328618392-15006 > SID[ 9]: S-1-5-21-2138249453-1736393925-328618392-23082 > SID[ 10]: S-1-5-21-2138249453-1736393925-328618392-6562 > SID[ 11]: S-1-5-21-2138249453-1736393925-328618392-21040 > SID[ 12]: S-1-18-1 > SID[ 13]: S-1-1-0 > SID[ 14]: S-1-5-2 > SID[ 15]: S-1-5-11 > SID[ 16]: S-1-5-32-545 > SID[ 17]: S-1-22-1-62213 > SID[ 18]: S-1-22-2-61000 > SID[ 19]: S-1-22-2-61017 > SID[ 20]: S-1-22-2-61024 > SID[ 21]: S-1-22-2-61107 > SID[ 22]: S-1-22-2-61108 > SID[ 23]: S-1-22-2-61109 > SID[ 24]: S-1-22-2-61030 > SID[ 25]: S-1-22-2-61034 > SID[ 26]: S-1-22-2-61110 > SID[ 27]: S-1-22-2-61037 > SID[ 28]: S-1-22-2-61111 > SID[ 29]: S-1-22-2-61104 > SID[ 30]: S-1-22-2-61105 > SID[ 31]: S-1-22-2-61106 > SID[ 32]: S-1-22-2-61016 > Privileges (0x 0): > Rights (0x 0): >[2016/02/25 13:25:31.782819, 10] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 62213 > Primary group is 61000 and contains 15 supplementary groups > Group[ 0]: 61000 > Group[ 1]: 61017 > Group[ 2]: 61024 > Group[ 3]: 61107 > Group[ 4]: 61108 > Group[ 5]: 61109 > Group[ 6]: 61030 > Group[ 7]: 61034 > Group[ 8]: 61110 > Group[ 9]: 61037 > Group[ 10]: 61111 > Group[ 11]: 61104 > Group[ 12]: 61105 > Group[ 13]: 61106 > Group[ 14]: 61016 >[2016/02/25 13:25:31.783218, 10] smbd/password.c:199(register_initial_vuid) > register_initial_vuid: allocated vuid = 101 >[2016/02/25 13:25:31.783276, 10] smbd/password.c:293(register_existing_vuid) > register_existing_vuid: (62213,61000) WNTHFD+infomaker infomaker WNTHFD guest=0 >[2016/02/25 13:25:31.783327, 3] smbd/password.c:298(register_existing_vuid) > register_existing_vuid: User name: WNTHFD+infomaker Real name: infomaker >[2016/02/25 13:25:31.783395, 3] smbd/password.c:308(register_existing_vuid) > register_existing_vuid: UNIX uid 62213 is UNIX user WNTHFD+infomaker, and will be vuid 101 >[2016/02/25 13:25:31.783467, 10] lib/dbwrap_tdb.c:102(db_tdb_fetch_locked) > Locking key 49442F343838312F3130 >[2016/02/25 13:25:31.783533, 10] lib/dbwrap_tdb.c:131(db_tdb_fetch_locked) > Allocated locked data 0x0x2b14c6106830 >[2016/02/25 13:25:31.783631, 10] lib/dbwrap_tdb.c:44(db_tdb_record_destr) > Unlocking key 49442F343838312F3130 >[2016/02/25 13:25:31.783714, 7] param/loadparm.c:9834(lp_servicenumber) > lp_servicenumber: couldn't find WNTHFD+infomaker >[2016/02/25 13:25:31.783763, 5] lib/username.c:171(Get_Pwnam_alloc) > Finding user WNTHFD+infomaker >[2016/02/25 13:25:31.783808, 5] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is wnthfd+infomaker >[2016/02/25 13:25:31.783858, 5] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [WNTHFD+infomaker]! >[2016/02/25 13:25:31.783942, 3] smbd/password.c:238(register_homes_share) > Adding homes service for user 'WNTHFD+infomaker' using home directory: '/home/WNTHFD/infomaker' >[2016/02/25 13:25:31.784079, 8] param/loadparm.c:6480(add_a_service) > add_a_service: Creating snum = 6 for infomaker >[2016/02/25 13:25:31.784134, 10] param/loadparm.c:6527(hash_a_service) > hash_a_service: hashing index 6 for service name infomaker >[2016/02/25 13:25:31.784192, 3] param/loadparm.c:6582(lp_add_home) > adding home's share [infomaker] for user 'WNTHFD+infomaker' at '/home/WNTHFD/infomaker' >[2016/02/25 13:25:31.784271, 6] param/loadparm.c:7490(lp_file_list_changed) > lp_file_list_changed() > file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Thu Feb 25 12:41:16 2016 > >[2016/02/25 13:25:31.784445, 5] lib/util.c:332(show_msg) >[2016/02/25 13:25:31.784481, 5] lib/util.c:342(show_msg) > size=246 > smb_com=0x73 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=65535 > smb_pid=65279 > smb_uid=101 > smb_mid=64 > smt_wct=4 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 153 (0x99) > smb_bcc=203 >[2016/02/25 13:25:31.784794, 10] ../lib/util/util.c:415(dump_data) > [0000] A1 81 96 30 81 93 A0 03 0A 01 00 A1 0B 06 09 2A ...0.... .......* > [0010] 86 48 82 F7 12 01 02 02 A2 7F 04 7D 60 7B 06 09 .H...... ...}`{.. > [0020] 2A 86 48 86 F7 12 01 02 02 02 00 6F 6C 30 6A A0 *.H..... ...ol0j. > [0030] 03 02 01 05 A1 03 02 01 0F A2 5E 30 5C A0 03 02 ........ ..^0\... > [0040] 01 17 A2 55 04 53 36 54 2F B8 D8 70 62 0D 5C 76 ...U.S6T /..pb.\v > [0050] 91 06 F9 27 8F 4F 78 DB 37 24 91 D7 02 B2 1B 46 ...'.Ox. 7$.....F > [0060] D7 12 47 64 38 1C 45 FE 97 36 78 AB E9 E1 F2 72 ..Gd8.E. .6x....r > [0070] 40 1D FD EE E9 B0 2F 75 42 E7 8F BB 34 36 B1 ED @...../u B...46.. > [0080] 62 5C 37 ED 9F 3C 71 64 57 37 16 03 E1 E3 6C C7 b\7..<qd W7....l. > [0090] 52 1B B4 5F 10 F1 21 A0 7F 55 00 6E 00 69 00 78 R.._..!. .U.n.i.x > [00A0] 00 00 00 53 00 61 00 6D 00 62 00 61 00 20 00 33 ...S.a.m .b.a. .3 > [00B0] 00 2E 00 36 00 2E 00 31 00 32 00 00 00 57 00 4E ...6...1 .2...W.N > [00C0] 00 54 00 48 00 46 00 44 00 00 00 .T.H.F.D ... >[2016/02/25 13:25:31.786066, 10] lib/util_sock.c:519(read_smb_length_return_keepalive) > got smb length of 92 >[2016/02/25 13:25:31.786143, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x5c >[2016/02/25 13:25:31.786192, 3] smbd/process.c:1662(process_smb) > Transaction 2 of length 96 (0 toread) >[2016/02/25 13:25:31.786238, 5] lib/util.c:332(show_msg) >[2016/02/25 13:25:31.786267, 5] lib/util.c:342(show_msg) > size=92 > smb_com=0x75 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51207 > smb_tid=0 > smb_pid=65279 > smb_uid=101 > smb_mid=128 > smt_wct=4 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]= 92 (0x5C) > smb_vwv[ 2]= 8 (0x8) > smb_vwv[ 3]= 1 (0x1) > smb_bcc=49 >[2016/02/25 13:25:31.786604, 10] ../lib/util/util.c:415(dump_data) > [0000] 00 5C 00 5C 00 53 00 55 00 4E 00 45 00 57 00 53 .\.\.S.U .N.E.W.S > [0010] 00 50 00 49 00 4C 00 4F 00 54 00 30 00 34 00 5C .P.I.L.O .T.0.4.\ > [0020] 00 49 00 50 00 43 00 24 00 00 00 3F 3F 3F 3F 3F .I.P.C.$ ...????? > [0030] 00 . >[2016/02/25 13:25:31.786782, 3] smbd/process.c:1467(switch_message) > switch message SMBtconX (pid 4881) conn 0x0 >[2016/02/25 13:25:31.786837, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:31.786886, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:31.786972, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:31.787049, 5] smbd/uid.c:400(change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) >[2016/02/25 13:25:31.787113, 4] smbd/reply.c:794(reply_tcon_and_X) > Client requested device type [?????] for share [IPC$] >[2016/02/25 13:25:31.787180, 5] smbd/service.c:1354(make_connection) > making a connection to 'normal' service ipc$ >[2016/02/25 13:25:31.787237, 3] lib/access.c:338(allow_access) > Allowed connection from 172.18.0.241 (172.18.0.241) >[2016/02/25 13:25:31.787311, 3] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp) > string_to_sid: SID root is not in a valid format >[2016/02/25 13:25:31.787391, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: SUNEWSPILOT04\root => domain=[SUNEWSPILOT04], name=[root] >[2016/02/25 13:25:31.787443, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x073 >[2016/02/25 13:25:31.787497, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:31.787545, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2016/02/25 13:25:31.787592, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:31.787636, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:31.787680, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:31.787774, 5] passdb/pdb_tdb.c:562(tdbsam_getsampwnam) > pdb_getsampwnam (TDB): error fetching database. > Key: USER_root >[2016/02/25 13:25:31.787846, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:31.787894, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:31.787974, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2016/02/25 13:25:31.788024, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:31.788068, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:31.788111, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:31.788203, 10] groupdb/mapping_tdb.c:235(find_map) > failed to unpack map >[2016/02/25 13:25:31.788274, 10] groupdb/mapping_tdb.c:235(find_map) > failed to unpack map >[2016/02/25 13:25:31.788343, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:31.788424, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: Unix User\root => domain=[Unix User], name=[root] >[2016/02/25 13:25:31.788473, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x073 >[2016/02/25 13:25:31.789533, 10] smbd/share_access.c:241(user_ok_token) > user_ok_token: share IPC$ is ok for unix user WNTHFD+infomaker >[2016/02/25 13:25:31.789625, 5] lib/username.c:171(Get_Pwnam_alloc) > Finding user WNTHFD+infomaker >[2016/02/25 13:25:31.789676, 5] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is wnthfd+infomaker >[2016/02/25 13:25:31.789726, 5] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [WNTHFD+infomaker]! >[2016/02/25 13:25:31.789782, 10] smbd/service.c:162(set_conn_connectpath) > set_conn_connectpath: service IPC$, connectpath = /tmp >[2016/02/25 13:25:31.789832, 3] smbd/service.c:872(make_connection_snum) > Connect path is '/tmp' for service [IPC$] >[2016/02/25 13:25:31.789906, 10] ../libcli/security/access_check.c:58(se_map_generic) > se_map_generic(): mapped mask 0x10000000 to 0x001f01ff >[2016/02/25 13:25:31.790002, 10] ../libcli/security/access_check.c:178(se_access_check) > se_access_check: MAX desired = 0x2000000, granted = 0x101f01ff, remaining = 0x101f01ff >[2016/02/25 13:25:31.790061, 3] smbd/vfs.c:102(vfs_init_default) > Initialising default vfs hooks >[2016/02/25 13:25:31.790115, 10] smbd/vfs.c:53(vfs_find_backend_entry) > vfs_find_backend_entry called for /[Default VFS]/ >[2016/02/25 13:25:31.790165, 5] smbd/vfs.c:92(smb_register_vfs) > Successfully added vfs backend '/[Default VFS]/' >[2016/02/25 13:25:31.790216, 10] smbd/vfs.c:53(vfs_find_backend_entry) > vfs_find_backend_entry called for posixacl >[2016/02/25 13:25:31.790261, 5] smbd/vfs.c:92(smb_register_vfs) > Successfully added vfs backend 'posixacl' >[2016/02/25 13:25:31.790306, 3] smbd/vfs.c:128(vfs_init_custom) > Initialising custom vfs hooks from [/[Default VFS]/] >[2016/02/25 13:25:31.790397, 10] smbd/vfs.c:53(vfs_find_backend_entry) > vfs_find_backend_entry called for /[Default VFS]/ > Successfully loaded vfs module [/[Default VFS]/] with the new modules system >[2016/02/25 13:25:31.790473, 5] smbd/connection.c:134(claim_connection) > claiming [IPC$] >[2016/02/25 13:25:31.790599, 10] lib/dbwrap_tdb.c:102(db_tdb_fetch_locked) > Locking key 11130000FFFFFFFFA322 >[2016/02/25 13:25:31.790659, 10] lib/dbwrap_tdb.c:131(db_tdb_fetch_locked) > Allocated locked data 0x0x2b14c6127200 >[2016/02/25 13:25:31.790748, 10] lib/dbwrap_tdb.c:44(db_tdb_record_destr) > Unlocking key 11130000FFFFFFFFA322 >[2016/02/25 13:25:31.790903, 10] smbd/service.c:162(set_conn_connectpath) > set_conn_connectpath: service IPC$, connectpath = /tmp >[2016/02/25 13:25:31.791000, 3] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp) > string_to_sid: SID root is not in a valid format >[2016/02/25 13:25:31.791062, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: SUNEWSPILOT04\root => domain=[SUNEWSPILOT04], name=[root] >[2016/02/25 13:25:31.791107, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x073 >[2016/02/25 13:25:31.791155, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:31.791201, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2016/02/25 13:25:31.791245, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:31.791290, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:31.791334, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:31.791441, 5] passdb/pdb_tdb.c:562(tdbsam_getsampwnam) > pdb_getsampwnam (TDB): error fetching database. > Key: USER_root >[2016/02/25 13:25:31.791517, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:31.791569, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:31.791618, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2016/02/25 13:25:31.791678, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:31.791726, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:31.791770, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:31.791853, 10] groupdb/mapping_tdb.c:235(find_map) > failed to unpack map >[2016/02/25 13:25:31.791922, 10] groupdb/mapping_tdb.c:235(find_map) > failed to unpack map >[2016/02/25 13:25:31.792029, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:31.792095, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: Unix User\root => domain=[Unix User], name=[root] >[2016/02/25 13:25:31.792141, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x073 >[2016/02/25 13:25:31.792884, 10] smbd/share_access.c:241(user_ok_token) > user_ok_token: share IPC$ is ok for unix user WNTHFD+infomaker >[2016/02/25 13:25:31.792961, 10] smbd/share_access.c:286(is_share_read_only_for_token) > is_share_read_only_for_user: share IPC$ is read-only for unix user WNTHFD+infomaker >[2016/02/25 13:25:31.793077, 10] ../libcli/security/access_check.c:58(se_map_generic) > se_map_generic(): mapped mask 0x10000000 to 0x001f01ff >[2016/02/25 13:25:31.793151, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (62213, 61000) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:31.793202, 5] ../libcli/security/security_token.c:63(security_token_debug) > Security token SIDs (33): > SID[ 0]: S-1-5-21-2138249453-1736393925-328618392-16582 > SID[ 1]: S-1-5-21-2138249453-1736393925-328618392-513 > SID[ 2]: S-1-5-21-2138249453-1736393925-328618392-10746 > SID[ 3]: S-1-5-21-2138249453-1736393925-328618392-14876 > SID[ 4]: S-1-5-21-2138249453-1736393925-328618392-21357 > SID[ 5]: S-1-5-21-2138249453-1736393925-328618392-23110 > SID[ 6]: S-1-5-21-2138249453-1736393925-328618392-21039 > SID[ 7]: S-1-5-21-2138249453-1736393925-328618392-20918 > SID[ 8]: S-1-5-21-2138249453-1736393925-328618392-15006 > SID[ 9]: S-1-5-21-2138249453-1736393925-328618392-23082 > SID[ 10]: S-1-5-21-2138249453-1736393925-328618392-6562 > SID[ 11]: S-1-5-21-2138249453-1736393925-328618392-21040 > SID[ 12]: S-1-18-1 > SID[ 13]: S-1-1-0 > SID[ 14]: S-1-5-2 > SID[ 15]: S-1-5-11 > SID[ 16]: S-1-5-32-545 > SID[ 17]: S-1-22-1-62213 > SID[ 18]: S-1-22-2-61000 > SID[ 19]: S-1-22-2-61017 > SID[ 20]: S-1-22-2-61024 > SID[ 21]: S-1-22-2-61107 > SID[ 22]: S-1-22-2-61108 > SID[ 23]: S-1-22-2-61109 > SID[ 24]: S-1-22-2-61030 > SID[ 25]: S-1-22-2-61034 > SID[ 26]: S-1-22-2-61110 > SID[ 27]: S-1-22-2-61037 > SID[ 28]: S-1-22-2-61111 > SID[ 29]: S-1-22-2-61104 > SID[ 30]: S-1-22-2-61105 > SID[ 31]: S-1-22-2-61106 > SID[ 32]: S-1-22-2-61016 > Privileges (0x 0): > Rights (0x 0): >[2016/02/25 13:25:31.794039, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 62213 > Primary group is 61000 and contains 15 supplementary groups > Group[ 0]: 61000 > Group[ 1]: 61017 > Group[ 2]: 61024 > Group[ 3]: 61107 > Group[ 4]: 61108 > Group[ 5]: 61109 > Group[ 6]: 61030 > Group[ 7]: 61034 > Group[ 8]: 61110 > Group[ 9]: 61037 > Group[ 10]: 61111 > Group[ 11]: 61104 > Group[ 12]: 61105 > Group[ 13]: 61106 > Group[ 14]: 61016 >[2016/02/25 13:25:31.794417, 5] smbd/uid.c:317(change_to_user_internal) > Impersonated user: uid=(0,62213), gid=(0,61000) >[2016/02/25 13:25:31.794480, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:31.794528, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:31.794575, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:31.794651, 5] smbd/uid.c:400(change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) >[2016/02/25 13:25:31.794705, 10] smbd/service.c:162(set_conn_connectpath) > set_conn_connectpath: service IPC$, connectpath = /tmp >[2016/02/25 13:25:31.794768, 3] smbd/service.c:1114(make_connection_snum) > 172.18.0.241 (172.18.0.241) connect to service IPC$ initially as user WNTHFD+infomaker (uid=62213, gid=61000) (pid 4881) >[2016/02/25 13:25:31.794827, 3] smbd/reply.c:871(reply_tcon_and_X) > tconX service=IPC$ >[2016/02/25 13:25:31.795554, 10] lib/util_sock.c:519(read_smb_length_return_keepalive) > got smb length of 100 >[2016/02/25 13:25:31.795631, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x64 >[2016/02/25 13:25:31.795680, 3] smbd/process.c:1662(process_smb) > Transaction 3 of length 104 (0 toread) >[2016/02/25 13:25:31.795726, 5] lib/util.c:332(show_msg) >[2016/02/25 13:25:31.795753, 5] lib/util.c:342(show_msg) > size=100 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51207 > smb_tid=1 > smb_pid=4948 > smb_uid=101 > smb_mid=192 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 3584 (0xE00) > smb_vwv[ 3]= 4096 (0x1000) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=40704 (0x9F00) > smb_vwv[ 8]= 4609 (0x1201) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1792 (0x700) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]=16384 (0x4000) > smb_vwv[20]=16384 (0x4000) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 256 (0x100) > smb_bcc=17 >[2016/02/25 13:25:31.796506, 10] ../lib/util/util.c:415(dump_data) > [0000] 00 5C 00 73 00 72 00 76 00 73 00 76 00 63 00 00 .\.s.r.v .s.v.c.. > [0010] 00 . >[2016/02/25 13:25:31.796630, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 4881) conn 0x2b14ce43de50 >[2016/02/25 13:25:31.796686, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (62213, 61000) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:31.796737, 5] ../libcli/security/security_token.c:63(security_token_debug) > Security token SIDs (33): > SID[ 0]: S-1-5-21-2138249453-1736393925-328618392-16582 > SID[ 1]: S-1-5-21-2138249453-1736393925-328618392-513 > SID[ 2]: S-1-5-21-2138249453-1736393925-328618392-10746 > SID[ 3]: S-1-5-21-2138249453-1736393925-328618392-14876 > SID[ 4]: S-1-5-21-2138249453-1736393925-328618392-21357 > SID[ 5]: S-1-5-21-2138249453-1736393925-328618392-23110 > SID[ 6]: S-1-5-21-2138249453-1736393925-328618392-21039 > SID[ 7]: S-1-5-21-2138249453-1736393925-328618392-20918 > SID[ 8]: S-1-5-21-2138249453-1736393925-328618392-15006 > SID[ 9]: S-1-5-21-2138249453-1736393925-328618392-23082 > SID[ 10]: S-1-5-21-2138249453-1736393925-328618392-6562 > SID[ 11]: S-1-5-21-2138249453-1736393925-328618392-21040 > SID[ 12]: S-1-18-1 > SID[ 13]: S-1-1-0 > SID[ 14]: S-1-5-2 > SID[ 15]: S-1-5-11 > SID[ 16]: S-1-5-32-545 > SID[ 17]: S-1-22-1-62213 > SID[ 18]: S-1-22-2-61000 > SID[ 19]: S-1-22-2-61017 > SID[ 20]: S-1-22-2-61024 > SID[ 21]: S-1-22-2-61107 > SID[ 22]: S-1-22-2-61108 > SID[ 23]: S-1-22-2-61109 > SID[ 24]: S-1-22-2-61030 > SID[ 25]: S-1-22-2-61034 > SID[ 26]: S-1-22-2-61110 > SID[ 27]: S-1-22-2-61037 > SID[ 28]: S-1-22-2-61111 > SID[ 29]: S-1-22-2-61104 > SID[ 30]: S-1-22-2-61105 > SID[ 31]: S-1-22-2-61106 > SID[ 32]: S-1-22-2-61016 > Privileges (0x 0): > Rights (0x 0): >[2016/02/25 13:25:31.797557, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 62213 > Primary group is 61000 and contains 15 supplementary groups > Group[ 0]: 61000 > Group[ 1]: 61017 > Group[ 2]: 61024 > Group[ 3]: 61107 > Group[ 4]: 61108 > Group[ 5]: 61109 > Group[ 6]: 61030 > Group[ 7]: 61034 > Group[ 8]: 61110 > Group[ 9]: 61037 > Group[ 10]: 61111 > Group[ 11]: 61104 > Group[ 12]: 61105 > Group[ 13]: 61106 > Group[ 14]: 61016 >[2016/02/25 13:25:31.797934, 5] smbd/uid.c:317(change_to_user_internal) > Impersonated user: uid=(0,62213), gid=(0,61000) >[2016/02/25 13:25:31.797995, 4] smbd/vfs.c:780(vfs_ChDir) > vfs_ChDir to /tmp >[2016/02/25 13:25:31.798125, 10] smbd/nttrans.c:500(reply_ntcreate_and_X) > reply_ntcreate_and_X: flags = 0x10, access_mask = 0x12019f file_attributes = 0x0, share_access = 0x7, create_disposition = 0x1 create_options = 0x400040 root_dir_fid = 0x0, fname = srvsvc >[2016/02/25 13:25:31.798191, 4] smbd/nttrans.c:288(nt_open_pipe) > nt_open_pipe: Opening pipe \srvsvc. >[2016/02/25 13:25:31.798267, 5] smbd/files.c:140(file_new) > allocated file structure 8618, fnum = 12714 (1 used) >[2016/02/25 13:25:31.798323, 10] smbd/files.c:705(file_name_hash) > file_name_hash: /tmp/srvsvc hash 0x8e98a76a >[2016/02/25 13:25:31.798426, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \srvsvc >[2016/02/25 13:25:31.798517, 10] rpc_server/rpc_handles.c:116(init_pipe_handles) > init_pipe_handle_list: created handle list for pipe \srvsvc >[2016/02/25 13:25:31.798570, 10] rpc_server/rpc_handles.c:133(init_pipe_handles) > init_pipe_handle_list: pipe_handles ref count = 1 for pipe \srvsvc >[2016/02/25 13:25:31.798635, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \srvsvc (pipes_open=0) >[2016/02/25 13:25:31.798690, 5] smbd/nttrans.c:377(do_ntcreate_pipe_open) > do_ntcreate_pipe_open: open pipe = \srvsvc >[2016/02/25 13:25:31.799137, 10] lib/util_sock.c:519(read_smb_length_return_keepalive) > got smb length of 72 >[2016/02/25 13:25:31.799213, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x48 >[2016/02/25 13:25:31.799262, 3] smbd/process.c:1662(process_smb) > Transaction 4 of length 76 (0 toread) >[2016/02/25 13:25:31.799324, 5] lib/util.c:332(show_msg) >[2016/02/25 13:25:31.799354, 5] lib/util.c:342(show_msg) > size=72 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51207 > smb_tid=1 > smb_pid=4948 > smb_uid=101 > smb_mid=256 > smt_wct=15 > smb_vwv[ 0]= 4 (0x4) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 2 (0x2) > smb_vwv[ 3]= 24 (0x18) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 4 (0x4) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 7 (0x7) > smb_bcc=7 >[2016/02/25 13:25:31.799897, 10] ../lib/util/util.c:415(dump_data) > [0000] 00 00 00 AA 31 ED 03 ....1.. >[2016/02/25 13:25:31.799969, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 4881) conn 0x2b14ce43de50 >[2016/02/25 13:25:31.800021, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2016/02/25 13:25:31.800126, 9] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 2, data_sent_thistime = 24, useable_space = 131010 >[2016/02/25 13:25:31.800183, 9] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 2, data_to_send = 24, paramsize = 2, datasize = 24 >[2016/02/25 13:25:31.800229, 5] lib/util.c:332(show_msg) >[2016/02/25 13:25:31.800256, 5] lib/util.c:342(show_msg) > size=84 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=1 > smb_pid=4948 > smb_uid=101 > smb_mid=256 > smt_wct=10 > smb_vwv[ 0]= 2 (0x2) > smb_vwv[ 1]= 24 (0x18) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 2 (0x2) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 24 (0x18) > smb_vwv[ 7]= 60 (0x3C) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=29 >[2016/02/25 13:25:31.800693, 10] ../lib/util/util.c:415(dump_data) > [0000] 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 ........ ........ > [0010] 00 00 00 00 00 01 00 00 00 01 00 00 00 ........ ..... >[2016/02/25 13:25:31.801722, 10] lib/util_sock.c:519(read_smb_length_return_keepalive) > got smb length of 224 >[2016/02/25 13:25:31.801801, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0xe0 >[2016/02/25 13:25:31.801850, 3] smbd/process.c:1662(process_smb) > Transaction 5 of length 228 (0 toread) >[2016/02/25 13:25:31.801897, 5] lib/util.c:332(show_msg) >[2016/02/25 13:25:31.801925, 5] lib/util.c:342(show_msg) > size=224 > smb_com=0x2f > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51207 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=320 > smt_wct=14 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]=12714 (0x31AA) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]=65535 (0xFFFF) > smb_vwv[ 6]=65535 (0xFFFF) > smb_vwv[ 7]= 8 (0x8) > smb_vwv[ 8]= 160 (0xA0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 160 (0xA0) > smb_vwv[11]= 64 (0x40) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_bcc=161 >[2016/02/25 13:25:31.802482, 10] ../lib/util/util.c:415(dump_data) > [0000] EE 05 00 0B 03 10 00 00 00 A0 00 00 00 02 00 00 ........ ........ > [0010] 00 B8 10 B8 10 00 00 00 00 03 00 00 00 00 00 01 ........ ........ > [0020] 00 C8 4F 32 4B 70 16 D3 01 12 78 5A 47 BF 6E E1 ..O2Kp.. ..xZG.n. > [0030] 88 03 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 ......]. ........ > [0040] 00 2B 10 48 60 02 00 00 00 01 00 01 00 C8 4F 32 .+.H`... ......O2 > [0050] 4B 70 16 D3 01 12 78 5A 47 BF 6E E1 88 03 00 00 Kp....xZ G.n..... > [0060] 00 33 05 71 71 BA BE 37 49 83 19 B5 DB EF 9C CC .3.qq..7 I....... > [0070] 36 01 00 00 00 02 00 01 00 C8 4F 32 4B 70 16 D3 6....... ..O2Kp.. > [0080] 01 12 78 5A 47 BF 6E E1 88 03 00 00 00 2C 1C B7 ..xZG.n. .....,.. > [0090] 6C 12 98 40 45 03 00 00 00 00 00 00 00 01 00 00 l..@E... ........ > [00A0] 00 . >[2016/02/25 13:25:31.802990, 3] smbd/process.c:1467(switch_message) > switch message SMBwriteX (pid 4881) conn 0x2b14ce43de50 >[2016/02/25 13:25:31.803081, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2016/02/25 13:25:31.803162, 6] smbd/pipes.c:300(reply_pipe_write_and_X) > reply_pipe_write_and_X: 31aa name: srvsvc len: 160 >[2016/02/25 13:25:31.803214, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 160 >[2016/02/25 13:25:31.803261, 10] rpc_server/srv_pipe_hnd.c:242(write_to_internal_pipe) > write_to_pipe: data_left = 160 >[2016/02/25 13:25:31.803309, 10] rpc_server/srv_pipe_hnd.c:138(process_incoming_data) > process_incoming_data: Start: pdu.length = 0, pdu_needed_len = 0, incoming data = 160 >[2016/02/25 13:25:31.803373, 10] rpc_server/srv_pipe_hnd.c:50(fill_rpc_header) > fill_rpc_header: data_to_copy = 160, len_needed_to_complete_hdr = 16, receive_len = 0 >[2016/02/25 13:25:31.803435, 10] rpc_server/srv_pipe_hnd.c:247(write_to_internal_pipe) > write_to_pipe: data_used = 16 >[2016/02/25 13:25:31.803484, 10] rpc_server/srv_pipe_hnd.c:242(write_to_internal_pipe) > write_to_pipe: data_left = 144 >[2016/02/25 13:25:31.803532, 10] rpc_server/srv_pipe_hnd.c:138(process_incoming_data) > process_incoming_data: Start: pdu.length = 16, pdu_needed_len = 0, incoming data = 144 >[2016/02/25 13:25:31.803598, 10] rpc_server/srv_pipe_hnd.c:247(write_to_internal_pipe) > write_to_pipe: data_used = 0 >[2016/02/25 13:25:31.803650, 10] rpc_server/srv_pipe_hnd.c:242(write_to_internal_pipe) > write_to_pipe: data_left = 144 >[2016/02/25 13:25:31.803695, 10] rpc_server/srv_pipe_hnd.c:138(process_incoming_data) > process_incoming_data: Start: pdu.length = 16, pdu_needed_len = 144, incoming data = 144 >[2016/02/25 13:25:31.803745, 10] rpc_server/srv_pipe.c:1877(process_complete_pdu) > PDU is in Little Endian format! >[2016/02/25 13:25:31.803816, 1] ../librpc/ndr/ndr.c:247(ndr_print_debug) > r: struct ncacn_packet > rpc_vers : 0x05 (5) > rpc_vers_minor : 0x00 (0) > ptype : DCERPC_PKT_BIND (11) > pfc_flags : 0x03 (3) > drep: ARRAY(4) > [0] : 0x10 (16) > [1] : 0x00 (0) > [2] : 0x00 (0) > [3] : 0x00 (0) > frag_length : 0x00a0 (160) > auth_length : 0x0000 (0) > call_id : 0x00000002 (2) > u : union dcerpc_payload(case 11) > bind: struct dcerpc_bind > max_xmit_frag : 0x10b8 (4280) > max_recv_frag : 0x10b8 (4280) > assoc_group_id : 0x00000000 (0) > num_contexts : 0x03 (3) > ctx_list: ARRAY(3) > ctx_list: struct dcerpc_ctx_list > context_id : 0x0000 (0) > num_transfer_syntaxes : 0x01 (1) > abstract_syntax: struct ndr_syntax_id > uuid : 4b324fc8-1670-01d3-1278-5a47bf6ee188 > if_version : 0x00000003 (3) > transfer_syntaxes: ARRAY(1) > transfer_syntaxes: struct ndr_syntax_id > uuid : 8a885d04-1ceb-11c9-9fe8-08002b104860 > if_version : 0x00000002 (2) > ctx_list: struct dcerpc_ctx_list > context_id : 0x0001 (1) > num_transfer_syntaxes : 0x01 (1) > abstract_syntax: struct ndr_syntax_id > uuid : 4b324fc8-1670-01d3-1278-5a47bf6ee188 > if_version : 0x00000003 (3) > transfer_syntaxes: ARRAY(1) > transfer_syntaxes: struct ndr_syntax_id > uuid : 71710533-beba-4937-8319-b5dbef9ccc36 > if_version : 0x00000001 (1) > ctx_list: struct dcerpc_ctx_list > context_id : 0x0002 (2) > num_transfer_syntaxes : 0x01 (1) > abstract_syntax: struct ndr_syntax_id > uuid : 4b324fc8-1670-01d3-1278-5a47bf6ee188 > if_version : 0x00000003 (3) > transfer_syntaxes: ARRAY(1) > transfer_syntaxes: struct ndr_syntax_id > uuid : 6cb71c2c-9812-4540-0300-000000000000 > if_version : 0x00000001 (1) > auth_info : DATA_BLOB length=0 >[2016/02/25 13:25:31.805101, 10] rpc_server/srv_pipe.c:1890(process_complete_pdu) > Processing packet type 11 >[2016/02/25 13:25:31.805183, 3] rpc_server/srv_pipe.c:889(api_pipe_bind_req) > api_pipe_bind_req: \PIPE\srvsvc -> \PIPE\srvsvc >[2016/02/25 13:25:31.805240, 5] rpc_server/srv_pipe.c:923(api_pipe_bind_req) > api_pipe_bind_req: make response. 923 >[2016/02/25 13:25:31.805288, 3] rpc_server/srv_pipe.c:339(check_bind_req) > check_bind_req for \srvsvc >[2016/02/25 13:25:31.805336, 3] rpc_server/srv_pipe.c:346(check_bind_req) > check_bind_req: \PIPE\srvsvc -> \PIPE\srvsvc >[2016/02/25 13:25:31.805427, 1] ../librpc/ndr/ndr.c:247(ndr_print_debug) > &r: struct ncacn_packet > rpc_vers : 0x05 (5) > rpc_vers_minor : 0x00 (0) > ptype : DCERPC_PKT_BIND_ACK (12) > pfc_flags : 0x03 (3) > drep: ARRAY(4) > [0] : 0x10 (16) > [1] : 0x00 (0) > [2] : 0x00 (0) > [3] : 0x00 (0) > frag_length : 0x0044 (68) > auth_length : 0x0000 (0) > call_id : 0x00000002 (2) > u : union dcerpc_payload(case 12) > bind_ack: struct dcerpc_bind_ack > max_xmit_frag : 0x10b8 (4280) > max_recv_frag : 0x10b8 (4280) > assoc_group_id : 0x000053f0 (21488) > secondary_address_size : 0x000d (13) > secondary_address : '\PIPE\srvsvc' > _pad1 : DATA_BLOB length=0 > num_results : 0x01 (1) > ctx_list: ARRAY(1) > ctx_list: struct dcerpc_ack_ctx > result : 0x0000 (0) > reason : 0x0000 (0) > syntax: struct ndr_syntax_id > uuid : 8a885d04-1ceb-11c9-9fe8-08002b104860 > if_version : 0x00000002 (2) > auth_info : DATA_BLOB length=0 >[2016/02/25 13:25:31.806175, 10] rpc_server/srv_pipe_hnd.c:247(write_to_internal_pipe) > write_to_pipe: data_used = 144 >[2016/02/25 13:25:31.806247, 3] smbd/pipes.c:361(pipe_write_andx_done) > writeX-IPC nwritten=160 >[2016/02/25 13:25:31.806829, 10] lib/util_sock.c:519(read_smb_length_return_keepalive) > got smb length of 59 >[2016/02/25 13:25:31.806913, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2016/02/25 13:25:31.806962, 3] smbd/process.c:1662(process_smb) > Transaction 6 of length 63 (0 toread) >[2016/02/25 13:25:31.807009, 5] lib/util.c:332(show_msg) >[2016/02/25 13:25:31.807037, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51207 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=384 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]=12714 (0x31AA) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 1024 (0x400) > smb_vwv[ 6]= 1024 (0x400) > smb_vwv[ 7]=65535 (0xFFFF) > smb_vwv[ 8]=65535 (0xFFFF) > smb_vwv[ 9]= 1024 (0x400) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2016/02/25 13:25:31.807620, 10] ../lib/util/util.c:415(dump_data) >[2016/02/25 13:25:31.807658, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 4881) conn 0x2b14ce43de50 >[2016/02/25 13:25:31.807709, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2016/02/25 13:25:31.807765, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \srvsvc len: 1024 >[2016/02/25 13:25:31.807818, 10] rpc_server/srv_pipe_hnd.c:325(read_from_internal_pipe) > read_from_pipe: \srvsvc: current_pdu_len = 68, current_pdu_sent = 0 returning 68 bytes. >[2016/02/25 13:25:31.807868, 3] rpc_server/srv_pipe_hnd.c:121(free_pipe_context) > free_pipe_context: destroying talloc pool of size 28 >[2016/02/25 13:25:31.807928, 10] rpc_server/srv_pipe_hnd.c:788(np_read_recv) > Received 68 bytes. There is no more data outstanding >[2016/02/25 13:25:31.807978, 3] smbd/pipes.c:485(pipe_read_andx_done) > readX-IPC min=1024 max=1024 nread=68 >[2016/02/25 13:25:31.808574, 10] lib/util_sock.c:519(read_smb_length_return_keepalive) > got smb length of 164 >[2016/02/25 13:25:31.808656, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0xa4 >[2016/02/25 13:25:31.808706, 3] smbd/process.c:1662(process_smb) > Transaction 7 of length 168 (0 toread) >[2016/02/25 13:25:31.808753, 5] lib/util.c:332(show_msg) >[2016/02/25 13:25:31.808781, 5] lib/util.c:342(show_msg) > size=164 > smb_com=0x2f > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51207 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=448 > smt_wct=14 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]=12714 (0x31AA) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]=65535 (0xFFFF) > smb_vwv[ 6]=65535 (0xFFFF) > smb_vwv[ 7]= 8 (0x8) > smb_vwv[ 8]= 100 (0x64) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 100 (0x64) > smb_vwv[11]= 64 (0x40) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_bcc=101 >[2016/02/25 13:25:31.809324, 10] ../lib/util/util.c:415(dump_data) > [0000] EE 05 00 00 03 10 00 00 00 64 00 00 00 02 00 00 ........ .d...... > [0010] 00 4C 00 00 00 00 00 0F 00 00 00 02 00 10 00 00 .L...... ........ > [0020] 00 00 00 00 00 10 00 00 00 5C 00 5C 00 53 00 55 ........ .\.\.S.U > [0030] 00 4E 00 45 00 57 00 53 00 50 00 49 00 4C 00 4F .N.E.W.S .P.I.L.O > [0040] 00 54 00 30 00 34 00 00 00 01 00 00 00 01 00 00 .T.0.4.. ........ > [0050] 00 04 00 02 00 00 00 00 00 00 00 00 00 FF FF FF ........ ........ > [0060] FF 00 00 00 00 ..... >[2016/02/25 13:25:31.809655, 3] smbd/process.c:1467(switch_message) > switch message SMBwriteX (pid 4881) conn 0x2b14ce43de50 >[2016/02/25 13:25:31.809709, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2016/02/25 13:25:31.809760, 6] smbd/pipes.c:300(reply_pipe_write_and_X) > reply_pipe_write_and_X: 31aa name: srvsvc len: 100 >[2016/02/25 13:25:31.809811, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 100 >[2016/02/25 13:25:31.809860, 10] rpc_server/srv_pipe_hnd.c:242(write_to_internal_pipe) > write_to_pipe: data_left = 100 >[2016/02/25 13:25:31.809906, 10] rpc_server/srv_pipe_hnd.c:138(process_incoming_data) > process_incoming_data: Start: pdu.length = 0, pdu_needed_len = 0, incoming data = 100 >[2016/02/25 13:25:31.809952, 10] rpc_server/srv_pipe_hnd.c:50(fill_rpc_header) > fill_rpc_header: data_to_copy = 100, len_needed_to_complete_hdr = 16, receive_len = 0 >[2016/02/25 13:25:31.809999, 10] rpc_server/srv_pipe_hnd.c:247(write_to_internal_pipe) > write_to_pipe: data_used = 16 >[2016/02/25 13:25:31.810045, 10] rpc_server/srv_pipe_hnd.c:242(write_to_internal_pipe) > write_to_pipe: data_left = 84 >[2016/02/25 13:25:31.810089, 10] rpc_server/srv_pipe_hnd.c:138(process_incoming_data) > process_incoming_data: Start: pdu.length = 16, pdu_needed_len = 0, incoming data = 84 >[2016/02/25 13:25:31.810163, 10] rpc_server/srv_pipe_hnd.c:247(write_to_internal_pipe) > write_to_pipe: data_used = 0 >[2016/02/25 13:25:31.810242, 10] rpc_server/srv_pipe_hnd.c:242(write_to_internal_pipe) > write_to_pipe: data_left = 84 >[2016/02/25 13:25:31.810289, 10] rpc_server/srv_pipe_hnd.c:138(process_incoming_data) > process_incoming_data: Start: pdu.length = 16, pdu_needed_len = 84, incoming data = 84 >[2016/02/25 13:25:31.810336, 10] rpc_server/srv_pipe.c:1877(process_complete_pdu) > PDU is in Little Endian format! >[2016/02/25 13:25:31.810412, 1] ../librpc/ndr/ndr.c:247(ndr_print_debug) > r: struct ncacn_packet > rpc_vers : 0x05 (5) > rpc_vers_minor : 0x00 (0) > ptype : DCERPC_PKT_REQUEST (0) > pfc_flags : 0x03 (3) > drep: ARRAY(4) > [0] : 0x10 (16) > [1] : 0x00 (0) > [2] : 0x00 (0) > [3] : 0x00 (0) > frag_length : 0x0064 (100) > auth_length : 0x0000 (0) > call_id : 0x00000002 (2) > u : union dcerpc_payload(case 0) > request: struct dcerpc_request > alloc_hint : 0x0000004c (76) > context_id : 0x0000 (0) > opnum : 0x000f (15) > object : union dcerpc_object(case 0) > empty: struct dcerpc_empty > _pad : DATA_BLOB length=0 > stub_and_verifier : DATA_BLOB length=76 > [0000] 00 00 02 00 10 00 00 00 00 00 00 00 10 00 00 00 ........ ........ > [0010] 5C 00 5C 00 53 00 55 00 4E 00 45 00 57 00 53 00 \.\.S.U. N.E.W.S. > [0020] 50 00 49 00 4C 00 4F 00 54 00 30 00 34 00 00 00 P.I.L.O. T.0.4... > [0030] 01 00 00 00 01 00 00 00 04 00 02 00 00 00 00 00 ........ ........ > [0040] 00 00 00 00 FF FF FF FF 00 00 00 00 ........ .... >[2016/02/25 13:25:31.811234, 10] rpc_server/srv_pipe.c:1890(process_complete_pdu) > Processing packet type 0 >[2016/02/25 13:25:31.811289, 10] rpc_server/srv_pipe.c:1734(dcesrv_auth_request) > Checking request auth. >[2016/02/25 13:25:31.811345, 5] rpc_server/srv_pipe.c:1571(api_pipe_request) > Requested \PIPE\\srvsvc >[2016/02/25 13:25:31.811417, 4] rpc_server/srv_pipe.c:1611(api_rpcTNP) > api_rpcTNP: \srvsvc op 0xf - api_rpcTNP: rpc command: SRVSVC_NETSHAREENUMALL >[2016/02/25 13:25:31.811474, 6] rpc_server/srv_pipe.c:1645(api_rpcTNP) > api_rpc_cmds[15].fn == 0x2b14c57d73ed >[2016/02/25 13:25:31.811559, 1] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > srvsvc_NetShareEnumAll: struct srvsvc_NetShareEnumAll > in: struct srvsvc_NetShareEnumAll > server_unc : * > server_unc : '\\SUNEWSPILOT04' > info_ctr : * > info_ctr: struct srvsvc_NetShareInfoCtr > level : 0x00000001 (1) > ctr : union srvsvc_NetShareCtr(case 1) > ctr1 : * > ctr1: struct srvsvc_NetShareCtr1 > count : 0x00000000 (0) > array : NULL > max_buffer : 0xffffffff (4294967295) > resume_handle : NULL >[2016/02/25 13:25:31.811932, 5] rpc_server/srvsvc/srv_srvsvc_nt.c:1381(_srvsvc_NetShareEnumAll) > _srvsvc_NetShareEnumAll: 1381 >[2016/02/25 13:25:31.811991, 5] rpc_server/srvsvc/srv_srvsvc_nt.c:567(init_srv_share_info_ctr) > init_srv_share_info_ctr >[2016/02/25 13:25:31.812039, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(62213, 61000) : sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:31.812093, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(101) : conn_ctx_stack_ndx = 0 >[2016/02/25 13:25:31.812139, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:31.812225, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:31.812288, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:31.812385, 8] smbd/service.c:248(load_registry_shares) > load_registry_shares() >[2016/02/25 13:25:31.812448, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (62213, 61000) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:31.812503, 10] rpc_server/srvsvc/srv_srvsvc_nt.c:590(init_srv_share_info_ctr) > NOT counting service homes >[2016/02/25 13:25:31.812557, 10] rpc_server/srvsvc/srv_srvsvc_nt.c:590(init_srv_share_info_ctr) > NOT counting service printers >[2016/02/25 13:25:31.812608, 10] rpc_server/srvsvc/srv_srvsvc_nt.c:585(init_srv_share_info_ctr) > counting service public >[2016/02/25 13:25:31.812656, 10] rpc_server/srvsvc/srv_srvsvc_nt.c:585(init_srv_share_info_ctr) > counting service newspilotFStest >[2016/02/25 13:25:31.812720, 10] rpc_server/srvsvc/srv_srvsvc_nt.c:585(init_srv_share_info_ctr) > counting service newspilotpluginstest >[2016/02/25 13:25:31.812768, 10] rpc_server/srvsvc/srv_srvsvc_nt.c:585(init_srv_share_info_ctr) > counting service IPC$ >[2016/02/25 13:25:31.812815, 10] rpc_server/srvsvc/srv_srvsvc_nt.c:585(init_srv_share_info_ctr) > counting service infomaker >[2016/02/25 13:25:31.812898, 5] rpc_server/srvsvc/srv_srvsvc_nt.c:1395(_srvsvc_NetShareEnumAll) > _srvsvc_NetShareEnumAll: 1395 >[2016/02/25 13:25:31.812946, 1] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > srvsvc_NetShareEnumAll: struct srvsvc_NetShareEnumAll > out: struct srvsvc_NetShareEnumAll > info_ctr : * > info_ctr: struct srvsvc_NetShareInfoCtr > level : 0x00000001 (1) > ctr : union srvsvc_NetShareCtr(case 1) > ctr1 : * > ctr1: struct srvsvc_NetShareCtr1 > count : 0x00000005 (5) > array : * > array: ARRAY(5) > array: struct srvsvc_NetShareInfo1 > name : * > name : 'public' > type : STYPE_DISKTREE (0x0) > comment : * > comment : 'Public Stuff' > array: struct srvsvc_NetShareInfo1 > name : * > name : 'newspilotFStest' > type : STYPE_DISKTREE (0x0) > comment : * > comment : 'newspilot' > array: struct srvsvc_NetShareInfo1 > name : * > name : 'newspilotpluginstest' > type : STYPE_DISKTREE (0x0) > comment : * > comment : 'newspilot-profiles' > array: struct srvsvc_NetShareInfo1 > name : * > name : 'IPC$' > type : STYPE_IPC_HIDDEN (0x80000003) > comment : * > comment : 'IPC Service ("SUNEWSPILOT04 " newspilot server)' > array: struct srvsvc_NetShareInfo1 > name : * > name : 'infomaker' > type : STYPE_DISKTREE (0x0) > comment : * > comment : 'Home Directories' > totalentries : * > totalentries : 0x00000005 (5) > resume_handle : NULL > result : WERR_OK >[2016/02/25 13:25:31.814135, 5] rpc_server/srv_pipe.c:1679(api_rpcTNP) > api_rpcTNP: called \srvsvc successfully >[2016/02/25 13:25:31.814239, 10] rpc_server/srv_pipe_hnd.c:247(write_to_internal_pipe) > write_to_pipe: data_used = 84 >[2016/02/25 13:25:31.814307, 3] smbd/pipes.c:361(pipe_write_andx_done) > writeX-IPC nwritten=100 >[2016/02/25 13:25:31.814963, 10] lib/util_sock.c:519(read_smb_length_return_keepalive) > got smb length of 59 >[2016/02/25 13:25:31.815038, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2016/02/25 13:25:31.815087, 3] smbd/process.c:1662(process_smb) > Transaction 8 of length 63 (0 toread) >[2016/02/25 13:25:31.815134, 5] lib/util.c:332(show_msg) >[2016/02/25 13:25:31.815161, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51207 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=512 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]=12714 (0x31AA) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 1024 (0x400) > smb_vwv[ 6]= 1024 (0x400) > smb_vwv[ 7]=65535 (0xFFFF) > smb_vwv[ 8]=65535 (0xFFFF) > smb_vwv[ 9]= 1024 (0x400) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2016/02/25 13:25:31.815682, 10] ../lib/util/util.c:415(dump_data) >[2016/02/25 13:25:31.815719, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 4881) conn 0x2b14ce43de50 >[2016/02/25 13:25:31.815770, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2016/02/25 13:25:31.815825, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \srvsvc len: 1024 >[2016/02/25 13:25:31.815879, 10] rpc_server/srv_pipe_hnd.c:346(read_from_internal_pipe) > read_from_pipe: \srvsvc: fault_state = 0 : data_sent_length = 0, p->out_data.rdata.length = 560. >[2016/02/25 13:25:31.815944, 1] ../librpc/ndr/ndr.c:247(ndr_print_debug) > &r: struct ncacn_packet > rpc_vers : 0x05 (5) > rpc_vers_minor : 0x00 (0) > ptype : DCERPC_PKT_RESPONSE (2) > pfc_flags : 0x03 (3) > drep: ARRAY(4) > [0] : 0x10 (16) > [1] : 0x00 (0) > [2] : 0x00 (0) > [3] : 0x00 (0) > frag_length : 0x0248 (584) > auth_length : 0x0000 (0) > call_id : 0x00000002 (2) > u : union dcerpc_payload(case 2) > response: struct dcerpc_response > alloc_hint : 0x00000230 (560) > context_id : 0x0000 (0) > cancel_count : 0x00 (0) > _pad : DATA_BLOB length=0 > stub_and_verifier : DATA_BLOB length=560 > [0000] 01 00 00 00 01 00 00 00 08 00 02 00 05 00 00 00 ........ ........ > [0010] 0C 00 02 00 05 00 00 00 10 00 02 00 00 00 00 00 ........ ........ > [0020] 14 00 02 00 18 00 02 00 00 00 00 00 1C 00 02 00 ........ ........ > [0030] 20 00 02 00 00 00 00 00 24 00 02 00 28 00 02 00 ....... $...(... > [0040] 03 00 00 80 2C 00 02 00 30 00 02 00 00 00 00 00 ....,... 0....... > [0050] 34 00 02 00 07 00 00 00 00 00 00 00 07 00 00 00 4....... ........ > [0060] 70 00 75 00 62 00 6C 00 69 00 63 00 00 00 00 00 p.u.b.l. i.c..... > [0070] 0D 00 00 00 00 00 00 00 0D 00 00 00 50 00 75 00 ........ ....P.u. > [0080] 62 00 6C 00 69 00 63 00 20 00 53 00 74 00 75 00 b.l.i.c. .S.t.u. > [0090] 66 00 66 00 00 00 00 00 10 00 00 00 00 00 00 00 f.f..... ........ > [00A0] 10 00 00 00 6E 00 65 00 77 00 73 00 70 00 69 00 ....n.e. w.s.p.i. > [00B0] 6C 00 6F 00 74 00 46 00 53 00 74 00 65 00 73 00 l.o.t.F. S.t.e.s. > [00C0] 74 00 00 00 0A 00 00 00 00 00 00 00 0A 00 00 00 t....... ........ > [00D0] 6E 00 65 00 77 00 73 00 70 00 69 00 6C 00 6F 00 n.e.w.s. p.i.l.o. > [00E0] 74 00 00 00 15 00 00 00 00 00 00 00 15 00 00 00 t....... ........ > [00F0] 6E 00 65 00 77 00 73 00 70 00 69 00 6C 00 6F 00 n.e.w.s. p.i.l.o. > [0100] 74 00 70 00 6C 00 75 00 67 00 69 00 6E 00 73 00 t.p.l.u. g.i.n.s. > [0110] 74 00 65 00 73 00 74 00 00 00 00 00 13 00 00 00 t.e.s.t. ........ > [0120] 00 00 00 00 13 00 00 00 6E 00 65 00 77 00 73 00 ........ n.e.w.s. > [0130] 70 00 69 00 6C 00 6F 00 74 00 2D 00 70 00 72 00 p.i.l.o. t.-.p.r. > [0140] 6F 00 66 00 69 00 6C 00 65 00 73 00 00 00 00 00 o.f.i.l. e.s..... > [0150] 05 00 00 00 00 00 00 00 05 00 00 00 49 00 50 00 ........ ....I.P. > [0160] 43 00 24 00 00 00 00 00 30 00 00 00 00 00 00 00 C.$..... 0....... > [0170] 30 00 00 00 49 00 50 00 43 00 20 00 53 00 65 00 0...I.P. C. .S.e. > [0180] 72 00 76 00 69 00 63 00 65 00 20 00 28 00 22 00 r.v.i.c. e. .(.". > [0190] 53 00 55 00 4E 00 45 00 57 00 53 00 50 00 49 00 S.U.N.E. W.S.P.I. > [01A0] 4C 00 4F 00 54 00 30 00 34 00 20 00 22 00 20 00 L.O.T.0. 4. .". . > [01B0] 6E 00 65 00 77 00 73 00 70 00 69 00 6C 00 6F 00 n.e.w.s. p.i.l.o. > [01C0] 74 00 20 00 73 00 65 00 72 00 76 00 65 00 72 00 t. .s.e. r.v.e.r. > [01D0] 29 00 00 00 0A 00 00 00 00 00 00 00 0A 00 00 00 )....... ........ > [01E0] 69 00 6E 00 66 00 6F 00 6D 00 61 00 6B 00 65 00 i.n.f.o. m.a.k.e. > [01F0] 72 00 00 00 11 00 00 00 00 00 00 00 11 00 00 00 r....... ........ > [0200] 48 00 6F 00 6D 00 65 00 20 00 44 00 69 00 72 00 H.o.m.e. .D.i.r. > [0210] 65 00 63 00 74 00 6F 00 72 00 69 00 65 00 73 00 e.c.t.o. r.i.e.s. > [0220] 00 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 ........ ........ >[2016/02/25 13:25:31.818447, 3] rpc_server/srv_pipe_hnd.c:121(free_pipe_context) > free_pipe_context: destroying talloc pool of size 385 >[2016/02/25 13:25:31.818518, 10] rpc_server/srv_pipe_hnd.c:788(np_read_recv) > Received 584 bytes. There is no more data outstanding >[2016/02/25 13:25:31.818571, 3] smbd/pipes.c:485(pipe_read_andx_done) > readX-IPC min=1024 max=1024 nread=584 >[2016/02/25 13:25:31.819194, 10] lib/util_sock.c:519(read_smb_length_return_keepalive) > got smb length of 41 >[2016/02/25 13:25:31.819300, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x29 >[2016/02/25 13:25:31.819351, 3] smbd/process.c:1662(process_smb) > Transaction 9 of length 45 (0 toread) >[2016/02/25 13:25:31.819422, 5] lib/util.c:332(show_msg) >[2016/02/25 13:25:31.819452, 5] lib/util.c:342(show_msg) > size=41 > smb_com=0x4 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51207 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=576 > smt_wct=3 > smb_vwv[ 0]=12714 (0x31AA) > smb_vwv[ 1]=65535 (0xFFFF) > smb_vwv[ 2]=65535 (0xFFFF) > smb_bcc=0 >[2016/02/25 13:25:31.819750, 10] ../lib/util/util.c:415(dump_data) >[2016/02/25 13:25:31.819783, 3] smbd/process.c:1467(switch_message) > switch message SMBclose (pid 4881) conn 0x2b14ce43de50 >[2016/02/25 13:25:31.819833, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2016/02/25 13:25:31.819886, 3] smbd/reply.c:4848(reply_close) > close fd=-1 fnum=12714 (numopen=1) >[2016/02/25 13:25:31.819939, 6] smbd/close.c:532(set_close_write_time) > close_write_time: Sun Feb 7 07:28:15 2106 >[2016/02/25 13:25:31.820015, 10] rpc_server/rpc_handles.c:307(close_policy_by_pipe) > close_policy_by_pipe: deleted handle list for pipe \srvsvc >[2016/02/25 13:25:31.820091, 5] smbd/files.c:482(file_free) > freed files structure 12714 (0 used) >[2016/02/25 13:25:31.820146, 5] lib/util.c:332(show_msg) >[2016/02/25 13:25:31.820173, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0x4 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=576 > smt_wct=0 > smb_bcc=0 >[2016/02/25 13:25:31.820473, 10] ../lib/util/util.c:415(dump_data) >[2016/02/25 13:25:34.104059, 10] lib/util_sock.c:519(read_smb_length_return_keepalive) > got smb length of 132 >[2016/02/25 13:25:34.104183, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x84 >[2016/02/25 13:25:34.104220, 3] smbd/process.c:1662(process_smb) > Transaction 10 of length 136 (0 toread) >[2016/02/25 13:25:34.104253, 5] lib/util.c:332(show_msg) >[2016/02/25 13:25:34.104271, 5] lib/util.c:342(show_msg) > size=132 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51207 > smb_tid=1 > smb_pid=9680 > smb_uid=101 > smb_mid=640 > smt_wct=15 > smb_vwv[ 0]= 64 (0x40) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 4096 (0x1000) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 64 (0x40) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 16 (0x10) > smb_bcc=67 >[2016/02/25 13:25:34.104595, 10] ../lib/util/util.c:415(dump_data) > [0000] 00 00 00 04 00 5C 00 73 00 75 00 6E 00 65 00 77 .....\.s .u.n.e.w > [0010] 00 73 00 70 00 69 00 6C 00 6F 00 74 00 30 00 34 .s.p.i.l .o.t.0.4 > [0020] 00 5C 00 6E 00 65 00 77 00 73 00 70 00 69 00 6C .\.n.e.w .s.p.i.l > [0030] 00 6F 00 74 00 66 00 73 00 74 00 65 00 73 00 74 .o.t.f.s .t.e.s.t > [0040] 00 00 00 ... >[2016/02/25 13:25:34.104728, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 4881) conn 0x2b14ce43de50 >[2016/02/25 13:25:34.104752, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2016/02/25 13:25:34.104776, 10] smbd/trans2.c:8339(call_trans2getdfsreferral) > call_trans2getdfsreferral >[2016/02/25 13:25:34.104819, 10] smbd/msdfs.c:113(parse_dfs_path) > parse_dfs_path: temp = |sunewspilot04\newspilotfstest| after trimming \'s >[2016/02/25 13:25:34.104844, 10] smbd/msdfs.c:138(parse_dfs_path) > parse_dfs_path: hostname: sunewspilot04 >[2016/02/25 13:25:34.104864, 10] smbd/msdfs.c:180(parse_dfs_path) > parse_dfs_path: servicename: newspilotfstest >[2016/02/25 13:25:34.104892, 3] smbd/msdfs.c:891(get_referred_path) > get_referred_path: |newspilotfstest| in dfs path \sunewspilot04\newspilotfstest is not a dfs root. >[2016/02/25 13:25:34.104917, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/trans2.c(8361) cmd=50 (SMBtrans2) NT_STATUS_NOT_FOUND >[2016/02/25 13:25:34.104941, 5] lib/util.c:332(show_msg) >[2016/02/25 13:25:34.104952, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0x32 > smb_rcls=37 > smb_reh=2 > smb_err=49152 > smb_flg=136 > smb_flg2=51203 > smb_tid=1 > smb_pid=9680 > smb_uid=101 > smb_mid=640 > smt_wct=0 > smb_bcc=0 >[2016/02/25 13:25:34.105051, 10] ../lib/util/util.c:415(dump_data) >[2016/02/25 13:25:34.105478, 10] lib/util_sock.c:519(read_smb_length_return_keepalive) > got smb length of 114 >[2016/02/25 13:25:34.105519, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x72 >[2016/02/25 13:25:34.105541, 3] smbd/process.c:1662(process_smb) > Transaction 11 of length 118 (0 toread) >[2016/02/25 13:25:34.105561, 5] lib/util.c:332(show_msg) >[2016/02/25 13:25:34.105572, 5] lib/util.c:342(show_msg) > size=114 > smb_com=0x75 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51207 > smb_tid=0 > smb_pid=65279 > smb_uid=101 > smb_mid=704 > smt_wct=4 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]= 114 (0x72) > smb_vwv[ 2]= 8 (0x8) > smb_vwv[ 3]= 1 (0x1) > smb_bcc=71 >[2016/02/25 13:25:34.105724, 10] ../lib/util/util.c:415(dump_data) > [0000] 00 5C 00 5C 00 53 00 55 00 4E 00 45 00 57 00 53 .\.\.S.U .N.E.W.S > [0010] 00 50 00 49 00 4C 00 4F 00 54 00 30 00 34 00 5C .P.I.L.O .T.0.4.\ > [0020] 00 4E 00 45 00 57 00 53 00 50 00 49 00 4C 00 4F .N.E.W.S .P.I.L.O > [0030] 00 54 00 46 00 53 00 54 00 45 00 53 00 54 00 00 .T.F.S.T .E.S.T.. > [0040] 00 3F 3F 3F 3F 3F 00 .?????. >[2016/02/25 13:25:34.105842, 3] smbd/process.c:1467(switch_message) > switch message SMBtconX (pid 4881) conn 0x0 >[2016/02/25 13:25:34.105863, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:34.105883, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:34.105902, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:34.105938, 5] smbd/uid.c:400(change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) >[2016/02/25 13:25:34.105967, 4] smbd/reply.c:794(reply_tcon_and_X) > Client requested device type [?????] for share [NEWSPILOTFSTEST] >[2016/02/25 13:25:34.105996, 5] smbd/service.c:1354(make_connection) > making a connection to 'normal' service newspilotfstest >[2016/02/25 13:25:34.106022, 3] lib/access.c:338(allow_access) > Allowed connection from 172.18.0.241 (172.18.0.241) >[2016/02/25 13:25:34.106048, 3] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp) > string_to_sid: SID root is not in a valid format >[2016/02/25 13:25:34.106072, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: SUNEWSPILOT04\root => domain=[SUNEWSPILOT04], name=[root] >[2016/02/25 13:25:34.106104, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x073 >[2016/02/25 13:25:34.106127, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:34.106149, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2016/02/25 13:25:34.106168, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:34.106188, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:34.106206, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:34.106249, 5] passdb/pdb_tdb.c:562(tdbsam_getsampwnam) > pdb_getsampwnam (TDB): error fetching database. > Key: USER_root >[2016/02/25 13:25:34.106279, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:34.106300, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:34.106319, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2016/02/25 13:25:34.106337, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:34.106356, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:34.106373, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:34.106412, 10] groupdb/mapping_tdb.c:235(find_map) > failed to unpack map >[2016/02/25 13:25:34.106442, 10] groupdb/mapping_tdb.c:235(find_map) > failed to unpack map >[2016/02/25 13:25:34.106471, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:34.106493, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: Unix User\root => domain=[Unix User], name=[root] >[2016/02/25 13:25:34.106511, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x073 >[2016/02/25 13:25:34.106967, 3] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp) > string_to_sid: SID +WNTHFD+lg_fs_newspilot is not in a valid format >[2016/02/25 13:25:34.107009, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: WNTHFD\lg_fs_newspilot => domain=[WNTHFD], name=[lg_fs_newspilot] >[2016/02/25 13:25:34.107032, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x077 >[2016/02/25 13:25:34.108014, 3] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp) > string_to_sid: SID +WNTHFD+LG_FS_NEWSPILOT is not in a valid format >[2016/02/25 13:25:34.108048, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: WNTHFD\LG_FS_NEWSPILOT => domain=[WNTHFD], name=[LG_FS_NEWSPILOT] >[2016/02/25 13:25:34.108070, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x077 >[2016/02/25 13:25:34.108181, 3] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp) > string_to_sid: SID +WNTHFD+svc_SWPREMEDIA01 is not in a valid format >[2016/02/25 13:25:34.108209, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: WNTHFD\svc_SWPREMEDIA01 => domain=[WNTHFD], name=[svc_SWPREMEDIA01] >[2016/02/25 13:25:34.108229, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x077 >[2016/02/25 13:25:34.108850, 5] smbd/share_access.c:127(token_contains_name) > WNTHFD+svc_SWPREMEDIA01 is a User, expected a group >[2016/02/25 13:25:34.108885, 3] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp) > string_to_sid: SID +WNTHFD+Redactie is not in a valid format >[2016/02/25 13:25:34.108907, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: WNTHFD\Redactie => domain=[WNTHFD], name=[Redactie] >[2016/02/25 13:25:34.108927, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x077 >[2016/02/25 13:25:34.109542, 3] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp) > string_to_sid: SID +WNTHFD+smbBeeld is not in a valid format >[2016/02/25 13:25:34.109574, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: WNTHFD\smbBeeld => domain=[WNTHFD], name=[smbBeeld] >[2016/02/25 13:25:34.109596, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x077 >[2016/02/25 13:25:34.110247, 3] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp) > string_to_sid: SID +WNTHFD+smbOpmaak is not in a valid format >[2016/02/25 13:25:34.110280, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: WNTHFD\smbOpmaak => domain=[WNTHFD], name=[smbOpmaak] >[2016/02/25 13:25:34.110300, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x077 >[2016/02/25 13:25:34.110983, 3] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp) > string_to_sid: SID +WNTHFD+smbAdver is not in a valid format >[2016/02/25 13:25:34.111014, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: WNTHFD\smbAdver => domain=[WNTHFD], name=[smbAdver] >[2016/02/25 13:25:34.111035, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x077 >[2016/02/25 13:25:34.111685, 3] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp) > string_to_sid: SID +WNTHFD+uitleen is not in a valid format >[2016/02/25 13:25:34.111716, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: WNTHFD\uitleen => domain=[WNTHFD], name=[uitleen] >[2016/02/25 13:25:34.111736, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x077 >[2016/02/25 13:25:34.112348, 5] smbd/share_access.c:127(token_contains_name) > WNTHFD+uitleen is a User, expected a group >[2016/02/25 13:25:34.112382, 3] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp) > string_to_sid: SID WNTHFD+zadelhoff is not in a valid format >[2016/02/25 13:25:34.112403, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: WNTHFD\zadelhoff => domain=[WNTHFD], name=[zadelhoff] >[2016/02/25 13:25:34.112424, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x073 >[2016/02/25 13:25:34.121861, 10] lib/util_wellknown.c:152(lookup_wellknown_name) > map_name_to_wellknown_sid: looking up zadelhoff >[2016/02/25 13:25:34.121907, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:34.121929, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2016/02/25 13:25:34.121949, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:34.121975, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:34.121995, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:34.122045, 5] passdb/pdb_tdb.c:562(tdbsam_getsampwnam) > pdb_getsampwnam (TDB): error fetching database. > Key: USER_zadelhoff >[2016/02/25 13:25:34.122088, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:34.122112, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:34.122133, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2016/02/25 13:25:34.122153, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:34.122173, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:34.122192, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:34.122229, 10] groupdb/mapping_tdb.c:235(find_map) > failed to unpack map >[2016/02/25 13:25:34.122259, 10] groupdb/mapping_tdb.c:235(find_map) > failed to unpack map >[2016/02/25 13:25:34.122288, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:34.122399, 5] lib/username.c:171(Get_Pwnam_alloc) > Finding user zadelhoff >[2016/02/25 13:25:34.122425, 5] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is zadelhoff >[2016/02/25 13:25:34.122537, 5] lib/username.c:134(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as uppercase is ZADELHOFF >[2016/02/25 13:25:34.122653, 5] lib/username.c:143(Get_Pwnam_internals) > Checking combinations of 0 uppercase letters in zadelhoff >[2016/02/25 13:25:34.122680, 5] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals didn't find user [zadelhoff]! >[2016/02/25 13:25:34.123607, 5] smbd/share_access.c:104(token_contains_name) > lookup_name WNTHFD+zadelhoff failed >[2016/02/25 13:25:34.123640, 10] smbd/share_access.c:219(user_ok_token) > User WNTHFD+infomaker not in 'valid users' >[2016/02/25 13:25:34.123660, 2] smbd/service.c:627(create_connection_session_info) > user 'WNTHFD+infomaker' (from session setup) not permitted to access this share (newspilotFStest) >[2016/02/25 13:25:34.123684, 1] smbd/service.c:805(make_connection_snum) > create_connection_session_info failed: NT_STATUS_ACCESS_DENIED >[2016/02/25 13:25:34.123709, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/reply.c(803) cmd=117 (SMBtconX) NT_STATUS_ACCESS_DENIED >[2016/02/25 13:25:34.123730, 5] lib/util.c:332(show_msg) >[2016/02/25 13:25:34.123742, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0x75 > smb_rcls=34 > smb_reh=0 > smb_err=49152 > smb_flg=136 > smb_flg2=51203 > smb_tid=0 > smb_pid=65279 > smb_uid=101 > smb_mid=704 > smt_wct=0 > smb_bcc=0 >[2016/02/25 13:25:34.123841, 10] ../lib/util/util.c:415(dump_data) >[2016/02/25 13:25:34.124283, 10] lib/util_sock.c:519(read_smb_length_return_keepalive) > got smb length of 114 >[2016/02/25 13:25:34.124314, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x72 >[2016/02/25 13:25:34.124335, 3] smbd/process.c:1662(process_smb) > Transaction 12 of length 118 (0 toread) >[2016/02/25 13:25:34.124354, 5] lib/util.c:332(show_msg) >[2016/02/25 13:25:34.124366, 5] lib/util.c:342(show_msg) > size=114 > smb_com=0x75 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51207 > smb_tid=0 > smb_pid=65279 > smb_uid=101 > smb_mid=768 > smt_wct=4 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]= 114 (0x72) > smb_vwv[ 2]= 8 (0x8) > smb_vwv[ 3]= 1 (0x1) > smb_bcc=71 >[2016/02/25 13:25:34.124500, 10] ../lib/util/util.c:415(dump_data) > [0000] 00 5C 00 5C 00 53 00 55 00 4E 00 45 00 57 00 53 .\.\.S.U .N.E.W.S > [0010] 00 50 00 49 00 4C 00 4F 00 54 00 30 00 34 00 5C .P.I.L.O .T.0.4.\ > [0020] 00 4E 00 45 00 57 00 53 00 50 00 49 00 4C 00 4F .N.E.W.S .P.I.L.O > [0030] 00 54 00 46 00 53 00 54 00 45 00 53 00 54 00 00 .T.F.S.T .E.S.T.. > [0040] 00 3F 3F 3F 3F 3F 00 .?????. >[2016/02/25 13:25:34.124593, 3] smbd/process.c:1467(switch_message) > switch message SMBtconX (pid 4881) conn 0x0 >[2016/02/25 13:25:34.124622, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:34.124642, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:34.124660, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:34.124690, 5] smbd/uid.c:400(change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) >[2016/02/25 13:25:34.124715, 4] smbd/reply.c:794(reply_tcon_and_X) > Client requested device type [?????] for share [NEWSPILOTFSTEST] >[2016/02/25 13:25:34.124742, 5] smbd/service.c:1354(make_connection) > making a connection to 'normal' service newspilotfstest >[2016/02/25 13:25:34.124765, 3] lib/access.c:338(allow_access) > Allowed connection from 172.18.0.241 (172.18.0.241) >[2016/02/25 13:25:34.124789, 3] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp) > string_to_sid: SID root is not in a valid format >[2016/02/25 13:25:34.124811, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: SUNEWSPILOT04\root => domain=[SUNEWSPILOT04], name=[root] >[2016/02/25 13:25:34.124829, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x073 >[2016/02/25 13:25:34.124849, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:34.124869, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2016/02/25 13:25:34.124887, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:34.124906, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:34.124924, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:34.124958, 5] passdb/pdb_tdb.c:562(tdbsam_getsampwnam) > pdb_getsampwnam (TDB): error fetching database. > Key: USER_root >[2016/02/25 13:25:34.124988, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:34.125016, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:34.125035, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2016/02/25 13:25:34.125054, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:34.125082, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:34.125103, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:34.125139, 10] groupdb/mapping_tdb.c:235(find_map) > failed to unpack map >[2016/02/25 13:25:34.125170, 10] groupdb/mapping_tdb.c:235(find_map) > failed to unpack map >[2016/02/25 13:25:34.125201, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:34.125223, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: Unix User\root => domain=[Unix User], name=[root] >[2016/02/25 13:25:34.125242, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x073 >[2016/02/25 13:25:34.125526, 3] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp) > string_to_sid: SID +WNTHFD+lg_fs_newspilot is not in a valid format >[2016/02/25 13:25:34.125564, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: WNTHFD\lg_fs_newspilot => domain=[WNTHFD], name=[lg_fs_newspilot] >[2016/02/25 13:25:34.125586, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x077 >[2016/02/25 13:25:34.125694, 3] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp) > string_to_sid: SID +WNTHFD+LG_FS_NEWSPILOT is not in a valid format >[2016/02/25 13:25:34.125734, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: WNTHFD\LG_FS_NEWSPILOT => domain=[WNTHFD], name=[LG_FS_NEWSPILOT] >[2016/02/25 13:25:34.125755, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x077 >[2016/02/25 13:25:34.125853, 3] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp) > string_to_sid: SID +WNTHFD+svc_SWPREMEDIA01 is not in a valid format >[2016/02/25 13:25:34.125880, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: WNTHFD\svc_SWPREMEDIA01 => domain=[WNTHFD], name=[svc_SWPREMEDIA01] >[2016/02/25 13:25:34.125900, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x077 >[2016/02/25 13:25:34.125987, 5] smbd/share_access.c:127(token_contains_name) > WNTHFD+svc_SWPREMEDIA01 is a User, expected a group >[2016/02/25 13:25:34.126022, 3] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp) > string_to_sid: SID +WNTHFD+Redactie is not in a valid format >[2016/02/25 13:25:34.126044, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: WNTHFD\Redactie => domain=[WNTHFD], name=[Redactie] >[2016/02/25 13:25:34.126063, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x077 >[2016/02/25 13:25:34.126176, 3] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp) > string_to_sid: SID +WNTHFD+smbBeeld is not in a valid format >[2016/02/25 13:25:34.126203, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: WNTHFD\smbBeeld => domain=[WNTHFD], name=[smbBeeld] >[2016/02/25 13:25:34.126223, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x077 >[2016/02/25 13:25:34.126310, 3] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp) > string_to_sid: SID +WNTHFD+smbOpmaak is not in a valid format >[2016/02/25 13:25:34.126336, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: WNTHFD\smbOpmaak => domain=[WNTHFD], name=[smbOpmaak] >[2016/02/25 13:25:34.126355, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x077 >[2016/02/25 13:25:34.126438, 3] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp) > string_to_sid: SID +WNTHFD+smbAdver is not in a valid format >[2016/02/25 13:25:34.126464, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: WNTHFD\smbAdver => domain=[WNTHFD], name=[smbAdver] >[2016/02/25 13:25:34.126483, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x077 >[2016/02/25 13:25:34.126568, 3] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp) > string_to_sid: SID +WNTHFD+uitleen is not in a valid format >[2016/02/25 13:25:34.126602, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: WNTHFD\uitleen => domain=[WNTHFD], name=[uitleen] >[2016/02/25 13:25:34.126622, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x077 >[2016/02/25 13:25:34.126710, 5] smbd/share_access.c:127(token_contains_name) > WNTHFD+uitleen is a User, expected a group >[2016/02/25 13:25:34.126737, 3] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp) > string_to_sid: SID WNTHFD+zadelhoff is not in a valid format >[2016/02/25 13:25:34.126758, 10] passdb/lookup_sid.c:76(lookup_name) > lookup_name: WNTHFD\zadelhoff => domain=[WNTHFD], name=[zadelhoff] >[2016/02/25 13:25:34.126778, 10] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x073 >[2016/02/25 13:25:34.126868, 10] lib/util_wellknown.c:152(lookup_wellknown_name) > map_name_to_wellknown_sid: looking up zadelhoff >[2016/02/25 13:25:34.126896, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:34.126917, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2016/02/25 13:25:34.126936, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:34.126956, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:34.126975, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:34.127017, 5] passdb/pdb_tdb.c:562(tdbsam_getsampwnam) > pdb_getsampwnam (TDB): error fetching database. > Key: USER_zadelhoff >[2016/02/25 13:25:34.127049, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:34.127079, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:34.127109, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2016/02/25 13:25:34.127130, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2016/02/25 13:25:34.127150, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:34.127170, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:34.127206, 10] groupdb/mapping_tdb.c:235(find_map) > failed to unpack map >[2016/02/25 13:25:34.127235, 10] groupdb/mapping_tdb.c:235(find_map) > failed to unpack map >[2016/02/25 13:25:34.127265, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:34.127372, 5] lib/username.c:171(Get_Pwnam_alloc) > Finding user zadelhoff >[2016/02/25 13:25:34.127398, 5] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is zadelhoff >[2016/02/25 13:25:34.127495, 5] lib/username.c:134(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as uppercase is ZADELHOFF >[2016/02/25 13:25:34.127589, 5] lib/username.c:143(Get_Pwnam_internals) > Checking combinations of 0 uppercase letters in zadelhoff >[2016/02/25 13:25:34.127615, 5] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals didn't find user [zadelhoff]! >[2016/02/25 13:25:34.127937, 5] smbd/share_access.c:104(token_contains_name) > lookup_name WNTHFD+zadelhoff failed >[2016/02/25 13:25:34.127968, 10] smbd/share_access.c:219(user_ok_token) > User WNTHFD+infomaker not in 'valid users' >[2016/02/25 13:25:34.127988, 2] smbd/service.c:627(create_connection_session_info) > user 'WNTHFD+infomaker' (from session setup) not permitted to access this share (newspilotFStest) >[2016/02/25 13:25:34.128010, 1] smbd/service.c:805(make_connection_snum) > create_connection_session_info failed: NT_STATUS_ACCESS_DENIED >[2016/02/25 13:25:34.128041, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/reply.c(803) cmd=117 (SMBtconX) NT_STATUS_ACCESS_DENIED >[2016/02/25 13:25:34.128063, 5] lib/util.c:332(show_msg) >[2016/02/25 13:25:34.128085, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0x75 > smb_rcls=34 > smb_reh=0 > smb_err=49152 > smb_flg=136 > smb_flg2=51203 > smb_tid=0 > smb_pid=65279 > smb_uid=101 > smb_mid=768 > smt_wct=0 > smb_bcc=0 >[2016/02/25 13:25:34.128186, 10] ../lib/util/util.c:415(dump_data) >[2016/02/25 13:25:44.985142, 10] lib/util_sock.c:519(read_smb_length_return_keepalive) > got smb length of 35 >[2016/02/25 13:25:44.985318, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x23 >[2016/02/25 13:25:44.985376, 3] smbd/process.c:1662(process_smb) > Transaction 13 of length 39 (0 toread) >[2016/02/25 13:25:44.985425, 5] lib/util.c:332(show_msg) >[2016/02/25 13:25:44.985455, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0x71 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51207 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=832 > smt_wct=0 > smb_bcc=0 >[2016/02/25 13:25:44.985841, 10] ../lib/util/util.c:415(dump_data) >[2016/02/25 13:25:44.985882, 3] smbd/process.c:1467(switch_message) > switch message SMBtdis (pid 4881) conn 0x2b14ce43de50 >[2016/02/25 13:25:44.985937, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:44.985989, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:44.986037, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:44.986118, 5] smbd/uid.c:400(change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) >[2016/02/25 13:25:44.986178, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:44.986223, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:44.986267, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:44.986376, 5] smbd/uid.c:400(change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) >[2016/02/25 13:25:44.986425, 3] smbd/service.c:1378(close_cnum) > 172.18.0.241 (172.18.0.241) closed connection to service IPC$ >[2016/02/25 13:25:44.986482, 3] smbd/connection.c:35(yield_connection) > Yielding connection to IPC$ >[2016/02/25 13:25:44.986650, 10] lib/dbwrap_tdb.c:102(db_tdb_fetch_locked) > Locking key 11130000FFFFFFFFA322 >[2016/02/25 13:25:44.986798, 10] lib/dbwrap_tdb.c:131(db_tdb_fetch_locked) > Allocated locked data 0x0x2b14c61268f0 >[2016/02/25 13:25:44.986892, 10] lib/dbwrap_tdb.c:44(db_tdb_record_destr) > Unlocking key 11130000FFFFFFFFA322 >[2016/02/25 13:25:44.987025, 4] smbd/vfs.c:780(vfs_ChDir) > vfs_ChDir to / >[2016/02/25 13:25:44.987083, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:44.987133, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:44.987177, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:44.987248, 5] smbd/uid.c:400(change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) >[2016/02/25 13:25:44.987312, 5] lib/util.c:332(show_msg) >[2016/02/25 13:25:44.987340, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0x71 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=832 > smt_wct=0 > smb_bcc=0 >[2016/02/25 13:25:44.987619, 10] ../lib/util/util.c:415(dump_data) >[2016/02/25 13:25:44.988015, 10] lib/util_sock.c:519(read_smb_length_return_keepalive) > got smb length of 39 >[2016/02/25 13:25:44.988092, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x27 >[2016/02/25 13:25:44.988141, 3] smbd/process.c:1662(process_smb) > Transaction 14 of length 43 (0 toread) >[2016/02/25 13:25:44.988187, 5] lib/util.c:332(show_msg) >[2016/02/25 13:25:44.988214, 5] lib/util.c:342(show_msg) > size=39 > smb_com=0x74 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51207 > smb_tid=8167 > smb_pid=65279 > smb_uid=101 > smb_mid=896 > smt_wct=2 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]= 0 (0x0) > smb_bcc=0 >[2016/02/25 13:25:44.988495, 10] ../lib/util/util.c:415(dump_data) >[2016/02/25 13:25:44.988525, 3] smbd/process.c:1467(switch_message) > switch message SMBulogoffX (pid 4881) conn 0x0 >[2016/02/25 13:25:44.988573, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:44.988671, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:44.988720, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:44.988843, 5] smbd/uid.c:400(change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) >[2016/02/25 13:25:44.988908, 10] lib/dbwrap_tdb.c:102(db_tdb_fetch_locked) > Locking key 49442F343838312F3130 >[2016/02/25 13:25:44.988970, 10] lib/dbwrap_tdb.c:131(db_tdb_fetch_locked) > Allocated locked data 0x0x2b14ce43ce40 >[2016/02/25 13:25:44.989033, 10] lib/dbwrap_tdb.c:44(db_tdb_record_destr) > Unlocking key 49442F343838312F3130 >[2016/02/25 13:25:44.989102, 3] smbd/reply.c:2096(reply_ulogoffX) > ulogoffX vuid=101 >[2016/02/25 13:25:44.990068, 1] smbd/process.c:457(receive_smb_talloc) > receive_smb_raw_talloc failed for client 172.18.0.241 read error = NT_STATUS_CONNECTION_RESET. >[2016/02/25 13:25:44.990147, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2016/02/25 13:25:44.990196, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2016/02/25 13:25:44.990242, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2016/02/25 13:25:44.990314, 5] smbd/uid.c:400(change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) >[2016/02/25 13:25:44.990503, 3] smbd/server_exit.c:181(exit_server_common) > Server exit (failed to receive smb request)
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 11787
: 11909