[2016/07/20 22:55:16.316748, 3, pid=4740, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:3755(lp_load_ex) lp_load_ex: refreshing parameters [2016/07/20 22:55:16.316770, 5, pid=4740, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1326(free_param_opts) Freeing parametrics: [2016/07/20 22:55:16.316828, 3, pid=4740, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:548(init_globals) Initialising global parameters [2016/07/20 22:55:16.316960, 3, pid=4740, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:2684(lp_do_section) Processing section "[global]" doing parameter server max protocol = SMB3 doing parameter encrypt passwords = yes doing parameter dns proxy = no doing parameter strict locking = no doing parameter oplocks = yes doing parameter deadtime = 15 doing parameter max log size = 51200 doing parameter max open files = 235064 doing parameter logging = file doing parameter load printers = no doing parameter printing = bsd doing parameter printcap name = /dev/null doing parameter disable spoolss = yes doing parameter getwd cache = yes doing parameter guest account = nobody doing parameter map to guest = Bad User doing parameter obey pam restrictions = yes doing parameter directory name cache size = 0 doing parameter kernel change notify = no doing parameter panic action = /usr/local/libexec/samba/samba-backtrace doing parameter nsupdate command = /usr/local/bin/samba-nsupdate -g doing parameter server string = FreeNAS Server doing parameter ea support = yes doing parameter store dos attributes = yes doing parameter lm announce = yes doing parameter hostname lookups = yes doing parameter time server = yes doing parameter acl allow execute always = true doing parameter dos filemode = yes doing parameter multicast dns register = yes doing parameter domain logons = no doing parameter local master = yes doing parameter idmap config *: backend = tdb doing parameter idmap config *: range = 90000001-100000000 doing parameter server role = standalone doing parameter netbios name = NIGHTLIES910 doing parameter workgroup = ONE doing parameter security = user doing parameter pid directory = /var/run/samba doing parameter create mask = 0666 doing parameter directory mask = 0777 doing parameter client ntlmv2 auth = yes doing parameter dos charset = CP437 doing parameter unix charset = UTF-8 doing parameter log level = 10 [2016/07/20 22:55:16.317713, 5, pid=4740, effective(0, 0), real(0, 0)] ../lib/util/debug.c:638(debug_dump_status) INFO: Current debug levels: all: 10 tdb: 10 printdrivers: 10 lanman: 10 smb: 10 rpc_parse: 10 rpc_srv: 10 rpc_cli: 10 passdb: 10 sam: 10 auth: 10 winbind: 10 vfs: 10 idmap: 10 quota: 10 acls: 10 locking: 10 msdfs: 10 dmapi: 10 registry: 10 scavenger: 10 dns: 10 ldb: 10 tevent: 10 [2016/07/20 22:55:16.317832, 2, pid=4740, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:2701(lp_do_section) Processing section "[Test]" [2016/07/20 22:55:16.317855, 8, pid=4740, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1443(add_a_service) add_a_service: Creating snum = 0 for Test [2016/07/20 22:55:16.317867, 10, pid=4740, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1484(hash_a_service) hash_a_service: creating servicehash [2016/07/20 22:55:16.317885, 10, pid=4740, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1493(hash_a_service) hash_a_service: hashing index 0 for service name Test doing parameter path = /mnt/tank/Test doing parameter printable = no doing parameter veto files = /.snapshot/.windows/.mac/.zfs/ doing parameter writeable = yes doing parameter browseable = yes doing parameter vfs objects = zfs_space zfsacl aio_pthread streams_xattr doing parameter hide dot files = yes doing parameter guest ok = no doing parameter nfs4:mode = special doing parameter nfs4:acedup = merge doing parameter nfs4:chown = true doing parameter zfsacl:acesort = dontcare [2016/07/20 22:55:16.318127, 4, pid=4740, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:3796(lp_load_ex) pm_process() returned Yes [2016/07/20 22:55:16.318143, 7, pid=4740, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:4112(lp_servicenumber) lp_servicenumber: couldn't find homes [2016/07/20 22:55:16.318168, 8, pid=4740, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1443(add_a_service) add_a_service: Creating snum = 1 for IPC$ [2016/07/20 22:55:16.318180, 10, pid=4740, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1493(hash_a_service) hash_a_service: hashing index 1 for service name IPC$ [2016/07/20 22:55:16.318194, 3, pid=4740, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1601(lp_add_ipc) adding IPC service [2016/07/20 22:55:16.318236, 6, pid=4740, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:2239(lp_file_list_changed) lp_file_list_changed() file /usr/local/etc/smb4.conf -> /usr/local/etc/smb4.conf last mod_time: Wed Jul 20 22:55:16 2016 [2016/07/20 22:55:16.318315, 2, pid=4740, effective(0, 0), real(0, 0)] ../source3/lib/interface.c:341(add_interface) added interface em0 ip=192.168.1.100 bcast=192.168.1.255 netmask=255.255.255.0 [2016/07/20 22:55:16.318345, 3, pid=4740, effective(0, 0), real(0, 0)] ../source3/smbd/server.c:1331(main) loaded services [2016/07/20 22:55:16.318366, 5, pid=4740, effective(0, 0), real(0, 0)] ../source3/lib/util_names.c:152(init_names) Netbios name list:- my_netbios_names[0]="NIGHTLIES910" [2016/07/20 22:55:16.318418, 1, pid=4740, effective(0, 0), real(0, 0)] ../source3/profile/profile_dummy.c:30(set_profile_level) INFO: Profiling support unavailable in this build. [2016/07/20 22:55:16.318432, 3, pid=4740, effective(0, 0), real(0, 0)] ../source3/smbd/server.c:1362(main) Becoming a daemon. [2016/07/20 22:55:16.319032, 8, pid=4741, effective(0, 0), real(0, 0)] ../lib/util/util.c:394(fcntl_lock) fcntl_lock 14 12 0 1 3 [2016/07/20 22:55:16.319091, 8, pid=4741, effective(0, 0), real(0, 0)] ../lib/util/util.c:429(fcntl_lock) fcntl_lock: Lock call successful [2016/07/20 22:55:16.319322, 5, pid=4741, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:154(make_pdb_method_name) Attempting to find a passdb backend to match tdbsam (tdbsam) [2016/07/20 22:55:16.319349, 2, pid=4741, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:160(make_pdb_method_name) No builtin backend found, trying to load plugin [2016/07/20 22:55:16.319363, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/util/modules.c:171(do_smb_load_module) Probing module 'tdbsam' [2016/07/20 22:55:16.319377, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/util/modules.c:185(do_smb_load_module) Probing module 'tdbsam': Trying to load from /usr/local/lib/shared-modules/pdb/tdbsam.so [2016/07/20 22:55:16.319604, 2, pid=4741, effective(0, 0), real(0, 0)] ../lib/util/modules.c:196(do_smb_load_module) Module 'tdbsam' loaded [2016/07/20 22:55:16.319621, 5, pid=4741, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:78(smb_register_passdb) Attempting to register passdb backend tdbsam [2016/07/20 22:55:16.319634, 5, pid=4741, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:91(smb_register_passdb) Successfully added passdb backend 'tdbsam' [2016/07/20 22:55:16.319653, 5, pid=4741, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:175(make_pdb_method_name) Found pdb backend tdbsam [2016/07/20 22:55:16.319673, 5, pid=4741, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:186(make_pdb_method_name) pdb backend tdbsam has a valid init [2016/07/20 22:55:16.319914, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order) check lock order 1 for /var/lock/smbXsrv_version_global.tdb [2016/07/20 22:55:16.319938, 10, pid=4741, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1:/var/lock/smbXsrv_version_global.tdb 2: 3: [2016/07/20 22:55:16.319959, 10, pid=4741, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 736D62587372765F7665 [2016/07/20 22:55:16.319974, 10, pid=4741, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x812043720 [2016/07/20 22:55:16.320036, 10, pid=4741, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 736D62587372765F7665 [2016/07/20 22:55:16.320052, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 1 for /var/lock/smbXsrv_version_global.tdb [2016/07/20 22:55:16.320064, 10, pid=4741, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2016/07/20 22:55:16.320083, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_version.c:250(smbXsrv_version_global_init) smbXsrv_version_global_init [2016/07/20 22:55:16.320095, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_version.c:251(smbXsrv_version_global_init) [2016/07/20 22:55:16.320103, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug) &global_blob: struct smbXsrv_version_globalB version : SMBXSRV_VERSION_0 (0) seqnum : 0x00000001 (1) info : union smbXsrv_version_globalU(case 0) info0 : * info0: struct smbXsrv_version_global0 db_rec : NULL num_nodes : 0x00000001 (1) nodes: ARRAY(1) nodes: struct smbXsrv_version_node0 server_id: struct server_id pid : 0x0000000000001285 (4741) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0x4dc7c2da29c38374 (5604662503545209716) min_version : SMBXSRV_VERSION_0 (0) max_version : SMBXSRV_VERSION_0 (0) current_version : SMBXSRV_VERSION_0 (0) [2016/07/20 22:55:16.321335, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:446(messaging_register) Registering messaging pointer for type 789 - private_data=0x8120821c0 [2016/07/20 22:55:16.321453, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:768(regdb_init) regdb_init: registry db openend. refcount reset (1) [2016/07/20 22:55:16.321481, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:70(reghook_cache_init) reghook_cache_init: new tree with default ops 0x801c931b0 for key [] [2016/07/20 22:55:16.321566, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1910(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports] [2016/07/20 22:55:16.321593, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[0]: name[Samba Printer Port] len[2] [2016/07/20 22:55:16.321616, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1910(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers] [2016/07/20 22:55:16.321639, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[0]: name[DefaultSpoolDirectory] len[70] [2016/07/20 22:55:16.321661, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1910(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] [2016/07/20 22:55:16.321679, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[0]: name[DisplayName] len[20] [2016/07/20 22:55:16.321698, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[1]: name[ErrorControl] len[4] [2016/07/20 22:55:16.321712, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1910(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] [2016/07/20 22:55:16.321735, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[0]: name[DisplayName] len[20] [2016/07/20 22:55:16.321748, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[1]: name[ErrorControl] len[4] [2016/07/20 22:55:16.321763, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:94(reghook_cache_add) reghook_cache_add: Adding ops 0x801452e50 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Printers] [2016/07/20 22:55:16.321781, 8, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:215(pathtree_add) pathtree_add: Enter [2016/07/20 22:55:16.321800, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:282(pathtree_add) pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Control\Print\Printers] to tree [2016/07/20 22:55:16.321834, 8, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:284(pathtree_add) pathtree_add: Exit [2016/07/20 22:55:16.321847, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:94(reghook_cache_add) reghook_cache_add: Adding ops 0x801c931b0 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers] [2016/07/20 22:55:16.321859, 8, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:215(pathtree_add) pathtree_add: Enter [2016/07/20 22:55:16.321891, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:282(pathtree_add) pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers] to tree [2016/07/20 22:55:16.321904, 8, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:284(pathtree_add) pathtree_add: Exit [2016/07/20 22:55:16.321916, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:94(reghook_cache_add) reghook_cache_add: Adding ops 0x801c931b0 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports] [2016/07/20 22:55:16.321933, 8, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:215(pathtree_add) pathtree_add: Enter [2016/07/20 22:55:16.321947, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:282(pathtree_add) pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports] to tree [2016/07/20 22:55:16.321964, 8, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:284(pathtree_add) pathtree_add: Exit [2016/07/20 22:55:16.321976, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:94(reghook_cache_add) reghook_cache_add: Adding ops 0x801452f00 for key [\HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares] [2016/07/20 22:55:16.321988, 8, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:215(pathtree_add) pathtree_add: Enter [2016/07/20 22:55:16.322007, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:282(pathtree_add) pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares] to tree [2016/07/20 22:55:16.322019, 8, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:284(pathtree_add) pathtree_add: Exit [2016/07/20 22:55:16.322032, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:94(reghook_cache_add) reghook_cache_add: Adding ops 0x8032aa500 for key [\HKLM\SOFTWARE\Samba\smbconf] [2016/07/20 22:55:16.322049, 8, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:215(pathtree_add) pathtree_add: Enter [2016/07/20 22:55:16.322064, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:282(pathtree_add) pathtree_add: Successfully added node [HKLM\SOFTWARE\Samba\smbconf] to tree [2016/07/20 22:55:16.322081, 8, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:284(pathtree_add) pathtree_add: Exit [2016/07/20 22:55:16.322093, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:94(reghook_cache_add) reghook_cache_add: Adding ops 0x801452f58 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] [2016/07/20 22:55:16.322105, 8, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:215(pathtree_add) pathtree_add: Enter [2016/07/20 22:55:16.322124, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:282(pathtree_add) pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] to tree [2016/07/20 22:55:16.322136, 8, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:284(pathtree_add) pathtree_add: Exit [2016/07/20 22:55:16.322148, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:94(reghook_cache_add) reghook_cache_add: Adding ops 0x801452fb0 for key [\HKLM\SYSTEM\CurrentControlSet\Control\ProductOptions] [2016/07/20 22:55:16.322165, 8, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:215(pathtree_add) pathtree_add: Enter [2016/07/20 22:55:16.322178, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:282(pathtree_add) pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Control\ProductOptions] to tree [2016/07/20 22:55:16.322190, 8, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:284(pathtree_add) pathtree_add: Exit [2016/07/20 22:55:16.322207, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:94(reghook_cache_add) reghook_cache_add: Adding ops 0x801453008 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] [2016/07/20 22:55:16.322224, 8, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:215(pathtree_add) pathtree_add: Enter [2016/07/20 22:55:16.322238, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:282(pathtree_add) pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] to tree [2016/07/20 22:55:16.322255, 8, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:284(pathtree_add) pathtree_add: Exit [2016/07/20 22:55:16.322267, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:94(reghook_cache_add) reghook_cache_add: Adding ops 0x801453060 for key [\HKPT] [2016/07/20 22:55:16.322284, 8, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:215(pathtree_add) pathtree_add: Enter [2016/07/20 22:55:16.322297, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:282(pathtree_add) pathtree_add: Successfully added node [HKPT] to tree [2016/07/20 22:55:16.322308, 8, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:284(pathtree_add) pathtree_add: Exit [2016/07/20 22:55:16.322320, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:94(reghook_cache_add) reghook_cache_add: Adding ops 0x8014530b8 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion] [2016/07/20 22:55:16.322338, 8, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:215(pathtree_add) pathtree_add: Enter [2016/07/20 22:55:16.322351, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:282(pathtree_add) pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion] to tree [2016/07/20 22:55:16.322368, 8, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:284(pathtree_add) pathtree_add: Exit [2016/07/20 22:55:16.322380, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:94(reghook_cache_add) reghook_cache_add: Adding ops 0x801453110 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib] [2016/07/20 22:55:16.322392, 8, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:215(pathtree_add) pathtree_add: Enter [2016/07/20 22:55:16.322411, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:282(pathtree_add) pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib] to tree [2016/07/20 22:55:16.322423, 8, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:284(pathtree_add) pathtree_add: Exit [2016/07/20 22:55:16.322438, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (1->0) [2016/07/20 22:55:16.322562, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc) Finding user nobody [2016/07/20 22:55:16.322581, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is nobody [2016/07/20 22:55:16.322999, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals) Get_Pwnam_internals did find user [nobody]! [2016/07/20 22:55:16.323034, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc) Finding user NIGHTLIES910\nobody [2016/07/20 22:55:16.323048, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is nightlies910\nobody [2016/07/20 22:55:16.323072, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/username.c:128(Get_Pwnam_internals) Trying _Get_Pwnam(), username as given is NIGHTLIES910\nobody [2016/07/20 22:55:16.323101, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/username.c:141(Get_Pwnam_internals) Trying _Get_Pwnam(), username as uppercase is NIGHTLIES910\NOBODY [2016/07/20 22:55:16.323123, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/username.c:153(Get_Pwnam_internals) Checking combinations of 0 uppercase letters in nightlies910\nobody [2016/07/20 22:55:16.323137, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals) Get_Pwnam_internals didn't find user [NIGHTLIES910\nobody]! [2016/07/20 22:55:16.323155, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc) Finding user nobody [2016/07/20 22:55:16.323167, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is nobody [2016/07/20 22:55:16.323180, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals) Get_Pwnam_internals did find user [nobody]! [2016/07/20 22:55:16.323204, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:224(create_local_nt_token_from_info3) Create local NT token for nobody [2016/07/20 22:55:16.323459, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc) Finding user nobody [2016/07/20 22:55:16.323473, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is nobody [2016/07/20 22:55:16.323492, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals) Get_Pwnam_internals did find user [nobody]! [2016/07/20 22:55:16.323507, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/system_smbd.c:176(sys_getgrouplist) sys_getgrouplist: user [nobody] [2016/07/20 22:55:16.323614, 5, pid=4741, effective(0, 0), real(0, 0), class=tdb] ../source3/lib/gencache.c:73(gencache_init) Opening cache file at /var/db/samba4/gencache.tdb [2016/07/20 22:55:16.323694, 5, pid=4741, effective(0, 0), real(0, 0), class=tdb] ../source3/lib/gencache.c:124(gencache_init) Opening cache file at /var/lock/gencache_notrans.tdb [2016/07/20 22:55:16.323770, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1300(gid_to_sid) gid 65534 -> sid S-1-22-2-65534 [2016/07/20 22:55:16.323851, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2016/07/20 22:55:16.323875, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2016/07/20 22:55:16.323888, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:16.323900, 5, pid=4741, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:16.323918, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:16.323948, 3, pid=4741, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:547(finalize_local_nt_token) Failed to fetch domain sid for ONE [2016/07/20 22:55:16.323965, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:16.323988, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2016/07/20 22:55:16.324001, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2016/07/20 22:55:16.324013, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:16.324032, 5, pid=4741, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:16.324044, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:16.324066, 3, pid=4741, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:579(finalize_local_nt_token) Failed to fetch domain sid for ONE [2016/07/20 22:55:16.324087, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:16.324100, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2016/07/20 22:55:16.324112, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2016/07/20 22:55:16.324130, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:16.324142, 5, pid=4741, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:16.324153, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:16.324213, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:16.324268, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-1325960915-1817794340-1004291014-501] [2016/07/20 22:55:16.324287, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-1325960915-1817794340-1004291014-514] [2016/07/20 22:55:16.324310, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges) get_privileges: No privileges assigned to SID [S-1-22-2-65534] [2016/07/20 22:55:16.324325, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:176(get_privileges_for_sids) get_privileges_for_sids: sid = S-1-1-0 Privilege set: 0x0 [2016/07/20 22:55:16.324350, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-2] [2016/07/20 22:55:16.324365, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-32-546] [2016/07/20 22:55:16.324386, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-21-1325960915-1817794340-1004291014-501]: value=[65534:U] [2016/07/20 22:55:16.324405, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-21-1325960915-1817794340-1004291014-501]: id=[65534], endptr=[:U] [2016/07/20 22:55:16.324428, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-1-0]: value=[90000001:G] [2016/07/20 22:55:16.324447, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-1-0]: id=[90000001], endptr=[:G] [2016/07/20 22:55:16.324466, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-2]: value=[90000002:G] [2016/07/20 22:55:16.324478, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-2]: id=[90000002], endptr=[:G] [2016/07/20 22:55:16.324518, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1360(sids_to_unixids) wbcSidsToUnixIds returned WBC_ERR_WINBIND_NOT_AVAILABLE [2016/07/20 22:55:16.324534, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2016/07/20 22:55:16.324548, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2016/07/20 22:55:16.324560, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:16.324573, 5, pid=4741, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:16.324585, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:16.324611, 5, pid=4741, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1748(lookup_global_sam_rid) lookup_global_sam_rid: looking up RID 514. [2016/07/20 22:55:16.324626, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2016/07/20 22:55:16.324639, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2016/07/20 22:55:16.324651, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2016/07/20 22:55:16.324663, 5, pid=4741, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:16.324675, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:16.324733, 4, pid=4741, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_tdb.c:558(tdbsam_open) tdbsam_open: successfully opened /var/db/samba4/private/passdb.tdb [2016/07/20 22:55:16.324750, 5, pid=4741, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_tdb.c:658(tdbsam_getsampwrid) pdb_getsampwrid (TDB): error looking up RID 514 by key RID_00000202. [2016/07/20 22:55:16.324773, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:16.324786, 5, pid=4741, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1824(lookup_global_sam_rid) Can't find a unix id for an unmapped group [2016/07/20 22:55:16.324799, 5, pid=4741, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1534(pdb_default_sid_to_id) SID S-1-5-21-1325960915-1817794340-1004291014-514 belongs to our domain, but there is no corresponding object in the database. [2016/07/20 22:55:16.324816, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:16.324829, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1174(legacy_sid_to_unixid) LEGACY: mapping failed for sid S-1-5-21-1325960915-1817794340-1004291014-514 [2016/07/20 22:55:16.324843, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2016/07/20 22:55:16.324856, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2016/07/20 22:55:16.324868, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:16.324880, 5, pid=4741, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:16.324892, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:16.324928, 5, pid=4741, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1748(lookup_global_sam_rid) lookup_global_sam_rid: looking up RID 514. [2016/07/20 22:55:16.324956, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2016/07/20 22:55:16.324970, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2016/07/20 22:55:16.324995, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2016/07/20 22:55:16.325021, 5, pid=4741, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:16.325033, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:16.325056, 5, pid=4741, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_tdb.c:658(tdbsam_getsampwrid) pdb_getsampwrid (TDB): error looking up RID 514 by key RID_00000202. [2016/07/20 22:55:16.325076, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:16.325089, 5, pid=4741, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1824(lookup_global_sam_rid) Can't find a unix id for an unmapped group [2016/07/20 22:55:16.325101, 5, pid=4741, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1534(pdb_default_sid_to_id) SID S-1-5-21-1325960915-1817794340-1004291014-514 belongs to our domain, but there is no corresponding object in the database. [2016/07/20 22:55:16.325124, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:16.325137, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1174(legacy_sid_to_unixid) LEGACY: mapping failed for sid S-1-5-21-1325960915-1817794340-1004291014-514 [2016/07/20 22:55:16.325151, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2016/07/20 22:55:16.325164, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2016/07/20 22:55:16.325176, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:16.325187, 5, pid=4741, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:16.325199, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:16.325227, 10, pid=4741, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1562(pdb_default_sid_to_id) Could not find map for sid S-1-5-32-546 [2016/07/20 22:55:16.325245, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:16.325258, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1174(legacy_sid_to_unixid) LEGACY: mapping failed for sid S-1-5-32-546 [2016/07/20 22:55:16.325271, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2016/07/20 22:55:16.325283, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2016/07/20 22:55:16.325295, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:16.325307, 5, pid=4741, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:16.325319, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:16.325342, 10, pid=4741, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1562(pdb_default_sid_to_id) Could not find map for sid S-1-5-32-546 [2016/07/20 22:55:16.325359, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:16.325372, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1174(legacy_sid_to_unixid) LEGACY: mapping failed for sid S-1-5-32-546 [2016/07/20 22:55:16.325386, 10, pid=4741, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_util.c:609(create_local_token) Could not convert SID S-1-5-21-1325960915-1817794340-1004291014-514 to gid, ignoring it [2016/07/20 22:55:16.325400, 10, pid=4741, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_util.c:609(create_local_token) Could not convert SID S-1-5-32-546 to gid, ignoring it [2016/07/20 22:55:16.325420, 10, pid=4741, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:63(security_token_debug) Security token SIDs (9): SID[ 0]: S-1-5-21-1325960915-1817794340-1004291014-501 SID[ 1]: S-1-5-21-1325960915-1817794340-1004291014-514 SID[ 2]: S-1-22-2-65534 SID[ 3]: S-1-1-0 SID[ 4]: S-1-5-2 SID[ 5]: S-1-5-32-546 SID[ 6]: S-1-22-1-65534 SID[ 7]: S-1-22-2-90000001 SID[ 8]: S-1-22-2-90000002 Privileges (0x 0): Rights (0x 0): [2016/07/20 22:55:16.325503, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 65534 Primary group is 65534 and contains 3 supplementary groups Group[ 0]: 65534 Group[ 1]: 90000001 Group[ 2]: 90000002 [2016/07/20 22:55:16.325544, 1, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/files.c:218(file_init_global) file_init_global: Information only: requested 235064 open files, 59392 are available. [2016/07/20 22:55:16.325648, 3, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/rpc_server/svcctl/srv_svcctl_reg.c:565(svcctl_init_winreg) Initialise the svcctl registry keys if needed. [2016/07/20 22:55:16.325673, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2016/07/20 22:55:16.325687, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2016/07/20 22:55:16.325699, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:16.325724, 5, pid=4741, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:16.325736, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:16.325784, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:16.325799, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:885(regdb_open) regdb_open: registry db opened. refcount reset (1) [2016/07/20 22:55:16.325889, 4, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_ncacn_np.c:203(make_internal_rpc_pipe_p) Create pipe requested winreg [2016/07/20 22:55:16.325909, 10, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:223(init_pipe_handles) init_pipe_handle_list: created handle list for pipe winreg [2016/07/20 22:55:16.325922, 10, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:240(init_pipe_handles) init_pipe_handle_list: pipe_handles ref count = 1 for pipe winreg [2016/07/20 22:55:16.325966, 4, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_ncacn_np.c:243(make_internal_rpc_pipe_p) Created internal pipe winreg [2016/07/20 22:55:16.325998, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_OpenHKLM: struct winreg_OpenHKLM in: struct winreg_OpenHKLM system_name : NULL access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY [2016/07/20 22:55:16.326080, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [HKLM] [2016/07/20 22:55:16.326093, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (1->2) [2016/07/20 22:55:16.326107, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM] [2016/07/20 22:55:16.326120, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM] [2016/07/20 22:55:16.326133, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.326145, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM] [2016/07/20 22:55:16.326172, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal) Opened policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.326208, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_OpenHKLM: struct winreg_OpenHKLM out: struct winreg_OpenHKLM handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-8f57-b47485120000 result : WERR_OK [2016/07/20 22:55:16.393272, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_OpenKey: struct winreg_OpenKey in: struct winreg_OpenKey parent_handle : * parent_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-8f57-b47485120000 keyname: struct winreg_String name_len : 0x0044 (68) name_size : 0x0044 (68) name : * name : 'SYSTEM\CurrentControlSet\Services' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY [2016/07/20 22:55:16.393456, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.393496, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [SYSTEM] [2016/07/20 22:55:16.393511, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (2->3) [2016/07/20 22:55:16.393528, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] [2016/07/20 22:55:16.393544, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM] [2016/07/20 22:55:16.393559, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.393571, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM] [2016/07/20 22:55:16.393603, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [CurrentControlSet] [2016/07/20 22:55:16.393618, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (3->4) [2016/07/20 22:55:16.393632, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.393644, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.393657, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.393670, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.393693, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Services] [2016/07/20 22:55:16.393707, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.393720, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.393733, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.393747, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.393759, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.393788, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.393803, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (4->3) [2016/07/20 22:55:16.393817, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal) Opened policy hnd[2] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.393851, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_OpenKey: struct winreg_OpenKey out: struct winreg_OpenKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-8f57-b47485120000 result : WERR_OK [2016/07/20 22:55:16.393916, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_QueryInfoKey: struct winreg_QueryInfoKey in: struct winreg_QueryInfoKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-8f57-b47485120000 classname : * classname: struct winreg_String name_len : 0x0000 (0) name_size : 0x0000 (0) name : NULL [2016/07/20 22:55:16.393990, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.394025, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_dispatcher.c:151(fetch_reg_values) fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services' (ops 0x801c931b0) [2016/07/20 22:55:16.394040, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1910(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.394057, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:2093(regdb_get_secdesc) regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.394077, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_QueryInfoKey: struct winreg_QueryInfoKey out: struct winreg_QueryInfoKey classname : * classname: struct winreg_String name_len : 0x0000 (0) name_size : 0x0000 (0) name : NULL num_subkeys : * num_subkeys : 0x00000007 (7) max_subkeylen : * max_subkeylen : 0x0000001c (28) max_classlen : * max_classlen : 0x00000000 (0) num_values : * num_values : 0x00000000 (0) max_valnamelen : * max_valnamelen : 0x00000002 (2) max_valbufsize : * max_valbufsize : 0x00000000 (0) secdescsize : * secdescsize : 0x00000078 (120) last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK [2016/07/20 22:55:16.394260, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey in: struct winreg_EnumKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-8f57-b47485120000 enum_index : 0x00000000 (0) name : * name: struct winreg_StringBuf length : 0x0000 (0) size : 0x001e (30) name : * name : '' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) [2016/07/20 22:55:16.394398, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.394431, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:422(_winreg_EnumKey) _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.394445, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey out: struct winreg_EnumKey name : * name: struct winreg_StringBuf length : 0x001a (26) size : 0x001e (30) name : * name : 'LanmanServer' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK [2016/07/20 22:55:16.394570, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey in: struct winreg_EnumKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-8f57-b47485120000 enum_index : 0x00000001 (1) name : * name: struct winreg_StringBuf length : 0x0000 (0) size : 0x001e (30) name : * name : '' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) [2016/07/20 22:55:16.394701, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.394734, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:422(_winreg_EnumKey) _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.394748, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey out: struct winreg_EnumKey name : * name: struct winreg_StringBuf length : 0x0012 (18) size : 0x001e (30) name : * name : 'Eventlog' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK [2016/07/20 22:55:16.394864, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey in: struct winreg_EnumKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-8f57-b47485120000 enum_index : 0x00000002 (2) name : * name: struct winreg_StringBuf length : 0x0000 (0) size : 0x001e (30) name : * name : '' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) [2016/07/20 22:55:16.395000, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.395035, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:422(_winreg_EnumKey) _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.395049, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey out: struct winreg_EnumKey name : * name: struct winreg_StringBuf length : 0x000c (12) size : 0x001e (30) name : * name : 'Tcpip' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK [2016/07/20 22:55:16.395175, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey in: struct winreg_EnumKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-8f57-b47485120000 enum_index : 0x00000003 (3) name : * name: struct winreg_StringBuf length : 0x0000 (0) size : 0x001e (30) name : * name : '' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) [2016/07/20 22:55:16.395326, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.395361, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:422(_winreg_EnumKey) _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.395374, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey out: struct winreg_EnumKey name : * name: struct winreg_StringBuf length : 0x0012 (18) size : 0x001e (30) name : * name : 'Netlogon' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK [2016/07/20 22:55:16.395500, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey in: struct winreg_EnumKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-8f57-b47485120000 enum_index : 0x00000004 (4) name : * name: struct winreg_StringBuf length : 0x0000 (0) size : 0x001e (30) name : * name : '' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) [2016/07/20 22:55:16.395627, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.395659, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:422(_winreg_EnumKey) _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.395672, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey out: struct winreg_EnumKey name : * name: struct winreg_StringBuf length : 0x0010 (16) size : 0x001e (30) name : * name : 'Spooler' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK [2016/07/20 22:55:16.395845, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey in: struct winreg_EnumKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-8f57-b47485120000 enum_index : 0x00000005 (5) name : * name: struct winreg_StringBuf length : 0x0000 (0) size : 0x001e (30) name : * name : '' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) [2016/07/20 22:55:16.395981, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.396014, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:422(_winreg_EnumKey) _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.396030, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey out: struct winreg_EnumKey name : * name: struct winreg_StringBuf length : 0x001e (30) size : 0x001e (30) name : * name : 'RemoteRegistry' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK [2016/07/20 22:55:16.396152, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey in: struct winreg_EnumKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-8f57-b47485120000 enum_index : 0x00000006 (6) name : * name: struct winreg_StringBuf length : 0x0000 (0) size : 0x001e (30) name : * name : '' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) [2016/07/20 22:55:16.396310, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.396346, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:422(_winreg_EnumKey) _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.396360, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_EnumKey: struct winreg_EnumKey out: struct winreg_EnumKey name : * name: struct winreg_StringBuf length : 0x000a (10) size : 0x001e (30) name : * name : 'WINS' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK [2016/07/20 22:55:16.396492, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0054 (84) name_size : 0x0054 (84) name : * name : 'SYSTEM\CurrentControlSet\Services\Spooler' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_ACTION_NONE (0) [2016/07/20 22:55:16.396707, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.396740, 10, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:785(_winreg_CreateKey) _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\Spooler' [2016/07/20 22:55:16.396754, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.396768, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.396780, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [SYSTEM] [2016/07/20 22:55:16.396794, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (3->4) [2016/07/20 22:55:16.396809, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] [2016/07/20 22:55:16.396823, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM] [2016/07/20 22:55:16.396837, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.396850, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM] [2016/07/20 22:55:16.396871, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.396885, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [CurrentControlSet] [2016/07/20 22:55:16.396899, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.396914, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.396927, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.396941, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.396953, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.396974, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.396991, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.397004, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Services] [2016/07/20 22:55:16.397018, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.397032, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.397046, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.397062, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.397077, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.397107, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.397122, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Spooler] [2016/07/20 22:55:16.397136, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.397150, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] [2016/07/20 22:55:16.397164, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] [2016/07/20 22:55:16.397180, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.397193, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] [2016/07/20 22:55:16.397216, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.397232, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal) Opened policy hnd[3] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.397266, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-8f57-b47485120000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK [2016/07/20 22:55:16.397350, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x000c (12) name_size : 0x000c (12) name : * name : 'Start' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x02 (2) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2016/07/20 22:55:16.397493, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.397526, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:Start] [2016/07/20 22:55:16.397541, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.397555, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_dispatcher.c:151(fetch_reg_values) fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\Spooler' (ops 0x801c931b0) [2016/07/20 22:55:16.397570, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1910(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler] [2016/07/20 22:55:16.397592, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[0]: name[Start] len[4] [2016/07/20 22:55:16.397607, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[1]: name[Type] len[4] [2016/07/20 22:55:16.397621, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[2]: name[ErrorControl] len[4] [2016/07/20 22:55:16.397635, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[3]: name[ObjectName] len[24] [2016/07/20 22:55:16.397649, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[4]: name[DisplayName] len[28] [2016/07/20 22:55:16.397665, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[5]: name[ImagePath] len[84] [2016/07/20 22:55:16.397679, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[6]: name[Description] len[106] [2016/07/20 22:55:16.397694, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.397758, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x000a (10) name_size : 0x000a (10) name : * name : 'Type' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x10 (16) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2016/07/20 22:55:16.397915, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.397948, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:Type] [2016/07/20 22:55:16.397962, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.397975, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.398019, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x001a (26) name_size : 0x001a (26) name : * name : 'ErrorControl' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2016/07/20 22:55:16.398135, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.398167, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:ErrorControl] [2016/07/20 22:55:16.398180, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.398194, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.398234, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0016 (22) name_size : 0x0016 (22) name : * name : 'ObjectName' type : REG_SZ (1) data : * data: ARRAY(24) [0] : 0x4c (76) [1] : 0x00 (0) [2] : 0x6f (111) [3] : 0x00 (0) [4] : 0x63 (99) [5] : 0x00 (0) [6] : 0x61 (97) [7] : 0x00 (0) [8] : 0x6c (108) [9] : 0x00 (0) [10] : 0x53 (83) [11] : 0x00 (0) [12] : 0x79 (121) [13] : 0x00 (0) [14] : 0x73 (115) [15] : 0x00 (0) [16] : 0x74 (116) [17] : 0x00 (0) [18] : 0x65 (101) [19] : 0x00 (0) [20] : 0x6d (109) [21] : 0x00 (0) [22] : 0x00 (0) [23] : 0x00 (0) size : 0x00000018 (24) [2016/07/20 22:55:16.398468, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.398501, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:ObjectName] [2016/07/20 22:55:16.398514, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.398528, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.398563, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'DisplayName' type : REG_SZ (1) data : * data: ARRAY(28) [0] : 0x50 (80) [1] : 0x00 (0) [2] : 0x72 (114) [3] : 0x00 (0) [4] : 0x69 (105) [5] : 0x00 (0) [6] : 0x6e (110) [7] : 0x00 (0) [8] : 0x74 (116) [9] : 0x00 (0) [10] : 0x20 (32) [11] : 0x00 (0) [12] : 0x53 (83) [13] : 0x00 (0) [14] : 0x70 (112) [15] : 0x00 (0) [16] : 0x6f (111) [17] : 0x00 (0) [18] : 0x6f (111) [19] : 0x00 (0) [20] : 0x6c (108) [21] : 0x00 (0) [22] : 0x65 (101) [23] : 0x00 (0) [24] : 0x72 (114) [25] : 0x00 (0) [26] : 0x00 (0) [27] : 0x00 (0) size : 0x0000001c (28) [2016/07/20 22:55:16.398819, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.398851, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:DisplayName] [2016/07/20 22:55:16.398864, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.398879, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.398910, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0014 (20) name_size : 0x0014 (20) name : * name : 'ImagePath' type : REG_SZ (1) data : * data: ARRAY(84) [0] : 0x2f (47) [1] : 0x00 (0) [2] : 0x75 (117) [3] : 0x00 (0) [4] : 0x73 (115) [5] : 0x00 (0) [6] : 0x72 (114) [7] : 0x00 (0) [8] : 0x2f (47) [9] : 0x00 (0) [10] : 0x6c (108) [11] : 0x00 (0) [12] : 0x6f (111) [13] : 0x00 (0) [14] : 0x63 (99) [15] : 0x00 (0) [16] : 0x61 (97) [17] : 0x00 (0) [18] : 0x6c (108) [19] : 0x00 (0) [20] : 0x2f (47) [21] : 0x00 (0) [22] : 0x6c (108) [23] : 0x00 (0) [24] : 0x69 (105) [25] : 0x00 (0) [26] : 0x62 (98) [27] : 0x00 (0) [28] : 0x2f (47) [29] : 0x00 (0) [30] : 0x73 (115) [31] : 0x00 (0) [32] : 0x68 (104) [33] : 0x00 (0) [34] : 0x61 (97) [35] : 0x00 (0) [36] : 0x72 (114) [37] : 0x00 (0) [38] : 0x65 (101) [39] : 0x00 (0) [40] : 0x64 (100) [41] : 0x00 (0) [42] : 0x2d (45) [43] : 0x00 (0) [44] : 0x6d (109) [45] : 0x00 (0) [46] : 0x6f (111) [47] : 0x00 (0) [48] : 0x64 (100) [49] : 0x00 (0) [50] : 0x75 (117) [51] : 0x00 (0) [52] : 0x6c (108) [53] : 0x00 (0) [54] : 0x65 (101) [55] : 0x00 (0) [56] : 0x73 (115) [57] : 0x00 (0) [58] : 0x2f (47) [59] : 0x00 (0) [60] : 0x73 (115) [61] : 0x00 (0) [62] : 0x76 (118) [63] : 0x00 (0) [64] : 0x63 (99) [65] : 0x00 (0) [66] : 0x63 (99) [67] : 0x00 (0) [68] : 0x74 (116) [69] : 0x00 (0) [70] : 0x6c (108) [71] : 0x00 (0) [72] : 0x2f (47) [73] : 0x00 (0) [74] : 0x73 (115) [75] : 0x00 (0) [76] : 0x6d (109) [77] : 0x00 (0) [78] : 0x62 (98) [79] : 0x00 (0) [80] : 0x64 (100) [81] : 0x00 (0) [82] : 0x00 (0) [83] : 0x00 (0) size : 0x00000054 (84) [2016/07/20 22:55:16.399501, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.399533, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:ImagePath] [2016/07/20 22:55:16.399546, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.399560, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.399594, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'Description' type : REG_SZ (1) data : * data: ARRAY(106) [0] : 0x49 (73) [1] : 0x00 (0) [2] : 0x6e (110) [3] : 0x00 (0) [4] : 0x74 (116) [5] : 0x00 (0) [6] : 0x65 (101) [7] : 0x00 (0) [8] : 0x72 (114) [9] : 0x00 (0) [10] : 0x6e (110) [11] : 0x00 (0) [12] : 0x61 (97) [13] : 0x00 (0) [14] : 0x6c (108) [15] : 0x00 (0) [16] : 0x20 (32) [17] : 0x00 (0) [18] : 0x73 (115) [19] : 0x00 (0) [20] : 0x65 (101) [21] : 0x00 (0) [22] : 0x72 (114) [23] : 0x00 (0) [24] : 0x76 (118) [25] : 0x00 (0) [26] : 0x69 (105) [27] : 0x00 (0) [28] : 0x63 (99) [29] : 0x00 (0) [30] : 0x65 (101) [31] : 0x00 (0) [32] : 0x20 (32) [33] : 0x00 (0) [34] : 0x66 (102) [35] : 0x00 (0) [36] : 0x6f (111) [37] : 0x00 (0) [38] : 0x72 (114) [39] : 0x00 (0) [40] : 0x20 (32) [41] : 0x00 (0) [42] : 0x73 (115) [43] : 0x00 (0) [44] : 0x70 (112) [45] : 0x00 (0) [46] : 0x6f (111) [47] : 0x00 (0) [48] : 0x6f (111) [49] : 0x00 (0) [50] : 0x6c (108) [51] : 0x00 (0) [52] : 0x69 (105) [53] : 0x00 (0) [54] : 0x6e (110) [55] : 0x00 (0) [56] : 0x67 (103) [57] : 0x00 (0) [58] : 0x20 (32) [59] : 0x00 (0) [60] : 0x66 (102) [61] : 0x00 (0) [62] : 0x69 (105) [63] : 0x00 (0) [64] : 0x6c (108) [65] : 0x00 (0) [66] : 0x65 (101) [67] : 0x00 (0) [68] : 0x73 (115) [69] : 0x00 (0) [70] : 0x20 (32) [71] : 0x00 (0) [72] : 0x74 (116) [73] : 0x00 (0) [74] : 0x6f (111) [75] : 0x00 (0) [76] : 0x20 (32) [77] : 0x00 (0) [78] : 0x70 (112) [79] : 0x00 (0) [80] : 0x72 (114) [81] : 0x00 (0) [82] : 0x69 (105) [83] : 0x00 (0) [84] : 0x6e (110) [85] : 0x00 (0) [86] : 0x74 (116) [87] : 0x00 (0) [88] : 0x20 (32) [89] : 0x00 (0) [90] : 0x64 (100) [91] : 0x00 (0) [92] : 0x65 (101) [93] : 0x00 (0) [94] : 0x76 (118) [95] : 0x00 (0) [96] : 0x69 (105) [97] : 0x00 (0) [98] : 0x63 (99) [99] : 0x00 (0) [100] : 0x65 (101) [101] : 0x00 (0) [102] : 0x73 (115) [103] : 0x00 (0) [104] : 0x00 (0) [105] : 0x00 (0) size : 0x0000006a (106) [2016/07/20 22:55:16.400370, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.400403, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:Description] [2016/07/20 22:55:16.400417, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.400433, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.400466, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-8f57-b47485120000 [2016/07/20 22:55:16.400509, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.400541, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.400573, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd) Closed policy [2016/07/20 22:55:16.400586, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (4->3) [2016/07/20 22:55:16.400599, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK [2016/07/20 22:55:16.400657, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0066 (102) name_size : 0x0066 (102) name : * name : 'SYSTEM\CurrentControlSet\Services\Spooler\Security' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) [2016/07/20 22:55:16.400849, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.400881, 10, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:785(_winreg_CreateKey) _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\Spooler\Security' [2016/07/20 22:55:16.400895, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.400907, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.400920, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [SYSTEM] [2016/07/20 22:55:16.400932, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (3->4) [2016/07/20 22:55:16.400946, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] [2016/07/20 22:55:16.400958, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM] [2016/07/20 22:55:16.400971, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.400983, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM] [2016/07/20 22:55:16.401003, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.401016, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [CurrentControlSet] [2016/07/20 22:55:16.401028, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.401041, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.401053, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.401066, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.401078, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.401098, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.401113, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.401125, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Services] [2016/07/20 22:55:16.401138, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.401151, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.401163, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.401176, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.401188, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.401221, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.401235, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.401248, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Spooler] [2016/07/20 22:55:16.401260, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.401274, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] [2016/07/20 22:55:16.401287, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] [2016/07/20 22:55:16.401300, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.401312, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] [2016/07/20 22:55:16.401331, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.401344, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Security] [2016/07/20 22:55:16.401357, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.401370, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security] [2016/07/20 22:55:16.401382, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security] [2016/07/20 22:55:16.401395, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.401407, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security] [2016/07/20 22:55:16.401424, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.401438, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal) Opened policy hnd[3] [0000] 00 00 00 00 04 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.401471, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000004-0000-0000-8f57-b47485120000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK [2016/07/20 22:55:16.401546, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000004-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0012 (18) name_size : 0x0012 (18) name : * name : 'Security' type : REG_BINARY (3) data : * data: ARRAY(120) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x04 (4) [3] : 0x80 (128) [4] : 0x00 (0) [5] : 0x00 (0) [6] : 0x00 (0) [7] : 0x00 (0) [8] : 0x00 (0) [9] : 0x00 (0) [10] : 0x00 (0) [11] : 0x00 (0) [12] : 0x00 (0) [13] : 0x00 (0) [14] : 0x00 (0) [15] : 0x00 (0) [16] : 0x14 (20) [17] : 0x00 (0) [18] : 0x00 (0) [19] : 0x00 (0) [20] : 0x02 (2) [21] : 0x00 (0) [22] : 0x64 (100) [23] : 0x00 (0) [24] : 0x04 (4) [25] : 0x00 (0) [26] : 0x00 (0) [27] : 0x00 (0) [28] : 0x00 (0) [29] : 0x00 (0) [30] : 0x14 (20) [31] : 0x00 (0) [32] : 0x8d (141) [33] : 0x01 (1) [34] : 0x02 (2) [35] : 0x00 (0) [36] : 0x01 (1) [37] : 0x01 (1) [38] : 0x00 (0) [39] : 0x00 (0) [40] : 0x00 (0) [41] : 0x00 (0) [42] : 0x00 (0) [43] : 0x01 (1) [44] : 0x00 (0) [45] : 0x00 (0) [46] : 0x00 (0) [47] : 0x00 (0) [48] : 0x00 (0) [49] : 0x00 (0) [50] : 0x18 (24) [51] : 0x00 (0) [52] : 0xfd (253) [53] : 0x01 (1) [54] : 0x02 (2) [55] : 0x00 (0) [56] : 0x01 (1) [57] : 0x02 (2) [58] : 0x00 (0) [59] : 0x00 (0) [60] : 0x00 (0) [61] : 0x00 (0) [62] : 0x00 (0) [63] : 0x05 (5) [64] : 0x20 (32) [65] : 0x00 (0) [66] : 0x00 (0) [67] : 0x00 (0) [68] : 0x23 (35) [69] : 0x02 (2) [70] : 0x00 (0) [71] : 0x00 (0) [72] : 0x00 (0) [73] : 0x00 (0) [74] : 0x18 (24) [75] : 0x00 (0) [76] : 0xff (255) [77] : 0x01 (1) [78] : 0x0f (15) [79] : 0x00 (0) [80] : 0x01 (1) [81] : 0x02 (2) [82] : 0x00 (0) [83] : 0x00 (0) [84] : 0x00 (0) [85] : 0x00 (0) [86] : 0x00 (0) [87] : 0x05 (5) [88] : 0x20 (32) [89] : 0x00 (0) [90] : 0x00 (0) [91] : 0x00 (0) [92] : 0x25 (37) [93] : 0x02 (2) [94] : 0x00 (0) [95] : 0x00 (0) [96] : 0x00 (0) [97] : 0x00 (0) [98] : 0x18 (24) [99] : 0x00 (0) [100] : 0xff (255) [101] : 0x01 (1) [102] : 0x0f (15) [103] : 0x00 (0) [104] : 0x01 (1) [105] : 0x02 (2) [106] : 0x00 (0) [107] : 0x00 (0) [108] : 0x00 (0) [109] : 0x00 (0) [110] : 0x00 (0) [111] : 0x05 (5) [112] : 0x20 (32) [113] : 0x00 (0) [114] : 0x00 (0) [115] : 0x00 (0) [116] : 0x20 (32) [117] : 0x02 (2) [118] : 0x00 (0) [119] : 0x00 (0) size : 0x00000078 (120) [2016/07/20 22:55:16.402353, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 04 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.402386, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security:Security] [2016/07/20 22:55:16.402400, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.402412, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_dispatcher.c:151(fetch_reg_values) fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security' (ops 0x801c931b0) [2016/07/20 22:55:16.402426, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1910(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security] [2016/07/20 22:55:16.402443, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[0]: name[Security] len[120] [2016/07/20 22:55:16.402457, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.402487, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000004-0000-0000-8f57-b47485120000 [2016/07/20 22:55:16.402559, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 04 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.402605, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 04 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.402650, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd) Closed policy [2016/07/20 22:55:16.402662, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (4->3) [2016/07/20 22:55:16.402675, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK [2016/07/20 22:55:16.402736, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0056 (86) name_size : 0x0056 (86) name : * name : 'SYSTEM\CurrentControlSet\Services\NETLOGON' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_ACTION_NONE (0) [2016/07/20 22:55:16.402927, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.402960, 10, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:785(_winreg_CreateKey) _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\NETLOGON' [2016/07/20 22:55:16.402973, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.402986, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.402998, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [SYSTEM] [2016/07/20 22:55:16.403010, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (3->4) [2016/07/20 22:55:16.403024, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] [2016/07/20 22:55:16.403036, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM] [2016/07/20 22:55:16.403049, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.403060, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM] [2016/07/20 22:55:16.403079, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.403093, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [CurrentControlSet] [2016/07/20 22:55:16.403105, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.403118, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.403131, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.403144, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.403156, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.403175, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.403189, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.403201, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Services] [2016/07/20 22:55:16.403218, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.403231, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.403243, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.403257, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.403268, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.403297, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.403311, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [NETLOGON] [2016/07/20 22:55:16.403325, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.403338, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] [2016/07/20 22:55:16.403350, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] [2016/07/20 22:55:16.403364, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.403375, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] [2016/07/20 22:55:16.403395, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.403409, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal) Opened policy hnd[3] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.403442, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-8f57-b47485120000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK [2016/07/20 22:55:16.403510, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x000c (12) name_size : 0x000c (12) name : * name : 'Start' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x02 (2) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2016/07/20 22:55:16.403627, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.403660, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:Start] [2016/07/20 22:55:16.403673, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.403686, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_dispatcher.c:151(fetch_reg_values) fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON' (ops 0x801c931b0) [2016/07/20 22:55:16.403698, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1910(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] [2016/07/20 22:55:16.403736, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[0]: name[Start] len[4] [2016/07/20 22:55:16.403764, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[1]: name[Type] len[4] [2016/07/20 22:55:16.403777, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[2]: name[ErrorControl] len[4] [2016/07/20 22:55:16.403792, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[3]: name[ObjectName] len[24] [2016/07/20 22:55:16.403805, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[4]: name[DisplayName] len[20] [2016/07/20 22:55:16.403818, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[5]: name[ImagePath] len[84] [2016/07/20 22:55:16.403831, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[6]: name[Description] len[164] [2016/07/20 22:55:16.403848, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.403883, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x000a (10) name_size : 0x000a (10) name : * name : 'Type' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x10 (16) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2016/07/20 22:55:16.403998, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.404031, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:Type] [2016/07/20 22:55:16.404044, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.404057, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.404088, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x001a (26) name_size : 0x001a (26) name : * name : 'ErrorControl' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2016/07/20 22:55:16.404205, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.404242, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:ErrorControl] [2016/07/20 22:55:16.404255, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.404268, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.404301, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0016 (22) name_size : 0x0016 (22) name : * name : 'ObjectName' type : REG_SZ (1) data : * data: ARRAY(24) [0] : 0x4c (76) [1] : 0x00 (0) [2] : 0x6f (111) [3] : 0x00 (0) [4] : 0x63 (99) [5] : 0x00 (0) [6] : 0x61 (97) [7] : 0x00 (0) [8] : 0x6c (108) [9] : 0x00 (0) [10] : 0x53 (83) [11] : 0x00 (0) [12] : 0x79 (121) [13] : 0x00 (0) [14] : 0x73 (115) [15] : 0x00 (0) [16] : 0x74 (116) [17] : 0x00 (0) [18] : 0x65 (101) [19] : 0x00 (0) [20] : 0x6d (109) [21] : 0x00 (0) [22] : 0x00 (0) [23] : 0x00 (0) size : 0x00000018 (24) [2016/07/20 22:55:16.404534, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.404566, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:ObjectName] [2016/07/20 22:55:16.404579, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.404594, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.404629, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'DisplayName' type : REG_SZ (1) data : * data: ARRAY(20) [0] : 0x4e (78) [1] : 0x00 (0) [2] : 0x65 (101) [3] : 0x00 (0) [4] : 0x74 (116) [5] : 0x00 (0) [6] : 0x20 (32) [7] : 0x00 (0) [8] : 0x4c (76) [9] : 0x00 (0) [10] : 0x6f (111) [11] : 0x00 (0) [12] : 0x67 (103) [13] : 0x00 (0) [14] : 0x6f (111) [15] : 0x00 (0) [16] : 0x6e (110) [17] : 0x00 (0) [18] : 0x00 (0) [19] : 0x00 (0) size : 0x00000014 (20) [2016/07/20 22:55:16.404864, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.404909, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:DisplayName] [2016/07/20 22:55:16.404923, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.404937, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.404969, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0014 (20) name_size : 0x0014 (20) name : * name : 'ImagePath' type : REG_SZ (1) data : * data: ARRAY(84) [0] : 0x2f (47) [1] : 0x00 (0) [2] : 0x75 (117) [3] : 0x00 (0) [4] : 0x73 (115) [5] : 0x00 (0) [6] : 0x72 (114) [7] : 0x00 (0) [8] : 0x2f (47) [9] : 0x00 (0) [10] : 0x6c (108) [11] : 0x00 (0) [12] : 0x6f (111) [13] : 0x00 (0) [14] : 0x63 (99) [15] : 0x00 (0) [16] : 0x61 (97) [17] : 0x00 (0) [18] : 0x6c (108) [19] : 0x00 (0) [20] : 0x2f (47) [21] : 0x00 (0) [22] : 0x6c (108) [23] : 0x00 (0) [24] : 0x69 (105) [25] : 0x00 (0) [26] : 0x62 (98) [27] : 0x00 (0) [28] : 0x2f (47) [29] : 0x00 (0) [30] : 0x73 (115) [31] : 0x00 (0) [32] : 0x68 (104) [33] : 0x00 (0) [34] : 0x61 (97) [35] : 0x00 (0) [36] : 0x72 (114) [37] : 0x00 (0) [38] : 0x65 (101) [39] : 0x00 (0) [40] : 0x64 (100) [41] : 0x00 (0) [42] : 0x2d (45) [43] : 0x00 (0) [44] : 0x6d (109) [45] : 0x00 (0) [46] : 0x6f (111) [47] : 0x00 (0) [48] : 0x64 (100) [49] : 0x00 (0) [50] : 0x75 (117) [51] : 0x00 (0) [52] : 0x6c (108) [53] : 0x00 (0) [54] : 0x65 (101) [55] : 0x00 (0) [56] : 0x73 (115) [57] : 0x00 (0) [58] : 0x2f (47) [59] : 0x00 (0) [60] : 0x73 (115) [61] : 0x00 (0) [62] : 0x76 (118) [63] : 0x00 (0) [64] : 0x63 (99) [65] : 0x00 (0) [66] : 0x63 (99) [67] : 0x00 (0) [68] : 0x74 (116) [69] : 0x00 (0) [70] : 0x6c (108) [71] : 0x00 (0) [72] : 0x2f (47) [73] : 0x00 (0) [74] : 0x73 (115) [75] : 0x00 (0) [76] : 0x6d (109) [77] : 0x00 (0) [78] : 0x62 (98) [79] : 0x00 (0) [80] : 0x64 (100) [81] : 0x00 (0) [82] : 0x00 (0) [83] : 0x00 (0) size : 0x00000054 (84) [2016/07/20 22:55:16.405576, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.405608, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:ImagePath] [2016/07/20 22:55:16.405622, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.405635, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.405667, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'Description' type : REG_SZ (1) data : * data: ARRAY(164) [0] : 0x46 (70) [1] : 0x00 (0) [2] : 0x69 (105) [3] : 0x00 (0) [4] : 0x6c (108) [5] : 0x00 (0) [6] : 0x65 (101) [7] : 0x00 (0) [8] : 0x20 (32) [9] : 0x00 (0) [10] : 0x73 (115) [11] : 0x00 (0) [12] : 0x65 (101) [13] : 0x00 (0) [14] : 0x72 (114) [15] : 0x00 (0) [16] : 0x76 (118) [17] : 0x00 (0) [18] : 0x69 (105) [19] : 0x00 (0) [20] : 0x63 (99) [21] : 0x00 (0) [22] : 0x65 (101) [23] : 0x00 (0) [24] : 0x20 (32) [25] : 0x00 (0) [26] : 0x70 (112) [27] : 0x00 (0) [28] : 0x72 (114) [29] : 0x00 (0) [30] : 0x6f (111) [31] : 0x00 (0) [32] : 0x76 (118) [33] : 0x00 (0) [34] : 0x69 (105) [35] : 0x00 (0) [36] : 0x64 (100) [37] : 0x00 (0) [38] : 0x69 (105) [39] : 0x00 (0) [40] : 0x6e (110) [41] : 0x00 (0) [42] : 0x67 (103) [43] : 0x00 (0) [44] : 0x20 (32) [45] : 0x00 (0) [46] : 0x61 (97) [47] : 0x00 (0) [48] : 0x63 (99) [49] : 0x00 (0) [50] : 0x63 (99) [51] : 0x00 (0) [52] : 0x65 (101) [53] : 0x00 (0) [54] : 0x73 (115) [55] : 0x00 (0) [56] : 0x73 (115) [57] : 0x00 (0) [58] : 0x20 (32) [59] : 0x00 (0) [60] : 0x74 (116) [61] : 0x00 (0) [62] : 0x6f (111) [63] : 0x00 (0) [64] : 0x20 (32) [65] : 0x00 (0) [66] : 0x70 (112) [67] : 0x00 (0) [68] : 0x6f (111) [69] : 0x00 (0) [70] : 0x6c (108) [71] : 0x00 (0) [72] : 0x69 (105) [73] : 0x00 (0) [74] : 0x63 (99) [75] : 0x00 (0) [76] : 0x79 (121) [77] : 0x00 (0) [78] : 0x20 (32) [79] : 0x00 (0) [80] : 0x61 (97) [81] : 0x00 (0) [82] : 0x6e (110) [83] : 0x00 (0) [84] : 0x64 (100) [85] : 0x00 (0) [86] : 0x20 (32) [87] : 0x00 (0) [88] : 0x70 (112) [89] : 0x00 (0) [90] : 0x72 (114) [91] : 0x00 (0) [92] : 0x6f (111) [93] : 0x00 (0) [94] : 0x66 (102) [95] : 0x00 (0) [96] : 0x69 (105) [97] : 0x00 (0) [98] : 0x6c (108) [99] : 0x00 (0) [100] : 0x65 (101) [101] : 0x00 (0) [102] : 0x20 (32) [103] : 0x00 (0) [104] : 0x64 (100) [105] : 0x00 (0) [106] : 0x61 (97) [107] : 0x00 (0) [108] : 0x74 (116) [109] : 0x00 (0) [110] : 0x61 (97) [111] : 0x00 (0) [112] : 0x20 (32) [113] : 0x00 (0) [114] : 0x28 (40) [115] : 0x00 (0) [116] : 0x6e (110) [117] : 0x00 (0) [118] : 0x6f (111) [119] : 0x00 (0) [120] : 0x74 (116) [121] : 0x00 (0) [122] : 0x72 (114) [123] : 0x00 (0) [124] : 0x65 (101) [125] : 0x00 (0) [126] : 0x6d (109) [127] : 0x00 (0) [128] : 0x6f (111) [129] : 0x00 (0) [130] : 0x74 (116) [131] : 0x00 (0) [132] : 0x65 (101) [133] : 0x00 (0) [134] : 0x6c (108) [135] : 0x00 (0) [136] : 0x79 (121) [137] : 0x00 (0) [138] : 0x20 (32) [139] : 0x00 (0) [140] : 0x6d (109) [141] : 0x00 (0) [142] : 0x61 (97) [143] : 0x00 (0) [144] : 0x6e (110) [145] : 0x00 (0) [146] : 0x61 (97) [147] : 0x00 (0) [148] : 0x67 (103) [149] : 0x00 (0) [150] : 0x65 (101) [151] : 0x00 (0) [152] : 0x61 (97) [153] : 0x00 (0) [154] : 0x62 (98) [155] : 0x00 (0) [156] : 0x6c (108) [157] : 0x00 (0) [158] : 0x65 (101) [159] : 0x00 (0) [160] : 0x29 (41) [161] : 0x00 (0) [162] : 0x00 (0) [163] : 0x00 (0) size : 0x000000a4 (164) [2016/07/20 22:55:16.406901, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.406935, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:Description] [2016/07/20 22:55:16.406949, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.406963, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.407002, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-8f57-b47485120000 [2016/07/20 22:55:16.407047, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.407080, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.407114, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd) Closed policy [2016/07/20 22:55:16.407128, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (4->3) [2016/07/20 22:55:16.407141, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK [2016/07/20 22:55:16.407200, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0068 (104) name_size : 0x0068 (104) name : * name : 'SYSTEM\CurrentControlSet\Services\NETLOGON\Security' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) [2016/07/20 22:55:16.407401, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.407435, 10, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:785(_winreg_CreateKey) _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\NETLOGON\Security' [2016/07/20 22:55:16.407449, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.407462, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.407475, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [SYSTEM] [2016/07/20 22:55:16.407488, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (3->4) [2016/07/20 22:55:16.407503, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] [2016/07/20 22:55:16.407516, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM] [2016/07/20 22:55:16.407529, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.407541, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM] [2016/07/20 22:55:16.407562, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.407576, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [CurrentControlSet] [2016/07/20 22:55:16.407589, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.407602, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.407614, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.407628, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.407640, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.407660, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.407674, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.407687, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Services] [2016/07/20 22:55:16.407699, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.407713, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.407725, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.407739, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.407751, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.407783, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.407797, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.407810, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [NETLOGON] [2016/07/20 22:55:16.407823, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.407836, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] [2016/07/20 22:55:16.407849, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] [2016/07/20 22:55:16.407863, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.407875, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] [2016/07/20 22:55:16.407896, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.407909, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Security] [2016/07/20 22:55:16.407922, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.407935, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security] [2016/07/20 22:55:16.407949, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security] [2016/07/20 22:55:16.407964, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.407977, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security] [2016/07/20 22:55:16.407994, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.408009, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal) Opened policy hnd[3] [0000] 00 00 00 00 06 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.408042, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000006-0000-0000-8f57-b47485120000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK [2016/07/20 22:55:16.408117, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000006-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0012 (18) name_size : 0x0012 (18) name : * name : 'Security' type : REG_BINARY (3) data : * data: ARRAY(120) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x04 (4) [3] : 0x80 (128) [4] : 0x00 (0) [5] : 0x00 (0) [6] : 0x00 (0) [7] : 0x00 (0) [8] : 0x00 (0) [9] : 0x00 (0) [10] : 0x00 (0) [11] : 0x00 (0) [12] : 0x00 (0) [13] : 0x00 (0) [14] : 0x00 (0) [15] : 0x00 (0) [16] : 0x14 (20) [17] : 0x00 (0) [18] : 0x00 (0) [19] : 0x00 (0) [20] : 0x02 (2) [21] : 0x00 (0) [22] : 0x64 (100) [23] : 0x00 (0) [24] : 0x04 (4) [25] : 0x00 (0) [26] : 0x00 (0) [27] : 0x00 (0) [28] : 0x00 (0) [29] : 0x00 (0) [30] : 0x14 (20) [31] : 0x00 (0) [32] : 0x8d (141) [33] : 0x01 (1) [34] : 0x02 (2) [35] : 0x00 (0) [36] : 0x01 (1) [37] : 0x01 (1) [38] : 0x00 (0) [39] : 0x00 (0) [40] : 0x00 (0) [41] : 0x00 (0) [42] : 0x00 (0) [43] : 0x01 (1) [44] : 0x00 (0) [45] : 0x00 (0) [46] : 0x00 (0) [47] : 0x00 (0) [48] : 0x00 (0) [49] : 0x00 (0) [50] : 0x18 (24) [51] : 0x00 (0) [52] : 0xfd (253) [53] : 0x01 (1) [54] : 0x02 (2) [55] : 0x00 (0) [56] : 0x01 (1) [57] : 0x02 (2) [58] : 0x00 (0) [59] : 0x00 (0) [60] : 0x00 (0) [61] : 0x00 (0) [62] : 0x00 (0) [63] : 0x05 (5) [64] : 0x20 (32) [65] : 0x00 (0) [66] : 0x00 (0) [67] : 0x00 (0) [68] : 0x23 (35) [69] : 0x02 (2) [70] : 0x00 (0) [71] : 0x00 (0) [72] : 0x00 (0) [73] : 0x00 (0) [74] : 0x18 (24) [75] : 0x00 (0) [76] : 0xff (255) [77] : 0x01 (1) [78] : 0x0f (15) [79] : 0x00 (0) [80] : 0x01 (1) [81] : 0x02 (2) [82] : 0x00 (0) [83] : 0x00 (0) [84] : 0x00 (0) [85] : 0x00 (0) [86] : 0x00 (0) [87] : 0x05 (5) [88] : 0x20 (32) [89] : 0x00 (0) [90] : 0x00 (0) [91] : 0x00 (0) [92] : 0x25 (37) [93] : 0x02 (2) [94] : 0x00 (0) [95] : 0x00 (0) [96] : 0x00 (0) [97] : 0x00 (0) [98] : 0x18 (24) [99] : 0x00 (0) [100] : 0xff (255) [101] : 0x01 (1) [102] : 0x0f (15) [103] : 0x00 (0) [104] : 0x01 (1) [105] : 0x02 (2) [106] : 0x00 (0) [107] : 0x00 (0) [108] : 0x00 (0) [109] : 0x00 (0) [110] : 0x00 (0) [111] : 0x05 (5) [112] : 0x20 (32) [113] : 0x00 (0) [114] : 0x00 (0) [115] : 0x00 (0) [116] : 0x20 (32) [117] : 0x02 (2) [118] : 0x00 (0) [119] : 0x00 (0) size : 0x00000078 (120) [2016/07/20 22:55:16.408948, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 06 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.408982, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security:Security] [2016/07/20 22:55:16.408996, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.409009, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_dispatcher.c:151(fetch_reg_values) fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security' (ops 0x801c931b0) [2016/07/20 22:55:16.409022, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1910(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security] [2016/07/20 22:55:16.409039, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[0]: name[Security] len[120] [2016/07/20 22:55:16.409054, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.409085, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000006-0000-0000-8f57-b47485120000 [2016/07/20 22:55:16.409128, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 06 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.409163, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 06 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.409195, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd) Closed policy [2016/07/20 22:55:16.409208, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (4->3) [2016/07/20 22:55:16.409225, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK [2016/07/20 22:55:16.409285, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0062 (98) name_size : 0x0062 (98) name : * name : 'SYSTEM\CurrentControlSet\Services\RemoteRegistry' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_ACTION_NONE (0) [2016/07/20 22:55:16.409482, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.409516, 10, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:785(_winreg_CreateKey) _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\RemoteRegistry' [2016/07/20 22:55:16.409529, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.409542, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.409555, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [SYSTEM] [2016/07/20 22:55:16.409569, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (3->4) [2016/07/20 22:55:16.409583, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] [2016/07/20 22:55:16.409595, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM] [2016/07/20 22:55:16.409608, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.409620, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM] [2016/07/20 22:55:16.409640, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.409653, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [CurrentControlSet] [2016/07/20 22:55:16.409666, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.409680, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.409692, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.409706, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.409718, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.409738, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.409752, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.409765, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Services] [2016/07/20 22:55:16.409777, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.409790, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.409803, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.409817, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.409829, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.409858, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.409872, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [RemoteRegistry] [2016/07/20 22:55:16.409885, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.409898, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] [2016/07/20 22:55:16.409911, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] [2016/07/20 22:55:16.409925, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.409937, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] [2016/07/20 22:55:16.409955, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.409969, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal) Opened policy hnd[3] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.410003, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-8f57-b47485120000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK [2016/07/20 22:55:16.410075, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x000c (12) name_size : 0x000c (12) name : * name : 'Start' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x02 (2) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2016/07/20 22:55:16.410195, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.410233, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:Start] [2016/07/20 22:55:16.410247, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.410260, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_dispatcher.c:151(fetch_reg_values) fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry' (ops 0x801c931b0) [2016/07/20 22:55:16.410273, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1910(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] [2016/07/20 22:55:16.410290, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[0]: name[Start] len[4] [2016/07/20 22:55:16.410304, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[1]: name[Type] len[4] [2016/07/20 22:55:16.410317, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[2]: name[ErrorControl] len[4] [2016/07/20 22:55:16.410330, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[3]: name[ObjectName] len[24] [2016/07/20 22:55:16.410344, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[4]: name[DisplayName] len[48] [2016/07/20 22:55:16.410357, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[5]: name[ImagePath] len[84] [2016/07/20 22:55:16.410370, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[6]: name[Description] len[126] [2016/07/20 22:55:16.410384, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.410417, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x000a (10) name_size : 0x000a (10) name : * name : 'Type' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x10 (16) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2016/07/20 22:55:16.410537, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.410570, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:Type] [2016/07/20 22:55:16.410584, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.410597, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.410629, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x001a (26) name_size : 0x001a (26) name : * name : 'ErrorControl' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2016/07/20 22:55:16.410748, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.410781, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:ErrorControl] [2016/07/20 22:55:16.410794, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.410808, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.410840, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0016 (22) name_size : 0x0016 (22) name : * name : 'ObjectName' type : REG_SZ (1) data : * data: ARRAY(24) [0] : 0x4c (76) [1] : 0x00 (0) [2] : 0x6f (111) [3] : 0x00 (0) [4] : 0x63 (99) [5] : 0x00 (0) [6] : 0x61 (97) [7] : 0x00 (0) [8] : 0x6c (108) [9] : 0x00 (0) [10] : 0x53 (83) [11] : 0x00 (0) [12] : 0x79 (121) [13] : 0x00 (0) [14] : 0x73 (115) [15] : 0x00 (0) [16] : 0x74 (116) [17] : 0x00 (0) [18] : 0x65 (101) [19] : 0x00 (0) [20] : 0x6d (109) [21] : 0x00 (0) [22] : 0x00 (0) [23] : 0x00 (0) size : 0x00000018 (24) [2016/07/20 22:55:16.411081, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.411114, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:ObjectName] [2016/07/20 22:55:16.411128, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.411141, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.411175, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'DisplayName' type : REG_SZ (1) data : * data: ARRAY(48) [0] : 0x52 (82) [1] : 0x00 (0) [2] : 0x65 (101) [3] : 0x00 (0) [4] : 0x6d (109) [5] : 0x00 (0) [6] : 0x6f (111) [7] : 0x00 (0) [8] : 0x74 (116) [9] : 0x00 (0) [10] : 0x65 (101) [11] : 0x00 (0) [12] : 0x20 (32) [13] : 0x00 (0) [14] : 0x52 (82) [15] : 0x00 (0) [16] : 0x65 (101) [17] : 0x00 (0) [18] : 0x67 (103) [19] : 0x00 (0) [20] : 0x69 (105) [21] : 0x00 (0) [22] : 0x73 (115) [23] : 0x00 (0) [24] : 0x74 (116) [25] : 0x00 (0) [26] : 0x72 (114) [27] : 0x00 (0) [28] : 0x79 (121) [29] : 0x00 (0) [30] : 0x20 (32) [31] : 0x00 (0) [32] : 0x53 (83) [33] : 0x00 (0) [34] : 0x65 (101) [35] : 0x00 (0) [36] : 0x72 (114) [37] : 0x00 (0) [38] : 0x76 (118) [39] : 0x00 (0) [40] : 0x69 (105) [41] : 0x00 (0) [42] : 0x63 (99) [43] : 0x00 (0) [44] : 0x65 (101) [45] : 0x00 (0) [46] : 0x00 (0) [47] : 0x00 (0) size : 0x00000030 (48) [2016/07/20 22:55:16.411566, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.411599, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:DisplayName] [2016/07/20 22:55:16.411613, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.411626, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.411663, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0014 (20) name_size : 0x0014 (20) name : * name : 'ImagePath' type : REG_SZ (1) data : * data: ARRAY(84) [0] : 0x2f (47) [1] : 0x00 (0) [2] : 0x75 (117) [3] : 0x00 (0) [4] : 0x73 (115) [5] : 0x00 (0) [6] : 0x72 (114) [7] : 0x00 (0) [8] : 0x2f (47) [9] : 0x00 (0) [10] : 0x6c (108) [11] : 0x00 (0) [12] : 0x6f (111) [13] : 0x00 (0) [14] : 0x63 (99) [15] : 0x00 (0) [16] : 0x61 (97) [17] : 0x00 (0) [18] : 0x6c (108) [19] : 0x00 (0) [20] : 0x2f (47) [21] : 0x00 (0) [22] : 0x6c (108) [23] : 0x00 (0) [24] : 0x69 (105) [25] : 0x00 (0) [26] : 0x62 (98) [27] : 0x00 (0) [28] : 0x2f (47) [29] : 0x00 (0) [30] : 0x73 (115) [31] : 0x00 (0) [32] : 0x68 (104) [33] : 0x00 (0) [34] : 0x61 (97) [35] : 0x00 (0) [36] : 0x72 (114) [37] : 0x00 (0) [38] : 0x65 (101) [39] : 0x00 (0) [40] : 0x64 (100) [41] : 0x00 (0) [42] : 0x2d (45) [43] : 0x00 (0) [44] : 0x6d (109) [45] : 0x00 (0) [46] : 0x6f (111) [47] : 0x00 (0) [48] : 0x64 (100) [49] : 0x00 (0) [50] : 0x75 (117) [51] : 0x00 (0) [52] : 0x6c (108) [53] : 0x00 (0) [54] : 0x65 (101) [55] : 0x00 (0) [56] : 0x73 (115) [57] : 0x00 (0) [58] : 0x2f (47) [59] : 0x00 (0) [60] : 0x73 (115) [61] : 0x00 (0) [62] : 0x76 (118) [63] : 0x00 (0) [64] : 0x63 (99) [65] : 0x00 (0) [66] : 0x63 (99) [67] : 0x00 (0) [68] : 0x74 (116) [69] : 0x00 (0) [70] : 0x6c (108) [71] : 0x00 (0) [72] : 0x2f (47) [73] : 0x00 (0) [74] : 0x73 (115) [75] : 0x00 (0) [76] : 0x6d (109) [77] : 0x00 (0) [78] : 0x62 (98) [79] : 0x00 (0) [80] : 0x64 (100) [81] : 0x00 (0) [82] : 0x00 (0) [83] : 0x00 (0) size : 0x00000054 (84) [2016/07/20 22:55:16.412293, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.412327, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:ImagePath] [2016/07/20 22:55:16.412341, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.412355, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.412390, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'Description' type : REG_SZ (1) data : * data: ARRAY(126) [0] : 0x49 (73) [1] : 0x00 (0) [2] : 0x6e (110) [3] : 0x00 (0) [4] : 0x74 (116) [5] : 0x00 (0) [6] : 0x65 (101) [7] : 0x00 (0) [8] : 0x72 (114) [9] : 0x00 (0) [10] : 0x6e (110) [11] : 0x00 (0) [12] : 0x61 (97) [13] : 0x00 (0) [14] : 0x6c (108) [15] : 0x00 (0) [16] : 0x20 (32) [17] : 0x00 (0) [18] : 0x73 (115) [19] : 0x00 (0) [20] : 0x65 (101) [21] : 0x00 (0) [22] : 0x72 (114) [23] : 0x00 (0) [24] : 0x76 (118) [25] : 0x00 (0) [26] : 0x69 (105) [27] : 0x00 (0) [28] : 0x63 (99) [29] : 0x00 (0) [30] : 0x65 (101) [31] : 0x00 (0) [32] : 0x20 (32) [33] : 0x00 (0) [34] : 0x70 (112) [35] : 0x00 (0) [36] : 0x72 (114) [37] : 0x00 (0) [38] : 0x6f (111) [39] : 0x00 (0) [40] : 0x76 (118) [41] : 0x00 (0) [42] : 0x69 (105) [43] : 0x00 (0) [44] : 0x64 (100) [45] : 0x00 (0) [46] : 0x69 (105) [47] : 0x00 (0) [48] : 0x6e (110) [49] : 0x00 (0) [50] : 0x67 (103) [51] : 0x00 (0) [52] : 0x20 (32) [53] : 0x00 (0) [54] : 0x72 (114) [55] : 0x00 (0) [56] : 0x65 (101) [57] : 0x00 (0) [58] : 0x6d (109) [59] : 0x00 (0) [60] : 0x6f (111) [61] : 0x00 (0) [62] : 0x74 (116) [63] : 0x00 (0) [64] : 0x65 (101) [65] : 0x00 (0) [66] : 0x20 (32) [67] : 0x00 (0) [68] : 0x61 (97) [69] : 0x00 (0) [70] : 0x63 (99) [71] : 0x00 (0) [72] : 0x63 (99) [73] : 0x00 (0) [74] : 0x65 (101) [75] : 0x00 (0) [76] : 0x73 (115) [77] : 0x00 (0) [78] : 0x73 (115) [79] : 0x00 (0) [80] : 0x20 (32) [81] : 0x00 (0) [82] : 0x74 (116) [83] : 0x00 (0) [84] : 0x6f (111) [85] : 0x00 (0) [86] : 0x20 (32) [87] : 0x00 (0) [88] : 0x74 (116) [89] : 0x00 (0) [90] : 0x68 (104) [91] : 0x00 (0) [92] : 0x65 (101) [93] : 0x00 (0) [94] : 0x20 (32) [95] : 0x00 (0) [96] : 0x53 (83) [97] : 0x00 (0) [98] : 0x61 (97) [99] : 0x00 (0) [100] : 0x6d (109) [101] : 0x00 (0) [102] : 0x62 (98) [103] : 0x00 (0) [104] : 0x61 (97) [105] : 0x00 (0) [106] : 0x20 (32) [107] : 0x00 (0) [108] : 0x72 (114) [109] : 0x00 (0) [110] : 0x65 (101) [111] : 0x00 (0) [112] : 0x67 (103) [113] : 0x00 (0) [114] : 0x69 (105) [115] : 0x00 (0) [116] : 0x73 (115) [117] : 0x00 (0) [118] : 0x74 (116) [119] : 0x00 (0) [120] : 0x72 (114) [121] : 0x00 (0) [122] : 0x79 (121) [123] : 0x00 (0) [124] : 0x00 (0) [125] : 0x00 (0) size : 0x0000007e (126) [2016/07/20 22:55:16.413254, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.413288, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:Description] [2016/07/20 22:55:16.413302, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.413316, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.413347, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-8f57-b47485120000 [2016/07/20 22:55:16.413390, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.413423, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.413456, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd) Closed policy [2016/07/20 22:55:16.413469, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (4->3) [2016/07/20 22:55:16.413482, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK [2016/07/20 22:55:16.413541, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0074 (116) name_size : 0x0074 (116) name : * name : 'SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) [2016/07/20 22:55:16.413737, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.413770, 10, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:785(_winreg_CreateKey) _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security' [2016/07/20 22:55:16.413784, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.413797, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.413809, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [SYSTEM] [2016/07/20 22:55:16.413822, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (3->4) [2016/07/20 22:55:16.413836, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] [2016/07/20 22:55:16.413849, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM] [2016/07/20 22:55:16.413862, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.413874, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM] [2016/07/20 22:55:16.413894, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.413907, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [CurrentControlSet] [2016/07/20 22:55:16.413920, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.413933, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.413946, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.413960, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.413972, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.413993, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.414007, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.414019, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Services] [2016/07/20 22:55:16.414033, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.414047, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.414059, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.414073, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.414085, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.414115, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.414129, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.414142, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [RemoteRegistry] [2016/07/20 22:55:16.414154, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.414167, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] [2016/07/20 22:55:16.414180, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] [2016/07/20 22:55:16.414194, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.414206, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] [2016/07/20 22:55:16.414229, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.414243, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Security] [2016/07/20 22:55:16.414255, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.414269, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security] [2016/07/20 22:55:16.414281, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security] [2016/07/20 22:55:16.414295, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.414307, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security] [2016/07/20 22:55:16.414324, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.414338, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal) Opened policy hnd[3] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.414372, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000008-0000-0000-8f57-b47485120000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK [2016/07/20 22:55:16.414447, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000008-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0012 (18) name_size : 0x0012 (18) name : * name : 'Security' type : REG_BINARY (3) data : * data: ARRAY(120) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x04 (4) [3] : 0x80 (128) [4] : 0x00 (0) [5] : 0x00 (0) [6] : 0x00 (0) [7] : 0x00 (0) [8] : 0x00 (0) [9] : 0x00 (0) [10] : 0x00 (0) [11] : 0x00 (0) [12] : 0x00 (0) [13] : 0x00 (0) [14] : 0x00 (0) [15] : 0x00 (0) [16] : 0x14 (20) [17] : 0x00 (0) [18] : 0x00 (0) [19] : 0x00 (0) [20] : 0x02 (2) [21] : 0x00 (0) [22] : 0x64 (100) [23] : 0x00 (0) [24] : 0x04 (4) [25] : 0x00 (0) [26] : 0x00 (0) [27] : 0x00 (0) [28] : 0x00 (0) [29] : 0x00 (0) [30] : 0x14 (20) [31] : 0x00 (0) [32] : 0x8d (141) [33] : 0x01 (1) [34] : 0x02 (2) [35] : 0x00 (0) [36] : 0x01 (1) [37] : 0x01 (1) [38] : 0x00 (0) [39] : 0x00 (0) [40] : 0x00 (0) [41] : 0x00 (0) [42] : 0x00 (0) [43] : 0x01 (1) [44] : 0x00 (0) [45] : 0x00 (0) [46] : 0x00 (0) [47] : 0x00 (0) [48] : 0x00 (0) [49] : 0x00 (0) [50] : 0x18 (24) [51] : 0x00 (0) [52] : 0xfd (253) [53] : 0x01 (1) [54] : 0x02 (2) [55] : 0x00 (0) [56] : 0x01 (1) [57] : 0x02 (2) [58] : 0x00 (0) [59] : 0x00 (0) [60] : 0x00 (0) [61] : 0x00 (0) [62] : 0x00 (0) [63] : 0x05 (5) [64] : 0x20 (32) [65] : 0x00 (0) [66] : 0x00 (0) [67] : 0x00 (0) [68] : 0x23 (35) [69] : 0x02 (2) [70] : 0x00 (0) [71] : 0x00 (0) [72] : 0x00 (0) [73] : 0x00 (0) [74] : 0x18 (24) [75] : 0x00 (0) [76] : 0xff (255) [77] : 0x01 (1) [78] : 0x0f (15) [79] : 0x00 (0) [80] : 0x01 (1) [81] : 0x02 (2) [82] : 0x00 (0) [83] : 0x00 (0) [84] : 0x00 (0) [85] : 0x00 (0) [86] : 0x00 (0) [87] : 0x05 (5) [88] : 0x20 (32) [89] : 0x00 (0) [90] : 0x00 (0) [91] : 0x00 (0) [92] : 0x25 (37) [93] : 0x02 (2) [94] : 0x00 (0) [95] : 0x00 (0) [96] : 0x00 (0) [97] : 0x00 (0) [98] : 0x18 (24) [99] : 0x00 (0) [100] : 0xff (255) [101] : 0x01 (1) [102] : 0x0f (15) [103] : 0x00 (0) [104] : 0x01 (1) [105] : 0x02 (2) [106] : 0x00 (0) [107] : 0x00 (0) [108] : 0x00 (0) [109] : 0x00 (0) [110] : 0x00 (0) [111] : 0x05 (5) [112] : 0x20 (32) [113] : 0x00 (0) [114] : 0x00 (0) [115] : 0x00 (0) [116] : 0x20 (32) [117] : 0x02 (2) [118] : 0x00 (0) [119] : 0x00 (0) size : 0x00000078 (120) [2016/07/20 22:55:16.415282, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.415316, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security:Security] [2016/07/20 22:55:16.415330, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.415342, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_dispatcher.c:151(fetch_reg_values) fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security' (ops 0x801c931b0) [2016/07/20 22:55:16.415355, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1910(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security] [2016/07/20 22:55:16.415373, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[0]: name[Security] len[120] [2016/07/20 22:55:16.415387, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.415420, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000008-0000-0000-8f57-b47485120000 [2016/07/20 22:55:16.415464, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.415498, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.415530, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd) Closed policy [2016/07/20 22:55:16.415542, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (4->3) [2016/07/20 22:55:16.415556, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK [2016/07/20 22:55:16.415614, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x004e (78) name_size : 0x004e (78) name : * name : 'SYSTEM\CurrentControlSet\Services\WINS' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_ACTION_NONE (0) [2016/07/20 22:55:16.415819, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.415852, 10, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:785(_winreg_CreateKey) _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\WINS' [2016/07/20 22:55:16.415866, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.415879, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.415892, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [SYSTEM] [2016/07/20 22:55:16.415905, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (3->4) [2016/07/20 22:55:16.415919, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] [2016/07/20 22:55:16.415931, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM] [2016/07/20 22:55:16.415944, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.415956, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM] [2016/07/20 22:55:16.415976, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.415991, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [CurrentControlSet] [2016/07/20 22:55:16.416003, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.416017, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.416029, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.416043, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.416055, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.416075, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.416089, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.416103, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Services] [2016/07/20 22:55:16.416115, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.416129, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.416141, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.416155, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.416167, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.416196, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.416210, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [WINS] [2016/07/20 22:55:16.416228, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.416241, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] [2016/07/20 22:55:16.416254, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] [2016/07/20 22:55:16.416267, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.416279, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] [2016/07/20 22:55:16.416298, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.416312, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal) Opened policy hnd[3] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.416346, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-8f57-b47485120000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK [2016/07/20 22:55:16.416416, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x000c (12) name_size : 0x000c (12) name : * name : 'Start' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x02 (2) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2016/07/20 22:55:16.416537, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.416571, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:Start] [2016/07/20 22:55:16.416584, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.416597, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_dispatcher.c:151(fetch_reg_values) fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\WINS' (ops 0x801c931b0) [2016/07/20 22:55:16.416610, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1910(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\WINS] [2016/07/20 22:55:16.416630, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[0]: name[Start] len[4] [2016/07/20 22:55:16.416645, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[1]: name[Type] len[4] [2016/07/20 22:55:16.416658, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[2]: name[ErrorControl] len[4] [2016/07/20 22:55:16.416671, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[3]: name[ObjectName] len[24] [2016/07/20 22:55:16.416685, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[4]: name[DisplayName] len[74] [2016/07/20 22:55:16.416698, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[5]: name[ImagePath] len[84] [2016/07/20 22:55:16.416712, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[6]: name[Description] len[178] [2016/07/20 22:55:16.416726, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.416759, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x000a (10) name_size : 0x000a (10) name : * name : 'Type' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x10 (16) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2016/07/20 22:55:16.416878, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.416911, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:Type] [2016/07/20 22:55:16.416925, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.416938, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.416971, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x001a (26) name_size : 0x001a (26) name : * name : 'ErrorControl' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) [2016/07/20 22:55:16.417116, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.417149, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:ErrorControl] [2016/07/20 22:55:16.417163, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.417176, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.417209, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0016 (22) name_size : 0x0016 (22) name : * name : 'ObjectName' type : REG_SZ (1) data : * data: ARRAY(24) [0] : 0x4c (76) [1] : 0x00 (0) [2] : 0x6f (111) [3] : 0x00 (0) [4] : 0x63 (99) [5] : 0x00 (0) [6] : 0x61 (97) [7] : 0x00 (0) [8] : 0x6c (108) [9] : 0x00 (0) [10] : 0x53 (83) [11] : 0x00 (0) [12] : 0x79 (121) [13] : 0x00 (0) [14] : 0x73 (115) [15] : 0x00 (0) [16] : 0x74 (116) [17] : 0x00 (0) [18] : 0x65 (101) [19] : 0x00 (0) [20] : 0x6d (109) [21] : 0x00 (0) [22] : 0x00 (0) [23] : 0x00 (0) size : 0x00000018 (24) [2016/07/20 22:55:16.417482, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.417515, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:ObjectName] [2016/07/20 22:55:16.417529, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.417543, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.417579, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'DisplayName' type : REG_SZ (1) data : * data: ARRAY(74) [0] : 0x57 (87) [1] : 0x00 (0) [2] : 0x69 (105) [3] : 0x00 (0) [4] : 0x6e (110) [5] : 0x00 (0) [6] : 0x64 (100) [7] : 0x00 (0) [8] : 0x6f (111) [9] : 0x00 (0) [10] : 0x77 (119) [11] : 0x00 (0) [12] : 0x73 (115) [13] : 0x00 (0) [14] : 0x20 (32) [15] : 0x00 (0) [16] : 0x49 (73) [17] : 0x00 (0) [18] : 0x6e (110) [19] : 0x00 (0) [20] : 0x74 (116) [21] : 0x00 (0) [22] : 0x65 (101) [23] : 0x00 (0) [24] : 0x72 (114) [25] : 0x00 (0) [26] : 0x6e (110) [27] : 0x00 (0) [28] : 0x65 (101) [29] : 0x00 (0) [30] : 0x74 (116) [31] : 0x00 (0) [32] : 0x20 (32) [33] : 0x00 (0) [34] : 0x4e (78) [35] : 0x00 (0) [36] : 0x61 (97) [37] : 0x00 (0) [38] : 0x6d (109) [39] : 0x00 (0) [40] : 0x65 (101) [41] : 0x00 (0) [42] : 0x20 (32) [43] : 0x00 (0) [44] : 0x53 (83) [45] : 0x00 (0) [46] : 0x65 (101) [47] : 0x00 (0) [48] : 0x72 (114) [49] : 0x00 (0) [50] : 0x76 (118) [51] : 0x00 (0) [52] : 0x69 (105) [53] : 0x00 (0) [54] : 0x63 (99) [55] : 0x00 (0) [56] : 0x65 (101) [57] : 0x00 (0) [58] : 0x20 (32) [59] : 0x00 (0) [60] : 0x28 (40) [61] : 0x00 (0) [62] : 0x57 (87) [63] : 0x00 (0) [64] : 0x49 (73) [65] : 0x00 (0) [66] : 0x4e (78) [67] : 0x00 (0) [68] : 0x53 (83) [69] : 0x00 (0) [70] : 0x29 (41) [71] : 0x00 (0) [72] : 0x00 (0) [73] : 0x00 (0) size : 0x0000004a (74) [2016/07/20 22:55:16.418150, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.418184, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:DisplayName] [2016/07/20 22:55:16.418197, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.418215, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.418250, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0014 (20) name_size : 0x0014 (20) name : * name : 'ImagePath' type : REG_SZ (1) data : * data: ARRAY(84) [0] : 0x2f (47) [1] : 0x00 (0) [2] : 0x75 (117) [3] : 0x00 (0) [4] : 0x73 (115) [5] : 0x00 (0) [6] : 0x72 (114) [7] : 0x00 (0) [8] : 0x2f (47) [9] : 0x00 (0) [10] : 0x6c (108) [11] : 0x00 (0) [12] : 0x6f (111) [13] : 0x00 (0) [14] : 0x63 (99) [15] : 0x00 (0) [16] : 0x61 (97) [17] : 0x00 (0) [18] : 0x6c (108) [19] : 0x00 (0) [20] : 0x2f (47) [21] : 0x00 (0) [22] : 0x6c (108) [23] : 0x00 (0) [24] : 0x69 (105) [25] : 0x00 (0) [26] : 0x62 (98) [27] : 0x00 (0) [28] : 0x2f (47) [29] : 0x00 (0) [30] : 0x73 (115) [31] : 0x00 (0) [32] : 0x68 (104) [33] : 0x00 (0) [34] : 0x61 (97) [35] : 0x00 (0) [36] : 0x72 (114) [37] : 0x00 (0) [38] : 0x65 (101) [39] : 0x00 (0) [40] : 0x64 (100) [41] : 0x00 (0) [42] : 0x2d (45) [43] : 0x00 (0) [44] : 0x6d (109) [45] : 0x00 (0) [46] : 0x6f (111) [47] : 0x00 (0) [48] : 0x64 (100) [49] : 0x00 (0) [50] : 0x75 (117) [51] : 0x00 (0) [52] : 0x6c (108) [53] : 0x00 (0) [54] : 0x65 (101) [55] : 0x00 (0) [56] : 0x73 (115) [57] : 0x00 (0) [58] : 0x2f (47) [59] : 0x00 (0) [60] : 0x73 (115) [61] : 0x00 (0) [62] : 0x76 (118) [63] : 0x00 (0) [64] : 0x63 (99) [65] : 0x00 (0) [66] : 0x63 (99) [67] : 0x00 (0) [68] : 0x74 (116) [69] : 0x00 (0) [70] : 0x6c (108) [71] : 0x00 (0) [72] : 0x2f (47) [73] : 0x00 (0) [74] : 0x6e (110) [75] : 0x00 (0) [76] : 0x6d (109) [77] : 0x00 (0) [78] : 0x62 (98) [79] : 0x00 (0) [80] : 0x64 (100) [81] : 0x00 (0) [82] : 0x00 (0) [83] : 0x00 (0) size : 0x00000054 (84) [2016/07/20 22:55:16.418855, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.418889, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:ImagePath] [2016/07/20 22:55:16.418902, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.418916, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.418951, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'Description' type : REG_SZ (1) data : * data: ARRAY(178) [0] : 0x49 (73) [1] : 0x00 (0) [2] : 0x6e (110) [3] : 0x00 (0) [4] : 0x74 (116) [5] : 0x00 (0) [6] : 0x65 (101) [7] : 0x00 (0) [8] : 0x72 (114) [9] : 0x00 (0) [10] : 0x6e (110) [11] : 0x00 (0) [12] : 0x61 (97) [13] : 0x00 (0) [14] : 0x6c (108) [15] : 0x00 (0) [16] : 0x20 (32) [17] : 0x00 (0) [18] : 0x73 (115) [19] : 0x00 (0) [20] : 0x65 (101) [21] : 0x00 (0) [22] : 0x72 (114) [23] : 0x00 (0) [24] : 0x76 (118) [25] : 0x00 (0) [26] : 0x69 (105) [27] : 0x00 (0) [28] : 0x63 (99) [29] : 0x00 (0) [30] : 0x65 (101) [31] : 0x00 (0) [32] : 0x20 (32) [33] : 0x00 (0) [34] : 0x70 (112) [35] : 0x00 (0) [36] : 0x72 (114) [37] : 0x00 (0) [38] : 0x6f (111) [39] : 0x00 (0) [40] : 0x76 (118) [41] : 0x00 (0) [42] : 0x69 (105) [43] : 0x00 (0) [44] : 0x64 (100) [45] : 0x00 (0) [46] : 0x69 (105) [47] : 0x00 (0) [48] : 0x6e (110) [49] : 0x00 (0) [50] : 0x67 (103) [51] : 0x00 (0) [52] : 0x20 (32) [53] : 0x00 (0) [54] : 0x61 (97) [55] : 0x00 (0) [56] : 0x20 (32) [57] : 0x00 (0) [58] : 0x4e (78) [59] : 0x00 (0) [60] : 0x65 (101) [61] : 0x00 (0) [62] : 0x74 (116) [63] : 0x00 (0) [64] : 0x42 (66) [65] : 0x00 (0) [66] : 0x49 (73) [67] : 0x00 (0) [68] : 0x4f (79) [69] : 0x00 (0) [70] : 0x53 (83) [71] : 0x00 (0) [72] : 0x20 (32) [73] : 0x00 (0) [74] : 0x70 (112) [75] : 0x00 (0) [76] : 0x6f (111) [77] : 0x00 (0) [78] : 0x69 (105) [79] : 0x00 (0) [80] : 0x6e (110) [81] : 0x00 (0) [82] : 0x74 (116) [83] : 0x00 (0) [84] : 0x2d (45) [85] : 0x00 (0) [86] : 0x74 (116) [87] : 0x00 (0) [88] : 0x6f (111) [89] : 0x00 (0) [90] : 0x2d (45) [91] : 0x00 (0) [92] : 0x70 (112) [93] : 0x00 (0) [94] : 0x6f (111) [95] : 0x00 (0) [96] : 0x69 (105) [97] : 0x00 (0) [98] : 0x6e (110) [99] : 0x00 (0) [100] : 0x74 (116) [101] : 0x00 (0) [102] : 0x20 (32) [103] : 0x00 (0) [104] : 0x6e (110) [105] : 0x00 (0) [106] : 0x61 (97) [107] : 0x00 (0) [108] : 0x6d (109) [109] : 0x00 (0) [110] : 0x65 (101) [111] : 0x00 (0) [112] : 0x20 (32) [113] : 0x00 (0) [114] : 0x73 (115) [115] : 0x00 (0) [116] : 0x65 (101) [117] : 0x00 (0) [118] : 0x72 (114) [119] : 0x00 (0) [120] : 0x76 (118) [121] : 0x00 (0) [122] : 0x65 (101) [123] : 0x00 (0) [124] : 0x72 (114) [125] : 0x00 (0) [126] : 0x28 (40) [127] : 0x00 (0) [128] : 0x6e (110) [129] : 0x00 (0) [130] : 0x6f (111) [131] : 0x00 (0) [132] : 0x74 (116) [133] : 0x00 (0) [134] : 0x20 (32) [135] : 0x00 (0) [136] : 0x72 (114) [137] : 0x00 (0) [138] : 0x65 (101) [139] : 0x00 (0) [140] : 0x6d (109) [141] : 0x00 (0) [142] : 0x6f (111) [143] : 0x00 (0) [144] : 0x74 (116) [145] : 0x00 (0) [146] : 0x65 (101) [147] : 0x00 (0) [148] : 0x6c (108) [149] : 0x00 (0) [150] : 0x79 (121) [151] : 0x00 (0) [152] : 0x20 (32) [153] : 0x00 (0) [154] : 0x6d (109) [155] : 0x00 (0) [156] : 0x61 (97) [157] : 0x00 (0) [158] : 0x6e (110) [159] : 0x00 (0) [160] : 0x61 (97) [161] : 0x00 (0) [162] : 0x67 (103) [163] : 0x00 (0) [164] : 0x65 (101) [165] : 0x00 (0) [166] : 0x61 (97) [167] : 0x00 (0) [168] : 0x62 (98) [169] : 0x00 (0) [170] : 0x6c (108) [171] : 0x00 (0) [172] : 0x65 (101) [173] : 0x00 (0) [174] : 0x29 (41) [175] : 0x00 (0) [176] : 0x00 (0) [177] : 0x00 (0) size : 0x000000b2 (178) [2016/07/20 22:55:16.420177, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.420214, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:Description] [2016/07/20 22:55:16.420228, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.420242, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.420274, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-8f57-b47485120000 [2016/07/20 22:55:16.420318, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.420352, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.420384, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd) Closed policy [2016/07/20 22:55:16.420397, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (4->3) [2016/07/20 22:55:16.420410, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK [2016/07/20 22:55:16.420469, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0060 (96) name_size : 0x0060 (96) name : * name : 'SYSTEM\CurrentControlSet\Services\WINS\Security' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) [2016/07/20 22:55:16.420665, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.420699, 10, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:785(_winreg_CreateKey) _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\WINS\Security' [2016/07/20 22:55:16.420714, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.420727, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.420739, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [SYSTEM] [2016/07/20 22:55:16.420752, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (3->4) [2016/07/20 22:55:16.420766, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] [2016/07/20 22:55:16.420778, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM] [2016/07/20 22:55:16.420792, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.420804, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM] [2016/07/20 22:55:16.420824, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.420851, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [CurrentControlSet] [2016/07/20 22:55:16.420863, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.420876, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.420888, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.420901, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.420913, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.420933, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.420947, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.420959, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Services] [2016/07/20 22:55:16.420972, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.420985, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.420997, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.421010, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.421022, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.421052, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.421066, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 2 [2016/07/20 22:55:16.421078, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [WINS] [2016/07/20 22:55:16.421090, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.421103, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] [2016/07/20 22:55:16.421115, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] [2016/07/20 22:55:16.421129, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.421140, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] [2016/07/20 22:55:16.421158, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.421172, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Security] [2016/07/20 22:55:16.421184, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.421197, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security] [2016/07/20 22:55:16.421209, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security] [2016/07/20 22:55:16.421227, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.421239, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security] [2016/07/20 22:55:16.421255, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.421269, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal) Opened policy hnd[3] [0000] 00 00 00 00 0A 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.421302, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000a-0000-0000-8f57-b47485120000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK [2016/07/20 22:55:16.421375, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000a-0000-0000-8f57-b47485120000 name: struct winreg_String name_len : 0x0012 (18) name_size : 0x0012 (18) name : * name : 'Security' type : REG_BINARY (3) data : * data: ARRAY(120) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x04 (4) [3] : 0x80 (128) [4] : 0x00 (0) [5] : 0x00 (0) [6] : 0x00 (0) [7] : 0x00 (0) [8] : 0x00 (0) [9] : 0x00 (0) [10] : 0x00 (0) [11] : 0x00 (0) [12] : 0x00 (0) [13] : 0x00 (0) [14] : 0x00 (0) [15] : 0x00 (0) [16] : 0x14 (20) [17] : 0x00 (0) [18] : 0x00 (0) [19] : 0x00 (0) [20] : 0x02 (2) [21] : 0x00 (0) [22] : 0x64 (100) [23] : 0x00 (0) [24] : 0x04 (4) [25] : 0x00 (0) [26] : 0x00 (0) [27] : 0x00 (0) [28] : 0x00 (0) [29] : 0x00 (0) [30] : 0x14 (20) [31] : 0x00 (0) [32] : 0x8d (141) [33] : 0x01 (1) [34] : 0x02 (2) [35] : 0x00 (0) [36] : 0x01 (1) [37] : 0x01 (1) [38] : 0x00 (0) [39] : 0x00 (0) [40] : 0x00 (0) [41] : 0x00 (0) [42] : 0x00 (0) [43] : 0x01 (1) [44] : 0x00 (0) [45] : 0x00 (0) [46] : 0x00 (0) [47] : 0x00 (0) [48] : 0x00 (0) [49] : 0x00 (0) [50] : 0x18 (24) [51] : 0x00 (0) [52] : 0xfd (253) [53] : 0x01 (1) [54] : 0x02 (2) [55] : 0x00 (0) [56] : 0x01 (1) [57] : 0x02 (2) [58] : 0x00 (0) [59] : 0x00 (0) [60] : 0x00 (0) [61] : 0x00 (0) [62] : 0x00 (0) [63] : 0x05 (5) [64] : 0x20 (32) [65] : 0x00 (0) [66] : 0x00 (0) [67] : 0x00 (0) [68] : 0x23 (35) [69] : 0x02 (2) [70] : 0x00 (0) [71] : 0x00 (0) [72] : 0x00 (0) [73] : 0x00 (0) [74] : 0x18 (24) [75] : 0x00 (0) [76] : 0xff (255) [77] : 0x01 (1) [78] : 0x0f (15) [79] : 0x00 (0) [80] : 0x01 (1) [81] : 0x02 (2) [82] : 0x00 (0) [83] : 0x00 (0) [84] : 0x00 (0) [85] : 0x00 (0) [86] : 0x00 (0) [87] : 0x05 (5) [88] : 0x20 (32) [89] : 0x00 (0) [90] : 0x00 (0) [91] : 0x00 (0) [92] : 0x25 (37) [93] : 0x02 (2) [94] : 0x00 (0) [95] : 0x00 (0) [96] : 0x00 (0) [97] : 0x00 (0) [98] : 0x18 (24) [99] : 0x00 (0) [100] : 0xff (255) [101] : 0x01 (1) [102] : 0x0f (15) [103] : 0x00 (0) [104] : 0x01 (1) [105] : 0x02 (2) [106] : 0x00 (0) [107] : 0x00 (0) [108] : 0x00 (0) [109] : 0x00 (0) [110] : 0x00 (0) [111] : 0x05 (5) [112] : 0x20 (32) [113] : 0x00 (0) [114] : 0x00 (0) [115] : 0x00 (0) [116] : 0x20 (32) [117] : 0x02 (2) [118] : 0x00 (0) [119] : 0x00 (0) size : 0x00000078 (120) [2016/07/20 22:55:16.422186, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 0A 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.422224, 8, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/winreg/srv_winreg_nt.c:815(_winreg_SetValue) _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security:Security] [2016/07/20 22:55:16.422237, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/tdb_wrap/tdb_wrap.c:64(tdb_wrap_log) tdb(/var/db/samba4/registry.tdb): tdb_transaction_start: nesting 1 [2016/07/20 22:55:16.422250, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_dispatcher.c:151(fetch_reg_values) fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security' (ops 0x801c931b0) [2016/07/20 22:55:16.422262, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1910(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security] [2016/07/20 22:55:16.422279, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[0]: name[Security] len[120] [2016/07/20 22:55:16.422293, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK [2016/07/20 22:55:16.422323, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000a-0000-0000-8f57-b47485120000 [2016/07/20 22:55:16.422365, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 0A 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.422398, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 0A 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.422429, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd) Closed policy [2016/07/20 22:55:16.422442, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (4->3) [2016/07/20 22:55:16.422454, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK [2016/07/20 22:55:16.422506, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-8f57-b47485120000 [2016/07/20 22:55:16.422548, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.422580, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.422611, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd) Closed policy [2016/07/20 22:55:16.422624, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (3->2) [2016/07/20 22:55:16.422636, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK [2016/07/20 22:55:16.422692, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (2->1) [2016/07/20 22:55:16.422711, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (1->0) [2016/07/20 22:55:16.422735, 10, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:418(close_policy_by_pipe) Deleted handle list for RPC connection winreg [2016/07/20 22:55:16.422767, 3, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/rpc_server/eventlog/srv_eventlog_reg.c:59(eventlog_init_winreg) Initialise the eventlog registry keys if needed. [2016/07/20 22:55:16.422791, 4, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_ncacn_np.c:203(make_internal_rpc_pipe_p) Create pipe requested winreg [2016/07/20 22:55:16.422806, 10, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:223(init_pipe_handles) init_pipe_handle_list: created handle list for pipe winreg [2016/07/20 22:55:16.422819, 10, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:240(init_pipe_handles) init_pipe_handle_list: pipe_handles ref count = 1 for pipe winreg [2016/07/20 22:55:16.422850, 4, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_ncacn_np.c:243(make_internal_rpc_pipe_p) Created internal pipe winreg [2016/07/20 22:55:16.422869, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_OpenHKLM: struct winreg_OpenHKLM in: struct winreg_OpenHKLM system_name : NULL access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY [2016/07/20 22:55:16.422944, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [HKLM] [2016/07/20 22:55:16.422973, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2016/07/20 22:55:16.422988, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2016/07/20 22:55:16.423001, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:16.423013, 5, pid=4741, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:16.423025, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:16.423087, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:16.423102, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:885(regdb_open) regdb_open: registry db opened. refcount reset (1) [2016/07/20 22:55:16.423115, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM] [2016/07/20 22:55:16.423128, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM] [2016/07/20 22:55:16.423140, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.423152, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM] [2016/07/20 22:55:16.423178, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal) Opened policy hnd[1] [0000] 00 00 00 00 0B 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.423218, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_OpenHKLM: struct winreg_OpenHKLM out: struct winreg_OpenHKLM handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000b-0000-0000-8f57-b47485120000 result : WERR_OK [2016/07/20 22:55:16.423280, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_OpenKey: struct winreg_OpenKey in: struct winreg_OpenKey parent_handle : * parent_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000b-0000-0000-8f57-b47485120000 keyname: struct winreg_String name_len : 0x0056 (86) name_size : 0x0056 (86) name : * name : 'SYSTEM\CurrentControlSet\Services\Eventlog' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY [2016/07/20 22:55:16.423428, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 0B 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.423461, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [SYSTEM] [2016/07/20 22:55:16.423474, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (1->2) [2016/07/20 22:55:16.423488, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] [2016/07/20 22:55:16.423500, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM] [2016/07/20 22:55:16.423513, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.423525, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM] [2016/07/20 22:55:16.423562, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [CurrentControlSet] [2016/07/20 22:55:16.423576, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (2->3) [2016/07/20 22:55:16.423603, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.423616, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.423642, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.423666, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet] [2016/07/20 22:55:16.423690, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Services] [2016/07/20 22:55:16.423703, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (3->4) [2016/07/20 22:55:16.423723, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.423736, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.423750, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.423762, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet\Services] [2016/07/20 22:55:16.423794, 7, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_api.c:143(regkey_open_onelevel) regkey_open_onelevel: name = [Eventlog] [2016/07/20 22:55:16.423807, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:857(regdb_open) regdb_open: incrementing refcount (4->5) [2016/07/20 22:55:16.423820, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:125(reghook_cache_find) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] [2016/07/20 22:55:16.423832, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:367(pathtree_find) pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] [2016/07/20 22:55:16.423846, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/adt_tree.c:440(pathtree_find) pathtree_find: Exit [2016/07/20 22:55:16.423857, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_cachehook.c:130(reghook_cache_find) reghook_cache_find: found ops 0x801c931b0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] [2016/07/20 22:55:16.423876, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (5->4) [2016/07/20 22:55:16.423889, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (4->3) [2016/07/20 22:55:16.423902, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (3->2) [2016/07/20 22:55:16.423915, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:304(create_rpc_handle_internal) Opened policy hnd[2] [0000] 00 00 00 00 0C 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.423948, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_OpenKey: struct winreg_OpenKey out: struct winreg_OpenKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000c-0000-0000-8f57-b47485120000 result : WERR_OK [2016/07/20 22:55:16.424006, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_QueryInfoKey: struct winreg_QueryInfoKey in: struct winreg_QueryInfoKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000c-0000-0000-8f57-b47485120000 classname : * classname: struct winreg_String name_len : 0x0000 (0) name_size : 0x0000 (0) name : NULL [2016/07/20 22:55:16.424079, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 0C 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.424112, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_dispatcher.c:151(fetch_reg_values) fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\Eventlog' (ops 0x801c931b0) [2016/07/20 22:55:16.424125, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1910(regdb_fetch_values_internal) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] [2016/07/20 22:55:16.424146, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[0]: name[DisplayName] len[20] [2016/07/20 22:55:16.424160, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:1855(regdb_unpack_values) regdb_unpack_values: value[1]: name[ErrorControl] len[4] [2016/07/20 22:55:16.424173, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:2093(regdb_get_secdesc) regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] [2016/07/20 22:55:16.424193, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_QueryInfoKey: struct winreg_QueryInfoKey out: struct winreg_QueryInfoKey classname : * classname: struct winreg_String name_len : 0x0000 (0) name_size : 0x0000 (0) name : NULL num_subkeys : * num_subkeys : 0x00000000 (0) max_subkeylen : * max_subkeylen : 0x00000000 (0) max_classlen : * max_classlen : 0x00000000 (0) num_values : * num_values : 0x00000002 (2) max_valnamelen : * max_valnamelen : 0x0000001a (26) max_valbufsize : * max_valbufsize : 0x00000014 (20) secdescsize : * secdescsize : 0x00000078 (120) last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK [2016/07/20 22:55:16.424426, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000c-0000-0000-8f57-b47485120000 [2016/07/20 22:55:16.424470, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 0C 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.424503, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:339(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 0C 00 00 00 00 00 00 00 8F 57 B4 74 ........ .....W.t [0010] 85 12 00 00 .... [2016/07/20 22:55:16.424535, 6, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:388(close_policy_hnd) Closed policy [2016/07/20 22:55:16.424547, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (2->1) [2016/07/20 22:55:16.424560, 1, pid=4741, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK [2016/07/20 22:55:16.424612, 10, pid=4741, effective(0, 0), real(0, 0), class=registry] ../source3/registry/reg_backend_db.c:902(regdb_close) regdb_close: decrementing refcount (1->0) [2016/07/20 22:55:16.424633, 10, pid=4741, effective(0, 0), real(0, 0), class=rpc_srv] ../source3/rpc_server/rpc_handles.c:418(close_policy_by_pipe) Deleted handle list for RPC connection winreg [2016/07/20 22:55:16.424656, 0, pid=4741, effective(0, 0), real(0, 0)] ../lib/util/become_daemon.c:124(daemon_ready) STATUS=daemon 'smbd' finished starting up and ready to serve connections [2016/07/20 22:55:16.424696, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/util_sock.c:410(open_socket_in) bind succeeded on port 445 [2016/07/20 22:55:16.424713, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:1055(print_socket_options) Socket options: SO_KEEPALIVE = 8 SO_REUSEADDR = 4 SO_BROADCAST = 0 TCP_NODELAY = 0 TCP_KEEPCNT = 0 TCP_KEEPIDLE = 0 TCP_KEEPINTVL = 0 Could not test socket option IPTOS_LOWDELAY. Could not test socket option IPTOS_THROUGHPUT. SO_REUSEPORT = 512 SO_SNDBUF = 32768 SO_RCVBUF = 65536 SO_SNDLOWAT = 2048 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 [2016/07/20 22:55:16.424805, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:1055(print_socket_options) Socket options: SO_KEEPALIVE = 8 SO_REUSEADDR = 4 SO_BROADCAST = 0 TCP_NODELAY = 4 TCP_KEEPCNT = 0 TCP_KEEPIDLE = 0 TCP_KEEPINTVL = 0 Could not test socket option IPTOS_LOWDELAY. Could not test socket option IPTOS_THROUGHPUT. SO_REUSEPORT = 512 SO_SNDBUF = 32768 SO_RCVBUF = 65536 SO_SNDLOWAT = 2048 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 [2016/07/20 22:55:16.424902, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/util_sock.c:410(open_socket_in) bind succeeded on port 139 [2016/07/20 22:55:16.424916, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:1055(print_socket_options) Socket options: SO_KEEPALIVE = 8 SO_REUSEADDR = 4 SO_BROADCAST = 0 TCP_NODELAY = 0 TCP_KEEPCNT = 0 TCP_KEEPIDLE = 0 TCP_KEEPINTVL = 0 Could not test socket option IPTOS_LOWDELAY. Could not test socket option IPTOS_THROUGHPUT. SO_REUSEPORT = 512 SO_SNDBUF = 32768 SO_RCVBUF = 65536 SO_SNDLOWAT = 2048 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 [2016/07/20 22:55:16.425006, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:1055(print_socket_options) Socket options: SO_KEEPALIVE = 8 SO_REUSEADDR = 4 SO_BROADCAST = 0 TCP_NODELAY = 4 TCP_KEEPCNT = 0 TCP_KEEPIDLE = 0 TCP_KEEPINTVL = 0 Could not test socket option IPTOS_LOWDELAY. Could not test socket option IPTOS_THROUGHPUT. SO_REUSEPORT = 512 SO_SNDBUF = 32768 SO_RCVBUF = 65536 SO_SNDLOWAT = 2048 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 [2016/07/20 22:55:16.425104, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/util_sock.c:410(open_socket_in) bind succeeded on port 445 [2016/07/20 22:55:16.425118, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:1055(print_socket_options) Socket options: SO_KEEPALIVE = 8 SO_REUSEADDR = 4 SO_BROADCAST = 0 TCP_NODELAY = 0 TCP_KEEPCNT = 0 TCP_KEEPIDLE = 0 TCP_KEEPINTVL = 0 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 512 SO_SNDBUF = 32768 SO_RCVBUF = 65536 SO_SNDLOWAT = 2048 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 [2016/07/20 22:55:16.425207, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:1055(print_socket_options) Socket options: SO_KEEPALIVE = 8 SO_REUSEADDR = 4 SO_BROADCAST = 0 TCP_NODELAY = 4 TCP_KEEPCNT = 0 TCP_KEEPIDLE = 0 TCP_KEEPINTVL = 0 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 512 SO_SNDBUF = 32768 SO_RCVBUF = 65536 SO_SNDLOWAT = 2048 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 [2016/07/20 22:55:16.425306, 10, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/util_sock.c:410(open_socket_in) bind succeeded on port 139 [2016/07/20 22:55:16.425320, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:1055(print_socket_options) Socket options: SO_KEEPALIVE = 8 SO_REUSEADDR = 4 SO_BROADCAST = 0 TCP_NODELAY = 0 TCP_KEEPCNT = 0 TCP_KEEPIDLE = 0 TCP_KEEPINTVL = 0 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 512 SO_SNDBUF = 32768 SO_RCVBUF = 65536 SO_SNDLOWAT = 2048 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 [2016/07/20 22:55:16.425410, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:1055(print_socket_options) Socket options: SO_KEEPALIVE = 8 SO_REUSEADDR = 4 SO_BROADCAST = 0 TCP_NODELAY = 4 TCP_KEEPCNT = 0 TCP_KEEPIDLE = 0 TCP_KEEPINTVL = 0 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 512 SO_SNDBUF = 32768 SO_RCVBUF = 65536 SO_SNDLOWAT = 2048 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 [2016/07/20 22:55:16.425500, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order) check lock order 2 for /var/lock/serverid.tdb [2016/07/20 22:55:16.425517, 10, pid=4741, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2:/var/lock/serverid.tdb 3: [2016/07/20 22:55:16.425535, 10, pid=4741, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 8512000000000000FFFF [2016/07/20 22:55:16.425551, 10, pid=4741, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x812043ea0 [2016/07/20 22:55:16.425573, 10, pid=4741, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 8512000000000000FFFF [2016/07/20 22:55:16.425586, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 2 for /var/lock/serverid.tdb [2016/07/20 22:55:16.425598, 10, pid=4741, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2016/07/20 22:55:16.425613, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:446(messaging_register) Registering messaging pointer for type 13 - private_data=0x0 [2016/07/20 22:55:16.425626, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:446(messaging_register) Registering messaging pointer for type 33 - private_data=0x812050400 [2016/07/20 22:55:16.425638, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:446(messaging_register) Registering messaging pointer for type 783 - private_data=0x0 [2016/07/20 22:55:16.425650, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:446(messaging_register) Registering messaging pointer for type 1 - private_data=0x0 [2016/07/20 22:55:16.425662, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:461(messaging_register) Overriding messaging pointer for type 1 - private_data=0x0 [2016/07/20 22:55:16.425674, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:446(messaging_register) Registering messaging pointer for type 785 - private_data=0x0 [2016/07/20 22:55:16.425686, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:446(messaging_register) Registering messaging pointer for type 770 - private_data=0x0 [2016/07/20 22:55:16.425698, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:446(messaging_register) Registering messaging pointer for type 790 - private_data=0x0 [2016/07/20 22:55:16.425714, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:446(messaging_register) Registering messaging pointer for type 791 - private_data=0x0 [2016/07/20 22:55:16.425728, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:446(messaging_register) Registering messaging pointer for type 15 - private_data=0x0 [2016/07/20 22:55:16.425740, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:446(messaging_register) Registering messaging pointer for type 16 - private_data=0x0 [2016/07/20 22:55:16.425761, 2, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/server.c:1009(smbd_parent_loop) waiting for connections [2016/07/20 22:55:16.425776, 6, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/dnsregister.c:101(dns_register_smbd_retry) registering _smb._tcp service on port 445 [2016/07/20 22:55:17.978101, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order) check lock order 2 for /var/lock/serverid.tdb [2016/07/20 22:55:17.978146, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2:/var/lock/serverid.tdb 3: [2016/07/20 22:55:17.978167, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key A512000000000000FFFF [2016/07/20 22:55:17.978191, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x812043ba0 [2016/07/20 22:55:17.978219, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key A512000000000000FFFF [2016/07/20 22:55:17.978234, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 2 for /var/lock/serverid.tdb [2016/07/20 22:55:17.978247, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2016/07/20 22:55:17.978275, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:1055(print_socket_options) Socket options: SO_KEEPALIVE = 8 SO_REUSEADDR = 4 SO_BROADCAST = 0 TCP_NODELAY = 4 TCP_KEEPCNT = 0 TCP_KEEPIDLE = 0 TCP_KEEPINTVL = 0 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 512 SO_SNDBUF = 33304 SO_RCVBUF = 66608 SO_SNDLOWAT = 2048 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 [2016/07/20 22:55:17.978377, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:1055(print_socket_options) Socket options: SO_KEEPALIVE = 8 SO_REUSEADDR = 4 SO_BROADCAST = 0 TCP_NODELAY = 4 TCP_KEEPCNT = 0 TCP_KEEPIDLE = 0 TCP_KEEPINTVL = 0 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_REUSEPORT = 512 SO_SNDBUF = 33304 SO_RCVBUF = 66608 SO_SNDLOWAT = 2048 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 [2016/07/20 22:55:17.980944, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/access.c:338(allow_access) Allowed connection from stargate.home.gateway (192.168.1.200) [2016/07/20 22:55:17.980971, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/process.c:3749(smbd_add_connection) Connection allowed from ipv4:192.168.1.200:53276 to ipv4:192.168.1.100:445 [2016/07/20 22:55:17.981036, 6, pid=4773, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:2239(lp_file_list_changed) lp_file_list_changed() file /usr/local/etc/smb4.conf -> /usr/local/etc/smb4.conf last mod_time: Wed Jul 20 22:55:16 2016 [2016/07/20 22:55:17.981089, 3, pid=4773, effective(0, 0), real(0, 0), class=locking] ../source3/smbd/oplock.c:1310(init_oplocks) init_oplocks: initializing messages. [2016/07/20 22:55:17.981105, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:446(messaging_register) Registering messaging pointer for type 774 - private_data=0x81209f660 [2016/07/20 22:55:17.981119, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:446(messaging_register) Registering messaging pointer for type 778 - private_data=0x81209f660 [2016/07/20 22:55:17.981133, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:446(messaging_register) Registering messaging pointer for type 770 - private_data=0x81209f660 [2016/07/20 22:55:17.981147, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:446(messaging_register) Registering messaging pointer for type 787 - private_data=0x81209f660 [2016/07/20 22:55:17.981160, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:446(messaging_register) Registering messaging pointer for type 779 - private_data=0x81209f660 [2016/07/20 22:55:17.981174, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:446(messaging_register) Registering messaging pointer for type 15 - private_data=0x0 [2016/07/20 22:55:17.981188, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:461(messaging_register) Overriding messaging pointer for type 15 - private_data=0x0 [2016/07/20 22:55:17.981201, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:493(messaging_deregister) Deregistering messaging pointer for type 16 - private_data=0x0 [2016/07/20 22:55:17.981221, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:446(messaging_register) Registering messaging pointer for type 16 - private_data=0x81209f660 [2016/07/20 22:55:17.981234, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:493(messaging_deregister) Deregistering messaging pointer for type 33 - private_data=0x812050400 [2016/07/20 22:55:17.981248, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:446(messaging_register) Registering messaging pointer for type 33 - private_data=0x81209f660 [2016/07/20 22:55:17.981261, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:493(messaging_deregister) Deregistering messaging pointer for type 790 - private_data=0x0 [2016/07/20 22:55:17.981275, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:446(messaging_register) Registering messaging pointer for type 790 - private_data=0x81209f660 [2016/07/20 22:55:17.981288, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:493(messaging_deregister) Deregistering messaging pointer for type 791 - private_data=0x0 [2016/07/20 22:55:17.981301, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:493(messaging_deregister) Deregistering messaging pointer for type 1 - private_data=0x0 [2016/07/20 22:55:17.981315, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:446(messaging_register) Registering messaging pointer for type 1 - private_data=0x0 [2016/07/20 22:55:17.981332, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/events.c:483(event_add_idle) event_add_idle: idle_evt(keepalive) 0x812043c60 [2016/07/20 22:55:17.981346, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/events.c:483(event_add_idle) event_add_idle: idle_evt(deadtime) 0x812043d20 [2016/07/20 22:55:17.981361, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/events.c:483(event_add_idle) event_add_idle: idle_evt(housekeeping) 0x812043de0 [2016/07/20 22:55:36.996825, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util_sock.c:248(read_smb_length_return_keepalive) got smb length of 78 [2016/07/20 22:55:36.996877, 6, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/process.c:1878(process_smb) got message type 0x0 of len 0x4e [2016/07/20 22:55:36.996892, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/process.c:1880(process_smb) Transaction 0 of length 82 (0 toread) [2016/07/20 22:55:36.996907, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util.c:169(show_msg) [2016/07/20 22:55:36.996915, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util.c:179(show_msg) size=78 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=51201 smb_tid=0 smb_pid=28839 smb_uid=0 smb_mid=128 smt_wct=0 smb_bcc=43 [2016/07/20 22:55:36.996984, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/util.c:559(dump_data) [0000] 02 4C 4D 31 2E 32 58 30 30 32 00 02 4C 41 4E 4D .LM1.2X0 02..LANM [0010] 41 4E 32 2E 31 00 02 4E 54 20 4C 4D 20 30 2E 31 AN2.1..N T LM 0.1 [0020] 32 00 02 50 4F 53 49 58 20 32 00 2..POSIX 2. [2016/07/20 22:55:36.997044, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/process.c:1490(switch_message) switch message SMBnegprot (pid 4773) conn 0x0 [2016/07/20 22:55:36.997063, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:36.997078, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:36.997093, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:36.997125, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2016/07/20 22:55:36.997825, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/negprot.c:576(reply_negprot) Requested protocol [LM1.2X002] [2016/07/20 22:55:36.997861, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/negprot.c:576(reply_negprot) Requested protocol [LANMAN2.1] [2016/07/20 22:55:36.997877, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/negprot.c:576(reply_negprot) Requested protocol [NT LM 0.12] [2016/07/20 22:55:36.997891, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/negprot.c:576(reply_negprot) Requested protocol [POSIX 2] [2016/07/20 22:55:36.997906, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util.c:1292(set_remote_arch) set_remote_arch: Client arch is 'CIFSFS' [2016/07/20 22:55:36.997950, 6, pid=4773, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:2239(lp_file_list_changed) lp_file_list_changed() file /usr/local/etc/smb4.conf -> /usr/local/etc/smb4.conf last mod_time: Wed Jul 20 22:55:16 2016 [2016/07/20 22:55:36.997990, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order) check lock order 2 for /var/lock/serverid.tdb [2016/07/20 22:55:36.998005, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2:/var/lock/serverid.tdb 3: [2016/07/20 22:55:36.998022, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key A512000000000000FFFF [2016/07/20 22:55:36.998041, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x8120b5710 [2016/07/20 22:55:36.998069, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key A512000000000000FFFF [2016/07/20 22:55:36.998086, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 2 for /var/lock/serverid.tdb [2016/07/20 22:55:36.998100, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2016/07/20 22:55:36.998133, 6, pid=4773, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:2239(lp_file_list_changed) lp_file_list_changed() file /usr/local/etc/smb4.conf -> /usr/local/etc/smb4.conf last mod_time: Wed Jul 20 22:55:16 2016 [2016/07/20 22:55:36.998196, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:491(make_auth_context_subsystem) Making default auth method list for server role = 'standalone server', encrypt passwords = yes [2016/07/20 22:55:36.998223, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:48(smb_register_auth) Attempting to register auth backend sam [2016/07/20 22:55:36.998240, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:60(smb_register_auth) Successfully added auth method 'sam' [2016/07/20 22:55:36.998256, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:48(smb_register_auth) Attempting to register auth backend sam_ignoredomain [2016/07/20 22:55:36.998270, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:60(smb_register_auth) Successfully added auth method 'sam_ignoredomain' [2016/07/20 22:55:36.998283, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:48(smb_register_auth) Attempting to register auth backend winbind [2016/07/20 22:55:36.998296, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:60(smb_register_auth) Successfully added auth method 'winbind' [2016/07/20 22:55:36.998310, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:48(smb_register_auth) Attempting to register auth backend trustdomain [2016/07/20 22:55:36.998323, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:60(smb_register_auth) Successfully added auth method 'trustdomain' [2016/07/20 22:55:36.998336, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:48(smb_register_auth) Attempting to register auth backend ntdomain [2016/07/20 22:55:36.998349, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:60(smb_register_auth) Successfully added auth method 'ntdomain' [2016/07/20 22:55:36.998362, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:48(smb_register_auth) Attempting to register auth backend guest [2016/07/20 22:55:36.998376, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:60(smb_register_auth) Successfully added auth method 'guest' [2016/07/20 22:55:36.998388, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:378(load_auth_module) load_auth_module: Attempting to find an auth method to match guest [2016/07/20 22:55:36.998403, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:403(load_auth_module) load_auth_module: auth method guest has a valid init [2016/07/20 22:55:36.998416, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:378(load_auth_module) load_auth_module: Attempting to find an auth method to match sam [2016/07/20 22:55:36.998431, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:403(load_auth_module) load_auth_module: auth method sam has a valid init [2016/07/20 22:55:36.998831, 3, pid=4773, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:907(gensec_register) GENSEC backend 'gssapi_spnego' registered [2016/07/20 22:55:36.998863, 3, pid=4773, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:907(gensec_register) GENSEC backend 'gssapi_krb5' registered [2016/07/20 22:55:36.998878, 3, pid=4773, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:907(gensec_register) GENSEC backend 'gssapi_krb5_sasl' registered [2016/07/20 22:55:36.998892, 3, pid=4773, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:907(gensec_register) GENSEC backend 'spnego' registered [2016/07/20 22:55:36.998906, 3, pid=4773, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:907(gensec_register) GENSEC backend 'schannel' registered [2016/07/20 22:55:36.998920, 3, pid=4773, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:907(gensec_register) GENSEC backend 'naclrpc_as_system' registered [2016/07/20 22:55:36.998934, 3, pid=4773, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:907(gensec_register) GENSEC backend 'sasl-EXTERNAL' registered [2016/07/20 22:55:36.998949, 3, pid=4773, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:907(gensec_register) GENSEC backend 'ntlmssp' registered [2016/07/20 22:55:36.998962, 3, pid=4773, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:907(gensec_register) GENSEC backend 'ntlmssp_resume_ccache' registered [2016/07/20 22:55:36.998976, 3, pid=4773, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:907(gensec_register) GENSEC backend 'http_basic' registered [2016/07/20 22:55:36.998990, 3, pid=4773, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:907(gensec_register) GENSEC backend 'http_ntlm' registered [2016/07/20 22:55:36.999004, 3, pid=4773, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:907(gensec_register) GENSEC backend 'krb5' registered [2016/07/20 22:55:36.999017, 3, pid=4773, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:907(gensec_register) GENSEC backend 'fake_gssapi_krb5' registered [2016/07/20 22:55:36.999053, 5, pid=4773, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:680(gensec_start_mech) Starting GENSEC mechanism spnego [2016/07/20 22:55:36.999087, 5, pid=4773, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:680(gensec_start_mech) Starting GENSEC submechanism ntlmssp [2016/07/20 22:55:36.999131, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/negprot.c:395(reply_nt1) using SPNEGO [2016/07/20 22:55:36.999147, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/negprot.c:684(reply_negprot) Selected protocol NT LM 0.12 [2016/07/20 22:55:36.999160, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/negprot.c:691(reply_negprot) negprot index=2 [2016/07/20 22:55:36.999174, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util.c:169(show_msg) [2016/07/20 22:55:36.999182, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util.c:179(show_msg) size=159 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=128 smb_flg2=51201 smb_tid=0 smb_pid=28839 smb_uid=0 smb_mid=128 smt_wct=17 smb_vwv[ 0]= 2 (0x2) smb_vwv[ 1]=12803 (0x3203) smb_vwv[ 2]= 256 (0x100) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 65 (0x41) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 256 (0x100) smb_vwv[ 7]=42240 (0xA500) smb_vwv[ 8]= 18 (0x12) smb_vwv[ 9]=64768 (0xFD00) smb_vwv[10]=33011 (0x80F3) smb_vwv[11]=51072 (0xC780) smb_vwv[12]=48739 (0xBE63) smb_vwv[13]=34306 (0x8602) smb_vwv[14]=53730 (0xD1E2) smb_vwv[15]=43009 (0xA801) smb_vwv[16]= 253 (0xFD) smb_bcc=90 [2016/07/20 22:55:36.999343, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/util.c:559(dump_data) [0000] 6E 69 67 68 74 6C 69 65 73 39 31 30 00 00 00 00 nightlie s910.... [0010] 60 48 06 06 2B 06 01 05 05 02 A0 3E 30 3C A0 0E `H..+... ...>0<.. [0020] 30 0C 06 0A 2B 06 01 04 01 82 37 02 02 0A A3 2A 0...+... ..7....* [0030] 30 28 A0 26 1B 24 6E 6F 74 5F 64 65 66 69 6E 65 0(.&.$no t_define [0040] 64 5F 69 6E 5F 52 46 43 34 31 37 38 40 70 6C 65 d_in_RFC 4178@ple [0050] 61 73 65 5F 69 67 6E 6F 72 65 ase_igno re [2016/07/20 22:55:36.999586, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util_sock.c:248(read_smb_length_return_keepalive) got smb length of 202 [2016/07/20 22:55:36.999609, 6, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/process.c:1878(process_smb) got message type 0x0 of len 0xca [2016/07/20 22:55:36.999623, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/process.c:1880(process_smb) Transaction 1 of length 206 (0 toread) [2016/07/20 22:55:36.999637, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util.c:169(show_msg) [2016/07/20 22:55:36.999645, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util.c:179(show_msg) size=202 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=55297 smb_tid=0 smb_pid=28839 smb_uid=0 smb_mid=129 smt_wct=12 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]=16468 (0x4054) smb_vwv[ 3]= 50 (0x32) smb_vwv[ 4]= 1 (0x1) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 32 (0x20) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]=53468 (0xD0DC) smb_vwv[11]=32896 (0x8080) smb_bcc=143 [2016/07/20 22:55:36.999777, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/util.c:559(dump_data) [0000] 4E 54 4C 4D 53 53 50 00 01 00 00 00 05 02 08 A0 NTLMSSP. ........ [0010] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0020] 00 4C 00 69 00 6E 00 75 00 78 00 20 00 76 00 65 .L.i.n.u .x. .v.e [0030] 00 72 00 73 00 69 00 6F 00 6E 00 20 00 33 00 2E .r.s.i.o .n. .3.. [0040] 00 31 00 36 00 2E 00 30 00 2D 00 34 00 2D 00 61 .1.6...0 .-.4.-.a [0050] 00 6D 00 64 00 36 00 34 00 00 00 43 00 49 00 46 .m.d.6.4 ...C.I.F [0060] 00 53 00 20 00 56 00 46 00 53 00 20 00 43 00 6C .S. .V.F .S. .C.l [0070] 00 69 00 65 00 6E 00 74 00 20 00 66 00 6F 00 72 .i.e.n.t . .f.o.r [0080] 00 20 00 4C 00 69 00 6E 00 75 00 78 00 00 00 . .L.i.n .u.x... [2016/07/20 22:55:36.999923, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/process.c:1490(switch_message) switch message SMBsesssetupX (pid 4773) conn 0x0 [2016/07/20 22:55:36.999939, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:36.999953, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:36.999967, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:36.999993, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2016/07/20 22:55:37.000009, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sesssetup.c:615(reply_sesssetup_and_X) wct=12 flg2=0xd801 [2016/07/20 22:55:37.000024, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sesssetup.c:144(reply_sesssetup_and_X_spnego) Doing spnego session setup [2016/07/20 22:55:37.000040, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sesssetup.c:185(reply_sesssetup_and_X_spnego) NativeOS=[Linux version 3.16.0-4-amd64] NativeLanMan=[CIFS VFS Client for Linux] PrimaryDomain=[] [2016/07/20 22:55:37.000061, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order) check lock order 1 for /var/lock/smbXsrv_session_global.tdb [2016/07/20 22:55:37.000076, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1:/var/lock/smbXsrv_session_global.tdb 2: 3: [2016/07/20 22:55:37.000092, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 20D44C76 [2016/07/20 22:55:37.000110, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x812043ea0 [2016/07/20 22:55:37.000246, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_session.c:888(smbXsrv_session_global_store) [2016/07/20 22:55:37.000259, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_session.c:890(smbXsrv_session_global_store) smbXsrv_session_global_store: key '20D44C76' stored [2016/07/20 22:55:37.000275, 1, pid=4773, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug) &global_blob: struct smbXsrv_session_globalB version : SMBXSRV_VERSION_0 (0) seqnum : 0x00000001 (1) info : union smbXsrv_session_globalU(case 0) info0 : * info0: struct smbXsrv_session_global0 db_rec : * session_global_id : 0x20d44c76 (550784118) session_wire_id : 0x000000000000b62f (46639) creation_time : Wed Jul 20 22:55:37 2016 AEST expiration_time : Thu Jan 1 10:00:00 1970 AEST auth_time : NTTIME(0) auth_session_info_seqnum : 0x00000000 (0) auth_session_info : NULL connection_dialect : 0x0000 (0) signing_required : 0x00 (0) encryption_required : 0x00 (0) num_channels : 0x00000001 (1) channels: ARRAY(1) channels: struct smbXsrv_channel_global0 server_id: struct server_id pid : 0x00000000000012a5 (4773) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xce08ff75d3a6e586 (-3600347020555524730) local_address : 'ipv4:192.168.1.100:445' remote_address : 'ipv4:192.168.1.200:53276' remote_name : 'stargate.home.gateway' auth_session_info_seqnum : 0x00000000 (0) connection : * [2016/07/20 22:55:37.000494, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 20D44C76 [2016/07/20 22:55:37.000510, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 1 for /var/lock/smbXsrv_session_global.tdb [2016/07/20 22:55:37.000524, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2016/07/20 22:55:37.000539, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_session.c:1292(smbXsrv_session_create) [2016/07/20 22:55:37.000547, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_session.c:1300(smbXsrv_session_create) smbXsrv_session_create: global_id (0x20d44c76) stored [2016/07/20 22:55:37.000561, 1, pid=4773, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug) &session_blob: struct smbXsrv_sessionB version : SMBXSRV_VERSION_0 (0) reserved : 0x00000000 (0) info : union smbXsrv_sessionU(case 0) info0 : * info0: struct smbXsrv_session table : * db_rec : NULL client : * local_id : 0x0000b62f (46639) global : * global: struct smbXsrv_session_global0 db_rec : NULL session_global_id : 0x20d44c76 (550784118) session_wire_id : 0x000000000000b62f (46639) creation_time : Wed Jul 20 22:55:37 2016 AEST expiration_time : Thu Jan 1 10:00:00 1970 AEST auth_time : NTTIME(0) auth_session_info_seqnum : 0x00000000 (0) auth_session_info : NULL connection_dialect : 0x0000 (0) signing_required : 0x00 (0) encryption_required : 0x00 (0) num_channels : 0x00000001 (1) channels: ARRAY(1) channels: struct smbXsrv_channel_global0 server_id: struct server_id pid : 0x00000000000012a5 (4773) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xce08ff75d3a6e586 (-3600347020555524730) local_address : 'ipv4:192.168.1.100:445' remote_address : 'ipv4:192.168.1.200:53276' remote_name : 'stargate.home.gateway' auth_session_info_seqnum : 0x00000000 (0) connection : * status : NT_STATUS_MORE_PROCESSING_REQUIRED idle_time : Wed Jul 20 22:55:37 2016 AEST nonce_high_random : 0x0000000000000000 (0) nonce_high_max : 0x0000000000000000 (0) nonce_high : 0x0000000000000000 (0) nonce_low : 0x0000000000000000 (0) gensec : NULL compat : NULL tcon_table : NULL preauth : NULL encryption_desired : 0x00 (0) [2016/07/20 22:55:37.000886, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:491(make_auth_context_subsystem) Making default auth method list for server role = 'standalone server', encrypt passwords = yes [2016/07/20 22:55:37.000903, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:378(load_auth_module) load_auth_module: Attempting to find an auth method to match guest [2016/07/20 22:55:37.000917, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:403(load_auth_module) load_auth_module: auth method guest has a valid init [2016/07/20 22:55:37.000931, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:378(load_auth_module) load_auth_module: Attempting to find an auth method to match sam [2016/07/20 22:55:37.000945, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:403(load_auth_module) load_auth_module: auth method sam has a valid init [2016/07/20 22:55:37.000978, 5, pid=4773, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:680(gensec_start_mech) Starting GENSEC mechanism spnego [2016/07/20 22:55:37.000995, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2016/07/20 22:55:37.001011, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2016/07/20 22:55:37.001025, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:37.001038, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.001052, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.001082, 5, pid=4773, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:680(gensec_start_mech) Starting GENSEC submechanism ntlmssp [2016/07/20 22:55:37.001108, 3, pid=4773, effective(0, 0), real(0, 0)] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags) Got NTLMSSP neg_flags=0xa0080205 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_56 [2016/07/20 22:55:37.001162, 1, pid=4773, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug) negotiate: struct NEGOTIATE_MESSAGE Signature : 'NTLMSSP' MessageType : NtLmNegotiate (1) NegotiateFlags : 0xa0080205 (2684879365) 1: NTLMSSP_NEGOTIATE_UNICODE 0: NTLMSSP_NEGOTIATE_OEM 1: NTLMSSP_REQUEST_TARGET 0: NTLMSSP_NEGOTIATE_SIGN 0: NTLMSSP_NEGOTIATE_SEAL 0: NTLMSSP_NEGOTIATE_DATAGRAM 0: NTLMSSP_NEGOTIATE_LM_KEY 0: NTLMSSP_NEGOTIATE_NETWARE 1: NTLMSSP_NEGOTIATE_NTLM 0: NTLMSSP_NEGOTIATE_NT_ONLY 0: NTLMSSP_ANONYMOUS 0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED 0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED 0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL 0: NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0: NTLMSSP_TARGET_TYPE_DOMAIN 0: NTLMSSP_TARGET_TYPE_SERVER 0: NTLMSSP_TARGET_TYPE_SHARE 1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY 0: NTLMSSP_NEGOTIATE_IDENTIFY 0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY 0: NTLMSSP_NEGOTIATE_TARGET_INFO 0: NTLMSSP_NEGOTIATE_VERSION 1: NTLMSSP_NEGOTIATE_128 0: NTLMSSP_NEGOTIATE_KEY_EXCH 1: NTLMSSP_NEGOTIATE_56 DomainNameLen : 0x0000 (0) DomainNameMaxLen : 0x0000 (0) DomainName : NULL WorkstationLen : 0x0000 (0) WorkstationMaxLen : 0x0000 (0) Workstation : NULL [2016/07/20 22:55:37.001430, 1, pid=4773, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug) challenge: struct CHALLENGE_MESSAGE Signature : 'NTLMSSP' MessageType : NtLmChallenge (0x2) TargetNameLen : 0x0018 (24) TargetNameMaxLen : 0x0018 (24) TargetName : * TargetName : 'NIGHTLIES910' NegotiateFlags : 0xa28a0205 (2726953477) 1: NTLMSSP_NEGOTIATE_UNICODE 0: NTLMSSP_NEGOTIATE_OEM 1: NTLMSSP_REQUEST_TARGET 0: NTLMSSP_NEGOTIATE_SIGN 0: NTLMSSP_NEGOTIATE_SEAL 0: NTLMSSP_NEGOTIATE_DATAGRAM 0: NTLMSSP_NEGOTIATE_LM_KEY 0: NTLMSSP_NEGOTIATE_NETWARE 1: NTLMSSP_NEGOTIATE_NTLM 0: NTLMSSP_NEGOTIATE_NT_ONLY 0: NTLMSSP_ANONYMOUS 0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED 0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED 0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL 0: NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0: NTLMSSP_TARGET_TYPE_DOMAIN 1: NTLMSSP_TARGET_TYPE_SERVER 0: NTLMSSP_TARGET_TYPE_SHARE 1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY 0: NTLMSSP_NEGOTIATE_IDENTIFY 0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY 1: NTLMSSP_NEGOTIATE_TARGET_INFO 1: NTLMSSP_NEGOTIATE_VERSION 1: NTLMSSP_NEGOTIATE_128 0: NTLMSSP_NEGOTIATE_KEY_EXCH 1: NTLMSSP_NEGOTIATE_56 ServerChallenge : abd5e2995039cac5 Reserved : 0000000000000000 TargetInfoLen : 0x009a (154) TargetInfoMaxLen : 0x009a (154) TargetInfo : * TargetInfo: struct AV_PAIR_LIST count : 0x00000006 (6) pair: ARRAY(6) pair: struct AV_PAIR AvId : MsvAvNbDomainName (0x2) AvLen : 0x0018 (24) Value : union ntlmssp_AvValue(case 0x2) AvNbDomainName : 'NIGHTLIES910' pair: struct AV_PAIR AvId : MsvAvNbComputerName (0x1) AvLen : 0x0018 (24) Value : union ntlmssp_AvValue(case 0x1) AvNbComputerName : 'NIGHTLIES910' pair: struct AV_PAIR AvId : MsvAvDnsDomainName (0x4) AvLen : 0x0018 (24) Value : union ntlmssp_AvValue(case 0x4) AvDnsDomainName : 'home.gateway' pair: struct AV_PAIR AvId : MsvAvDnsComputerName (0x3) AvLen : 0x0032 (50) Value : union ntlmssp_AvValue(case 0x3) AvDnsComputerName : 'nightlies910.home.gateway' pair: struct AV_PAIR AvId : MsvAvTimestamp (0x7) AvLen : 0x0008 (8) Value : union ntlmssp_AvValue(case 0x7) AvTimestamp : Wed Jul 20 22:55:37 2016 AEST pair: struct AV_PAIR AvId : MsvAvEOL (0x0) AvLen : 0x0000 (0) Value : union ntlmssp_AvValue(case 0x0) Version: struct ntlmssp_VERSION ProductMajorVersion : NTLMSSP_WINDOWS_MAJOR_VERSION_6 (0x6) ProductMinorVersion : NTLMSSP_WINDOWS_MINOR_VERSION_1 (0x1) ProductBuild : 0x0000 (0) Reserved : 000000 NTLMRevisionCurrent : NTLMSSP_REVISION_W2K3 (0xF) [2016/07/20 22:55:37.001956, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:37.001978, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util.c:169(show_msg) [2016/07/20 22:55:37.001987, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util.c:179(show_msg) size=360 smb_com=0x73 smb_rcls=22 smb_reh=0 smb_err=49152 smb_flg=128 smb_flg2=51203 smb_tid=0 smb_pid=28839 smb_uid=46639 smb_mid=129 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 234 (0xEA) smb_bcc=317 [2016/07/20 22:55:37.002077, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/util.c:559(dump_data) [0000] 4E 54 4C 4D 53 53 50 00 02 00 00 00 18 00 18 00 NTLMSSP. ........ [0010] 38 00 00 00 05 02 8A A2 AB D5 E2 99 50 39 CA C5 8....... ....P9.. [0020] 00 00 00 00 00 00 00 00 9A 00 9A 00 50 00 00 00 ........ ....P... [0030] 06 01 00 00 00 00 00 0F 4E 00 49 00 47 00 48 00 ........ N.I.G.H. [0040] 54 00 4C 00 49 00 45 00 53 00 39 00 31 00 30 00 T.L.I.E. S.9.1.0. [0050] 02 00 18 00 4E 00 49 00 47 00 48 00 54 00 4C 00 ....N.I. G.H.T.L. [0060] 49 00 45 00 53 00 39 00 31 00 30 00 01 00 18 00 I.E.S.9. 1.0..... [0070] 4E 00 49 00 47 00 48 00 54 00 4C 00 49 00 45 00 N.I.G.H. T.L.I.E. [0080] 53 00 39 00 31 00 30 00 04 00 18 00 68 00 6F 00 S.9.1.0. ....h.o. [0090] 6D 00 65 00 2E 00 67 00 61 00 74 00 65 00 77 00 m.e...g. a.t.e.w. [00A0] 61 00 79 00 03 00 32 00 6E 00 69 00 67 00 68 00 a.y...2. n.i.g.h. [00B0] 74 00 6C 00 69 00 65 00 73 00 39 00 31 00 30 00 t.l.i.e. s.9.1.0. [00C0] 2E 00 68 00 6F 00 6D 00 65 00 2E 00 67 00 61 00 ..h.o.m. e...g.a. [00D0] 74 00 65 00 77 00 61 00 79 00 07 00 08 00 96 D5 t.e.w.a. y....... [00E0] BE 02 86 E2 D1 01 00 00 00 00 00 57 00 69 00 6E ........ ...W.i.n [00F0] 00 64 00 6F 00 77 00 73 00 20 00 36 00 2E 00 31 .d.o.w.s . .6...1 [0100] 00 00 00 53 00 61 00 6D 00 62 00 61 00 20 00 34 ...S.a.m .b.a. .4 [0110] 00 2E 00 33 00 2E 00 31 00 30 00 2D 00 47 00 49 ...3...1 .0.-.G.I [0120] 00 54 00 2D 00 55 00 4E 00 4B 00 4E 00 4F 00 57 .T.-.U.N .K.N.O.W [0130] 00 4E 00 00 00 4F 00 4E 00 45 00 00 00 .N...O.N .E... [2016/07/20 22:55:37.002524, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util_sock.c:248(read_smb_length_return_keepalive) got smb length of 482 [2016/07/20 22:55:37.002553, 6, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/process.c:1878(process_smb) got message type 0x0 of len 0x1e2 [2016/07/20 22:55:37.002573, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/process.c:1880(process_smb) Transaction 2 of length 486 (0 toread) [2016/07/20 22:55:37.002592, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util.c:169(show_msg) [2016/07/20 22:55:37.002604, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util.c:179(show_msg) size=482 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=55297 smb_tid=0 smb_pid=28839 smb_uid=46639 smb_mid=130 smt_wct=12 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]=16468 (0x4054) smb_vwv[ 3]= 50 (0x32) smb_vwv[ 4]= 1 (0x1) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 312 (0x138) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]=53468 (0xD0DC) smb_vwv[11]=32896 (0x8080) smb_bcc=423 [2016/07/20 22:55:37.002750, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/util.c:559(dump_data) [0000] 4E 54 4C 4D 53 53 50 00 03 00 00 00 00 00 00 00 NTLMSSP. ........ [0010] 40 00 00 00 C6 00 C6 00 40 00 00 00 18 00 18 00 @....... @....... [0020] 06 01 00 00 08 00 08 00 1E 01 00 00 00 00 00 00 ........ ........ [0030] 26 01 00 00 10 00 10 00 28 01 00 00 05 02 88 A0 &....... (....... [0040] E1 6B FA EC 15 C8 90 99 92 AD 27 2C 8A E4 82 B3 .k...... ..',.... [0050] 01 01 00 00 00 00 00 00 96 D5 BE 02 86 E2 D1 01 ........ ........ [0060] 52 98 30 73 D9 37 E0 A1 00 00 00 00 02 00 18 00 R.0s.7.. ........ [0070] 4E 00 49 00 47 00 48 00 54 00 4C 00 49 00 45 00 N.I.G.H. T.L.I.E. [0080] 53 00 39 00 31 00 30 00 01 00 18 00 4E 00 49 00 S.9.1.0. ....N.I. [0090] 47 00 48 00 54 00 4C 00 49 00 45 00 53 00 39 00 G.H.T.L. I.E.S.9. [00A0] 31 00 30 00 04 00 18 00 68 00 6F 00 6D 00 65 00 1.0..... h.o.m.e. [00B0] 2E 00 67 00 61 00 74 00 65 00 77 00 61 00 79 00 ..g.a.t. e.w.a.y. [00C0] 03 00 32 00 6E 00 69 00 67 00 68 00 74 00 6C 00 ..2.n.i. g.h.t.l. [00D0] 69 00 65 00 73 00 39 00 31 00 30 00 2E 00 68 00 i.e.s.9. 1.0...h. [00E0] 6F 00 6D 00 65 00 2E 00 67 00 61 00 74 00 65 00 o.m.e... g.a.t.e. [00F0] 77 00 61 00 79 00 07 00 08 00 96 D5 BE 02 86 E2 w.a.y... ........ [0100] D1 01 00 00 00 00 4E 00 49 00 47 00 48 00 54 00 ......N. I.G.H.T. [0110] 4C 00 49 00 45 00 53 00 39 00 31 00 30 00 68 00 L.I.E.S. 9.1.0.h. [0120] 6F 00 6D 00 65 00 00 00 88 2D 80 1F A7 9D 0D 94 o.m.e... .-...... [0130] 68 F5 07 46 AF D9 5F 54 00 4C 00 69 00 6E 00 75 h..F.._T .L.i.n.u [0140] 00 78 00 20 00 76 00 65 00 72 00 73 00 69 00 6F .x. .v.e .r.s.i.o [0150] 00 6E 00 20 00 33 00 2E 00 31 00 36 00 2E 00 30 .n. .3.. .1.6...0 [0160] 00 2D 00 34 00 2D 00 61 00 6D 00 64 00 36 00 34 .-.4.-.a .m.d.6.4 [0170] 00 00 00 43 00 49 00 46 00 53 00 20 00 56 00 46 ...C.I.F .S. .V.F [0180] 00 53 00 20 00 43 00 6C 00 69 00 65 00 6E 00 74 .S. .C.l .i.e.n.t [0190] 00 20 00 66 00 6F 00 72 00 20 00 4C 00 69 00 6E . .f.o.r . .L.i.n [01A0] 00 75 00 78 00 00 00 .u.x... [2016/07/20 22:55:37.003162, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/process.c:1490(switch_message) switch message SMBsesssetupX (pid 4773) conn 0x0 [2016/07/20 22:55:37.003178, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:37.003192, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.003205, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.003234, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2016/07/20 22:55:37.003249, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sesssetup.c:615(reply_sesssetup_and_X) wct=12 flg2=0xd801 [2016/07/20 22:55:37.003263, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sesssetup.c:144(reply_sesssetup_and_X_spnego) Doing spnego session setup [2016/07/20 22:55:37.003278, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sesssetup.c:185(reply_sesssetup_and_X_spnego) NativeOS=[Linux version 3.16.0-4-amd64] NativeLanMan=[CIFS VFS Client for Linux] PrimaryDomain=[] [2016/07/20 22:55:37.003292, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2016/07/20 22:55:37.003307, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2016/07/20 22:55:37.003320, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:37.003333, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.003346, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.003405, 1, pid=4773, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug) authenticate: struct AUTHENTICATE_MESSAGE Signature : 'NTLMSSP' MessageType : NtLmAuthenticate (3) LmChallengeResponseLen : 0x0000 (0) LmChallengeResponseMaxLen: 0x0000 (0) LmChallengeResponse : * LmChallengeResponse : union ntlmssp_LM_RESPONSE(case 0) NtChallengeResponseLen : 0x00c6 (198) NtChallengeResponseMaxLen: 0x00c6 (198) NtChallengeResponse : * NtChallengeResponse : union ntlmssp_NTLM_RESPONSE(case 198) v2: struct NTLMv2_RESPONSE Response : e16bfaec15c8909992ad272c8ae482b3 Challenge: struct NTLMv2_CLIENT_CHALLENGE RespType : 0x01 (1) HiRespType : 0x01 (1) Reserved1 : 0x0000 (0) Reserved2 : 0x00000000 (0) TimeStamp : Wed Jul 20 22:55:37 2016 AEST ChallengeFromClient : 52983073d937e0a1 Reserved3 : 0x00000000 (0) AvPairs: struct AV_PAIR_LIST count : 0x00000006 (6) pair: ARRAY(6) pair: struct AV_PAIR AvId : MsvAvNbDomainName (0x2) AvLen : 0x0018 (24) Value : union ntlmssp_AvValue(case 0x2) AvNbDomainName : 'NIGHTLIES910' pair: struct AV_PAIR AvId : MsvAvNbComputerName (0x1) AvLen : 0x0018 (24) Value : union ntlmssp_AvValue(case 0x1) AvNbComputerName : 'NIGHTLIES910' pair: struct AV_PAIR AvId : MsvAvDnsDomainName (0x4) AvLen : 0x0018 (24) Value : union ntlmssp_AvValue(case 0x4) AvDnsDomainName : 'home.gateway' pair: struct AV_PAIR AvId : MsvAvDnsComputerName (0x3) AvLen : 0x0032 (50) Value : union ntlmssp_AvValue(case 0x3) AvDnsComputerName : 'nightlies910.home.gateway' pair: struct AV_PAIR AvId : MsvAvTimestamp (0x7) AvLen : 0x0008 (8) Value : union ntlmssp_AvValue(case 0x7) AvTimestamp : Wed Jul 20 22:55:37 2016 AEST pair: struct AV_PAIR AvId : MsvAvEOL (0x0) AvLen : 0x0000 (0) Value : union ntlmssp_AvValue(case 0x0) DomainNameLen : 0x0018 (24) DomainNameMaxLen : 0x0018 (24) DomainName : * DomainName : 'NIGHTLIES910' UserNameLen : 0x0008 (8) UserNameMaxLen : 0x0008 (8) UserName : * UserName : 'home' WorkstationLen : 0x0000 (0) WorkstationMaxLen : 0x0000 (0) Workstation : * Workstation : '' EncryptedRandomSessionKeyLen: 0x0010 (16) EncryptedRandomSessionKeyMaxLen: 0x0010 (16) EncryptedRandomSessionKey: * EncryptedRandomSessionKey: DATA_BLOB length=16 [0000] 88 2D 80 1F A7 9D 0D 94 68 F5 07 46 AF D9 5F 54 .-...... h..F.._T NegotiateFlags : 0xa0880205 (2693267973) 1: NTLMSSP_NEGOTIATE_UNICODE 0: NTLMSSP_NEGOTIATE_OEM 1: NTLMSSP_REQUEST_TARGET 0: NTLMSSP_NEGOTIATE_SIGN 0: NTLMSSP_NEGOTIATE_SEAL 0: NTLMSSP_NEGOTIATE_DATAGRAM 0: NTLMSSP_NEGOTIATE_LM_KEY 0: NTLMSSP_NEGOTIATE_NETWARE 1: NTLMSSP_NEGOTIATE_NTLM 0: NTLMSSP_NEGOTIATE_NT_ONLY 0: NTLMSSP_ANONYMOUS 0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED 0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED 0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL 0: NTLMSSP_NEGOTIATE_ALWAYS_SIGN 0: NTLMSSP_TARGET_TYPE_DOMAIN 0: NTLMSSP_TARGET_TYPE_SERVER 0: NTLMSSP_TARGET_TYPE_SHARE 1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY 0: NTLMSSP_NEGOTIATE_IDENTIFY 0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY 1: NTLMSSP_NEGOTIATE_TARGET_INFO 0: NTLMSSP_NEGOTIATE_VERSION 1: NTLMSSP_NEGOTIATE_128 0: NTLMSSP_NEGOTIATE_KEY_EXCH 1: NTLMSSP_NEGOTIATE_56 [2016/07/20 22:55:37.004072, 3, pid=4773, effective(0, 0), real(0, 0)] ../auth/ntlmssp/ntlmssp_server.c:452(ntlmssp_server_preauth) Got user=[home] domain=[NIGHTLIES910] workstation=[] len1=0 len2=198 [2016/07/20 22:55:37.004092, 10, pid=4773, effective(0, 0), real(0, 0)] ../auth/ntlmssp/ntlmssp_server.c:483(ntlmssp_server_preauth) [2016/07/20 22:55:37.004100, 1, pid=4773, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug) &v2_resp: struct NTLMv2_RESPONSE Response : e16bfaec15c8909992ad272c8ae482b3 Challenge: struct NTLMv2_CLIENT_CHALLENGE RespType : 0x01 (1) HiRespType : 0x01 (1) Reserved1 : 0x0000 (0) Reserved2 : 0x00000000 (0) TimeStamp : Wed Jul 20 22:55:37 2016 AEST ChallengeFromClient : 52983073d937e0a1 Reserved3 : 0x00000000 (0) AvPairs: struct AV_PAIR_LIST count : 0x00000006 (6) pair: ARRAY(6) pair: struct AV_PAIR AvId : MsvAvNbDomainName (0x2) AvLen : 0x0018 (24) Value : union ntlmssp_AvValue(case 0x2) AvNbDomainName : 'NIGHTLIES910' pair: struct AV_PAIR AvId : MsvAvNbComputerName (0x1) AvLen : 0x0018 (24) Value : union ntlmssp_AvValue(case 0x1) AvNbComputerName : 'NIGHTLIES910' pair: struct AV_PAIR AvId : MsvAvDnsDomainName (0x4) AvLen : 0x0018 (24) Value : union ntlmssp_AvValue(case 0x4) AvDnsDomainName : 'home.gateway' pair: struct AV_PAIR AvId : MsvAvDnsComputerName (0x3) AvLen : 0x0032 (50) Value : union ntlmssp_AvValue(case 0x3) AvDnsComputerName : 'nightlies910.home.gateway' pair: struct AV_PAIR AvId : MsvAvTimestamp (0x7) AvLen : 0x0008 (8) Value : union ntlmssp_AvValue(case 0x7) AvTimestamp : Wed Jul 20 22:55:37 2016 AEST pair: struct AV_PAIR AvId : MsvAvEOL (0x0) AvLen : 0x0000 (0) Value : union ntlmssp_AvValue(case 0x0) [2016/07/20 22:55:37.004383, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:3755(lp_load_ex) lp_load_ex: refreshing parameters [2016/07/20 22:55:37.004398, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1326(free_param_opts) Freeing parametrics: [2016/07/20 22:55:37.004464, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:548(init_globals) Initialising global parameters [2016/07/20 22:55:37.004554, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:2684(lp_do_section) Processing section "[global]" doing parameter server max protocol = SMB3 doing parameter encrypt passwords = yes doing parameter dns proxy = no doing parameter strict locking = no doing parameter oplocks = yes doing parameter deadtime = 15 doing parameter max log size = 51200 doing parameter max open files = 235064 doing parameter logging = file doing parameter load printers = no doing parameter printing = bsd doing parameter printcap name = /dev/null doing parameter disable spoolss = yes doing parameter getwd cache = yes doing parameter guest account = nobody doing parameter map to guest = Bad User doing parameter obey pam restrictions = yes doing parameter directory name cache size = 0 doing parameter kernel change notify = no doing parameter panic action = /usr/local/libexec/samba/samba-backtrace doing parameter nsupdate command = /usr/local/bin/samba-nsupdate -g doing parameter server string = FreeNAS Server doing parameter ea support = yes doing parameter store dos attributes = yes doing parameter lm announce = yes doing parameter hostname lookups = yes doing parameter time server = yes doing parameter acl allow execute always = true doing parameter dos filemode = yes doing parameter multicast dns register = yes doing parameter domain logons = no doing parameter local master = yes doing parameter idmap config *: backend = tdb doing parameter idmap config *: range = 90000001-100000000 doing parameter server role = standalone doing parameter netbios name = NIGHTLIES910 doing parameter workgroup = ONE doing parameter security = user doing parameter pid directory = /var/run/samba doing parameter create mask = 0666 doing parameter directory mask = 0777 doing parameter client ntlmv2 auth = yes doing parameter dos charset = CP437 doing parameter unix charset = UTF-8 doing parameter log level = 10 [2016/07/20 22:55:37.005268, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/debug.c:638(debug_dump_status) INFO: Current debug levels: all: 10 tdb: 10 printdrivers: 10 lanman: 10 smb: 10 rpc_parse: 10 rpc_srv: 10 rpc_cli: 10 passdb: 10 sam: 10 auth: 10 winbind: 10 vfs: 10 idmap: 10 quota: 10 acls: 10 locking: 10 msdfs: 10 dmapi: 10 registry: 10 scavenger: 10 dns: 10 ldb: 10 tevent: 10 [2016/07/20 22:55:37.005396, 2, pid=4773, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:2701(lp_do_section) Processing section "[Test]" [2016/07/20 22:55:37.005412, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1326(free_param_opts) Freeing parametrics: doing parameter path = /mnt/tank/Test doing parameter printable = no doing parameter veto files = /.snapshot/.windows/.mac/.zfs/ doing parameter writeable = yes doing parameter browseable = yes doing parameter vfs objects = zfs_space zfsacl aio_pthread streams_xattr doing parameter hide dot files = yes doing parameter guest ok = no doing parameter nfs4:mode = special doing parameter nfs4:acedup = merge doing parameter nfs4:chown = true doing parameter zfsacl:acesort = dontcare [2016/07/20 22:55:37.005670, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:3796(lp_load_ex) pm_process() returned Yes [2016/07/20 22:55:37.005687, 7, pid=4773, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:4112(lp_servicenumber) lp_servicenumber: couldn't find homes [2016/07/20 22:55:37.005703, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:1601(lp_add_ipc) adding IPC service [2016/07/20 22:55:37.005729, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_util.c:117(make_user_info_map) Mapping user [NIGHTLIES910]\[home] from workstation [] [2016/07/20 22:55:37.005746, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/user_info.c:62(make_user_info) attempting to make a user_info for home (home) [2016/07/20 22:55:37.005769, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/user_info.c:70(make_user_info) making strings for home's user_info struct [2016/07/20 22:55:37.005785, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/user_info.c:108(make_user_info) making blobs for home's user_info struct [2016/07/20 22:55:37.005798, 10, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/user_info.c:159(make_user_info) made a user_info for home (home) [2016/07/20 22:55:37.005811, 3, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:178(auth_check_ntlm_password) check_ntlm_password: Checking password for unmapped user [NIGHTLIES910]\[home]@[] with the new password interface [2016/07/20 22:55:37.005825, 3, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:181(auth_check_ntlm_password) check_ntlm_password: mapped user is: [NIGHTLIES910]\[home]@[] [2016/07/20 22:55:37.005838, 10, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:190(auth_check_ntlm_password) check_ntlm_password: auth_context challenge created by random [2016/07/20 22:55:37.005851, 10, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:192(auth_check_ntlm_password) challenge is: [2016/07/20 22:55:37.005863, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/util.c:559(dump_data) [0000] AB D5 E2 99 50 39 CA C5 ....P9.. [2016/07/20 22:55:37.005885, 10, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_builtin.c:41(check_guest_security) Check auth for: [home] [2016/07/20 22:55:37.005899, 10, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:233(auth_check_ntlm_password) check_ntlm_password: guest had nothing to say [2016/07/20 22:55:37.005912, 10, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_sam.c:75(auth_samstrict_auth) Check auth for: [home] [2016/07/20 22:55:37.005926, 8, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util.c:1206(is_myname) is_myname("NIGHTLIES910") returns 1 [2016/07/20 22:55:37.005942, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.005956, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2016/07/20 22:55:37.005970, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.005983, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.005995, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.006039, 10, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:570(pdb_set_username) pdb_set_username: setting username home, was [2016/07/20 22:55:37.006055, 10, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:593(pdb_set_domain) pdb_set_domain: setting domain NIGHTLIES910, was [2016/07/20 22:55:37.006069, 10, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:616(pdb_set_nt_username) pdb_set_nt_username: setting nt username , was [2016/07/20 22:55:37.006082, 10, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:639(pdb_set_fullname) pdb_set_full_name: setting full name Home, was [2016/07/20 22:55:37.006096, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/substitute.c:435(automount_server) Home server: nightlies910 [2016/07/20 22:55:37.006113, 10, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:732(pdb_set_homedir) pdb_set_homedir: setting home dir \\nightlies910\home, was [2016/07/20 22:55:37.006127, 10, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:708(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive , was NULL [2016/07/20 22:55:37.006142, 10, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:662(pdb_set_logon_script) pdb_set_logon_script: setting logon script , was [2016/07/20 22:55:37.006155, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/substitute.c:435(automount_server) Home server: nightlies910 [2016/07/20 22:55:37.006170, 10, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:685(pdb_set_profile_path) pdb_set_profile_path: setting profile path \\nightlies910\home\profile, was [2016/07/20 22:55:37.006183, 10, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:775(pdb_set_workstations) pdb_set_workstations: setting workstations , was [2016/07/20 22:55:37.006198, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2016/07/20 22:55:37.006216, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 2 [2016/07/20 22:55:37.006230, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2016/07/20 22:55:37.006242, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.006255, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.006283, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/passdb/account_pol.c:362(account_policy_get) account_policy_get: name: password history, val: 0 [2016/07/20 22:55:37.006300, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.006317, 10, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:495(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-1325960915-1817794340-1004291014-1000 [2016/07/20 22:55:37.006334, 10, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_compat.c:73(pdb_set_user_sid_from_rid) pdb_set_user_sid_from_rid: setting user sid S-1-5-21-1325960915-1817794340-1004291014-1000 from rid 1000 [2016/07/20 22:55:37.006356, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2016/07/20 22:55:37.006370, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 2 [2016/07/20 22:55:37.006383, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2016/07/20 22:55:37.006395, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.006408, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.006431, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/passdb/account_pol.c:362(account_policy_get) account_policy_get: name: maximum password age, val: -1 [2016/07/20 22:55:37.006448, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.006464, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc) Finding user home [2016/07/20 22:55:37.006477, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is home [2016/07/20 22:55:37.006527, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals) Get_Pwnam_internals did find user [home]! [2016/07/20 22:55:37.006556, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1300(gid_to_sid) gid 1000 -> sid S-1-5-21-1325960915-1817794340-1004291014-1001 [2016/07/20 22:55:37.006573, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1624(get_primary_group_sid) do lookup_sid(S-1-5-21-1325960915-1817794340-1004291014-1001) for group of user home [2016/07/20 22:55:37.006589, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1026(lookup_sid) lookup_sid called for SID 'S-1-5-21-1325960915-1817794340-1004291014-1001' [2016/07/20 22:55:37.006610, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:778(check_dom_sid_to_level) Accepting SID S-1-5-21-1325960915-1817794340-1004291014 in level 1 [2016/07/20 22:55:37.006626, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:539(lookup_rids) lookup_rids called for domain sid 'S-1-5-21-1325960915-1817794340-1004291014' [2016/07/20 22:55:37.006642, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2016/07/20 22:55:37.006687, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 2 [2016/07/20 22:55:37.006706, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2016/07/20 22:55:37.006725, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.006739, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.006763, 5, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1748(lookup_global_sam_rid) lookup_global_sam_rid: looking up RID 1001. [2016/07/20 22:55:37.006779, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 4 [2016/07/20 22:55:37.006793, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 3 [2016/07/20 22:55:37.006805, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 4 [2016/07/20 22:55:37.006818, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.006831, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.006857, 5, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_tdb.c:658(tdbsam_getsampwrid) pdb_getsampwrid (TDB): error looking up RID 1001 by key RID_000003e9. [2016/07/20 22:55:37.006884, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 3 [2016/07/20 22:55:37.006899, 5, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1883(pdb_default_lookup_rids) lookup_rids: share:4 [2016/07/20 22:55:37.006916, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.006930, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1061(lookup_sid) Sid S-1-5-21-1325960915-1817794340-1004291014-1001 -> NIGHTLIES910\share(4) [2016/07/20 22:55:37.006946, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1638(get_primary_group_sid) Primary group S-1-5-21-1325960915-1817794340-1004291014-1001 for user home is a Local Group and not a domain group [2016/07/20 22:55:37.006961, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1645(get_primary_group_sid) Forcing Primary Group to 'Domain Users' for home [2016/07/20 22:55:37.006975, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2016/07/20 22:55:37.006989, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 2 [2016/07/20 22:55:37.007001, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2016/07/20 22:55:37.007014, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.007027, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.007050, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/passdb/account_pol.c:362(account_policy_get) account_policy_get: name: password history, val: 0 [2016/07/20 22:55:37.007067, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.007086, 10, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:570(pdb_set_username) pdb_set_username: setting username home, was [2016/07/20 22:55:37.007100, 10, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:593(pdb_set_domain) pdb_set_domain: setting domain NIGHTLIES910, was [2016/07/20 22:55:37.007113, 10, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:616(pdb_set_nt_username) pdb_set_nt_username: setting nt username , was [2016/07/20 22:55:37.007126, 10, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:639(pdb_set_fullname) pdb_set_full_name: setting full name Home, was [2016/07/20 22:55:37.007140, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/substitute.c:435(automount_server) Home server: nightlies910 [2016/07/20 22:55:37.007156, 10, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:732(pdb_set_homedir) pdb_set_homedir: setting home dir \\nightlies910\home, was [2016/07/20 22:55:37.007170, 10, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:708(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive , was NULL [2016/07/20 22:55:37.007183, 10, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:662(pdb_set_logon_script) pdb_set_logon_script: setting logon script , was [2016/07/20 22:55:37.007197, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/substitute.c:435(automount_server) Home server: nightlies910 [2016/07/20 22:55:37.007216, 10, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:685(pdb_set_profile_path) pdb_set_profile_path: setting profile path \\nightlies910\home\profile, was [2016/07/20 22:55:37.007231, 10, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:775(pdb_set_workstations) pdb_set_workstations: setting workstations , was [2016/07/20 22:55:37.007245, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2016/07/20 22:55:37.007258, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 2 [2016/07/20 22:55:37.007271, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2016/07/20 22:55:37.007284, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.007297, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.007320, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/passdb/account_pol.c:362(account_policy_get) account_policy_get: name: password history, val: 0 [2016/07/20 22:55:37.007337, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.007351, 10, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:495(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-1325960915-1817794340-1004291014-1000 [2016/07/20 22:55:37.007366, 10, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_compat.c:73(pdb_set_user_sid_from_rid) pdb_set_user_sid_from_rid: setting user sid S-1-5-21-1325960915-1817794340-1004291014-1000 from rid 1000 [2016/07/20 22:55:37.007388, 10, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_get_set.c:557(pdb_set_group_sid) pdb_set_group_sid: setting group sid S-1-5-21-1325960915-1817794340-1004291014-513 [2016/07/20 22:55:37.007407, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:37.007423, 4, pid=4773, effective(0, 0), real(0, 0)] ../libcli/auth/ntlm_check.c:359(ntlm_password_check) ntlm_password_check: Checking NTLMv2 password with domain [NIGHTLIES910] [2016/07/20 22:55:37.007463, 4, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/check_samsec.c:183(sam_account_ok) sam_account_ok: Checking SMB password for user home [2016/07/20 22:55:37.007482, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/check_samsec.c:165(logon_hours_ok) logon_hours_ok: user home allowed to logon at this time (Wed Jul 20 12:55:37 2016 ) [2016/07/20 22:55:37.007501, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.007515, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2016/07/20 22:55:37.007528, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.007540, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.007553, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.007577, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/passdb/account_pol.c:362(account_policy_get) account_policy_get: name: maximum password age, val: -1 [2016/07/20 22:55:37.007595, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:37.007609, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.007623, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2016/07/20 22:55:37.007636, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.007648, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.007661, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.007682, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc) Finding user home [2016/07/20 22:55:37.007696, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is home [2016/07/20 22:55:37.007710, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals) Get_Pwnam_internals did find user [home]! [2016/07/20 22:55:37.007725, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2016/07/20 22:55:37.007739, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 2 [2016/07/20 22:55:37.007752, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2016/07/20 22:55:37.007764, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.007777, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.007800, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/passdb/account_pol.c:362(account_policy_get) account_policy_get: name: minimum password age, val: 0 [2016/07/20 22:55:37.007816, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.007830, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2016/07/20 22:55:37.007843, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 2 [2016/07/20 22:55:37.007856, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2016/07/20 22:55:37.007869, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.007881, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.007904, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/passdb/account_pol.c:362(account_policy_get) account_policy_get: name: maximum password age, val: -1 [2016/07/20 22:55:37.007920, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.007935, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc) Finding user home [2016/07/20 22:55:37.007949, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is home [2016/07/20 22:55:37.007962, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals) Get_Pwnam_internals did find user [home]! [2016/07/20 22:55:37.007976, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/system_smbd.c:176(sys_getgrouplist) sys_getgrouplist: user [home] [2016/07/20 22:55:37.008069, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1300(gid_to_sid) gid 1000 -> sid S-1-5-21-1325960915-1817794340-1004291014-1001 [2016/07/20 22:55:37.008088, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/server_info_sam.c:122(make_server_info_sam) make_server_info_sam: made server info for user home -> home [2016/07/20 22:55:37.008106, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:37.008122, 3, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:249(auth_check_ntlm_password) check_ntlm_password: sam authentication for user [home] succeeded [2016/07/20 22:55:37.008138, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.008152, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2016/07/20 22:55:37.008165, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.008178, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.008190, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.008218, 4, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/pampass.c:483(smb_pam_start) smb_pam_start: PAM: Init user: home [2016/07/20 22:55:37.010344, 4, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/pampass.c:492(smb_pam_start) smb_pam_start: PAM: setting rhost to: 192.168.1.200 [2016/07/20 22:55:37.010364, 4, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/pampass.c:501(smb_pam_start) smb_pam_start: PAM: setting tty [2016/07/20 22:55:37.010378, 4, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/pampass.c:509(smb_pam_start) smb_pam_start: PAM: Init passed for user: home [2016/07/20 22:55:37.010391, 4, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/pampass.c:567(smb_pam_account) smb_pam_account: PAM: Account Management for User: home [2016/07/20 22:55:37.010531, 4, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/pampass.c:586(smb_pam_account) smb_pam_account: PAM: Account OK for User: home [2016/07/20 22:55:37.010659, 4, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/pampass.c:465(smb_pam_end) smb_pam_end: PAM: PAM_END OK. [2016/07/20 22:55:37.010681, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:37.010695, 5, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:292(auth_check_ntlm_password) check_ntlm_password: PAM Account for user [home] succeeded [2016/07/20 22:55:37.010708, 2, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth.c:305(auth_check_ntlm_password) check_ntlm_password: authentication for user [home] -> [home] -> [home] succeeded [2016/07/20 22:55:37.010722, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/auth_ntlmssp.c:215(auth3_check_password) Got NT session key of length 16 [2016/07/20 22:55:37.010735, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/auth_ntlmssp.c:222(auth3_check_password) Got LM session key of length 8 [2016/07/20 22:55:37.010754, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:224(create_local_nt_token_from_info3) Create local NT token for home [2016/07/20 22:55:37.010780, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-21-1325960915-1817794340-1004291014-1000]: value=[1000:U] [2016/07/20 22:55:37.010795, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-21-1325960915-1817794340-1004291014-1000]: id=[1000], endptr=[:U] [2016/07/20 22:55:37.010809, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1468(sid_to_uid) sid S-1-5-21-1325960915-1817794340-1004291014-1000 -> uid 1000 [2016/07/20 22:55:37.010840, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/system_smbd.c:176(sys_getgrouplist) sys_getgrouplist: user [home] [2016/07/20 22:55:37.010926, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1300(gid_to_sid) gid 1000 -> sid S-1-5-21-1325960915-1817794340-1004291014-1001 [2016/07/20 22:55:37.010957, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.010974, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2016/07/20 22:55:37.010987, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.011000, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.011012, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.011042, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:547(finalize_local_nt_token) Failed to fetch domain sid for ONE [2016/07/20 22:55:37.011060, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:37.011078, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.011092, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2016/07/20 22:55:37.011105, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.011117, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.011130, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.011153, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:579(finalize_local_nt_token) Failed to fetch domain sid for ONE [2016/07/20 22:55:37.011170, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:37.011184, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.011197, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2016/07/20 22:55:37.011215, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.011228, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.011240, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.011298, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:37.011316, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-1325960915-1817794340-1004291014-1000] [2016/07/20 22:55:37.011335, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-1325960915-1817794340-1004291014-513] [2016/07/20 22:55:37.011353, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-1325960915-1817794340-1004291014-1001] [2016/07/20 22:55:37.011370, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:176(get_privileges_for_sids) get_privileges_for_sids: sid = S-1-1-0 Privilege set: 0x0 [2016/07/20 22:55:37.011391, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-2] [2016/07/20 22:55:37.011407, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-11] [2016/07/20 22:55:37.011425, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-21-1325960915-1817794340-1004291014-1000]: value=[1000:U] [2016/07/20 22:55:37.011439, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-21-1325960915-1817794340-1004291014-1000]: id=[1000], endptr=[:U] [2016/07/20 22:55:37.011461, 10, pid=4773, effective(0, 0), real(0, 0), class=tdb] ../source3/lib/gencache.c:323(gencache_set_data_blob) Adding cache entry with key=[IDMAP/SID2XID/S-1-5-21-1325960915-1817794340-1004291014-513] and timeout=[Thu Jan 1 10:00:00 1970 AEST] (-1469019337 seconds in the past) [2016/07/20 22:55:37.013491, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-21-1325960915-1817794340-1004291014-1001]: value=[1000:G] [2016/07/20 22:55:37.013510, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-21-1325960915-1817794340-1004291014-1001]: id=[1000], endptr=[:G] [2016/07/20 22:55:37.013532, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-1-0]: value=[90000001:G] [2016/07/20 22:55:37.013546, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-1-0]: id=[90000001], endptr=[:G] [2016/07/20 22:55:37.013564, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-2]: value=[90000002:G] [2016/07/20 22:55:37.013578, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-2]: id=[90000002], endptr=[:G] [2016/07/20 22:55:37.013596, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-11]: value=[90000003:G] [2016/07/20 22:55:37.013609, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-11]: id=[90000003], endptr=[:G] [2016/07/20 22:55:37.021732, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.021761, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2016/07/20 22:55:37.021776, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.021789, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.021802, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.021833, 5, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1748(lookup_global_sam_rid) lookup_global_sam_rid: looking up RID 513. [2016/07/20 22:55:37.021848, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2016/07/20 22:55:37.021862, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 2 [2016/07/20 22:55:37.021874, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2016/07/20 22:55:37.021887, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.021899, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.021926, 5, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_tdb.c:658(tdbsam_getsampwrid) pdb_getsampwrid (TDB): error looking up RID 513 by key RID_00000201. [2016/07/20 22:55:37.021949, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.021963, 5, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1824(lookup_global_sam_rid) Can't find a unix id for an unmapped group [2016/07/20 22:55:37.021976, 5, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1534(pdb_default_sid_to_id) SID S-1-5-21-1325960915-1817794340-1004291014-513 belongs to our domain, but there is no corresponding object in the database. [2016/07/20 22:55:37.021994, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:37.022008, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1174(legacy_sid_to_unixid) LEGACY: mapping failed for sid S-1-5-21-1325960915-1817794340-1004291014-513 [2016/07/20 22:55:37.022022, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.022035, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 1 [2016/07/20 22:55:37.022048, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.022060, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.022072, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.022093, 5, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1748(lookup_global_sam_rid) lookup_global_sam_rid: looking up RID 513. [2016/07/20 22:55:37.022107, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2016/07/20 22:55:37.022121, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 2 [2016/07/20 22:55:37.022133, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2016/07/20 22:55:37.022145, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.022157, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.022180, 5, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_tdb.c:658(tdbsam_getsampwrid) pdb_getsampwrid (TDB): error looking up RID 513 by key RID_00000201. [2016/07/20 22:55:37.022201, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2016/07/20 22:55:37.022219, 5, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1824(lookup_global_sam_rid) Can't find a unix id for an unmapped group [2016/07/20 22:55:37.022232, 5, pid=4773, effective(0, 0), real(0, 0), class=passdb] ../source3/passdb/pdb_interface.c:1534(pdb_default_sid_to_id) SID S-1-5-21-1325960915-1817794340-1004291014-513 belongs to our domain, but there is no corresponding object in the database. [2016/07/20 22:55:37.022250, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:37.022263, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1174(legacy_sid_to_unixid) LEGACY: mapping failed for sid S-1-5-21-1325960915-1817794340-1004291014-513 [2016/07/20 22:55:37.022278, 10, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_util.c:609(create_local_token) Could not convert SID S-1-5-21-1325960915-1817794340-1004291014-513 to gid, ignoring it [2016/07/20 22:55:37.022297, 10, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:63(security_token_debug) Security token SIDs (11): SID[ 0]: S-1-5-21-1325960915-1817794340-1004291014-1000 SID[ 1]: S-1-5-21-1325960915-1817794340-1004291014-513 SID[ 2]: S-1-5-21-1325960915-1817794340-1004291014-1001 SID[ 3]: S-1-1-0 SID[ 4]: S-1-5-2 SID[ 5]: S-1-5-11 SID[ 6]: S-1-22-1-1000 SID[ 7]: S-1-22-2-1000 SID[ 8]: S-1-22-2-90000001 SID[ 9]: S-1-22-2-90000002 SID[ 10]: S-1-22-2-90000003 Privileges (0x 0): Rights (0x 0): [2016/07/20 22:55:37.022389, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 1000 Primary group is 1000 and contains 4 supplementary groups Group[ 0]: 1000 Group[ 1]: 90000001 Group[ 2]: 90000002 Group[ 3]: 90000003 [2016/07/20 22:55:37.022433, 10, pid=4773, effective(0, 0), real(0, 0)] ../auth/ntlmssp/ntlmssp_server.c:858(ntlmssp_server_postauth) ntlmssp_server_auth: Using unmodified nt session key. [2016/07/20 22:55:37.022455, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:37.022473, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:224(create_local_nt_token_from_info3) Create local NT token for home [2016/07/20 22:55:37.022497, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-21-1325960915-1817794340-1004291014-1000]: value=[1000:U] [2016/07/20 22:55:37.022511, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-21-1325960915-1817794340-1004291014-1000]: id=[1000], endptr=[:U] [2016/07/20 22:55:37.022525, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1468(sid_to_uid) sid S-1-5-21-1325960915-1817794340-1004291014-1000 -> uid 1000 [2016/07/20 22:55:37.022562, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/system_smbd.c:176(sys_getgrouplist) sys_getgrouplist: user [home] [2016/07/20 22:55:37.022652, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/passdb/lookup_sid.c:1300(gid_to_sid) gid 1000 -> sid S-1-5-21-1325960915-1817794340-1004291014-1001 [2016/07/20 22:55:37.022676, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2016/07/20 22:55:37.022690, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2016/07/20 22:55:37.022703, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:37.022715, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.022728, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.022754, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:547(finalize_local_nt_token) Failed to fetch domain sid for ONE [2016/07/20 22:55:37.022770, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:37.022787, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2016/07/20 22:55:37.022800, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2016/07/20 22:55:37.022813, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:37.022825, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.022837, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.022860, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:579(finalize_local_nt_token) Failed to fetch domain sid for ONE [2016/07/20 22:55:37.022876, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:37.022890, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2016/07/20 22:55:37.022903, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2016/07/20 22:55:37.022915, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:37.022928, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.022940, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.022995, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:37.023012, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-1325960915-1817794340-1004291014-1000] [2016/07/20 22:55:37.023030, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-1325960915-1817794340-1004291014-513] [2016/07/20 22:55:37.023047, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-21-1325960915-1817794340-1004291014-1001] [2016/07/20 22:55:37.023064, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:176(get_privileges_for_sids) get_privileges_for_sids: sid = S-1-1-0 Privilege set: 0x0 [2016/07/20 22:55:37.023085, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-2] [2016/07/20 22:55:37.023100, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/privileges.c:98(get_privileges) get_privileges: No privileges assigned to SID [S-1-5-11] [2016/07/20 22:55:37.023122, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-21-1325960915-1817794340-1004291014-1000]: value=[1000:U] [2016/07/20 22:55:37.023136, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-21-1325960915-1817794340-1004291014-1000]: id=[1000], endptr=[:U] [2016/07/20 22:55:37.023153, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-21-1325960915-1817794340-1004291014-513]: value=[-1:N] [2016/07/20 22:55:37.023166, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-21-1325960915-1817794340-1004291014-513]: id=[4294967295], endptr=[:N] [2016/07/20 22:55:37.023185, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-21-1325960915-1817794340-1004291014-1001]: value=[1000:G] [2016/07/20 22:55:37.023198, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-21-1325960915-1817794340-1004291014-1001]: id=[1000], endptr=[:G] [2016/07/20 22:55:37.023220, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-1-0]: value=[90000001:G] [2016/07/20 22:55:37.023234, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-1-0]: id=[90000001], endptr=[:G] [2016/07/20 22:55:37.023253, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-2]: value=[90000002:G] [2016/07/20 22:55:37.023265, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-2]: id=[90000002], endptr=[:G] [2016/07/20 22:55:37.023283, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:56(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-11]: value=[90000003:G] [2016/07/20 22:55:37.023296, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/idmap_cache.c:75(idmap_cache_find_sid2unixid) Parsing value for key [IDMAP/SID2XID/S-1-5-11]: id=[90000003], endptr=[:G] [2016/07/20 22:55:37.023309, 10, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/auth_util.c:609(create_local_token) Could not convert SID S-1-5-21-1325960915-1817794340-1004291014-513 to gid, ignoring it [2016/07/20 22:55:37.023326, 10, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:63(security_token_debug) Security token SIDs (11): SID[ 0]: S-1-5-21-1325960915-1817794340-1004291014-1000 SID[ 1]: S-1-5-21-1325960915-1817794340-1004291014-513 SID[ 2]: S-1-5-21-1325960915-1817794340-1004291014-1001 SID[ 3]: S-1-1-0 SID[ 4]: S-1-5-2 SID[ 5]: S-1-5-11 SID[ 6]: S-1-22-1-1000 SID[ 7]: S-1-22-2-1000 SID[ 8]: S-1-22-2-90000001 SID[ 9]: S-1-22-2-90000002 SID[ 10]: S-1-22-2-90000003 Privileges (0x 0): Rights (0x 0): [2016/07/20 22:55:37.023410, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 1000 Primary group is 1000 and contains 4 supplementary groups Group[ 0]: 1000 Group[ 1]: 90000001 Group[ 2]: 90000002 Group[ 3]: 90000003 [2016/07/20 22:55:37.023454, 7, pid=4773, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:4112(lp_servicenumber) lp_servicenumber: couldn't find home [2016/07/20 22:55:37.023467, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/username.c:181(Get_Pwnam_alloc) Finding user home [2016/07/20 22:55:37.023480, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/username.c:120(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is home [2016/07/20 22:55:37.023494, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/username.c:159(Get_Pwnam_internals) Get_Pwnam_internals did find user [home]! [2016/07/20 22:55:37.023507, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/password.c:144(register_homes_share) Adding homes service for user 'home' using home directory: '/nonexistent' [2016/07/20 22:55:37.023522, 7, pid=4773, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:4112(lp_servicenumber) lp_servicenumber: couldn't find homes [2016/07/20 22:55:37.023543, 4, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/pampass.c:483(smb_pam_start) smb_pam_start: PAM: Init user: home [2016/07/20 22:55:37.025436, 4, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/pampass.c:492(smb_pam_start) smb_pam_start: PAM: setting rhost to: stargate.home.gateway [2016/07/20 22:55:37.025454, 4, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/pampass.c:501(smb_pam_start) smb_pam_start: PAM: setting tty [2016/07/20 22:55:37.025467, 4, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/pampass.c:509(smb_pam_start) smb_pam_start: PAM: Init passed for user: home [2016/07/20 22:55:37.025479, 4, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/pampass.c:646(smb_internal_pam_session) smb_internal_pam_session: PAM: tty set to: smb/550784118 [2016/07/20 22:55:37.025586, 4, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/pampass.c:465(smb_pam_end) smb_pam_end: PAM: PAM_END OK. [2016/07/20 22:55:37.025604, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order) check lock order 1 for /var/lock/smbXsrv_session_global.tdb [2016/07/20 22:55:37.025617, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1:/var/lock/smbXsrv_session_global.tdb 2: 3: [2016/07/20 22:55:37.025632, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 20D44C76 [2016/07/20 22:55:37.025649, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x8120985a0 [2016/07/20 22:55:37.025693, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_session.c:888(smbXsrv_session_global_store) [2016/07/20 22:55:37.025703, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_session.c:890(smbXsrv_session_global_store) smbXsrv_session_global_store: key '20D44C76' stored [2016/07/20 22:55:37.025736, 1, pid=4773, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug) &global_blob: struct smbXsrv_session_globalB version : SMBXSRV_VERSION_0 (0) seqnum : 0x00000002 (2) info : union smbXsrv_session_globalU(case 0) info0 : * info0: struct smbXsrv_session_global0 db_rec : * session_global_id : 0x20d44c76 (550784118) session_wire_id : 0x000000000000b62f (46639) creation_time : Wed Jul 20 22:55:37 2016 AEST expiration_time : Thu Jan 1 10:00:00 1970 AEST auth_time : Wed Jul 20 22:55:37 2016 AEST auth_session_info_seqnum : 0x00000001 (1) auth_session_info : * auth_session_info: struct auth_session_info security_token : * security_token: struct security_token num_sids : 0x0000000b (11) sids: ARRAY(11) sids : S-1-5-21-1325960915-1817794340-1004291014-1000 sids : S-1-5-21-1325960915-1817794340-1004291014-513 sids : S-1-5-21-1325960915-1817794340-1004291014-1001 sids : S-1-1-0 sids : S-1-5-2 sids : S-1-5-11 sids : S-1-22-1-1000 sids : S-1-22-2-1000 sids : S-1-22-2-90000001 sids : S-1-22-2-90000002 sids : S-1-22-2-90000003 privilege_mask : 0x0000000000000000 (0) 0: SEC_PRIV_MACHINE_ACCOUNT_BIT 0: SEC_PRIV_PRINT_OPERATOR_BIT 0: SEC_PRIV_ADD_USERS_BIT 0: SEC_PRIV_DISK_OPERATOR_BIT 0: SEC_PRIV_REMOTE_SHUTDOWN_BIT 0: SEC_PRIV_BACKUP_BIT 0: SEC_PRIV_RESTORE_BIT 0: SEC_PRIV_TAKE_OWNERSHIP_BIT 0: SEC_PRIV_INCREASE_QUOTA_BIT 0: SEC_PRIV_SECURITY_BIT 0: SEC_PRIV_LOAD_DRIVER_BIT 0: SEC_PRIV_SYSTEM_PROFILE_BIT 0: SEC_PRIV_SYSTEMTIME_BIT 0: SEC_PRIV_PROFILE_SINGLE_PROCESS_BIT 0: SEC_PRIV_INCREASE_BASE_PRIORITY_BIT 0: SEC_PRIV_CREATE_PAGEFILE_BIT 0: SEC_PRIV_SHUTDOWN_BIT 0: SEC_PRIV_DEBUG_BIT 0: SEC_PRIV_SYSTEM_ENVIRONMENT_BIT 0: SEC_PRIV_CHANGE_NOTIFY_BIT 0: SEC_PRIV_UNDOCK_BIT 0: SEC_PRIV_ENABLE_DELEGATION_BIT 0: SEC_PRIV_MANAGE_VOLUME_BIT 0: SEC_PRIV_IMPERSONATE_BIT 0: SEC_PRIV_CREATE_GLOBAL_BIT rights_mask : 0x00000000 (0) 0: LSA_POLICY_MODE_INTERACTIVE 0: LSA_POLICY_MODE_NETWORK 0: LSA_POLICY_MODE_BATCH 0: LSA_POLICY_MODE_SERVICE 0: LSA_POLICY_MODE_PROXY 0: LSA_POLICY_MODE_DENY_INTERACTIVE 0: LSA_POLICY_MODE_DENY_NETWORK 0: LSA_POLICY_MODE_DENY_BATCH 0: LSA_POLICY_MODE_DENY_SERVICE 0: LSA_POLICY_MODE_REMOTE_INTERACTIVE 0: LSA_POLICY_MODE_DENY_REMOTE_INTERACTIVE 0x00: LSA_POLICY_MODE_ALL (0) 0x00: LSA_POLICY_MODE_ALL_NT4 (0) unix_token : * unix_token: struct security_unix_token uid : 0x00000000000003e8 (1000) gid : 0x00000000000003e8 (1000) ngroups : 0x00000004 (4) groups: ARRAY(4) groups : 0x00000000000003e8 (1000) groups : 0x00000000055d4a81 (90000001) groups : 0x00000000055d4a82 (90000002) groups : 0x00000000055d4a83 (90000003) info : * info: struct auth_user_info account_name : * account_name : 'home' domain_name : * domain_name : 'NIGHTLIES910' full_name : * full_name : 'Home' logon_script : * logon_script : '' profile_path : * profile_path : '\\nightlies910\home\profile' home_directory : * home_directory : '\\nightlies910\home' home_drive : * home_drive : '' logon_server : * logon_server : 'NIGHTLIES910' last_logon : NTTIME(0) last_logoff : Tue Jan 19 14:14:07 2038 AEDT acct_expiry : Tue Jan 19 14:14:07 2038 AEDT last_password_change : Sun Jul 17 10:00:11 2016 AEST allow_password_change : Sun Jul 17 10:00:11 2016 AEST force_password_change : Tue Jan 19 14:14:07 2038 AEDT logon_count : 0x0000 (0) bad_password_count : 0x0000 (0) acct_flags : 0x00000010 (16) authenticated : 0x01 (1) unix_info : * unix_info: struct auth_user_info_unix unix_name : * unix_name : 'home' sanitized_username : * sanitized_username : 'home' torture : NULL credentials : NULL connection_dialect : 0x0000 (0) signing_required : 0x00 (0) encryption_required : 0x00 (0) num_channels : 0x00000001 (1) channels: ARRAY(1) channels: struct smbXsrv_channel_global0 server_id: struct server_id pid : 0x00000000000012a5 (4773) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xce08ff75d3a6e586 (-3600347020555524730) local_address : 'ipv4:192.168.1.100:445' remote_address : 'ipv4:192.168.1.200:53276' remote_name : 'stargate.home.gateway' auth_session_info_seqnum : 0x00000001 (1) connection : * [2016/07/20 22:55:37.026627, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 20D44C76 [2016/07/20 22:55:37.026642, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 1 for /var/lock/smbXsrv_session_global.tdb [2016/07/20 22:55:37.026655, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2016/07/20 22:55:37.026669, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_session.c:1346(smbXsrv_session_update) [2016/07/20 22:55:37.026677, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_session.c:1354(smbXsrv_session_update) smbXsrv_session_update: global_id (0x20d44c76) stored [2016/07/20 22:55:37.026690, 1, pid=4773, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug) &session_blob: struct smbXsrv_sessionB version : SMBXSRV_VERSION_0 (0) reserved : 0x00000000 (0) info : union smbXsrv_sessionU(case 0) info0 : * info0: struct smbXsrv_session table : * db_rec : NULL client : * local_id : 0x0000b62f (46639) global : * global: struct smbXsrv_session_global0 db_rec : NULL session_global_id : 0x20d44c76 (550784118) session_wire_id : 0x000000000000b62f (46639) creation_time : Wed Jul 20 22:55:37 2016 AEST expiration_time : Thu Jan 1 10:00:00 1970 AEST auth_time : Wed Jul 20 22:55:37 2016 AEST auth_session_info_seqnum : 0x00000001 (1) auth_session_info : * auth_session_info: struct auth_session_info security_token : * security_token: struct security_token num_sids : 0x0000000b (11) sids: ARRAY(11) sids : S-1-5-21-1325960915-1817794340-1004291014-1000 sids : S-1-5-21-1325960915-1817794340-1004291014-513 sids : S-1-5-21-1325960915-1817794340-1004291014-1001 sids : S-1-1-0 sids : S-1-5-2 sids : S-1-5-11 sids : S-1-22-1-1000 sids : S-1-22-2-1000 sids : S-1-22-2-90000001 sids : S-1-22-2-90000002 sids : S-1-22-2-90000003 privilege_mask : 0x0000000000000000 (0) 0: SEC_PRIV_MACHINE_ACCOUNT_BIT 0: SEC_PRIV_PRINT_OPERATOR_BIT 0: SEC_PRIV_ADD_USERS_BIT 0: SEC_PRIV_DISK_OPERATOR_BIT 0: SEC_PRIV_REMOTE_SHUTDOWN_BIT 0: SEC_PRIV_BACKUP_BIT 0: SEC_PRIV_RESTORE_BIT 0: SEC_PRIV_TAKE_OWNERSHIP_BIT 0: SEC_PRIV_INCREASE_QUOTA_BIT 0: SEC_PRIV_SECURITY_BIT 0: SEC_PRIV_LOAD_DRIVER_BIT 0: SEC_PRIV_SYSTEM_PROFILE_BIT 0: SEC_PRIV_SYSTEMTIME_BIT 0: SEC_PRIV_PROFILE_SINGLE_PROCESS_BIT 0: SEC_PRIV_INCREASE_BASE_PRIORITY_BIT 0: SEC_PRIV_CREATE_PAGEFILE_BIT 0: SEC_PRIV_SHUTDOWN_BIT 0: SEC_PRIV_DEBUG_BIT 0: SEC_PRIV_SYSTEM_ENVIRONMENT_BIT 0: SEC_PRIV_CHANGE_NOTIFY_BIT 0: SEC_PRIV_UNDOCK_BIT 0: SEC_PRIV_ENABLE_DELEGATION_BIT 0: SEC_PRIV_MANAGE_VOLUME_BIT 0: SEC_PRIV_IMPERSONATE_BIT 0: SEC_PRIV_CREATE_GLOBAL_BIT rights_mask : 0x00000000 (0) 0: LSA_POLICY_MODE_INTERACTIVE 0: LSA_POLICY_MODE_NETWORK 0: LSA_POLICY_MODE_BATCH 0: LSA_POLICY_MODE_SERVICE 0: LSA_POLICY_MODE_PROXY 0: LSA_POLICY_MODE_DENY_INTERACTIVE 0: LSA_POLICY_MODE_DENY_NETWORK 0: LSA_POLICY_MODE_DENY_BATCH 0: LSA_POLICY_MODE_DENY_SERVICE 0: LSA_POLICY_MODE_REMOTE_INTERACTIVE 0: LSA_POLICY_MODE_DENY_REMOTE_INTERACTIVE 0x00: LSA_POLICY_MODE_ALL (0) 0x00: LSA_POLICY_MODE_ALL_NT4 (0) unix_token : * unix_token: struct security_unix_token uid : 0x00000000000003e8 (1000) gid : 0x00000000000003e8 (1000) ngroups : 0x00000004 (4) groups: ARRAY(4) groups : 0x00000000000003e8 (1000) groups : 0x00000000055d4a81 (90000001) groups : 0x00000000055d4a82 (90000002) groups : 0x00000000055d4a83 (90000003) info : * info: struct auth_user_info account_name : * account_name : 'home' domain_name : * domain_name : 'NIGHTLIES910' full_name : * full_name : 'Home' logon_script : * logon_script : '' profile_path : * profile_path : '\\nightlies910\home\profile' home_directory : * home_directory : '\\nightlies910\home' home_drive : * home_drive : '' logon_server : * logon_server : 'NIGHTLIES910' last_logon : NTTIME(0) last_logoff : Tue Jan 19 14:14:07 2038 AEDT acct_expiry : Tue Jan 19 14:14:07 2038 AEDT last_password_change : Sun Jul 17 10:00:11 2016 AEST allow_password_change : Sun Jul 17 10:00:11 2016 AEST force_password_change : Tue Jan 19 14:14:07 2038 AEDT logon_count : 0x0000 (0) bad_password_count : 0x0000 (0) acct_flags : 0x00000010 (16) authenticated : 0x01 (1) unix_info : * unix_info: struct auth_user_info_unix unix_name : * unix_name : 'home' sanitized_username : * sanitized_username : 'home' torture : NULL credentials : NULL connection_dialect : 0x0000 (0) signing_required : 0x00 (0) encryption_required : 0x00 (0) num_channels : 0x00000001 (1) channels: ARRAY(1) channels: struct smbXsrv_channel_global0 server_id: struct server_id pid : 0x00000000000012a5 (4773) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xce08ff75d3a6e586 (-3600347020555524730) local_address : 'ipv4:192.168.1.100:445' remote_address : 'ipv4:192.168.1.200:53276' remote_name : 'stargate.home.gateway' auth_session_info_seqnum : 0x00000001 (1) connection : * status : NT_STATUS_OK idle_time : Wed Jul 20 22:55:37 2016 AEST nonce_high_random : 0x0000000000000000 (0) nonce_high_max : 0x0000000000000000 (0) nonce_high : 0x0000000000000000 (0) nonce_low : 0x0000000000000000 (0) gensec : * compat : * tcon_table : NULL preauth : NULL encryption_desired : 0x00 (0) [2016/07/20 22:55:37.027760, 6, pid=4773, effective(0, 0), real(0, 0)] ../source3/param/loadparm.c:2239(lp_file_list_changed) lp_file_list_changed() file /usr/local/etc/smb4.conf -> /usr/local/etc/smb4.conf last mod_time: Wed Jul 20 22:55:16 2016 [2016/07/20 22:55:37.027802, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util.c:169(show_msg) [2016/07/20 22:55:37.027811, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util.c:179(show_msg) size=126 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=128 smb_flg2=51203 smb_tid=0 smb_pid=28839 smb_uid=46639 smb_mid=130 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_bcc=83 [2016/07/20 22:55:37.027892, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/util.c:559(dump_data) [0000] 00 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 20 .W.i.n.d .o.w.s. [0010] 00 36 00 2E 00 31 00 00 00 53 00 61 00 6D 00 62 .6...1.. .S.a.m.b [0020] 00 61 00 20 00 34 00 2E 00 33 00 2E 00 31 00 30 .a. .4.. .3...1.0 [0030] 00 2D 00 47 00 49 00 54 00 2D 00 55 00 4E 00 4B .-.G.I.T .-.U.N.K [0040] 00 4E 00 4F 00 57 00 4E 00 00 00 4F 00 4E 00 45 .N.O.W.N ...O.N.E [0050] 00 00 00 ... [2016/07/20 22:55:37.028173, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util_sock.c:248(read_smb_length_return_keepalive) got smb length of 92 [2016/07/20 22:55:37.028194, 6, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/process.c:1878(process_smb) got message type 0x0 of len 0x5c [2016/07/20 22:55:37.028207, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/process.c:1880(process_smb) Transaction 3 of length 96 (0 toread) [2016/07/20 22:55:37.028224, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util.c:169(show_msg) [2016/07/20 22:55:37.028232, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util.c:179(show_msg) size=92 smb_com=0x75 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=53249 smb_tid=0 smb_pid=28839 smb_uid=46639 smb_mid=131 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 8 (0x8) smb_vwv[ 3]= 1 (0x1) smb_bcc=49 [2016/07/20 22:55:37.028313, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/util.c:559(dump_data) [0000] 00 5C 00 5C 00 31 00 39 00 32 00 2E 00 31 00 36 .\.\.1.9 .2...1.6 [0010] 00 38 00 2E 00 31 00 2E 00 31 00 30 00 30 00 5C .8...1.. .1.0.0.\ [0020] 00 54 00 65 00 73 00 74 00 00 00 3F 3F 3F 3F 3F .T.e.s.t ...????? [0030] 00 . [2016/07/20 22:55:37.028375, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/process.c:1490(switch_message) switch message SMBtconX (pid 4773) conn 0x0 [2016/07/20 22:55:37.028391, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:37.028404, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.028416, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.028439, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2016/07/20 22:55:37.028474, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/reply.c:861(reply_tcon_and_X) Client requested device type [?????] for share [Test] [2016/07/20 22:55:37.028497, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/service.c:1124(make_connection) making a connection to 'normal' service test [2016/07/20 22:55:37.028514, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order) check lock order 1 for /var/lock/smbXsrv_tcon_global.tdb [2016/07/20 22:55:37.028527, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1:/var/lock/smbXsrv_tcon_global.tdb 2: 3: [2016/07/20 22:55:37.028542, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 59EE622B [2016/07/20 22:55:37.028557, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x812043f60 [2016/07/20 22:55:37.028601, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_tcon.c:678(smbXsrv_tcon_global_store) [2016/07/20 22:55:37.028611, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_tcon.c:680(smbXsrv_tcon_global_store) smbXsrv_tcon_global_store: key '59EE622B' stored [2016/07/20 22:55:37.028625, 1, pid=4773, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug) &global_blob: struct smbXsrv_tcon_globalB version : SMBXSRV_VERSION_0 (0) seqnum : 0x00000001 (1) info : union smbXsrv_tcon_globalU(case 0) info0 : * info0: struct smbXsrv_tcon_global0 db_rec : * tcon_global_id : 0x59ee622b (1508794923) tcon_wire_id : 0x000082e5 (33509) server_id: struct server_id pid : 0x00000000000012a5 (4773) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xce08ff75d3a6e586 (-3600347020555524730) creation_time : Wed Jul 20 22:55:37 2016 AEST share_name : NULL encryption_required : 0x00 (0) session_global_id : 0x00000000 (0) [2016/07/20 22:55:37.028745, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 59EE622B [2016/07/20 22:55:37.028759, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 1 for /var/lock/smbXsrv_tcon_global.tdb [2016/07/20 22:55:37.028772, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2016/07/20 22:55:37.028785, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_tcon.c:803(smbXsrv_tcon_create) [2016/07/20 22:55:37.028793, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_tcon.c:811(smbXsrv_tcon_create) smbXsrv_tcon_create: global_id (0x59ee622b) stored [2016/07/20 22:55:37.028805, 1, pid=4773, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug) &tcon_blob: struct smbXsrv_tconB version : SMBXSRV_VERSION_0 (0) reserved : 0x00000000 (0) info : union smbXsrv_tconU(case 0) info0 : * info0: struct smbXsrv_tcon table : * db_rec : NULL local_id : 0x000082e5 (33509) global : * global: struct smbXsrv_tcon_global0 db_rec : NULL tcon_global_id : 0x59ee622b (1508794923) tcon_wire_id : 0x000082e5 (33509) server_id: struct server_id pid : 0x00000000000012a5 (4773) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xce08ff75d3a6e586 (-3600347020555524730) creation_time : Wed Jul 20 22:55:37 2016 AEST share_name : NULL encryption_required : 0x00 (0) session_global_id : 0x00000000 (0) status : NT_STATUS_INTERNAL_ERROR idle_time : Wed Jul 20 22:55:37 2016 AEST compat : NULL encryption_desired : 0x00 (0) [2016/07/20 22:55:37.028984, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/access.c:338(allow_access) Allowed connection from stargate.home.gateway (192.168.1.200) [2016/07/20 22:55:37.029002, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/share_access.c:237(user_ok_token) user_ok_token: share Test is ok for unix user home [2016/07/20 22:55:37.029052, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/service.c:164(set_conn_connectpath) set_conn_connectpath: service Test, connectpath = /mnt/tank/Test [2016/07/20 22:55:37.029068, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/service.c:622(make_connection_snum) Connect path is '/mnt/tank/Test' for service [Test] [2016/07/20 22:55:37.029082, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/share_access.c:237(user_ok_token) user_ok_token: share Test is ok for unix user home [2016/07/20 22:55:37.029095, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/share_access.c:284(is_share_read_only_for_token) is_share_read_only_for_user: share Test is read-write for unix user home [2016/07/20 22:55:37.029117, 10, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/access_check.c:337(se_file_access_check) se_file_access_check: MAX desired = 0x2000000 mapped to 0x1f01ff [2016/07/20 22:55:37.029133, 3, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:113(vfs_init_default) Initialising default vfs hooks [2016/07/20 22:55:37.029147, 10, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:64(vfs_find_backend_entry) vfs_find_backend_entry called for posixacl [2016/07/20 22:55:37.029159, 5, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:103(smb_register_vfs) Successfully added vfs backend 'posixacl' [2016/07/20 22:55:37.029172, 10, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:64(vfs_find_backend_entry) vfs_find_backend_entry called for /[Default VFS]/ [2016/07/20 22:55:37.029185, 5, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:103(smb_register_vfs) Successfully added vfs backend '/[Default VFS]/' [2016/07/20 22:55:37.029197, 3, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:139(vfs_init_custom) Initialising custom vfs hooks from [/[Default VFS]/] [2016/07/20 22:55:37.029215, 10, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:64(vfs_find_backend_entry) vfs_find_backend_entry called for /[Default VFS]/ Successfully loaded vfs module [/[Default VFS]/] with the new modules system [2016/07/20 22:55:37.029233, 3, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:139(vfs_init_custom) Initialising custom vfs hooks from [streams_xattr] [2016/07/20 22:55:37.029246, 10, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:64(vfs_find_backend_entry) vfs_find_backend_entry called for streams_xattr [2016/07/20 22:55:37.029258, 5, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:179(vfs_init_custom) vfs module [streams_xattr] not loaded - trying to load... [2016/07/20 22:55:37.029270, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/modules.c:171(do_smb_load_module) Loading module 'streams_xattr' [2016/07/20 22:55:37.029283, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/modules.c:185(do_smb_load_module) Loading module 'streams_xattr': Trying to load from /usr/local/lib/shared-modules/vfs/streams_xattr.so [2016/07/20 22:55:37.029419, 2, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/modules.c:196(do_smb_load_module) Module 'streams_xattr' loaded [2016/07/20 22:55:37.029435, 10, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:64(vfs_find_backend_entry) vfs_find_backend_entry called for streams_xattr [2016/07/20 22:55:37.029448, 5, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:103(smb_register_vfs) Successfully added vfs backend 'streams_xattr' [2016/07/20 22:55:37.029461, 10, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:64(vfs_find_backend_entry) vfs_find_backend_entry called for streams_xattr Successfully loaded vfs module [streams_xattr] with the new modules system [2016/07/20 22:55:37.029479, 3, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:139(vfs_init_custom) Initialising custom vfs hooks from [aio_pthread] [2016/07/20 22:55:37.029492, 10, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:64(vfs_find_backend_entry) vfs_find_backend_entry called for aio_pthread [2016/07/20 22:55:37.029504, 5, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:179(vfs_init_custom) vfs module [aio_pthread] not loaded - trying to load... [2016/07/20 22:55:37.029516, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/modules.c:171(do_smb_load_module) Loading module 'aio_pthread' [2016/07/20 22:55:37.029529, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/modules.c:185(do_smb_load_module) Loading module 'aio_pthread': Trying to load from /usr/local/lib/shared-modules/vfs/aio_pthread.so [2016/07/20 22:55:37.029614, 2, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/modules.c:196(do_smb_load_module) Module 'aio_pthread' loaded [2016/07/20 22:55:37.029630, 10, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:64(vfs_find_backend_entry) vfs_find_backend_entry called for aio_pthread [2016/07/20 22:55:37.029643, 5, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:103(smb_register_vfs) Successfully added vfs backend 'aio_pthread' [2016/07/20 22:55:37.029656, 10, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:64(vfs_find_backend_entry) vfs_find_backend_entry called for aio_pthread Successfully loaded vfs module [aio_pthread] with the new modules system [2016/07/20 22:55:37.029674, 3, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:139(vfs_init_custom) Initialising custom vfs hooks from [zfsacl] [2016/07/20 22:55:37.029687, 10, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:64(vfs_find_backend_entry) vfs_find_backend_entry called for zfsacl [2016/07/20 22:55:37.029699, 5, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:179(vfs_init_custom) vfs module [zfsacl] not loaded - trying to load... [2016/07/20 22:55:37.029712, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/modules.c:171(do_smb_load_module) Loading module 'zfsacl' [2016/07/20 22:55:37.029725, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/modules.c:185(do_smb_load_module) Loading module 'zfsacl': Trying to load from /usr/local/lib/shared-modules/vfs/zfsacl.so [2016/07/20 22:55:37.029976, 2, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/modules.c:196(do_smb_load_module) Module 'zfsacl' loaded [2016/07/20 22:55:37.029993, 10, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:64(vfs_find_backend_entry) vfs_find_backend_entry called for zfsacl [2016/07/20 22:55:37.030007, 5, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:103(smb_register_vfs) Successfully added vfs backend 'zfsacl' [2016/07/20 22:55:37.030020, 10, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:64(vfs_find_backend_entry) vfs_find_backend_entry called for zfsacl Successfully loaded vfs module [zfsacl] with the new modules system [2016/07/20 22:55:37.030038, 3, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:139(vfs_init_custom) Initialising custom vfs hooks from [zfs_space] [2016/07/20 22:55:37.030051, 10, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:64(vfs_find_backend_entry) vfs_find_backend_entry called for zfs_space [2016/07/20 22:55:37.030063, 5, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:179(vfs_init_custom) vfs module [zfs_space] not loaded - trying to load... [2016/07/20 22:55:37.030075, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/modules.c:171(do_smb_load_module) Loading module 'zfs_space' [2016/07/20 22:55:37.030089, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/modules.c:185(do_smb_load_module) Loading module 'zfs_space': Trying to load from /usr/local/lib/shared-modules/vfs/zfs_space.so [2016/07/20 22:55:37.036277, 2, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/modules.c:196(do_smb_load_module) Module 'zfs_space' loaded [2016/07/20 22:55:37.036296, 10, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:64(vfs_find_backend_entry) vfs_find_backend_entry called for zfs_space [2016/07/20 22:55:37.036310, 5, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:103(smb_register_vfs) Successfully added vfs backend 'zfs_space' [2016/07/20 22:55:37.036323, 10, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:64(vfs_find_backend_entry) vfs_find_backend_entry called for zfs_space Successfully loaded vfs module [zfs_space] with the new modules system [2016/07/20 22:55:37.036347, 10, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/modules/vfs_streams_xattr.c:919(streams_xattr_connect) streams_xattr using stream prefix: user.DosStream. [2016/07/20 22:55:37.036379, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:446(messaging_register) Registering messaging pointer for type 784 - private_data=0x8120b43e0 [2016/07/20 22:55:37.036395, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:446(messaging_register) Registering messaging pointer for type 793 - private_data=0x81209f660 [2016/07/20 22:55:37.036459, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/service.c:164(set_conn_connectpath) set_conn_connectpath: service Test, connectpath = /mnt/tank/Test [2016/07/20 22:55:37.036477, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/share_access.c:237(user_ok_token) user_ok_token: share Test is ok for unix user home [2016/07/20 22:55:37.036491, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/share_access.c:284(is_share_read_only_for_token) is_share_read_only_for_user: share Test is read-write for unix user home [2016/07/20 22:55:37.036509, 10, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/access_check.c:337(se_file_access_check) se_file_access_check: MAX desired = 0x2000000 mapped to 0x1f01ff [2016/07/20 22:55:37.036557, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (1000, 1000) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:37.036573, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:63(security_token_debug) Security token SIDs (11): SID[ 0]: S-1-5-21-1325960915-1817794340-1004291014-1000 SID[ 1]: S-1-5-21-1325960915-1817794340-1004291014-513 SID[ 2]: S-1-5-21-1325960915-1817794340-1004291014-1001 SID[ 3]: S-1-1-0 SID[ 4]: S-1-5-2 SID[ 5]: S-1-5-11 SID[ 6]: S-1-22-1-1000 SID[ 7]: S-1-22-2-1000 SID[ 8]: S-1-22-2-90000001 SID[ 9]: S-1-22-2-90000002 SID[ 10]: S-1-22-2-90000003 Privileges (0x 0): Rights (0x 0): [2016/07/20 22:55:37.036657, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 1000 Primary group is 1000 and contains 4 supplementary groups Group[ 0]: 1000 Group[ 1]: 90000001 Group[ 2]: 90000002 Group[ 3]: 90000003 [2016/07/20 22:55:37.036700, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/uid.c:363(change_to_user_internal) Impersonated user: uid=(0,1000), gid=(0,1000) [2016/07/20 22:55:37.036715, 4, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:37.036727, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.036740, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.036762, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2016/07/20 22:55:37.036786, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/service.c:164(set_conn_connectpath) set_conn_connectpath: service Test, connectpath = /mnt/tank/Test [2016/07/20 22:55:37.036820, 10, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/modules/vfs_default.c:166(vfswrap_fs_capabilities) vfswrap_fs_capabilities: timestamp resolution of sec available on share Test, directory /mnt/tank/Test [2016/07/20 22:55:37.036836, 2, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/service.c:872(make_connection_snum) (ipv4:192.168.1.200:53276) connect to service Test initially as user home (uid=1000, gid=1000) (pid 4773) [2016/07/20 22:55:37.036857, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order) check lock order 1 for /var/lock/smbXsrv_tcon_global.tdb [2016/07/20 22:55:37.036869, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1:/var/lock/smbXsrv_tcon_global.tdb 2: 3: [2016/07/20 22:55:37.036884, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 59EE622B [2016/07/20 22:55:37.036899, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x81208cb60 [2016/07/20 22:55:37.036916, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_tcon.c:678(smbXsrv_tcon_global_store) [2016/07/20 22:55:37.036925, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_tcon.c:680(smbXsrv_tcon_global_store) smbXsrv_tcon_global_store: key '59EE622B' stored [2016/07/20 22:55:37.036951, 1, pid=4773, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug) &global_blob: struct smbXsrv_tcon_globalB version : SMBXSRV_VERSION_0 (0) seqnum : 0x00000002 (2) info : union smbXsrv_tcon_globalU(case 0) info0 : * info0: struct smbXsrv_tcon_global0 db_rec : * tcon_global_id : 0x59ee622b (1508794923) tcon_wire_id : 0x000082e5 (33509) server_id: struct server_id pid : 0x00000000000012a5 (4773) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xce08ff75d3a6e586 (-3600347020555524730) creation_time : Wed Jul 20 22:55:37 2016 AEST share_name : 'Test' encryption_required : 0x00 (0) session_global_id : 0x20d44c76 (550784118) [2016/07/20 22:55:37.037125, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 59EE622B [2016/07/20 22:55:37.037139, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 1 for /var/lock/smbXsrv_tcon_global.tdb [2016/07/20 22:55:37.037151, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2016/07/20 22:55:37.037165, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_tcon.c:856(smbXsrv_tcon_update) [2016/07/20 22:55:37.037173, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/smbXsrv_tcon.c:864(smbXsrv_tcon_update) smbXsrv_tcon_update: global_id (0x59ee622b) stored [2016/07/20 22:55:37.037185, 1, pid=4773, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug) &tcon_blob: struct smbXsrv_tconB version : SMBXSRV_VERSION_0 (0) reserved : 0x00000000 (0) info : union smbXsrv_tconU(case 0) info0 : * info0: struct smbXsrv_tcon table : * db_rec : NULL local_id : 0x000082e5 (33509) global : * global: struct smbXsrv_tcon_global0 db_rec : NULL tcon_global_id : 0x59ee622b (1508794923) tcon_wire_id : 0x000082e5 (33509) server_id: struct server_id pid : 0x00000000000012a5 (4773) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xce08ff75d3a6e586 (-3600347020555524730) creation_time : Wed Jul 20 22:55:37 2016 AEST share_name : 'Test' encryption_required : 0x00 (0) session_global_id : 0x20d44c76 (550784118) status : NT_STATUS_OK idle_time : Wed Jul 20 22:55:37 2016 AEST compat : * encryption_desired : 0x00 (0) [2016/07/20 22:55:37.037360, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/reply.c:1028(reply_tcon_and_X) tconX service=Test [2016/07/20 22:55:37.037374, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util.c:169(show_msg) [2016/07/20 22:55:37.037381, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util.c:179(show_msg) size=62 smb_com=0x75 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=128 smb_flg2=51203 smb_tid=33509 smb_pid=28839 smb_uid=46639 smb_mid=131 smt_wct=7 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 1 (0x1) smb_vwv[ 3]= 511 (0x1FF) smb_vwv[ 4]= 31 (0x1F) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_bcc=13 [2016/07/20 22:55:37.037477, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/util.c:559(dump_data) [0000] 41 3A 00 4E 00 54 00 46 00 53 00 00 00 A:.N.T.F .S... [2016/07/20 22:55:37.037583, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util_sock.c:248(read_smb_length_return_keepalive) got smb length of 68 [2016/07/20 22:55:37.037602, 6, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/process.c:1878(process_smb) got message type 0x0 of len 0x44 [2016/07/20 22:55:37.037615, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/process.c:1880(process_smb) Transaction 4 of length 72 (0 toread) [2016/07/20 22:55:37.037628, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util.c:169(show_msg) [2016/07/20 22:55:37.037636, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/util.c:179(show_msg) size=68 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=49153 smb_tid=33509 smb_pid=28839 smb_uid=46639 smb_mid=132 smt_wct=15 smb_vwv[ 0]= 2 (0x2) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 2 (0x2) smb_vwv[ 3]= 100 (0x64) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 2 (0x2) smb_vwv[10]= 66 (0x42) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 3 (0x3) smb_bcc=3 [2016/07/20 22:55:37.037768, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/util/util.c:559(dump_data) [0000] 00 00 02 ... [2016/07/20 22:55:37.037789, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/process.c:1490(switch_message) switch message SMBtrans2 (pid 4773) conn 0x81209fc60 [2016/07/20 22:55:37.037804, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (1000, 1000) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:37.037818, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:63(security_token_debug) Security token SIDs (11): SID[ 0]: S-1-5-21-1325960915-1817794340-1004291014-1000 SID[ 1]: S-1-5-21-1325960915-1817794340-1004291014-513 SID[ 2]: S-1-5-21-1325960915-1817794340-1004291014-1001 SID[ 3]: S-1-1-0 SID[ 4]: S-1-5-2 SID[ 5]: S-1-5-11 SID[ 6]: S-1-22-1-1000 SID[ 7]: S-1-22-2-1000 SID[ 8]: S-1-22-2-90000001 SID[ 9]: S-1-22-2-90000002 SID[ 10]: S-1-22-2-90000003 Privileges (0x 0): Rights (0x 0): [2016/07/20 22:55:37.037901, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 1000 Primary group is 1000 and contains 4 supplementary groups Group[ 0]: 1000 Group[ 1]: 90000001 Group[ 2]: 90000002 Group[ 3]: 90000003 [2016/07/20 22:55:37.037942, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/uid.c:363(change_to_user_internal) Impersonated user: uid=(0,1000), gid=(0,1000) [2016/07/20 22:55:37.037957, 4, pid=4773, effective(1000, 1000), real(0, 0), class=vfs] ../source3/smbd/vfs.c:844(vfs_ChDir) vfs_ChDir to /mnt/tank/Test [2016/07/20 22:55:37.038016, 4, pid=4773, effective(1000, 1000), real(0, 0), class=vfs] ../source3/smbd/vfs.c:855(vfs_ChDir) vfs_ChDir got /mnt/tank/Test [2016/07/20 22:55:37.038033, 3, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/trans2.c:3987(call_trans2qfsinfo) call_trans2qfsinfo: level = 512 [2016/07/20 22:55:37.038048, 3, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/trans2.c:3289(smbd_do_qfsinfo) smbd_do_qfsinfo: level = 512 [2016/07/20 22:55:37.038070, 9, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/trans2.c:1050(send_trans2_replies) t2_rep: params_sent_thistime = 0, data_sent_thistime = 12, useable_space = 16408 [2016/07/20 22:55:37.038084, 9, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/trans2.c:1052(send_trans2_replies) t2_rep: params_to_send = 0, data_to_send = 12, paramsize = 0, datasize = 12 [2016/07/20 22:55:37.038096, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/lib/util.c:169(show_msg) [2016/07/20 22:55:37.038104, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/lib/util.c:179(show_msg) size=68 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=128 smb_flg2=51203 smb_tid=33509 smb_pid=28839 smb_uid=46639 smb_mid=132 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 12 (0xC) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 12 (0xC) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=13 [2016/07/20 22:55:37.038217, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/util/util.c:559(dump_data) [0000] 00 01 00 00 00 7B 01 00 00 00 00 00 00 .....{.. ..... [2016/07/20 22:55:37.038248, 4, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/trans2.c:4005(call_trans2qfsinfo) SMBtrans2 info_level = 512 [2016/07/20 22:55:37.038351, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/lib/util_sock.c:248(read_smb_length_return_keepalive) got smb length of 82 [2016/07/20 22:55:37.038380, 6, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/process.c:1878(process_smb) got message type 0x0 of len 0x52 [2016/07/20 22:55:37.038395, 3, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/process.c:1880(process_smb) Transaction 5 of length 86 (0 toread) [2016/07/20 22:55:37.038421, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/lib/util.c:169(show_msg) [2016/07/20 22:55:37.038429, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/lib/util.c:179(show_msg) size=82 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=49153 smb_tid=33509 smb_pid=28839 smb_uid=46639 smb_mid=133 smt_wct=15 smb_vwv[ 0]= 4 (0x4) smb_vwv[ 1]= 12 (0xC) smb_vwv[ 2]= 4 (0x4) smb_vwv[ 3]= 100 (0x64) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 4 (0x4) smb_vwv[10]= 66 (0x42) smb_vwv[11]= 12 (0xC) smb_vwv[12]= 70 (0x46) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 4 (0x4) smb_bcc=17 [2016/07/20 22:55:37.038565, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/util/util.c:559(dump_data) [0000] 00 00 00 00 02 01 00 00 00 5B 01 00 00 00 00 00 ........ .[...... [0010] 00 . [2016/07/20 22:55:37.038601, 3, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/process.c:1490(switch_message) switch message SMBtrans2 (pid 4773) conn 0x81209fc60 [2016/07/20 22:55:37.038616, 4, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/uid.c:384(change_to_user) Skipping user change - already user [2016/07/20 22:55:37.038630, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/trans2.c:4026(call_trans2setfsinfo) call_trans2setfsinfo: for service [Test] [2016/07/20 22:55:37.038646, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/trans2.c:4092(call_trans2setfsinfo) call_trans2setfsinfo: set unix_info info. major = 1, minor = 0 cap_low = 0x15b, cap_high = 0x0nsize=55 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=128 smb_flg2=51203 smb_tid=33509 smb_pid=28839 smb_uid=46639 smb_mid=133 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=0 [2016/07/20 22:55:37.038764, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/util/util.c:559(dump_data) [2016/07/20 22:55:37.038874, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/lib/util_sock.c:248(read_smb_length_return_keepalive) got smb length of 98 [2016/07/20 22:55:37.038895, 6, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/process.c:1878(process_smb) got message type 0x0 of len 0x62 [2016/07/20 22:55:37.038908, 3, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/process.c:1880(process_smb) Transaction 6 of length 102 (0 toread) [2016/07/20 22:55:37.038934, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/lib/util.c:169(show_msg) [2016/07/20 22:55:37.038942, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/lib/util.c:179(show_msg) size=98 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=49153 smb_tid=33509 smb_pid=28839 smb_uid=46639 smb_mid=134 smt_wct=15 smb_vwv[ 0]= 32 (0x20) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 2 (0x2) smb_vwv[ 3]= 4000 (0xFA0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 32 (0x20) smb_vwv[10]= 66 (0x42) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 5 (0x5) smb_bcc=33 [2016/07/20 22:55:37.039077, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/util/util.c:559(dump_data) [0000] 00 00 02 00 00 00 00 2F 00 6F 00 70 00 65 00 6E ......./ .o.p.e.n [0010] 00 76 00 70 00 6E 00 2E 00 7A 00 69 00 70 00 00 .v.p.n.. .z.i.p.. [0020] 00 . [2016/07/20 22:55:37.039127, 3, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/process.c:1490(switch_message) switch message SMBtrans2 (pid 4773) conn 0x81209fc60 [2016/07/20 22:55:37.039141, 4, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/uid.c:384(change_to_user) Skipping user change - already user [2016/07/20 22:55:37.039155, 3, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/trans2.c:5634(call_trans2qfilepathinfo) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 512 [2016/07/20 22:55:37.039174, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/filename.c:257(unix_convert) unix_convert called on file "openvpn.zip" [2016/07/20 22:55:37.039187, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/filename.c:449(unix_convert) unix_convert begin: name = openvpn.zip, dirpath = , start = openvpn.zip [2016/07/20 22:55:37.039209, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/filename.c:472(unix_convert) conversion of base_name finished openvpn.zip -> openvpn.zip [2016/07/20 22:55:37.039227, 8, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/lib/util.c:999(is_in_path) is_in_path: openvpn.zip [2016/07/20 22:55:37.039240, 8, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/lib/util.c:1023(is_in_path) is_in_path: match not found [2016/07/20 22:55:37.039253, 10, pid=4773, effective(1000, 1000), real(0, 0), class=vfs] ../source3/smbd/vfs.c:1160(check_reduced_name) check_reduced_name [openvpn.zip] [/mnt/tank/Test] [2016/07/20 22:55:37.039280, 10, pid=4773, effective(1000, 1000), real(0, 0), class=vfs] ../source3/smbd/vfs.c:1220(check_reduced_name) check_reduced_name realpath [openvpn.zip] -> [/mnt/tank/Test/openvpn.zip] [2016/07/20 22:55:37.039295, 5, pid=4773, effective(1000, 1000), real(0, 0), class=vfs] ../source3/smbd/vfs.c:1307(check_reduced_name) openvpn.zip reduced to /mnt/tank/Test/openvpn.zip [2016/07/20 22:55:37.039312, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/files.c:745(file_name_hash) file_name_hash: /mnt/tank/Test/openvpn.zip hash 0xfb9ea73e [2016/07/20 22:55:37.039332, 3, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/trans2.c:5777(call_trans2qfilepathinfo) call_trans2qfilepathinfo openvpn.zip (fnum [fsp is NULL]) level=512 call=5 total_data=0 [2016/07/20 22:55:37.039348, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/trans2.c:4705(smbd_do_qfilepathinfo) smbd_do_qfilepathinfo: openvpn.zip (fnum [fsp is NULL]) level=512 max_data=4000 [2016/07/20 22:55:37.039362, 8, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/dosmode.c:583(dos_mode) dos_mode: openvpn.zip [2016/07/20 22:55:37.039413, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/dosmode.c:303(get_ea_dos_attribute) get_ea_dos_attribute: openvpn.zip attr = 0x20 [2016/07/20 22:55:37.039429, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/dosmode.c:345(get_ea_dos_attribute) get_ea_dos_attribute: file openvpn.zip case 3 set btime Sun Jul 17 10:24:57 2016 [2016/07/20 22:55:37.039449, 8, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/dosmode.c:361(get_ea_dos_attribute) get_ea_dos_attribute returning (0x20)a [2016/07/20 22:55:37.039463, 8, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/dosmode.c:36(dos_mode_debug_print) dos_mode returning a [2016/07/20 22:55:37.039482, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/trans2.c:4345(store_file_unix_basic) store_file_unix_basic: SMB_QUERY_FILE_UNIX_BASIC [2016/07/20 22:55:37.039495, 4, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/trans2.c:4346(store_file_unix_basic) store_file_unix_basic: st_mode=100775 [2016/07/20 22:55:37.039509, 4, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/trans2.c:5266(smbd_do_qfilepathinfo) smbd_do_qfilepathinfo: SMB_QUERY_FILE_UNIX_BASIC [2016/07/20 22:55:37.039521, 4, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/util/util.c:559(dump_data) [0000] B8 32 00 00 00 00 00 00 00 20 00 00 00 00 00 00 .2...... . ...... [0010] 09 75 87 AD 85 E2 D1 01 A9 79 55 C8 85 E2 D1 01 .u...... .yU..... [0020] 8A C0 98 34 7B D7 D1 01 E8 03 00 00 00 00 00 00 ...4{... ........ [0030] E8 03 00 00 00 00 00 00 00 00 00 00 7C 00 00 00 ........ ....|... [0040] 00 00 00 00 33 00 81 42 00 00 00 00 0A 00 00 00 ....3..B ........ [0050] 00 00 00 00 FD 01 00 00 00 00 00 00 01 00 00 00 ........ ........ [0060] 00 00 00 00 .... [2016/07/20 22:55:37.039629, 9, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/trans2.c:1050(send_trans2_replies) t2_rep: params_sent_thistime = 2, data_sent_thistime = 100, useable_space = 16406 [2016/07/20 22:55:37.039642, 9, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/trans2.c:1052(send_trans2_replies) t2_rep: params_to_send = 2, data_to_send = 100, paramsize = 2, datasize = 100 [2016/07/20 22:55:37.039655, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/lib/util.c:169(show_msg) [2016/07/20 22:55:37.039662, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/lib/util.c:179(show_msg) size=160 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=128 smb_flg2=51203 smb_tid=33509 smb_pid=28839 smb_uid=46639 smb_mid=134 smt_wct=10 smb_vwv[ 0]= 2 (0x2) smb_vwv[ 1]= 100 (0x64) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 2 (0x2) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 100 (0x64) smb_vwv[ 7]= 60 (0x3C) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=105 [2016/07/20 22:55:37.039774, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/util/util.c:559(dump_data) [0000] 00 00 00 00 00 B8 32 00 00 00 00 00 00 00 20 00 ......2. ...... . [0010] 00 00 00 00 00 09 75 87 AD 85 E2 D1 01 A9 79 55 ......u. ......yU [0020] C8 85 E2 D1 01 8A C0 98 34 7B D7 D1 01 E8 03 00 ........ 4{...... [0030] 00 00 00 00 00 E8 03 00 00 00 00 00 00 00 00 00 ........ ........ [0040] 00 7C 00 00 00 00 00 00 00 33 00 81 42 00 00 00 .|...... .3..B... [0050] 00 0A 00 00 00 00 00 00 00 FD 01 00 00 00 00 00 ........ ........ [0060] 00 01 00 00 00 00 00 00 00 ........ . [2016/07/20 22:55:37.040026, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/lib/util_sock.c:248(read_smb_length_return_keepalive) got smb length of 102 [2016/07/20 22:55:37.040047, 6, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/process.c:1878(process_smb) got message type 0x0 of len 0x66 [2016/07/20 22:55:37.040089, 3, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/process.c:1880(process_smb) Transaction 7 of length 106 (0 toread) [2016/07/20 22:55:37.040103, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/lib/util.c:169(show_msg) [2016/07/20 22:55:37.040110, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/lib/util.c:179(show_msg) size=102 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=49153 smb_tid=33509 smb_pid=28839 smb_uid=46639 smb_mid=135 smt_wct=15 smb_vwv[ 0]= 32 (0x20) smb_vwv[ 1]= 2 (0x2) smb_vwv[ 2]= 2 (0x2) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 32 (0x20) smb_vwv[10]= 68 (0x44) smb_vwv[11]= 2 (0x2) smb_vwv[12]= 100 (0x64) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 6 (0x6) smb_bcc=37 [2016/07/20 22:55:37.040251, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/util/util.c:559(dump_data) [0000] 00 00 00 0A 02 00 00 00 00 2F 00 6F 00 70 00 65 ........ ./.o.p.e [0010] 00 6E 00 76 00 70 00 6E 00 2E 00 7A 00 69 00 70 .n.v.p.n ...z.i.p [0020] 00 00 00 00 00 ..... [2016/07/20 22:55:37.040302, 3, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/process.c:1490(switch_message) switch message SMBtrans2 (pid 4773) conn 0x81209fc60 [2016/07/20 22:55:37.040316, 4, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/uid.c:384(change_to_user) Skipping user change - already user [2016/07/20 22:55:37.040332, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/filename.c:257(unix_convert) unix_convert called on file "openvpn.zip" [2016/07/20 22:55:37.040346, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/filename.c:449(unix_convert) unix_convert begin: name = openvpn.zip, dirpath = , start = openvpn.zip [2016/07/20 22:55:37.040363, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/filename.c:472(unix_convert) conversion of base_name finished openvpn.zip -> openvpn.zip [2016/07/20 22:55:37.040377, 8, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/lib/util.c:999(is_in_path) is_in_path: openvpn.zip [2016/07/20 22:55:37.040390, 8, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/lib/util.c:1023(is_in_path) is_in_path: match not found [2016/07/20 22:55:37.040402, 10, pid=4773, effective(1000, 1000), real(0, 0), class=vfs] ../source3/smbd/vfs.c:1160(check_reduced_name) check_reduced_name [openvpn.zip] [/mnt/tank/Test] [2016/07/20 22:55:37.040423, 10, pid=4773, effective(1000, 1000), real(0, 0), class=vfs] ../source3/smbd/vfs.c:1220(check_reduced_name) check_reduced_name realpath [openvpn.zip] -> [/mnt/tank/Test/openvpn.zip] [2016/07/20 22:55:37.040437, 5, pid=4773, effective(1000, 1000), real(0, 0), class=vfs] ../source3/smbd/vfs.c:1307(check_reduced_name) openvpn.zip reduced to /mnt/tank/Test/openvpn.zip [2016/07/20 22:55:37.040452, 3, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/trans2.c:8573(call_trans2setfilepathinfo) call_trans2setfilepathinfo(6) openvpn.zip (fnum [fsp is NULL]) info_level=522 totdata=2 [2016/07/20 22:55:37.040467, 3, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/trans2.c:8150(smbd_do_setfilepathinfo) smbd_do_setfilepathinfo: openvpn.zip (fnum [fsp is NULL]) info_level=522 totdata=2 [2016/07/20 22:55:37.040481, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/trans2.c:8037(smb_posix_unlink) smb_posix_unlink: file openvpn.zip [2016/07/20 22:55:37.040496, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/open.c:4984(create_file_default) create_file: access_mask = 0x10000 file_attributes = 0x10001ff, share_access = 0x7, create_disposition = 0x1 create_options = 0x0 oplock_request = 0x0 private_flags = 0x0 root_dir_fid = 0x0, ea_list = 0x0x0, sd = 0x0x0, fname = openvpn.zip [2016/07/20 22:55:37.040511, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/open.c:4460(create_file_unixpath) create_file_unixpath: access_mask = 0x10000 file_attributes = 0x10001ff, share_access = 0x7, create_disposition = 0x1 create_options = 0x0 oplock_request = 0x0 private_flags = 0x0 ea_list = 0x0x0, sd = 0x0x0, fname = openvpn.zip [2016/07/20 22:55:37.040531, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order) check lock order 1 for /var/lock/smbXsrv_open_global.tdb [2016/07/20 22:55:37.040544, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1:/var/lock/smbXsrv_open_global.tdb 2: 3: [2016/07/20 22:55:37.040559, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 0E9E984E [2016/07/20 22:55:37.040581, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x812043f60 [2016/07/20 22:55:37.040597, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/smbXsrv_open.c:587(smbXsrv_open_global_verify_record) smbXsrv_open_global_verify_record: empty value [2016/07/20 22:55:37.040648, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/smbXsrv_open.c:706(smbXsrv_open_global_store) smbXsrv_open_global_store: key '0E9E984E' stored [2016/07/20 22:55:37.040665, 1, pid=4773, effective(1000, 1000), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug) &global_blob: struct smbXsrv_open_globalB version : SMBXSRV_VERSION_0 (0) seqnum : 0x00000001 (1) info : union smbXsrv_open_globalU(case 0) info0 : * info0: struct smbXsrv_open_global0 db_rec : * server_id: struct server_id pid : 0x00000000000012a5 (4773) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xce08ff75d3a6e586 (-3600347020555524730) open_global_id : 0x0e9e984e (245274702) open_persistent_id : 0x000000000e9e984e (245274702) open_volatile_id : 0x0000000000000fe4 (4068) open_owner : S-1-5-21-1325960915-1817794340-1004291014-1000 open_time : Wed Jul 20 22:55:37 2016 AEST create_guid : 00000000-0000-0000-0000-000000000000 client_guid : 00000000-0000-0000-0000-000000000000 app_instance_id : 00000000-0000-0000-0000-000000000000 disconnect_time : NTTIME(0) durable_timeout_msec : 0x00000000 (0) durable : 0x00 (0) backend_cookie : DATA_BLOB length=0 [2016/07/20 22:55:37.040826, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 0E9E984E [2016/07/20 22:55:37.040840, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 1 for /var/lock/smbXsrv_open_global.tdb [2016/07/20 22:55:37.040853, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2016/07/20 22:55:37.040867, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/smbXsrv_open.c:880(smbXsrv_open_create) smbXsrv_open_create: global_id (0x0e9e984e) stored [2016/07/20 22:55:37.040880, 1, pid=4773, effective(1000, 1000), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug) &open_blob: struct smbXsrv_openB version : SMBXSRV_VERSION_0 (0) reserved : 0x00000000 (0) info : union smbXsrv_openU(case 0) info0 : * info0: struct smbXsrv_open table : * db_rec : NULL local_id : 0x00000fe4 (4068) global : * global: struct smbXsrv_open_global0 db_rec : NULL server_id: struct server_id pid : 0x00000000000012a5 (4773) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xce08ff75d3a6e586 (-3600347020555524730) open_global_id : 0x0e9e984e (245274702) open_persistent_id : 0x000000000e9e984e (245274702) open_volatile_id : 0x0000000000000fe4 (4068) open_owner : S-1-5-21-1325960915-1817794340-1004291014-1000 open_time : Wed Jul 20 22:55:37 2016 AEST create_guid : 00000000-0000-0000-0000-000000000000 client_guid : 00000000-0000-0000-0000-000000000000 app_instance_id : 00000000-0000-0000-0000-000000000000 disconnect_time : NTTIME(0) durable_timeout_msec : 0x00000000 (0) durable : 0x00 (0) backend_cookie : DATA_BLOB length=0 status : NT_STATUS_OK idle_time : Wed Jul 20 22:55:37 2016 AEST compat : NULL [2016/07/20 22:55:37.041091, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/files.c:128(file_new) allocated file structure fnum 4068 (1 used) [2016/07/20 22:55:37.041110, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/files.c:745(file_name_hash) file_name_hash: /mnt/tank/Test/openvpn.zip hash 0xfb9ea73e [2016/07/20 22:55:37.041126, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/open.c:2479(open_file_ntcreate) open_file_ntcreate: fname=openvpn.zip, dos_attrs=0x0 access_mask=0x10000 share_access=0x7 create_disposition = 0x1 create_options=0x0 unix mode=0777 oplock_request=0 private_flags = 0x0 [2016/07/20 22:55:37.041142, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/open.c:2637(open_file_ntcreate) open_file_ntcreate: fname=openvpn.zip, after mapping access_mask=0x10000 [2016/07/20 22:55:37.041156, 4, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/open.c:2727(open_file_ntcreate) calling open_file with flags=0x0 flags2=0x0 mode=0777, access_mask = 0x10000, open_access_mask = 0x10000 [2016/07/20 22:55:37.041252, 10, pid=4773, effective(1000, 1000), real(0, 0), class=acls] ../source3/modules/nfs4_acls.c:619(smb_get_nt_acl_nfs4) smb_get_nt_acl_nfs4 invoked for openvpn.zip [2016/07/20 22:55:37.041277, 10, pid=4773, effective(1000, 1000), real(0, 0), class=acls] ../source3/modules/nfs4_acls.c:118(smbacl4_get_vfs_params) mode:special, do_chown:true, acedup: merge map full control:true [2016/07/20 22:55:37.041302, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/passdb/lookup_sid.c:1251(uid_to_sid) uid 1000 -> sid S-1-5-21-1325960915-1817794340-1004291014-1000 [2016/07/20 22:55:37.041323, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/passdb/lookup_sid.c:1300(gid_to_sid) gid 1000 -> sid S-1-5-21-1325960915-1817794340-1004291014-1001 [2016/07/20 22:55:37.041338, 10, pid=4773, effective(1000, 1000), real(0, 0), class=acls] ../source3/modules/nfs4_acls.c:362(smbacl4_nfs42win) smbacl4_nfs42win entered [2016/07/20 22:55:37.041351, 10, pid=4773, effective(1000, 1000), real(0, 0), class=acls] ../source3/modules/nfs4_acls.c:389(smbacl4_nfs42win) magic: 0x76f8a967, type: 0, iflags: 2, flags: 1000, mask: 1f01ff, who: 1 [2016/07/20 22:55:37.041364, 10, pid=4773, effective(1000, 1000), real(0, 0), class=acls] ../source3/modules/nfs4_acls.c:417(smbacl4_nfs42win) mapped 1 to S-1-5-21-1325960915-1817794340-1004291014-1000 [2016/07/20 22:55:37.041378, 10, pid=4773, effective(1000, 1000), real(0, 0), class=acls] ../source3/modules/nfs4_acls.c:450(smbacl4_nfs42win) Windows mapped ace flags: 0x1000 => 0x0 [2016/07/20 22:55:37.041391, 10, pid=4773, effective(1000, 1000), real(0, 0), class=acls] ../source3/modules/nfs4_acls.c:503(smbacl4_nfs42win) Map normal sid [2016/07/20 22:55:37.041404, 10, pid=4773, effective(1000, 1000), real(0, 0), class=acls] ../source3/modules/nfs4_acls.c:389(smbacl4_nfs42win) magic: 0x76f8a967, type: 0, iflags: 2, flags: 2040, mask: 1f01ff, who: 2 [2016/07/20 22:55:37.041417, 10, pid=4773, effective(1000, 1000), real(0, 0), class=acls] ../source3/modules/nfs4_acls.c:417(smbacl4_nfs42win) mapped 2 to S-1-5-21-1325960915-1817794340-1004291014-1001 [2016/07/20 22:55:37.041431, 10, pid=4773, effective(1000, 1000), real(0, 0), class=acls] ../source3/modules/nfs4_acls.c:450(smbacl4_nfs42win) Windows mapped ace flags: 0x2040 => 0x0 [2016/07/20 22:55:37.041443, 10, pid=4773, effective(1000, 1000), real(0, 0), class=acls] ../source3/modules/nfs4_acls.c:503(smbacl4_nfs42win) Map normal sid [2016/07/20 22:55:37.041455, 10, pid=4773, effective(1000, 1000), real(0, 0), class=acls] ../source3/modules/nfs4_acls.c:389(smbacl4_nfs42win) magic: 0x76f8a967, type: 0, iflags: 2, flags: 4000, mask: 200a9, who: 3 [2016/07/20 22:55:37.041468, 10, pid=4773, effective(1000, 1000), real(0, 0), class=acls] ../source3/modules/nfs4_acls.c:417(smbacl4_nfs42win) mapped 3 to S-1-1-0 [2016/07/20 22:55:37.041481, 10, pid=4773, effective(1000, 1000), real(0, 0), class=acls] ../source3/modules/nfs4_acls.c:450(smbacl4_nfs42win) Windows mapped ace flags: 0x4000 => 0x0 [2016/07/20 22:55:37.041494, 10, pid=4773, effective(1000, 1000), real(0, 0), class=acls] ../source3/modules/nfs4_acls.c:503(smbacl4_nfs42win) Map normal sid [2016/07/20 22:55:37.041506, 10, pid=4773, effective(1000, 1000), real(0, 0), class=acls] ../source3/modules/nfs4_acls.c:565(smb_get_nt_acl_nfs4_common) after make sec_acl [2016/07/20 22:55:37.041520, 10, pid=4773, effective(1000, 1000), real(0, 0), class=acls] ../source3/modules/nfs4_acls.c:579(smb_get_nt_acl_nfs4_common) smb_get_nt_acl_nfs4_common successfully exited with sd_size 176 [2016/07/20 22:55:37.041534, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/open.c:174(smbd_check_access_rights) smbd_check_access_rights: file openvpn.zip requesting 0x10000 returning 0x10000 (NT_STATUS_OK) [2016/07/20 22:55:37.041548, 2, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/open.c:1005(open_file) home opened file openvpn.zip read=No write=No (numopen=1) [2016/07/20 22:55:37.041563, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order) check lock order 1 for /var/lock/locking.tdb [2016/07/20 22:55:37.041576, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1:/var/lock/locking.tdb 2: 3: [2016/07/20 22:55:37.041592, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 337C8142000000000A00 [2016/07/20 22:55:37.041606, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x8120f6a90 [2016/07/20 22:55:37.041633, 10, pid=4773, effective(1000, 1000), real(0, 0), class=locking] ../source3/locking/brlock.c:2048(brl_get_locks_readonly) seqnum=0, fsp->brlock_seqnum=0 [2016/07/20 22:55:37.041656, 5, pid=4773, effective(1000, 1000), real(0, 0), class=locking] ../source3/smbd/oplock.c:86(set_file_oplock) set_file_oplock: granted oplock on file openvpn.zip, 42817c33:a:0/1001593770, tv_sec = 578f74c9, tv_usec = 9e4f [2016/07/20 22:55:37.041672, 10, pid=4773, effective(1000, 1000), real(0, 0), class=locking] ../source3/locking/brlock.c:2048(brl_get_locks_readonly) seqnum=0, fsp->brlock_seqnum=0 [2016/07/20 22:55:37.041685, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/open.c:1874(grant_fsp_oplock_type) grant_fsp_oplock_type: oplock type 0x0 on file openvpn.zip [2016/07/20 22:55:37.041699, 10, pid=4773, effective(1000, 1000), real(0, 0), class=locking] ../source3/locking/share_mode_lock.c:358(unparse_share_modes) unparse_share_modes: [2016/07/20 22:55:37.041712, 1, pid=4773, effective(1000, 1000), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug) d: struct share_mode_data sequence_number : 0x9135bbd520f225a5 (-7983268240389167707) servicepath : * servicepath : '/mnt/tank/Test' base_name : * base_name : 'openvpn.zip' stream_name : NULL num_share_modes : 0x00000001 (1) share_modes: ARRAY(1) share_modes: struct share_mode_entry pid: struct server_id pid : 0x00000000000012a5 (4773) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xce08ff75d3a6e586 (-3600347020555524730) op_mid : 0x0000000000000087 (135) op_type : 0x0000 (0) lease_idx : 0xffffffff (4294967295) access_mask : 0x00010080 (65664) share_access : 0x00000007 (7) private_options : 0x00000000 (0) time : Wed Jul 20 22:55:37 2016 AEST.40527 id: struct file_id devid : 0x0000000042817c33 (1115782195) inode : 0x000000000000000a (10) extid : 0x0000000000000000 (0) share_file_id : 0x000000003bb31baa (1001593770) uid : 0x000003e8 (1000) flags : 0x0001 (1) name_hash : 0xfb9ea73e (4221478718) stale : 0x00 (0) lease : NULL num_leases : 0x00000000 (0) leases: ARRAY(0) num_delete_tokens : 0x00000000 (0) delete_tokens: ARRAY(0) old_write_time : Wed Jul 6 21:40:33 2016 AEST.383028200 changed_write_time : Thu Jan 1 10:00:00 1970 AEST.0 fresh : 0x01 (1) modified : 0x01 (1) record : * id: struct file_id devid : 0x0000000042817c33 (1115782195) inode : 0x000000000000000a (10) extid : 0x0000000000000000 (0) [2016/07/20 22:55:37.042006, 10, pid=4773, effective(1000, 1000), real(0, 0), class=locking] ../source3/locking/share_mode_lock.c:147(share_mode_memcache_delete) deleting entry for file openvpn.zip seq 0x10463475833320383909 key 42817c33:a:0 [2016/07/20 22:55:37.042076, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 337C8142000000000A00 [2016/07/20 22:55:37.042092, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 1 for /var/lock/locking.tdb [2016/07/20 22:55:37.042106, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2016/07/20 22:55:37.042120, 10, pid=4773, effective(1000, 1000), real(0, 0), class=locking] ../source3/locking/share_mode_lock.c:161(share_mode_memcache_store) stored entry for file openvpn.zip seq 0x10463475833320383910 key 42817c33:a:0 [2016/07/20 22:55:37.042135, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/open.c:4793(create_file_unixpath) create_file_unixpath: info=1 [2016/07/20 22:55:37.042148, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/open.c:5072(create_file_default) create_file: info=1 [2016/07/20 22:55:37.042162, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order) check lock order 1 for /var/lock/locking.tdb [2016/07/20 22:55:37.042175, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1:/var/lock/locking.tdb 2: 3: [2016/07/20 22:55:37.042190, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 337C8142000000000A00 [2016/07/20 22:55:37.042204, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x8120ed860 [2016/07/20 22:55:37.042224, 10, pid=4773, effective(1000, 1000), real(0, 0), class=locking] ../source3/locking/share_mode_lock.c:275(share_mode_memcache_fetch) fetched entry for file openvpn.zip seq 0x10463475833320383910 key 42817c33:a:0 [2016/07/20 22:55:37.042239, 8, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/dosmode.c:583(dos_mode) dos_mode: openvpn.zip [2016/07/20 22:55:37.042277, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/dosmode.c:303(get_ea_dos_attribute) get_ea_dos_attribute: openvpn.zip attr = 0x20 [2016/07/20 22:55:37.042292, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/dosmode.c:345(get_ea_dos_attribute) get_ea_dos_attribute: file openvpn.zip case 3 set btime Sun Jul 17 10:24:57 2016 [2016/07/20 22:55:37.042312, 8, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/dosmode.c:361(get_ea_dos_attribute) get_ea_dos_attribute returning (0x20)a [2016/07/20 22:55:37.042325, 8, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/dosmode.c:36(dos_mode_debug_print) dos_mode returning a [2016/07/20 22:55:37.042338, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/trans2.c:6333(smb_set_file_disposition_info) smb_set_file_disposition_info: file openvpn.zip, dosmode = 32, delete_on_close = 1 [2016/07/20 22:55:37.042351, 10, pid=4773, effective(1000, 1000), real(0, 0), class=locking] ../source3/locking/locking.c:1193(set_delete_on_close) set_delete_on_close: Adding delete on close flag for fnum 4068, file openvpn.zip [2016/07/20 22:55:37.042371, 4, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(1000, 1000) : sec_ctx_stack_ndx = 1 [2016/07/20 22:55:37.042386, 4, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(46639) : conn_ctx_stack_ndx = 0 [2016/07/20 22:55:37.042399, 4, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:37.042412, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.042424, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.042451, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/messages_dgm.c:284(messaging_dgm_send) messaging_dgm_send: Sending message to 4773 [2016/07/20 22:55:37.042494, 4, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (1000, 1000) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:37.042509, 10, pid=4773, effective(1000, 1000), real(0, 0), class=locking] ../source3/locking/share_mode_lock.c:358(unparse_share_modes) unparse_share_modes: [2016/07/20 22:55:37.042522, 1, pid=4773, effective(1000, 1000), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug) d: struct share_mode_data sequence_number : 0x9135bbd520f225a6 (-7983268240389167706) servicepath : * servicepath : '/mnt/tank/Test' base_name : * base_name : 'openvpn.zip' stream_name : NULL num_share_modes : 0x00000001 (1) share_modes: ARRAY(1) share_modes: struct share_mode_entry pid: struct server_id pid : 0x00000000000012a5 (4773) task_id : 0x00000000 (0) vnn : 0xffffffff (4294967295) unique_id : 0xce08ff75d3a6e586 (-3600347020555524730) op_mid : 0x0000000000000087 (135) op_type : 0x0000 (0) lease_idx : 0xffffffff (4294967295) access_mask : 0x00010080 (65664) share_access : 0x00000007 (7) private_options : 0x00000000 (0) time : Wed Jul 20 22:55:37 2016 AEST.40527 id: struct file_id devid : 0x0000000042817c33 (1115782195) inode : 0x000000000000000a (10) extid : 0x0000000000000000 (0) share_file_id : 0x000000003bb31baa (1001593770) uid : 0x000003e8 (1000) flags : 0x0001 (1) name_hash : 0xfb9ea73e (4221478718) stale : 0x00 (0) lease : NULL num_leases : 0x00000000 (0) leases: ARRAY(0) num_delete_tokens : 0x00000001 (1) delete_tokens: ARRAY(1) delete_tokens: struct delete_token name_hash : 0xfb9ea73e (4221478718) delete_nt_token : * delete_nt_token: struct security_token num_sids : 0x0000000b (11) sids: ARRAY(11) sids : S-1-5-21-1325960915-1817794340-1004291014-1000 sids : S-1-5-21-1325960915-1817794340-1004291014-513 sids : S-1-5-21-1325960915-1817794340-1004291014-1001 sids : S-1-1-0 sids : S-1-5-2 sids : S-1-5-11 sids : S-1-22-1-1000 sids : S-1-22-2-1000 sids : S-1-22-2-90000001 sids : S-1-22-2-90000002 sids : S-1-22-2-90000003 privilege_mask : 0x0000000000000000 (0) 0: SEC_PRIV_MACHINE_ACCOUNT_BIT 0: SEC_PRIV_PRINT_OPERATOR_BIT 0: SEC_PRIV_ADD_USERS_BIT 0: SEC_PRIV_DISK_OPERATOR_BIT 0: SEC_PRIV_REMOTE_SHUTDOWN_BIT 0: SEC_PRIV_BACKUP_BIT 0: SEC_PRIV_RESTORE_BIT 0: SEC_PRIV_TAKE_OWNERSHIP_BIT 0: SEC_PRIV_INCREASE_QUOTA_BIT 0: SEC_PRIV_SECURITY_BIT 0: SEC_PRIV_LOAD_DRIVER_BIT 0: SEC_PRIV_SYSTEM_PROFILE_BIT 0: SEC_PRIV_SYSTEMTIME_BIT 0: SEC_PRIV_PROFILE_SINGLE_PROCESS_BIT 0: SEC_PRIV_INCREASE_BASE_PRIORITY_BIT 0: SEC_PRIV_CREATE_PAGEFILE_BIT 0: SEC_PRIV_SHUTDOWN_BIT 0: SEC_PRIV_DEBUG_BIT 0: SEC_PRIV_SYSTEM_ENVIRONMENT_BIT 0: SEC_PRIV_CHANGE_NOTIFY_BIT 0: SEC_PRIV_UNDOCK_BIT 0: SEC_PRIV_ENABLE_DELEGATION_BIT 0: SEC_PRIV_MANAGE_VOLUME_BIT 0: SEC_PRIV_IMPERSONATE_BIT 0: SEC_PRIV_CREATE_GLOBAL_BIT rights_mask : 0x00000000 (0) 0: LSA_POLICY_MODE_INTERACTIVE 0: LSA_POLICY_MODE_NETWORK 0: LSA_POLICY_MODE_BATCH 0: LSA_POLICY_MODE_SERVICE 0: LSA_POLICY_MODE_PROXY 0: LSA_POLICY_MODE_DENY_INTERACTIVE 0: LSA_POLICY_MODE_DENY_NETWORK 0: LSA_POLICY_MODE_DENY_BATCH 0: LSA_POLICY_MODE_DENY_SERVICE 0: LSA_POLICY_MODE_REMOTE_INTERACTIVE 0: LSA_POLICY_MODE_DENY_REMOTE_INTERACTIVE 0x00: LSA_POLICY_MODE_ALL (0) 0x00: LSA_POLICY_MODE_ALL_NT4 (0) delete_token : * delete_token: struct security_unix_token uid : 0x00000000000003e8 (1000) gid : 0x00000000000003e8 (1000) ngroups : 0x00000004 (4) groups: ARRAY(4) groups : 0x00000000000003e8 (1000) groups : 0x00000000055d4a81 (90000001) groups : 0x00000000055d4a82 (90000002) groups : 0x00000000055d4a83 (90000003) old_write_time : Wed Jul 6 21:40:33 2016 AEST.383028200 changed_write_time : Thu Jan 1 10:00:00 1970 AEST.0 fresh : 0x00 (0) modified : 0x01 (1) record : * id: struct file_id devid : 0x0000000042817c33 (1115782195) inode : 0x000000000000000a (10) extid : 0x0000000000000000 (0) [2016/07/20 22:55:37.043255, 10, pid=4773, effective(1000, 1000), real(0, 0), class=locking] ../source3/locking/share_mode_lock.c:147(share_mode_memcache_delete) deleting entry for file openvpn.zip seq 0x10463475833320383910 key 42817c33:a:0 [2016/07/20 22:55:37.043289, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 337C8142000000000A00 [2016/07/20 22:55:37.043304, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 1 for /var/lock/locking.tdb [2016/07/20 22:55:37.043317, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2016/07/20 22:55:37.043331, 10, pid=4773, effective(1000, 1000), real(0, 0), class=locking] ../source3/locking/share_mode_lock.c:161(share_mode_memcache_store) stored entry for file openvpn.zip seq 0x10463475833320383911 key 42817c33:a:0 [2016/07/20 22:55:37.043348, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order) check lock order 1 for /var/lock/locking.tdb [2016/07/20 22:55:37.043361, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1:/var/lock/locking.tdb 2: 3: [2016/07/20 22:55:37.043376, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 337C8142000000000A00 [2016/07/20 22:55:37.043390, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x8120a9ce0 [2016/07/20 22:55:37.043405, 10, pid=4773, effective(1000, 1000), real(0, 0), class=locking] ../source3/locking/share_mode_lock.c:275(share_mode_memcache_fetch) fetched entry for file openvpn.zip seq 0x10463475833320383911 key 42817c33:a:0 [2016/07/20 22:55:37.043419, 10, pid=4773, effective(1000, 1000), real(0, 0), class=locking] ../source3/locking/locking.c:1225(find_delete_on_close_token) find_delete_on_close_token: name_hash = 0xfb9ea73e [2016/07/20 22:55:37.043432, 10, pid=4773, effective(1000, 1000), real(0, 0), class=locking] ../source3/locking/locking.c:1231(find_delete_on_close_token) find__delete_on_close_token: dt->name_hash = 0xfb9ea73e [2016/07/20 22:55:37.043445, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/close.c:363(close_remove_share_mode) close_remove_share_mode: file openvpn.zip. Delete on close was set - deleting file. [2016/07/20 22:55:37.043458, 10, pid=4773, effective(1000, 1000), real(0, 0), class=locking] ../source3/locking/locking.c:1225(find_delete_on_close_token) find_delete_on_close_token: name_hash = 0xfb9ea73e [2016/07/20 22:55:37.043471, 10, pid=4773, effective(1000, 1000), real(0, 0), class=locking] ../source3/locking/locking.c:1231(find_delete_on_close_token) find__delete_on_close_token: dt->name_hash = 0xfb9ea73e [2016/07/20 22:55:37.043516, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/trans2.c:301(get_ea_names_from_file) get_ea_names_from_file: ea_namelist size = 52 [2016/07/20 22:55:37.043550, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/trans2.c:210(get_ea_value) get_ea_value: EA user.DosStream.Zone.Identifier:$DATA is of length 27 [2016/07/20 22:55:37.043564, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/util/util.c:559(dump_data) [0000] 5B 5A 6F 6E 65 54 72 61 6E 73 66 65 72 5D 0D 0A [ZoneTra nsfer].. [0010] 5A 6F 6E 65 49 64 3D 33 0D 0A 00 ZoneId=3 ... [2016/07/20 22:55:37.043606, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/close.c:188(delete_all_streams) delete_all_streams found 2 streams [2016/07/20 22:55:37.043622, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/close.c:218(delete_all_streams) Could not delete stream openvpn.zip:Zone.Identifier:$DATA: No such file or directory [2016/07/20 22:55:37.043639, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/close.c:434(close_remove_share_mode) delete_all_streams failed: NT_STATUS_OBJECT_NAME_NOT_FOUND [2016/07/20 22:55:37.043654, 10, pid=4773, effective(1000, 1000), real(0, 0), class=locking] ../source3/locking/share_mode_lock.c:358(unparse_share_modes) unparse_share_modes: [2016/07/20 22:55:37.043666, 1, pid=4773, effective(1000, 1000), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug) d: struct share_mode_data sequence_number : 0x9135bbd520f225a7 (-7983268240389167705) servicepath : * servicepath : '/mnt/tank/Test' base_name : * base_name : 'openvpn.zip' stream_name : NULL num_share_modes : 0x00000000 (0) share_modes: ARRAY(0) num_leases : 0x00000000 (0) leases: ARRAY(0) num_delete_tokens : 0x00000001 (1) delete_tokens: ARRAY(1) delete_tokens: struct delete_token name_hash : 0xfb9ea73e (4221478718) delete_nt_token : * delete_nt_token: struct security_token num_sids : 0x0000000b (11) sids: ARRAY(11) sids : S-1-5-21-1325960915-1817794340-1004291014-1000 sids : S-1-5-21-1325960915-1817794340-1004291014-513 sids : S-1-5-21-1325960915-1817794340-1004291014-1001 sids : S-1-1-0 sids : S-1-5-2 sids : S-1-5-11 sids : S-1-22-1-1000 sids : S-1-22-2-1000 sids : S-1-22-2-90000001 sids : S-1-22-2-90000002 sids : S-1-22-2-90000003 privilege_mask : 0x0000000000000000 (0) 0: SEC_PRIV_MACHINE_ACCOUNT_BIT 0: SEC_PRIV_PRINT_OPERATOR_BIT 0: SEC_PRIV_ADD_USERS_BIT 0: SEC_PRIV_DISK_OPERATOR_BIT 0: SEC_PRIV_REMOTE_SHUTDOWN_BIT 0: SEC_PRIV_BACKUP_BIT 0: SEC_PRIV_RESTORE_BIT 0: SEC_PRIV_TAKE_OWNERSHIP_BIT 0: SEC_PRIV_INCREASE_QUOTA_BIT 0: SEC_PRIV_SECURITY_BIT 0: SEC_PRIV_LOAD_DRIVER_BIT 0: SEC_PRIV_SYSTEM_PROFILE_BIT 0: SEC_PRIV_SYSTEMTIME_BIT 0: SEC_PRIV_PROFILE_SINGLE_PROCESS_BIT 0: SEC_PRIV_INCREASE_BASE_PRIORITY_BIT 0: SEC_PRIV_CREATE_PAGEFILE_BIT 0: SEC_PRIV_SHUTDOWN_BIT 0: SEC_PRIV_DEBUG_BIT 0: SEC_PRIV_SYSTEM_ENVIRONMENT_BIT 0: SEC_PRIV_CHANGE_NOTIFY_BIT 0: SEC_PRIV_UNDOCK_BIT 0: SEC_PRIV_ENABLE_DELEGATION_BIT 0: SEC_PRIV_MANAGE_VOLUME_BIT 0: SEC_PRIV_IMPERSONATE_BIT 0: SEC_PRIV_CREATE_GLOBAL_BIT rights_mask : 0x00000000 (0) 0: LSA_POLICY_MODE_INTERACTIVE 0: LSA_POLICY_MODE_NETWORK 0: LSA_POLICY_MODE_BATCH 0: LSA_POLICY_MODE_SERVICE 0: LSA_POLICY_MODE_PROXY 0: LSA_POLICY_MODE_DENY_INTERACTIVE 0: LSA_POLICY_MODE_DENY_NETWORK 0: LSA_POLICY_MODE_DENY_BATCH 0: LSA_POLICY_MODE_DENY_SERVICE 0: LSA_POLICY_MODE_REMOTE_INTERACTIVE 0: LSA_POLICY_MODE_DENY_REMOTE_INTERACTIVE 0x00: LSA_POLICY_MODE_ALL (0) 0x00: LSA_POLICY_MODE_ALL_NT4 (0) delete_token : * delete_token: struct security_unix_token uid : 0x00000000000003e8 (1000) gid : 0x00000000000003e8 (1000) ngroups : 0x00000004 (4) groups: ARRAY(4) groups : 0x00000000000003e8 (1000) groups : 0x00000000055d4a81 (90000001) groups : 0x00000000055d4a82 (90000002) groups : 0x00000000055d4a83 (90000003) old_write_time : Wed Jul 6 21:40:33 2016 AEST.383028200 changed_write_time : Thu Jan 1 10:00:00 1970 AEST.0 fresh : 0x00 (0) modified : 0x01 (1) record : * id: struct file_id devid : 0x0000000042817c33 (1115782195) inode : 0x000000000000000a (10) extid : 0x0000000000000000 (0) [2016/07/20 22:55:37.044256, 10, pid=4773, effective(1000, 1000), real(0, 0), class=locking] ../source3/locking/share_mode_lock.c:147(share_mode_memcache_delete) deleting entry for file openvpn.zip seq 0x10463475833320383911 key 42817c33:a:0 [2016/07/20 22:55:37.044271, 10, pid=4773, effective(1000, 1000), real(0, 0), class=locking] ../source3/locking/share_mode_lock.c:370(unparse_share_modes) No used share mode found [2016/07/20 22:55:37.044290, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 337C8142000000000A00 [2016/07/20 22:55:37.044304, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 1 for /var/lock/locking.tdb [2016/07/20 22:55:37.044317, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2016/07/20 22:55:37.044332, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/notify_msg.c:227(notify_trigger) notify_trigger called action=0x2, filter=0x1, dir=/mnt/tank/Test, name=openvpn.zip [2016/07/20 22:55:37.044347, 4, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/sec_ctx.c:217(push_sec_ctx) push_sec_ctx(1000, 1000) : sec_ctx_stack_ndx = 1 [2016/07/20 22:55:37.044361, 4, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/uid.c:491(push_conn_ctx) push_conn_ctx(46639) : conn_ctx_stack_ndx = 0 [2016/07/20 22:55:37.044374, 4, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2016/07/20 22:55:37.044387, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:37.044399, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:37.044424, 10, pid=4773, effective(0, 0), real(0, 0)] ../source3/lib/messages_dgm.c:284(messaging_dgm_send) messaging_dgm_send: Sending message to 4745 [2016/07/20 22:55:37.044464, 4, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/sec_ctx.c:439(pop_sec_ctx) pop_sec_ctx (1000, 1000) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:37.044495, 2, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/close.c:780(close_normal_file) home closed file openvpn.zip (numopen=0) NT_STATUS_OBJECT_NAME_NOT_FOUND [2016/07/20 22:55:37.044510, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order) check lock order 1 for /var/lock/smbXsrv_open_global.tdb [2016/07/20 22:55:37.044523, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) [2016/07/20 22:55:37.044515, 10, pid=4745, effective(0, 0), real(0, 0)] ../source3/lib/messages.c:254(messaging_recv_cb) lock order: 1:/var/lock/smbXsrv_open_global.tdb 2: 3: messaging_recv_cb: Received message 0x31b len 51 (num_fds:0) from 4773 [2016/07/20 22:55:37.044560, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 0E9E984E [2016/07/20 22:55:37.044584, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x81209fde0 [2016/07/20 22:55:37.044593, 10, pid=4745, effective(0, 0), real(0, 0)] ../source3/smbd/notifyd/notifyd.c:655(notifyd_trigger) [2016/07/20 22:55:37.044602, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) notifyd_trigger: Got trigger_msg action=2, filter=1, path=/mnt/tank/Test/openvpn.zip Unlocking key 0E9E984E [2016/07/20 22:55:37.044626, 10, pid=4745, effective(0, 0), real(0, 0)] ../source3/smbd/notifyd/notifyd.c:672(notifyd_trigger) [2016/07/20 22:55:37.044652, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) notifyd_trigger: Trying path /mnt release lock order 1 for /var/lock/smbXsrv_open_global.tdb [2016/07/20 22:55:37.044693, 10, pid=4745, effective(0, 0), real(0, 0)] ../source3/smbd/notifyd/notifyd.c:672(notifyd_trigger) [2016/07/20 22:55:37.044703, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) notifyd_trigger: Trying path /mnt/tank lock order: 1: 2: 3: [2016/07/20 22:55:37.044736, 10, pid=4745, effective(0, 0), real(0, 0)] ../source3/smbd/notifyd/notifyd.c:672(notifyd_trigger) [2016/07/20 22:55:37.044750, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/files.c:554(file_free) notifyd_trigger: Trying path /mnt/tank/Test freed files structure 4068 (0 used) [2016/07/20 22:55:37.044786, 3, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/error.c:82(error_packet_set) NT error packet at ../source3/smbd/trans2.c(8618) cmd=50 (SMBtrans2) NT_STATUS_OBJECT_NAME_NOT_FOUND [2016/07/20 22:55:37.044815, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/lib/util.c:169(show_msg) [2016/07/20 22:55:37.044823, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/lib/util.c:179(show_msg) size=35 smb_com=0x32 smb_rcls=52 smb_reh=0 smb_err=49152 smb_flg=128 smb_flg2=51203 smb_tid=33509 smb_pid=28839 smb_uid=46639 smb_mid=135 smt_wct=0 smb_bcc=0 [2016/07/20 22:55:37.044888, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../lib/util/util.c:559(dump_data) [2016/07/20 22:55:37.044930, 10, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/lib/messages.c:254(messaging_recv_cb) messaging_recv_cb: Received message 0x319 len 24 (num_fds:0) from 4773 [2016/07/20 22:55:41.172868, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:41.172901, 5, pid=4741, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:41.172929, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:41.172965, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2016/07/20 22:55:41.172982, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:41.172998, 5, pid=4741, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:41.173011, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:41.173049, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2016/07/20 22:55:41.173065, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:41.173078, 5, pid=4741, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:41.173090, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:41.173111, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2016/07/20 22:55:41.173124, 4, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:41.173137, 5, pid=4741, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:41.173149, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:41.173169, 5, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2016/07/20 22:55:41.173186, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order) check lock order 2 for /var/lock/serverid.tdb [2016/07/20 22:55:41.173212, 10, pid=4741, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2:/var/lock/serverid.tdb 3: [2016/07/20 22:55:41.173233, 10, pid=4741, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 8512000000000000FFFF [2016/07/20 22:55:41.173255, 10, pid=4741, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x812043ea0 [2016/07/20 22:55:41.173276, 10, pid=4741, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 8512000000000000FFFF [2016/07/20 22:55:41.173291, 5, pid=4741, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 2 for /var/lock/serverid.tdb [2016/07/20 22:55:41.173303, 10, pid=4741, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2016/07/20 22:55:41.173519, 3, pid=4741, effective(0, 0), real(0, 0)] ../source3/smbd/server_exit.c:252(exit_server_common) Server exit (termination signal) [2016/07/20 22:55:41.173998, 4, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:41.174018, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:41.174031, 5, pid=4773, effective(1000, 1000), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:41.174058, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2016/07/20 22:55:41.174072, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:41.174085, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:41.174097, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:41.174117, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2016/07/20 22:55:41.174130, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:41.174143, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:41.174155, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:41.174175, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2016/07/20 22:55:41.174191, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order) check lock order 1 for /var/lock/smbXsrv_tcon_global.tdb [2016/07/20 22:55:41.174205, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1:/var/lock/smbXsrv_tcon_global.tdb 2: 3: [2016/07/20 22:55:41.174226, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 59EE622B [2016/07/20 22:55:41.174242, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x81208cd60 [2016/07/20 22:55:41.174259, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 59EE622B [2016/07/20 22:55:41.174273, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 1 for /var/lock/smbXsrv_tcon_global.tdb [2016/07/20 22:55:41.174285, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2016/07/20 22:55:41.174302, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:41.174315, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:41.174327, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:41.174347, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2016/07/20 22:55:41.174360, 2, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/service.c:1148(close_cnum) (ipv4:192.168.1.200:53276) closed connection to service Test [2016/07/20 22:55:41.174380, 4, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:844(vfs_ChDir) vfs_ChDir to / [2016/07/20 22:55:41.174410, 4, pid=4773, effective(0, 0), real(0, 0), class=vfs] ../source3/smbd/vfs.c:855(vfs_ChDir) vfs_ChDir got / [2016/07/20 22:55:41.174425, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:41.174437, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:41.174450, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:41.174471, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2016/07/20 22:55:41.174491, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order) check lock order 1 for /var/lock/smbXsrv_session_global.tdb [2016/07/20 22:55:41.174504, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1:/var/lock/smbXsrv_session_global.tdb 2: 3: [2016/07/20 22:55:41.174518, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Locking key 20D44C76 [2016/07/20 22:55:41.174533, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:143(db_tdb_fetch_locked_internal) Allocated locked data 0x0x8120b9060 [2016/07/20 22:55:41.174554, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:59(db_tdb_log_key) Unlocking key 20D44C76 [2016/07/20 22:55:41.174568, 5, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor) release lock order 1 for /var/lock/smbXsrv_session_global.tdb [2016/07/20 22:55:41.174580, 10, pid=4773, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order) lock order: 1: 2: 3: [2016/07/20 22:55:41.174596, 4, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/pampass.c:483(smb_pam_start) smb_pam_start: PAM: Init user: home [2016/07/20 22:55:41.176095, 4, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/pampass.c:492(smb_pam_start) smb_pam_start: PAM: setting rhost to: stargate.home.gateway [2016/07/20 22:55:41.176116, 4, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/pampass.c:501(smb_pam_start) smb_pam_start: PAM: setting tty [2016/07/20 22:55:41.176130, 4, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/pampass.c:509(smb_pam_start) smb_pam_start: PAM: Init passed for user: home [2016/07/20 22:55:41.176144, 4, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/pampass.c:646(smb_internal_pam_session) smb_internal_pam_session: PAM: tty set to: smb/550784118 [2016/07/20 22:55:41.176249, 4, pid=4773, effective(0, 0), real(0, 0), class=auth] ../source3/auth/pampass.c:465(smb_pam_end) smb_pam_end: PAM: PAM_END OK. [2016/07/20 22:55:41.176267, 4, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/sec_ctx.c:321(set_sec_ctx_internal) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2016/07/20 22:55:41.176281, 5, pid=4773, effective(0, 0), real(0, 0)] ../libcli/security/security_token.c:53(security_token_debug) Security token: (NULL) [2016/07/20 22:55:41.176293, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/auth/token_util.c:639(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2016/07/20 22:55:41.176320, 5, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/uid.c:425(smbd_change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2016/07/20 22:55:41.176443, 3, pid=4773, effective(0, 0), real(0, 0)] ../source3/smbd/server_exit.c:252(exit_server_common) Server exit (termination signal)