[2005/12/05 17:56:10, 5] lib/util.c:(454)
[2005/12/05 17:56:10, 5] lib/util.c:(464)
  size=103
  smb_com=0xa2
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6147
  smb_pid=29633
  smb_uid=10243
  smb_mid=5
  smt_wct=34
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  103 (0x67)
  smb_vwv[ 2]=  768 (0x300)
  smb_vwv[ 3]=  352 (0x160)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=    0 (0x0)
  smb_vwv[11]=    0 (0x0)
  smb_vwv[12]=    0 (0x0)
  smb_vwv[13]=    0 (0x0)
  smb_vwv[14]=    0 (0x0)
  smb_vwv[15]=    0 (0x0)
  smb_vwv[16]=    0 (0x0)
  smb_vwv[17]=    0 (0x0)
  smb_vwv[18]=    0 (0x0)
  smb_vwv[19]=    0 (0x0)
  smb_vwv[20]=    0 (0x0)
  smb_vwv[21]=32768 (0x8000)
  smb_vwv[22]=    0 (0x0)
  smb_vwv[23]=    0 (0x0)
  smb_vwv[24]=   16 (0x10)
  smb_vwv[25]=    0 (0x0)
  smb_vwv[26]=    0 (0x0)
  smb_vwv[27]=    0 (0x0)
  smb_vwv[28]=    0 (0x0)
  smb_vwv[29]=    0 (0x0)
  smb_vwv[30]=    0 (0x0)
  smb_vwv[31]=  512 (0x200)
  smb_vwv[32]=65280 (0xFF00)
  smb_vwv[33]=    5 (0x5)
  smb_bcc=0
[2005/12/05 17:56:10, 5] rpc_client/cli_pipe.c:(1343)
  Bind RPC Pipe[6003]: \PIPE\lsarpc
[2005/12/05 17:56:10, 5] rpc_client/cli_pipe.c:(1237)
  Bind Abstract Syntax: [000] 12 34 57 78 12 34 AB CD  EF 00 01 23 45 67 89 AB  .4Wx.4.. ...#Eg..
  [010] 00 00 00 00                                       .... 
[2005/12/05 17:56:10, 5] rpc_client/cli_pipe.c:(1240)
  Bind Transfer Syntax: [000] 8A 88 5D 04 1C EB 11 C9  9F E8 08 00 2B 10 48 60  ..]..... ....+.H`
  [010] 00 00 00 02                                       .... 
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0b
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0048
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000001
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_rb 
[2005/12/05 17:56:10, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00000000
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0018 num_contexts: 01
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
      001c context_id  : 0000
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      001e num_transfer_syntaxes: 01
[2005/12/05 17:56:10, 6] rpc_parse/parse_prs.c:(82)
      00001f smb_io_rpc_iface 
[2005/12/05 17:56:10, 7] rpc_parse/parse_prs.c:(82)
          000020 smb_io_uuid uuid
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
              0020 data   : 12345778
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
              0024 data   : 1234
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
              0026 data   : abcd
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(758)
              0028 data   : ef 00 
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(758)
              002a data   : 01 23 45 67 89 ab 
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
          0030 version: 00000000
[2005/12/05 17:56:10, 6] rpc_parse/parse_prs.c:(82)
      000034 smb_io_rpc_iface 
[2005/12/05 17:56:10, 7] rpc_parse/parse_prs.c:(82)
          000034 smb_io_uuid uuid
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
              0034 data   : 8a885d04
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
              0038 data   : 1ceb
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
              003a data   : 11c9
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(758)
              003c data   : 9f e8 
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(758)
              003e data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
          0044 version: 00000002
[2005/12/05 17:56:10, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:6003
[2005/12/05 17:56:10, 5] lib/util.c:(454)
[2005/12/05 17:56:10, 5] lib/util.c:(464)
  size=154
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=6147
  smb_pid=29633
  smb_uid=10243
  smb_mid=6
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   72 (0x48)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   72 (0x48)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=24579 (0x6003)
  smb_bcc=87
[2005/12/05 17:56:10, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 0B 03 10 00 00 00 48  00 00 00 01 00 00 00 B8  .......H ........
  [020] 10 B8 10 00 00 00 00 01  00 00 00 00 00 01 00 78  ........ .......x
  [030] 57 34 12 34 12 CD AB EF  00 01 23 45 67 89 AB 00  W4.4.... ..#Eg...
  [040] 00 00 00 04 5D 88 8A EB  1C C9 11 9F E8 08 00 2B  ....]... .......+
  [050] 10 48 60 02 00 00 00                              .H`.... 
[2005/12/05 17:56:10, 6] libsmb/clientgen.c:(132)
  write_socket(26,158)
[2005/12/05 17:56:10, 6] libsmb/clientgen.c:(135)
  write_socket(26,158) wrote 158
[2005/12/05 17:56:10, 10] lib/util_sock.c:(615)
  got smb length of 124
[2005/12/05 17:56:10, 5] lib/util.c:(454)
[2005/12/05 17:56:10, 5] lib/util.c:(464)
  size=124
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6147
  smb_pid=29633
  smb_uid=10243
  smb_mid=6
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   68 (0x44)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=69
[2005/12/05 17:56:10, 10] lib/util.c:(2053)
  [000] 48 05 00 0C 03 10 00 00  00 44 00 00 00 01 00 00  H....... .D......
  [010] 00 B8 10 B8 10 1F 97 13  00 0C 00 5C 50 49 50 45  ........ ...\PIPE
  [020] 5C 6C 73 61 73 73 00 00  00 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00                                    `.... 
[2005/12/05 17:56:10, 5] lib/util.c:(454)
[2005/12/05 17:56:10, 5] lib/util.c:(464)
  size=124
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6147
  smb_pid=29633
  smb_uid=10243
  smb_mid=6
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   68 (0x44)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=69
[2005/12/05 17:56:10, 10] lib/util.c:(2053)
  [000] 48 05 00 0C 03 10 00 00  00 44 00 00 00 01 00 00  H....... .D......
  [010] 00 B8 10 B8 10 1F 97 13  00 0C 00 5C 50 49 50 45  ........ ...\PIPE
  [020] 5C 6C 73 61 73 73 00 00  00 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00                                    `.... 
[2005/12/05 17:56:10, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 68
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0c
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0044
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000001
[2005/12/05 17:56:10, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 68
[2005/12/05 17:56:10, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:10, 5] rpc_client/cli_pipe.c:(1419)
  rpc_pipe_bind: rpc_api_pipe returned OK.
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_ba 
[2005/12/05 17:56:10, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 0013971f
[2005/12/05 17:56:10, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_rpc_addr_str 
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
          0018 len: 000c
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(758)
          001a str: \PIPE\lsass.
[2005/12/05 17:56:10, 6] rpc_parse/parse_prs.c:(82)
      000026 smb_io_rpc_results 
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
          0028 num_results: 01
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
          002c result     : 0000
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
          002e reason     : 0000
[2005/12/05 17:56:10, 6] rpc_parse/parse_prs.c:(82)
      000030 smb_io_rpc_iface 
[2005/12/05 17:56:10, 7] rpc_parse/parse_prs.c:(82)
          000030 smb_io_uuid uuid
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
              0030 data   : 8a885d04
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
              0034 data   : 1ceb
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
              0036 data   : 11c9
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(758)
              0038 data   : 9f e8 
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(758)
              003a data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
          0040 version: 00000002
[2005/12/05 17:56:10, 5] rpc_client/cli_pipe.c:(1293)
  bind_rpc_pipe: accepted!
[2005/12/05 17:56:10, 5] rpc_parse/parse_lsa.c:(142)
  init_lsa_sec_qos
[2005/12/05 17:56:10, 5] rpc_parse/parse_lsa.c:(261)
  init_open_pol: attr:0 da:1
[2005/12/05 17:56:10, 5] rpc_parse/parse_lsa.c:(193)
  init_lsa_obj_attr
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(82)
  000000 lsa_io_q_open_pol 
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
      0000 ptr       : 00000001
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
      0004 system_name: 005c
[2005/12/05 17:56:10, 6] rpc_parse/parse_prs.c:(82)
      000008 lsa_io_obj_attr 
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
          0008 len         : 00000018
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
          000c ptr_root_dir: 00000000
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
          0010 ptr_obj_name: 00000000
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
          0014 attributes  : 00000000
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
          0018 ptr_sec_desc: 00000000
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
          001c ptr_sec_qos : 00000001
[2005/12/05 17:56:10, 7] rpc_parse/parse_prs.c:(82)
          000020 lsa_io_obj_qos sec_qos
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
              0020 len           : 0000000c
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
              0024 sec_imp_level : 0002
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
              0026 sec_ctxt_mode : 01
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
              0027 effective_only: 00
[2005/12/05 17:56:10, 3] rpc_parse/parse_lsa.c:(181)
  lsa_io_sec_qos: length c does not match size 8
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
      0028 des_access: 00000001
[2005/12/05 17:56:10, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0x6 data_len: 0x44
[2005/12/05 17:56:10, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 44 auth_len: 0 alloc_hint: 34
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0044
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000002
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000034
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 0006
[2005/12/05 17:56:10, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:6003
[2005/12/05 17:56:10, 5] lib/util.c:(454)
[2005/12/05 17:56:10, 5] lib/util.c:(464)
  size=150
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=6147
  smb_pid=29633
  smb_uid=10243
  smb_mid=7
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   68 (0x44)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=24579 (0x6003)
  smb_bcc=83
[2005/12/05 17:56:10, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 44  00 00 00 02 00 00 00 34  .......D .......4
  [020] 00 00 00 00 00 06 00 01  00 00 00 5C 00 00 00 18  ........ ...\....
  [030] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
  [040] 00 00 00 01 00 00 00 0C  00 00 00 02 00 01 00 01  ........ ........
  [050] 00 00 00                                          ... 
[2005/12/05 17:56:10, 6] libsmb/clientgen.c:(132)
  write_socket(26,154)
[2005/12/05 17:56:10, 6] libsmb/clientgen.c:(135)
  write_socket(26,154) wrote 154
[2005/12/05 17:56:10, 10] lib/util_sock.c:(615)
  got smb length of 104
[2005/12/05 17:56:10, 5] lib/util.c:(454)
[2005/12/05 17:56:10, 5] lib/util.c:(464)
  size=104
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6147
  smb_pid=29633
  smb_uid=10243
  smb_mid=7
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   48 (0x30)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   48 (0x30)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=49
[2005/12/05 17:56:10, 10] lib/util.c:(2053)
  [000] 44 05 00 02 03 10 00 00  00 30 00 00 00 02 00 00  D....... .0......
  [010] 00 18 00 00 00 00 00 00  00 00 00 00 00 A6 B8 3D  ........ .......=
  [020] C3 93 77 31 46 87 4E CC  89 0F C5 34 40 00 00 00  ..w1F.N. ...4@...
  [030] 00                                                . 
[2005/12/05 17:56:10, 5] lib/util.c:(454)
[2005/12/05 17:56:10, 5] lib/util.c:(464)
  size=104
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6147
  smb_pid=29633
  smb_uid=10243
  smb_mid=7
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   48 (0x30)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   48 (0x30)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=49
[2005/12/05 17:56:10, 10] lib/util.c:(2053)
  [000] 44 05 00 02 03 10 00 00  00 30 00 00 00 02 00 00  D....... .0......
  [010] 00 18 00 00 00 00 00 00  00 00 00 00 00 A6 B8 3D  ........ .......=
  [020] C3 93 77 31 46 87 4E CC  89 0F C5 34 40 00 00 00  ..w1F.N. ...4@...
  [030] 00                                                . 
[2005/12/05 17:56:10, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 48
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0030
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000002
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000018
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:10, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 48
[2005/12/05 17:56:10, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(82)
  000018 lsa_io_r_open_pol 
[2005/12/05 17:56:10, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_pol_hnd 
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
          0018 data1: 00000000
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
          001c data2: c33db8a6
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
          0020 data3: 7793
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
          0022 data4: 4631
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(758)
          0024 data5: 87 4e cc 89 0f c5 34 40 
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(701)
      002c status: NT_STATUS_OK
[2005/12/05 17:56:10, 5] rpc_parse/parse_lsa.c:(477)
  init_q_enum_trust_dom
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(82)
  000000 lsa_io_q_enum_trust_dom 
[2005/12/05 17:56:10, 6] rpc_parse/parse_prs.c:(82)
      000000 smb_io_pol_hnd 
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
          0000 data1: 00000000
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
          0004 data2: c33db8a6
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
          0008 data3: 7793
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
          000a data4: 4631
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(758)
          000c data5: 87 4e cc 89 0f c5 34 40 
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
      0014 enum_context : 00000000
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
      0018 preferred_len: 00010000
[2005/12/05 17:56:10, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0xd data_len: 0x34
[2005/12/05 17:56:10, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 34 auth_len: 0 alloc_hint: 24
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0034
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000003
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000024
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 000d
[2005/12/05 17:56:10, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:6003
[2005/12/05 17:56:10, 5] lib/util.c:(454)
[2005/12/05 17:56:10, 5] lib/util.c:(464)
  size=134
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=6147
  smb_pid=29633
  smb_uid=10243
  smb_mid=8
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   52 (0x34)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   52 (0x34)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=24579 (0x6003)
  smb_bcc=67
[2005/12/05 17:56:10, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 34  00 00 00 03 00 00 00 24  .......4 .......$
  [020] 00 00 00 00 00 0D 00 00  00 00 00 A6 B8 3D C3 93  ........ .....=..
  [030] 77 31 46 87 4E CC 89 0F  C5 34 40 00 00 00 00 00  w1F.N... .4@.....
  [040] 00 01 00                                          ... 
[2005/12/05 17:56:10, 6] libsmb/clientgen.c:(132)
  write_socket(26,138)
[2005/12/05 17:56:10, 6] libsmb/clientgen.c:(135)
  write_socket(26,138) wrote 138
[2005/12/05 17:56:10, 10] lib/util_sock.c:(615)
  got smb length of 96
[2005/12/05 17:56:10, 5] lib/util.c:(454)
[2005/12/05 17:56:10, 5] lib/util.c:(464)
  size=96
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6147
  smb_pid=29633
  smb_uid=10243
  smb_mid=8
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   40 (0x28)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   40 (0x28)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=41
[2005/12/05 17:56:10, 10] lib/util.c:(2053)
  [000] 34 05 00 02 03 10 00 00  00 28 00 00 00 03 00 00  4....... .(......
  [010] 00 10 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
  [020] 00 00 00 00 00 1A 00 00  80                       ........ .
[2005/12/05 17:56:10, 5] lib/util.c:(454)
[2005/12/05 17:56:10, 5] lib/util.c:(464)
  size=96
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6147
  smb_pid=29633
  smb_uid=10243
  smb_mid=8
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   40 (0x28)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   40 (0x28)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=41
[2005/12/05 17:56:10, 10] lib/util.c:(2053)
  [000] 34 05 00 02 03 10 00 00  00 28 00 00 00 03 00 00  4....... .(......
  [010] 00 10 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
  [020] 00 00 00 00 00 1A 00 00  80                       ........ .
[2005/12/05 17:56:10, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 40
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0028
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000003
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000010
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:10, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 40
[2005/12/05 17:56:10, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(82)
  000018 lsa_io_r_enum_trust_dom 
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
      0018 enum_context: 00000000
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
      001c count: 00000000
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(671)
      0020 ptr: 00000000
[2005/12/05 17:56:10, 5] rpc_parse/parse_prs.c:(701)
      0024 status: NT_STATUS_NO_MORE_ENTRIES
[2005/12/05 17:56:10, 10] libsmb/trusts_util.c:(181)
  enumerate_domain_trusts: shutting down connection...
[2005/12/05 17:56:10, 6] libsmb/clientgen.c:(132)
  write_socket(26,45)
[2005/12/05 17:56:10, 6] libsmb/clientgen.c:(135)
  write_socket(26,45) wrote 45
[2005/12/05 17:56:10, 10] lib/util_sock.c:(615)
  got smb length of 35
[2005/12/05 17:56:10, 5] lib/util.c:(454)
[2005/12/05 17:56:10, 5] lib/util.c:(464)
  size=35
  smb_com=0x4
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6147
  smb_pid=29633
  smb_uid=10243
  smb_mid=9
  smt_wct=0
  smb_bcc=0
[2005/12/05 17:56:10, 6] libsmb/clientgen.c:(132)
  write_socket(26,39)
[2005/12/05 17:56:10, 6] libsmb/clientgen.c:(135)
  write_socket(26,39) wrote 39
[2005/12/05 17:56:10, 10] lib/util_sock.c:(615)
  got smb length of 35
[2005/12/05 17:56:10, 5] lib/util.c:(454)
[2005/12/05 17:56:10, 5] lib/util.c:(464)
  size=35
  smb_com=0x71
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6147
  smb_pid=29633
  smb_uid=10243
  smb_mid=10
  smt_wct=0
  smb_bcc=0
[2005/12/05 17:56:10, 10] lib/gencache.c:(285)
  Cache entry with key = TDOM/HRZ couldn't be found
[2005/12/05 17:56:10, 5] libsmb/trustdom_cache.c:(184)
  no entry for trusted domain HRZ found.
[2005/12/05 17:56:10, 5] auth/auth_util.c:(99)
  attempting to make a user_info for ratzka (ratzka)
[2005/12/05 17:56:10, 5] auth/auth_util.c:(109)
  making strings for ratzka's user_info struct
[2005/12/05 17:56:10, 5] auth/auth_util.c:(151)
  making blobs for ratzka's user_info struct
[2005/12/05 17:56:10, 10] auth/auth_util.c:(167)
  made an encrypted user_info for ratzka (ratzka)
[2005/12/05 17:56:10, 3] auth/auth.c:(219)
  check_ntlm_password:  Checking password for unmapped user [HRZ]\[ratzka]@[PCRZ478-WXP] with the new password interface
[2005/12/05 17:56:10, 3] auth/auth.c:(222)
  check_ntlm_password:  mapped user is: [HRZ]\[ratzka]@[PCRZ478-WXP]
[2005/12/05 17:56:10, 10] auth/auth.c:(231)
  check_ntlm_password: auth_context challenge created by NTLMSSP callback (NTLM2)
[2005/12/05 17:56:10, 10] auth/auth.c:(233)
  challenge is: 
[2005/12/05 17:56:10, 5] lib/util.c:(2053)
  [000] 54 79 BD F1 23 4F 90 36                           Ty..#O.6 
[2005/12/05 17:56:10, 10] auth/auth.c:(259)
  check_ntlm_password: guest had nothing to say
[2005/12/05 17:56:10, 8] lib/util.c:(1874)
  is_myname("HRZ") returns 0
[2005/12/05 17:56:10, 6] auth/auth_sam.c:(379)
  check_samstrict_security: HRZ is not one of my local names (ROLE_DOMAIN_MEMBER)
[2005/12/05 17:56:10, 10] auth/auth.c:(259)
  check_ntlm_password: sam had nothing to say
[2005/12/05 17:56:10, 3] smbd/sec_ctx.c:(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/12/05 17:56:10, 3] smbd/uid.c:(388)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/12/05 17:56:10, 3] smbd/sec_ctx.c:(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/12/05 17:56:10, 5] auth/auth_util.c:(452)
  NT user token: (NULL)
[2005/12/05 17:56:10, 5] auth/auth_util.c:(473)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/12/05 17:56:10, 3] smbd/sec_ctx.c:(386)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/12/05 17:56:10, 4] passdb/secrets.c:(281)
  Using cleartext machine password
[2005/12/05 17:56:10, 4] passdb/secrets.c:(281)
  Using cleartext machine password
[2005/12/05 17:56:10, 8] libsmb/namequery.c:(1433)
  get_sorted_dc_list: attempting lookup using [lmhosts wins host bcast]
[2005/12/05 17:56:10, 10] libsmb/namequery.c:(1028)
  internal_resolve_name: looking up HRZ#1c
[2005/12/05 17:56:10, 10] lib/gencache.c:(263)
  Returning valid cache entry: key = NBT/HRZ#1C, value = 137.248.3.174:0,137.248.3.163:0,137.248.3.45:0, timeout = Mon Dec  5 18:06:09 2005
  
[2005/12/05 17:56:10, 5] libsmb/namecache.c:(201)
  name HRZ#1C found.
[2005/12/05 17:56:10, 8] libsmb/namequery.c:(1316)
  Adding 3 DC's from auto lookup
[2005/12/05 17:56:10, 10] libsmb/namequery.c:(320)
  remove_duplicate_addrs2: looking for duplicate address/port pairs
[2005/12/05 17:56:10, 4] libsmb/namequery.c:(1406)
  get_dc_list: returning 3 ip addresses in an unordered list
[2005/12/05 17:56:10, 4] libsmb/namequery.c:(1407)
  get_dc_list: 137.248.3.174:0 137.248.3.163:0 137.248.3.45:0 
[2005/12/05 17:56:10, 10] libsmb/namequery.c:(188)
  name_status_find: looking up HRZ#1c at 137.248.3.174
[2005/12/05 17:56:10, 10] lib/gencache.c:(285)
  Cache entry with key = NBT/HRZ#1C.20.137.248.3.174 couldn't be found
[2005/12/05 17:56:10, 5] libsmb/namecache.c:(308)
  namecache_status_fetch: no entry for NBT/HRZ#1C.20.137.248.3.174 found.
[2005/12/05 17:56:10, 10] lib/gencache.c:(214)
  Deleting cache entry (key = NBT/HRZ#1C.20.137.248.3.174)
[2005/12/05 17:56:10, 10] lib/util_sock.c:(832)
  bind succeeded on port 0
[2005/12/05 17:56:10, 5] libsmb/nmblib.c:(777)
  Sending a packet of len 50 to (137.248.3.174) on port 137
[2005/12/05 17:56:10, 10] lib/util_sock.c:(286)
  read_udp_socket: lastip 137.248.3.174 lastport 137 read: 247
[2005/12/05 17:56:10, 10] libsmb/nmblib.c:(506)
  parse_nmb: packet id = 20457
[2005/12/05 17:56:10, 5] libsmb/nmblib.c:(755)
  Received a packet of len 247 from (137.248.3.174) port 137
[2005/12/05 17:56:10, 4] libsmb/nmblib.c:(112)
  nmb packet from 137.248.3.174(137) header: id=20457 opcode=Query(0) response=Yes
      header: flags: bcast=No rec_avail=No rec_des=No trunc=No auth=Yes
      header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
      answers: nmb_name=HRZ<1c> rr_type=33 rr_class=1 ttl=0
      answers   0 char .NTRZ13            hex 074E54525A3133202020202020202020
      answers  10 char .D.HRZ             hex 00440048525A20202020202020202020
      answers  20 char   ...HRZ           hex 202000C40048525A2020202020202020
      answers  30 char     ...NTRZ13      hex 202020201CC4004E54525A3133202020
      answers  40 char        D.HRZ       hex 20202020202020440048525A20202020
      answers  50 char         ...NTRZ1   hex 20202020202020201EC4004E54525A31
      answers  60 char 3         .D.NTR   hex 332020202020202020200344004E5452
      answers  70 char Z13         .D..   hex 5A313320202020202020202001440000
      answers  80 char ...e............   hex 01020A65D90000000000000000000000
      answers  90 char ................   hex 00000000000000000000000000000000
      answers  a0 char .............   hex 00000000000000000000000000
[2005/12/05 17:56:10, 10] libsmb/namequery.c:(70)
  NTRZ13#00: flags = 0x44
[2005/12/05 17:56:10, 10] libsmb/namequery.c:(70)
  HRZ#00: flags = 0xc4
[2005/12/05 17:56:10, 10] libsmb/namequery.c:(70)
  HRZ#1c: flags = 0xc4
[2005/12/05 17:56:10, 10] libsmb/namequery.c:(70)
  NTRZ13#20: flags = 0x44
[2005/12/05 17:56:10, 10] libsmb/namequery.c:(70)
  HRZ#1e: flags = 0xc4
[2005/12/05 17:56:10, 10] libsmb/namequery.c:(70)
  NTRZ13#03: flags = 0x44
[2005/12/05 17:56:10, 10] libsmb/namequery.c:(70)
  NTRZ13#01: flags = 0x44
[2005/12/05 17:56:10, 10] libsmb/namequery.c:(227)
  name_status_find: name found, name NTRZ13 ip address is 137.248.3.174
[2005/12/05 17:56:10, 3] libsmb/namequery_dc.c:(145)
  rpc_dc_name: Returning DC NTRZ13 (137.248.3.174) for domain HRZ
[2005/12/05 17:56:10, 10] passdb/secrets.c:(759)
  secrets_named_mutex: got mutex for NTRZ13
[2005/12/05 17:56:10, 3] libsmb/cliconnect.c:(1407)
  Connecting to host=NTRZ13
[2005/12/05 17:56:10, 3] lib/util_sock.c:(867)
  Connecting to 137.248.3.174 at port 445
[2005/12/05 17:56:10, 2] lib/util_sock.c:(904)
  error connecting to 137.248.3.174:445 (Connection refused)
[2005/12/05 17:56:10, 3] lib/util_sock.c:(867)
  Connecting to 137.248.3.174 at port 139
[2005/12/05 17:56:11, 5] lib/util_sock.c:(203)
  socket option SO_KEEPALIVE = 0
[2005/12/05 17:56:11, 5] lib/util_sock.c:(203)
  socket option SO_REUSEADDR = 0
[2005/12/05 17:56:11, 5] lib/util_sock.c:(203)
  socket option SO_BROADCAST = 0
[2005/12/05 17:56:11, 5] lib/util_sock.c:(203)
  socket option TCP_NODELAY = 1
[2005/12/05 17:56:11, 5] lib/util_sock.c:(203)
  socket option IPTOS_LOWDELAY = 0
[2005/12/05 17:56:11, 5] lib/util_sock.c:(203)
  socket option IPTOS_THROUGHPUT = 0
[2005/12/05 17:56:11, 5] lib/util_sock.c:(203)
  socket option SO_SNDBUF = 49152
[2005/12/05 17:56:11, 5] lib/util_sock.c:(203)
  socket option SO_RCVBUF = 49640
[2005/12/05 17:56:11, 5] lib/util_sock.c:(201)
  Could not test socket option SO_SNDLOWAT.
[2005/12/05 17:56:11, 5] lib/util_sock.c:(201)
  Could not test socket option SO_RCVLOWAT.
[2005/12/05 17:56:11, 5] lib/util_sock.c:(201)
  Could not test socket option SO_SNDTIMEO.
[2005/12/05 17:56:11, 5] lib/util_sock.c:(201)
  Could not test socket option SO_RCVTIMEO.
[2005/12/05 17:56:11, 6] libsmb/clientgen.c:(132)
  write_socket(26,72)
[2005/12/05 17:56:11, 6] libsmb/clientgen.c:(135)
  write_socket(26,72) wrote 72
[2005/12/05 17:56:11, 5] libsmb/cliconnect.c:(1233)
  Sent session request
[2005/12/05 17:56:11, 10] lib/util_sock.c:(615)
  got smb length of 0
[2005/12/05 17:56:11, 5] lib/util.c:(454)
[2005/12/05 17:56:11, 5] lib/util.c:(464)
  size=0
  smb_com=0x0
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=0
  smb_flg2=0
  smb_tid=0
  smb_pid=0
  smb_uid=0
  smb_mid=0
  smt_wct=0
  smb_bcc=0
[2005/12/05 17:56:11, 6] libsmb/clientgen.c:(132)
  write_socket(26,183)
[2005/12/05 17:56:11, 6] libsmb/clientgen.c:(135)
  write_socket(26,183) wrote 183
[2005/12/05 17:56:11, 10] lib/util_sock.c:(615)
  got smb length of 85
[2005/12/05 17:56:11, 5] lib/util.c:(454)
[2005/12/05 17:56:11, 5] lib/util.c:(464)
  size=85
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=55297
  smb_tid=0
  smb_pid=29633
  smb_uid=0
  smb_mid=2
  smt_wct=17
  smb_vwv[ 0]=    8 (0x8)
  smb_vwv[ 1]=12803 (0x3203)
  smb_vwv[ 2]=  256 (0x100)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=   17 (0x11)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  256 (0x100)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=64768 (0xFD00)
  smb_vwv[10]=   67 (0x43)
  smb_vwv[11]=15360 (0x3C00)
  smb_vwv[12]=24092 (0x5E1C)
  smb_vwv[13]=48331 (0xBCCB)
  smb_vwv[14]=50681 (0xC5F9)
  smb_vwv[15]=50177 (0xC401)
  smb_vwv[16]= 2303 (0x8FF)
  smb_bcc=16
[2005/12/05 17:56:11, 10] lib/util.c:(2053)
  [000] 53 3C 52 13 5D 6C 97 28  48 00 52 00 5A 00 00 00  S<R.]l.( H.R.Z...
[2005/12/05 17:56:11, 5] lib/util.c:(454)
[2005/12/05 17:56:11, 5] lib/util.c:(464)
  size=85
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=55297
  smb_tid=0
  smb_pid=29633
  smb_uid=0
  smb_mid=2
  smt_wct=17
  smb_vwv[ 0]=    8 (0x8)
  smb_vwv[ 1]=12803 (0x3203)
  smb_vwv[ 2]=  256 (0x100)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=   17 (0x11)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  256 (0x100)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=64768 (0xFD00)
  smb_vwv[10]=   67 (0x43)
  smb_vwv[11]=15360 (0x3C00)
  smb_vwv[12]=24092 (0x5E1C)
  smb_vwv[13]=48331 (0xBCCB)
  smb_vwv[14]=50681 (0xC5F9)
  smb_vwv[15]=50177 (0xC401)
  smb_vwv[16]= 2303 (0x8FF)
  smb_bcc=16
[2005/12/05 17:56:11, 10] lib/util.c:(2053)
  [000] 53 3C 52 13 5D 6C 97 28  48 00 52 00 5A 00 00 00  S<R.]l.( H.R.Z...
[2005/12/05 17:56:11, 6] libsmb/clientgen.c:(132)
  write_socket(26,92)
[2005/12/05 17:56:11, 6] libsmb/clientgen.c:(135)
  write_socket(26,92) wrote 92
[2005/12/05 17:56:11, 10] lib/util_sock.c:(615)
  got smb length of 118
[2005/12/05 17:56:11, 5] lib/util.c:(454)
[2005/12/05 17:56:11, 5] lib/util.c:(464)
  size=118
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=0
  smb_pid=29633
  smb_uid=16384
  smb_mid=3
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  118 (0x76)
  smb_vwv[ 2]=    0 (0x0)
  smb_bcc=77
[2005/12/05 17:56:11, 10] lib/util.c:(2053)
  [000] 00 57 00 69 00 6E 00 64  00 6F 00 77 00 73 00 20  .W.i.n.d .o.w.s. 
  [010] 00 4E 00 54 00 20 00 34  00 2E 00 30 00 00 00 4E  .N.T. .4 ...0...N
  [020] 00 54 00 20 00 4C 00 41  00 4E 00 20 00 4D 00 61  .T. .L.A .N. .M.a
  [030] 00 6E 00 61 00 67 00 65  00 72 00 20 00 34 00 2E  .n.a.g.e .r. .4..
  [040] 00 30 00 00 00 48 00 52  00 5A 00 00 00           .0...H.R .Z...
[2005/12/05 17:56:11, 5] lib/util.c:(454)
[2005/12/05 17:56:11, 5] lib/util.c:(464)
  size=118
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=0
  smb_pid=29633
  smb_uid=16384
  smb_mid=3
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  118 (0x76)
  smb_vwv[ 2]=    0 (0x0)
  smb_bcc=77
[2005/12/05 17:56:11, 10] lib/util.c:(2053)
  [000] 00 57 00 69 00 6E 00 64  00 6F 00 77 00 73 00 20  .W.i.n.d .o.w.s. 
  [010] 00 4E 00 54 00 20 00 34  00 2E 00 30 00 00 00 4E  .N.T. .4 ...0...N
  [020] 00 54 00 20 00 4C 00 41  00 4E 00 20 00 4D 00 61  .T. .L.A .N. .M.a
  [030] 00 6E 00 61 00 67 00 65  00 72 00 20 00 34 00 2E  .n.a.g.e .r. .4..
  [040] 00 30 00 00 00 48 00 52  00 5A 00 00 00           .0...H.R .Z...
[2005/12/05 17:56:11, 6] libsmb/clientgen.c:(132)
  write_socket(26,80)
[2005/12/05 17:56:11, 6] libsmb/clientgen.c:(135)
  write_socket(26,80) wrote 80
[2005/12/05 17:56:11, 10] lib/util_sock.c:(615)
  got smb length of 48
[2005/12/05 17:56:11, 5] lib/util.c:(454)
[2005/12/05 17:56:11, 5] lib/util.c:(464)
  size=48
  smb_com=0x75
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=8198
  smb_pid=29633
  smb_uid=16384
  smb_mid=4
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=   48 (0x30)
  smb_vwv[ 2]=    1 (0x1)
  smb_bcc=7
[2005/12/05 17:56:11, 10] lib/util.c:(2053)
  [000] 49 50 43 00 00 00 00                              IPC.... 
[2005/12/05 17:56:11, 10] libsmb/clientgen.c:(232)
  cli_init_creds: user  domain 
[2005/12/05 17:56:11, 6] libsmb/clientgen.c:(132)
  write_socket(26,108)
[2005/12/05 17:56:11, 6] libsmb/clientgen.c:(135)
  write_socket(26,108) wrote 108
[2005/12/05 17:56:11, 10] lib/util_sock.c:(615)
  got smb length of 103
[2005/12/05 17:56:11, 5] lib/util.c:(454)
[2005/12/05 17:56:11, 5] lib/util.c:(464)
  size=103
  smb_com=0xa2
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=8198
  smb_pid=29633
  smb_uid=16384
  smb_mid=5
  smt_wct=34
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  103 (0x67)
  smb_vwv[ 2]=  256 (0x100)
  smb_vwv[ 3]=  328 (0x148)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=    0 (0x0)
  smb_vwv[11]=    0 (0x0)
  smb_vwv[12]=    0 (0x0)
  smb_vwv[13]=    0 (0x0)
  smb_vwv[14]=    0 (0x0)
  smb_vwv[15]=    0 (0x0)
  smb_vwv[16]=    0 (0x0)
  smb_vwv[17]=    0 (0x0)
  smb_vwv[18]=    0 (0x0)
  smb_vwv[19]=    0 (0x0)
  smb_vwv[20]=    0 (0x0)
  smb_vwv[21]=32768 (0x8000)
  smb_vwv[22]=    0 (0x0)
  smb_vwv[23]=    0 (0x0)
  smb_vwv[24]=   16 (0x10)
  smb_vwv[25]=    0 (0x0)
  smb_vwv[26]=    0 (0x0)
  smb_vwv[27]=    0 (0x0)
  smb_vwv[28]=    0 (0x0)
  smb_vwv[29]=    0 (0x0)
  smb_vwv[30]=    0 (0x0)
  smb_vwv[31]=  512 (0x200)
  smb_vwv[32]=65280 (0xFF00)
  smb_vwv[33]=    5 (0x5)
  smb_bcc=0
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(1343)
  Bind RPC Pipe[4801]: \PIPE\NETLOGON
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(1237)
  Bind Abstract Syntax: [000] 12 34 56 78 12 34 AB CD  EF 00 01 23 45 67 CF FB  .4Vx.4.. ...#Eg..
  [010] 00 00 00 01                                       .... 
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(1240)
  Bind Transfer Syntax: [000] 8A 88 5D 04 1C EB 11 C9  9F E8 08 00 2B 10 48 60  ..]..... ....+.H`
  [010] 00 00 00 02                                       .... 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0b
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0048
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000004
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_rb 
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0018 num_contexts: 01
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      001c context_id  : 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      001e num_transfer_syntaxes: 01
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      00001f smb_io_rpc_iface 
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000020 smb_io_uuid uuid
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0020 data   : 12345678
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              0024 data   : 1234
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              0026 data   : abcd
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
              0028 data   : ef 00 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
              002a data   : 01 23 45 67 cf fb 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          0030 version: 00000001
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      000034 smb_io_rpc_iface 
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000034 smb_io_uuid uuid
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0034 data   : 8a885d04
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              0038 data   : 1ceb
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              003a data   : 11c9
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
              003c data   : 9f e8 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
              003e data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          0044 version: 00000002
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:4801
[2005/12/05 17:56:11, 5] lib/util.c:(454)
[2005/12/05 17:56:11, 5] lib/util.c:(464)
  size=154
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=8198
  smb_pid=29633
  smb_uid=16384
  smb_mid=6
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   72 (0x48)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   72 (0x48)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=18433 (0x4801)
  smb_bcc=87
[2005/12/05 17:56:11, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 0B 03 10 00 00 00 48  00 00 00 04 00 00 00 B8  .......H ........
  [020] 10 B8 10 00 00 00 00 01  00 00 00 00 00 01 00 78  ........ .......x
  [030] 56 34 12 34 12 CD AB EF  00 01 23 45 67 CF FB 01  V4.4.... ..#Eg...
  [040] 00 00 00 04 5D 88 8A EB  1C C9 11 9F E8 08 00 2B  ....]... .......+
  [050] 10 48 60 02 00 00 00                              .H`.... 
[2005/12/05 17:56:11, 6] libsmb/clientgen.c:(132)
  write_socket(26,158)
[2005/12/05 17:56:11, 6] libsmb/clientgen.c:(135)
  write_socket(26,158) wrote 158
[2005/12/05 17:56:11, 10] lib/util_sock.c:(615)
  got smb length of 124
[2005/12/05 17:56:11, 5] lib/util.c:(454)
[2005/12/05 17:56:11, 5] lib/util.c:(464)
  size=124
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=8198
  smb_pid=29633
  smb_uid=16384
  smb_mid=6
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   68 (0x44)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=69
[2005/12/05 17:56:11, 10] lib/util.c:(2053)
  [000] 48 05 00 0C 03 10 00 00  00 44 00 00 00 04 00 00  H....... .D......
  [010] 00 B8 10 B8 10 20 97 13  00 0C 00 5C 50 49 50 45  ..... .. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 00  80 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00                                    `.... 
[2005/12/05 17:56:11, 5] lib/util.c:(454)
[2005/12/05 17:56:11, 5] lib/util.c:(464)
  size=124
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=8198
  smb_pid=29633
  smb_uid=16384
  smb_mid=6
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   68 (0x44)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=69
[2005/12/05 17:56:11, 10] lib/util.c:(2053)
  [000] 48 05 00 0C 03 10 00 00  00 44 00 00 00 04 00 00  H....... .D......
  [010] 00 B8 10 B8 10 20 97 13  00 0C 00 5C 50 49 50 45  ..... .. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 00  80 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00                                    `.... 
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 68
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0c
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0044
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000004
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 68
[2005/12/05 17:56:11, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(1419)
  rpc_pipe_bind: rpc_api_pipe returned OK.
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_ba 
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00139720
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_rpc_addr_str 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
          0018 len: 000c
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
          001a str: \PIPE\lsass.
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      000026 smb_io_rpc_results 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
          0028 num_results: 01
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
          002c result     : 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
          002e reason     : 0000
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      000030 smb_io_rpc_iface 
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000030 smb_io_uuid uuid
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0030 data   : 8a885d04
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              0034 data   : 1ceb
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              0036 data   : 11c9
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
              0038 data   : 9f e8 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
              003a data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          0040 version: 00000002
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(1293)
  bind_rpc_pipe: accepted!
[2005/12/05 17:56:11, 4] rpc_client/cli_netlogon.c:(45)
  cli_net_req_chal: LSA Request Challenge from HRZ_SMB to NTRZ13: ADF71E04BD5970FE
[2005/12/05 17:56:11, 5] rpc_parse/parse_net.c:(676)
  init_q_req_chal: 676
[2005/12/05 17:56:11, 5] rpc_parse/parse_net.c:(685)
  init_q_req_chal: 685
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000000 net_io_q_req_chal 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      0000 undoc_buffer: 00000001
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      000004 smb_io_unistr2 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          0004 uni_max_len: 00000009
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          0008 offset     : 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          000c uni_str_len: 00000009
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(843)
          0010 buffer     : \.\.N.T.R.Z.1.3...
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      000022 smb_io_unistr2 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          0024 uni_max_len: 00000008
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          0028 offset     : 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          002c uni_str_len: 00000008
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(843)
          0030 buffer     : H.R.Z._.S.M.B...
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      000040 smb_io_chal 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
          0040 data: ad f7 1e 04 bd 59 70 fe 
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0x4 data_len: 0x60
[2005/12/05 17:56:11, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 60 auth_len: 0 alloc_hint: 50
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0060
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000005
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000050
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 0004
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:4801
[2005/12/05 17:56:11, 5] lib/util.c:(454)
[2005/12/05 17:56:11, 5] lib/util.c:(464)
  size=178
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=8198
  smb_pid=29633
  smb_uid=16384
  smb_mid=7
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   96 (0x60)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   96 (0x60)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=18433 (0x4801)
  smb_bcc=111
[2005/12/05 17:56:11, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 60  00 00 00 05 00 00 00 50  .......` .......P
  [020] 00 00 00 00 00 04 00 01  00 00 00 09 00 00 00 00  ........ ........
  [030] 00 00 00 09 00 00 00 5C  00 5C 00 4E 00 54 00 52  .......\ .\.N.T.R
  [040] 00 5A 00 31 00 33 00 00  00 00 00 08 00 00 00 00  .Z.1.3.. ........
  [050] 00 00 00 08 00 00 00 48  00 52 00 5A 00 5F 00 53  .......H .R.Z._.S
  [060] 00 4D 00 42 00 00 00 AD  F7 1E 04 BD 59 70 FE     .M.B.... ....Yp.
[2005/12/05 17:56:11, 6] libsmb/clientgen.c:(132)
  write_socket(26,182)
[2005/12/05 17:56:11, 6] libsmb/clientgen.c:(135)
  write_socket(26,182) wrote 182
[2005/12/05 17:56:11, 10] lib/util_sock.c:(615)
  got smb length of 92
[2005/12/05 17:56:11, 5] lib/util.c:(454)
[2005/12/05 17:56:11, 5] lib/util.c:(464)
  size=92
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=8198
  smb_pid=29633
  smb_uid=16384
  smb_mid=7
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   36 (0x24)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   36 (0x24)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=37
[2005/12/05 17:56:11, 10] lib/util.c:(2053)
  [000] 60 05 00 02 03 10 00 00  00 24 00 00 00 05 00 00  `....... .$......
  [010] 00 0C 00 00 00 00 00 00  00 F0 75 88 4B 28 00 00  ........ ..u.K(..
  [020] 00 00 00 00 00                                    ..... 
[2005/12/05 17:56:11, 5] lib/util.c:(454)
[2005/12/05 17:56:11, 5] lib/util.c:(464)
  size=92
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=8198
  smb_pid=29633
  smb_uid=16384
  smb_mid=7
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   36 (0x24)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   36 (0x24)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=37
[2005/12/05 17:56:11, 10] lib/util.c:(2053)
  [000] 60 05 00 02 03 10 00 00  00 24 00 00 00 05 00 00  `....... .$......
  [010] 00 0C 00 00 00 00 00 00  00 F0 75 88 4B 28 00 00  ........ ..u.K(..
  [020] 00 00 00 00 00                                    ..... 
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 36
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0024
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000005
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 0000000c
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 36
[2005/12/05 17:56:11, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000018 net_io_r_req_chal 
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_chal 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
          0018 data: f0 75 88 4b 28 00 00 00 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(701)
      0020 status: NT_STATUS_OK
[2005/12/05 17:56:11, 4] libsmb/credentials.c:(59)
  cred_session_key
[2005/12/05 17:56:11, 5] libsmb/credentials.c:(61)
  	clnt_chal: ADF71E04BD5970FE
[2005/12/05 17:56:11, 5] libsmb/credentials.c:(62)
  	srv_chal : F075884B28000000
[2005/12/05 17:56:11, 5] libsmb/credentials.c:(63)
  	clnt+srv : 9D6DA74FE55970FE
[2005/12/05 17:56:11, 5] libsmb/credentials.c:(64)
  	sess_key : CAA190998DE64407
[2005/12/05 17:56:11, 4] libsmb/credentials.c:(90)
  cred_create
[2005/12/05 17:56:11, 5] libsmb/credentials.c:(92)
  	sess_key : CAA190998DE64407
[2005/12/05 17:56:11, 5] libsmb/credentials.c:(93)
  	stor_cred: ADF71E04BD5970FE
[2005/12/05 17:56:11, 5] libsmb/credentials.c:(94)
  	timestamp: 0
[2005/12/05 17:56:11, 5] libsmb/credentials.c:(95)
  	timecred : ADF71E04BD5970FE
[2005/12/05 17:56:11, 5] libsmb/credentials.c:(96)
  	calc_cred: 068527365DDA038B
[2005/12/05 17:56:11, 4] rpc_client/cli_netlogon.c:(157)
  cli_net_auth2: srv:\\NTRZ13 acct:HRZ_SMB$ sc:2 mc: HRZ_SMB chal 068527365DDA038B neg: 400701ff
[2005/12/05 17:56:11, 5] rpc_parse/parse_net.c:(797)
  init_q_auth_2: 797
[2005/12/05 17:56:11, 5] rpc_parse/parse_misc.c:(1407)
  make_log_info 1407
[2005/12/05 17:56:11, 5] rpc_parse/parse_net.c:(803)
  init_q_auth_2: 803
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000000 net_io_q_auth_2 
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      000000 smb_io_log_info 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          0000 undoc_buffer: 00000001
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000004 smb_io_unistr2 unistr2
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0004 uni_max_len: 00000009
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0008 offset     : 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              000c uni_str_len: 00000009
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(843)
              0010 buffer     : \.\.N.T.R.Z.1.3...
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000022 smb_io_unistr2 unistr2
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0024 uni_max_len: 00000009
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0028 offset     : 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              002c uni_str_len: 00000009
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(843)
              0030 buffer     : H.R.Z._.S.M.B.$...
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
          0042 sec_chan: 0002
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000044 smb_io_unistr2 unistr2
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0044 uni_max_len: 00000008
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0048 offset     : 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              004c uni_str_len: 00000008
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(843)
              0050 buffer     : H.R.Z._.S.M.B...
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      000060 smb_io_chal 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
          0060 data: 06 85 27 36 5d da 03 8b 
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      000068 net_io_neg_flags 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          0068 neg_flags: 400701ff
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0xf data_len: 0x84
[2005/12/05 17:56:11, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 84 auth_len: 0 alloc_hint: 74
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0084
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000006
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000074
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 000f
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:4801
[2005/12/05 17:56:11, 5] lib/util.c:(454)
[2005/12/05 17:56:11, 5] lib/util.c:(464)
  size=214
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=8198
  smb_pid=29633
  smb_uid=16384
  smb_mid=8
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  132 (0x84)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=  132 (0x84)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=18433 (0x4801)
  smb_bcc=147
[2005/12/05 17:56:11, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 84  00 00 00 06 00 00 00 74  ........ .......t
  [020] 00 00 00 00 00 0F 00 01  00 00 00 09 00 00 00 00  ........ ........
  [030] 00 00 00 09 00 00 00 5C  00 5C 00 4E 00 54 00 52  .......\ .\.N.T.R
  [040] 00 5A 00 31 00 33 00 00  00 00 00 09 00 00 00 00  .Z.1.3.. ........
  [050] 00 00 00 09 00 00 00 48  00 52 00 5A 00 5F 00 53  .......H .R.Z._.S
  [060] 00 4D 00 42 00 24 00 00  00 02 00 08 00 00 00 00  .M.B.$.. ........
  [070] 00 00 00 08 00 00 00 48  00 52 00 5A 00 5F 00 53  .......H .R.Z._.S
  [080] 00 4D 00 42 00 00 00 06  85 27 36 5D DA 03 8B FF  .M.B.... .'6]....
  [090] 01 07 40                                          ..@ 
[2005/12/05 17:56:11, 6] libsmb/clientgen.c:(132)
  write_socket(26,218)
[2005/12/05 17:56:11, 6] libsmb/clientgen.c:(135)
  write_socket(26,218) wrote 218
[2005/12/05 17:56:11, 10] lib/util_sock.c:(615)
  got smb length of 96
[2005/12/05 17:56:11, 5] lib/util.c:(454)
[2005/12/05 17:56:11, 5] lib/util.c:(464)
  size=96
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=8198
  smb_pid=29633
  smb_uid=16384
  smb_mid=8
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   40 (0x28)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   40 (0x28)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=41
[2005/12/05 17:56:11, 10] lib/util.c:(2053)
  [000] 84 05 00 02 03 10 00 00  00 28 00 00 00 06 00 00  ........ .(......
  [010] 00 10 00 00 00 00 00 00  00 E8 0D CB 4C 9C 15 8A  ........ ....L...
  [020] 23 FF 01 00 40 00 00 00  00                       #...@... .
[2005/12/05 17:56:11, 5] lib/util.c:(454)
[2005/12/05 17:56:11, 5] lib/util.c:(464)
  size=96
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=8198
  smb_pid=29633
  smb_uid=16384
  smb_mid=8
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   40 (0x28)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   40 (0x28)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=41
[2005/12/05 17:56:11, 10] lib/util.c:(2053)
  [000] 84 05 00 02 03 10 00 00  00 28 00 00 00 06 00 00  ........ .(......
  [010] 00 10 00 00 00 00 00 00  00 E8 0D CB 4C 9C 15 8A  ........ ....L...
  [020] 23 FF 01 00 40 00 00 00  00                       #...@... .
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 40
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0028
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000006
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000010
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 40
[2005/12/05 17:56:11, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000018 net_io_r_auth_2 
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_chal 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
          0018 data: e8 0d cb 4c 9c 15 8a 23 
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      000020 net_io_neg_flags 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          0020 neg_flags: 400001ff
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(701)
      0024 status: NT_STATUS_OK
[2005/12/05 17:56:11, 4] libsmb/credentials.c:(90)
  cred_create
[2005/12/05 17:56:11, 5] libsmb/credentials.c:(92)
  	sess_key : CAA190998DE64407
[2005/12/05 17:56:11, 5] libsmb/credentials.c:(93)
  	stor_cred: F075884B28000000
[2005/12/05 17:56:11, 5] libsmb/credentials.c:(94)
  	timestamp: 0
[2005/12/05 17:56:11, 5] libsmb/credentials.c:(95)
  	timecred : F075884B28000000
[2005/12/05 17:56:11, 5] libsmb/credentials.c:(96)
  	calc_cred: E80DCB4C9C158A23
[2005/12/05 17:56:11, 4] libsmb/credentials.c:(121)
  cred_assert
[2005/12/05 17:56:11, 5] libsmb/credentials.c:(123)
  	challenge : E80DCB4C9C158A23
[2005/12/05 17:56:11, 5] libsmb/credentials.c:(124)
  	calculated: E80DCB4C9C158A23
[2005/12/05 17:56:11, 5] libsmb/credentials.c:(128)
  credentials check ok
[2005/12/05 17:56:11, 6] libsmb/clientgen.c:(132)
  write_socket(26,108)
[2005/12/05 17:56:11, 6] libsmb/clientgen.c:(135)
  write_socket(26,108) wrote 108
[2005/12/05 17:56:11, 10] lib/util_sock.c:(615)
  got smb length of 103
[2005/12/05 17:56:11, 5] lib/util.c:(454)
[2005/12/05 17:56:11, 5] lib/util.c:(464)
  size=103
  smb_com=0xa2
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=8198
  smb_pid=29633
  smb_uid=16384
  smb_mid=9
  smt_wct=34
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  103 (0x67)
  smb_vwv[ 2]=  512 (0x200)
  smb_vwv[ 3]=  328 (0x148)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=    0 (0x0)
  smb_vwv[11]=    0 (0x0)
  smb_vwv[12]=    0 (0x0)
  smb_vwv[13]=    0 (0x0)
  smb_vwv[14]=    0 (0x0)
  smb_vwv[15]=    0 (0x0)
  smb_vwv[16]=    0 (0x0)
  smb_vwv[17]=    0 (0x0)
  smb_vwv[18]=    0 (0x0)
  smb_vwv[19]=    0 (0x0)
  smb_vwv[20]=    0 (0x0)
  smb_vwv[21]=32768 (0x8000)
  smb_vwv[22]=    0 (0x0)
  smb_vwv[23]=    0 (0x0)
  smb_vwv[24]=   16 (0x10)
  smb_vwv[25]=    0 (0x0)
  smb_vwv[26]=    0 (0x0)
  smb_vwv[27]=    0 (0x0)
  smb_vwv[28]=    0 (0x0)
  smb_vwv[29]=    0 (0x0)
  smb_vwv[30]=    0 (0x0)
  smb_vwv[31]=  512 (0x200)
  smb_vwv[32]=65280 (0xFF00)
  smb_vwv[33]=    5 (0x5)
  smb_bcc=0
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(1343)
  Bind RPC Pipe[4802]: \PIPE\NETLOGON
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(1237)
  Bind Abstract Syntax: [000] 12 34 56 78 12 34 AB CD  EF 00 01 23 45 67 CF FB  .4Vx.4.. ...#Eg..
  [010] 00 00 00 01                                       .... 
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(1240)
  Bind Transfer Syntax: [000] 8A 88 5D 04 1C EB 11 C9  9F E8 08 00 2B 10 48 60  ..]..... ....+.H`
  [010] 00 00 00 02                                       .... 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr_auth hdr_auth
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0000 auth_type    : 44
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0001 auth_level   : 06
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0002 auth_pad_len : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0003 auth_reserved: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      0004 auth_context_id: 00000001
[2005/12/05 17:56:11, 10] rpc_client/cli_pipe.c:(724)
  create_rpc_bind_req: no domain; assuming my own
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000008 smb_io_rpc_auth_netsec_neg netsec_neg
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      0008 type1: 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      000c type2: 00000003
[2005/12/05 17:56:11, 6] lib/util.c:(2053)
  [000] 48 52 5A                                          HRZ 
[2005/12/05 17:56:11, 6] lib/util.c:(2053)
  [000] 48 52 5A 5F 53 4D 42                              HRZ_SMB 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0b
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0064
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0014
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000007
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_rb 
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0018 num_contexts: 01
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      001c context_id  : 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      001e num_transfer_syntaxes: 01
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      00001f smb_io_rpc_iface 
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000020 smb_io_uuid uuid
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0020 data   : 12345678
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              0024 data   : 1234
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              0026 data   : abcd
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
              0028 data   : ef 00 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
              002a data   : 01 23 45 67 cf fb 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          0030 version: 00000001
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      000034 smb_io_rpc_iface 
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000034 smb_io_uuid uuid
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0034 data   : 8a885d04
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              0038 data   : 1ceb
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              003a data   : 11c9
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
              003c data   : 9f e8 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
              003e data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          0044 version: 00000002
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:4802
[2005/12/05 17:56:11, 5] lib/util.c:(454)
[2005/12/05 17:56:11, 5] lib/util.c:(464)
  size=182
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=8198
  smb_pid=29633
  smb_uid=16384
  smb_mid=10
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  100 (0x64)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=  100 (0x64)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=18434 (0x4802)
  smb_bcc=115
[2005/12/05 17:56:11, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 0B 03 10 00 00 00 64  00 14 00 07 00 00 00 B8  .......d ........
  [020] 10 B8 10 00 00 00 00 01  00 00 00 00 00 01 00 78  ........ .......x
  [030] 56 34 12 34 12 CD AB EF  00 01 23 45 67 CF FB 01  V4.4.... ..#Eg...
  [040] 00 00 00 04 5D 88 8A EB  1C C9 11 9F E8 08 00 2B  ....]... .......+
  [050] 10 48 60 02 00 00 00 44  06 00 00 01 00 00 00 00  .H`....D ........
  [060] 00 00 00 03 00 00 00 48  52 5A 00 48 52 5A 5F 53  .......H RZ.HRZ_S
  [070] 4D 42 00                                          MB. 
[2005/12/05 17:56:11, 6] libsmb/clientgen.c:(132)
  write_socket(26,186)
[2005/12/05 17:56:11, 6] libsmb/clientgen.c:(135)
  write_socket(26,186) wrote 186
[2005/12/05 17:56:11, 10] lib/util_sock.c:(615)
  got smb length of 144
[2005/12/05 17:56:11, 5] lib/util.c:(454)
[2005/12/05 17:56:11, 5] lib/util.c:(464)
  size=144
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=8198
  smb_pid=29633
  smb_uid=16384
  smb_mid=10
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   88 (0x58)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   88 (0x58)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=89
[2005/12/05 17:56:11, 10] lib/util.c:(2053)
  [000] 64 05 00 0C 03 10 00 00  00 58 00 0C 00 07 00 00  d....... .X......
  [010] 00 B8 10 B8 10 21 97 13  00 0C 00 5C 50 49 50 45  .....!.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 F8  45 01 00 00 00 00 00 00  \lsass.. E.......
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00 44 06 00  00 01 00 00 00 01 00 00  `....D.. ........
  [050] 00 00 00 00 00 00 3D 37  A2                       ......=7 .
[2005/12/05 17:56:11, 5] lib/util.c:(454)
[2005/12/05 17:56:11, 5] lib/util.c:(464)
  size=144
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=8198
  smb_pid=29633
  smb_uid=16384
  smb_mid=10
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   88 (0x58)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   88 (0x58)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=89
[2005/12/05 17:56:11, 10] lib/util.c:(2053)
  [000] 64 05 00 0C 03 10 00 00  00 58 00 0C 00 07 00 00  d....... .X......
  [010] 00 B8 10 B8 10 21 97 13  00 0C 00 5C 50 49 50 45  .....!.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 F8  45 01 00 00 00 00 00 00  \lsass.. E.......
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00 44 06 00  00 01 00 00 00 01 00 00  `....D.. ........
  [050] 00 00 00 00 00 00 3D 37  A2                       ......=7 .
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 88
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0c
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0058
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 000c
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000007
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 88
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(214)
  rpc_auth_pipe: pkt_type: 12 len: 88 auth_len: 12 NTLMSSP No schannel Yes sign Yes seal Yes 
[2005/12/05 17:56:11, 10] rpc_client/cli_pipe.c:(221)
  rpc_auth_pipe: packet:
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr_auth auth_hdr
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0000 auth_type    : 44
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0001 auth_level   : 06
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0002 auth_pad_len : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0003 auth_reserved: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      0004 auth_context_id: 00000001
[2005/12/05 17:56:11, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(1419)
  rpc_pipe_bind: rpc_api_pipe returned OK.
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_ba 
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00139721
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_rpc_addr_str 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
          0018 len: 000c
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
          001a str: \PIPE\lsass.
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      000026 smb_io_rpc_results 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
          0028 num_results: 01
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
          002c result     : 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
          002e reason     : 0000
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      000030 smb_io_rpc_iface 
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000030 smb_io_uuid uuid
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0030 data   : 8a885d04
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              0034 data   : 1ceb
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              0036 data   : 11c9
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
              0038 data   : 9f e8 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
              003a data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          0040 version: 00000002
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(1293)
  bind_rpc_pipe: accepted!
[2005/12/05 17:56:11, 4] libsmb/credentials.c:(90)
  cred_create
[2005/12/05 17:56:11, 5] libsmb/credentials.c:(92)
  	sess_key : CAA190998DE64407
[2005/12/05 17:56:11, 5] libsmb/credentials.c:(93)
  	stor_cred: 068527365DDA038B
[2005/12/05 17:56:11, 5] libsmb/credentials.c:(94)
  	timestamp: 4394712b
[2005/12/05 17:56:11, 5] libsmb/credentials.c:(95)
  	timecred : 31F6BB795DDA038B
[2005/12/05 17:56:11, 5] libsmb/credentials.c:(96)
  	calc_cred: 15202233515392ED
[2005/12/05 17:56:11, 5] rpc_parse/parse_net.c:(1178)
  init_id_info2: 1178
[2005/12/05 17:56:11, 5] rpc_parse/parse_misc.c:(1586)
  make_logon_id: 1586
[2005/12/05 17:56:11, 5] rpc_parse/parse_net.c:(1272)
  init_sam_info: 1272
[2005/12/05 17:56:11, 5] rpc_parse/parse_misc.c:(1501)
  make_clnt_info: 1501
[2005/12/05 17:56:11, 5] rpc_parse/parse_misc.c:(1346)
  init_clnt_srv: 1346
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000000 net_io_q_sam_logon 
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      000000 smb_io_sam_info 
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000000 smb_io_clnt_info2 
[2005/12/05 17:56:11, 8] rpc_parse/parse_prs.c:(82)
              000000 smb_io_clnt_srv 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                  0000 undoc_buffer : 00000001
[2005/12/05 17:56:11, 9] rpc_parse/parse_prs.c:(82)
                  000004 smb_io_unistr2 unistr2
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      0004 uni_max_len: 00000009
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      0008 offset     : 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      000c uni_str_len: 00000009
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(843)
                      0010 buffer     : \.\.N.T.R.Z.1.3...
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                  0024 undoc_buffer2: 00000001
[2005/12/05 17:56:11, 9] rpc_parse/parse_prs.c:(82)
                  000028 smb_io_unistr2 unistr2
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      0028 uni_max_len: 00000008
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      002c offset     : 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      0030 uni_str_len: 00000008
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(843)
                      0034 buffer     : H.R.Z._.S.M.B...
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0044 ptr_cred: 00000001
[2005/12/05 17:56:11, 8] rpc_parse/parse_prs.c:(82)
              000048 smb_io_cred 
[2005/12/05 17:56:11, 9] rpc_parse/parse_prs.c:(82)
                  000048 smb_io_chal 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
                      0048 data: 15 20 22 33 51 53 92 ed 
[2005/12/05 17:56:11, 9] rpc_parse/parse_prs.c:(82)
                  000050 smb_io_utime 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      0050 time: 4394712b
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          0054 ptr_rtn_cred : 00000001
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000058 smb_io_cred 
[2005/12/05 17:56:11, 8] rpc_parse/parse_prs.c:(82)
              000058 smb_io_chal 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
                  0058 data: 00 00 00 00 00 00 00 00 
[2005/12/05 17:56:11, 8] rpc_parse/parse_prs.c:(82)
              000060 smb_io_utime 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                  0060 time: 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
          0064 logon_level  : 0002
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000066 smb_io_sam_info logon_info
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              0066 switch_value : 0002
[2005/12/05 17:56:11, 8] rpc_parse/parse_prs.c:(82)
              000068 net_io_id_info2 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                  0068 ptr_id_info2: 00000001
[2005/12/05 17:56:11, 9] rpc_parse/parse_prs.c:(82)
                  00006c smb_io_unihdr unihdr
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
                      006c uni_str_len: 0006
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
                      006e uni_max_len: 0006
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      0070 buffer     : 00000001
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                  0074 param_ctrl: 00000000
[2005/12/05 17:56:11, 9] rpc_parse/parse_prs.c:(82)
                  000078 smb_io_logon_id 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      0078 low : 0000dead
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      007c high: 0000beef
[2005/12/05 17:56:11, 9] rpc_parse/parse_prs.c:(82)
                  000080 smb_io_unihdr unihdr
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
                      0080 uni_str_len: 000c
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
                      0082 uni_max_len: 000c
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      0084 buffer     : 00000001
[2005/12/05 17:56:11, 9] rpc_parse/parse_prs.c:(82)
                  000088 smb_io_unihdr unihdr
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
                      0088 uni_str_len: 001a
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
                      008a uni_max_len: 001a
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      008c buffer     : 00000001
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
                  0090 lm_chal: 54 79 bd f1 23 4f 90 36 
[2005/12/05 17:56:11, 9] rpc_parse/parse_prs.c:(82)
                  000098 smb_io_strhdr hdr_nt_chal_resp
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
                      0098 str_str_len: 0018
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
                      009a str_max_len: 0018
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      009c buffer     : 00000001
[2005/12/05 17:56:11, 9] rpc_parse/parse_prs.c:(82)
                  0000a0 smb_io_strhdr hdr_lm_chal_resp
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
                      00a0 str_str_len: 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
                      00a2 str_max_len: 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      00a4 buffer     : 00000000
[2005/12/05 17:56:11, 9] rpc_parse/parse_prs.c:(82)
                  0000a8 smb_io_unistr2 uni_domain_name
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      00a8 uni_max_len: 00000003
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      00ac offset     : 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      00b0 uni_str_len: 00000003
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(843)
                      00b4 buffer     : H.R.Z.
[2005/12/05 17:56:11, 9] rpc_parse/parse_prs.c:(82)
                  0000ba smb_io_unistr2 uni_user_name  
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      00bc uni_max_len: 00000006
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      00c0 offset     : 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      00c4 uni_str_len: 00000006
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(843)
                      00c8 buffer     : r.a.t.z.k.a.
[2005/12/05 17:56:11, 9] rpc_parse/parse_prs.c:(82)
                  0000d4 smb_io_unistr2 uni_wksta_name 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      00d4 uni_max_len: 0000000d
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      00d8 offset     : 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      00dc uni_str_len: 0000000d
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(843)
                      00e0 buffer     : \.\.P.C.R.Z.4.7.8.-.W.X.P.
[2005/12/05 17:56:11, 9] rpc_parse/parse_prs.c:(82)
                  0000fa smb_io_string2 nt_chal_resp
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      00fc str_max_len: 00000018
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      0100 offset     : 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
                      0104 str_str_len: 00000018
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(1003)
                      0108 buffer     : ......7/.6@[...#.n.. a..
[2005/12/05 17:56:11, 9] rpc_parse/parse_prs.c:(82)
                  000120 smb_io_string2 - NULL lm_chal_resp
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      0120 validation_level: 0003
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000128 smb_io_rpc_hdr_auth hdr_auth
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0128 auth_type    : 44
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0129 auth_level   : 06
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      012a auth_pad_len : 06
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      012b auth_reserved: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      012c auth_context_id: 00000001
[2005/12/05 17:56:11, 10] rpc_client/cli_pipe.c:(1047)
  SCHANNEL seq_num=0
[2005/12/05 17:56:11, 10] rpc_parse/parse_prs.c:(1536)
  SCHANNEL: netsec_encode seq_num=0 data_len=296
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000130 smb_io_rpc_auth_netsec_chk 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
      0130 sig  : 77 00 7a 00 ff ff 00 00 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
      0138 seq_num: 14 bf cc e8 43 65 5f cc 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
      0140 packet_digest: b4 3d 05 47 8f 38 02 bf 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
      0148 confounder: aa 90 a7 6d 0e bc e2 1f 
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0x2 data_len: 0x168
[2005/12/05 17:56:11, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 168 auth_len: 20 alloc_hint: 130
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0168
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0020
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000008
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000130
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 0002
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:4802
[2005/12/05 17:56:11, 5] lib/util.c:(454)
[2005/12/05 17:56:11, 5] lib/util.c:(464)
  size=442
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=8198
  smb_pid=29633
  smb_uid=16384
  smb_mid=11
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  360 (0x168)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=  360 (0x168)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=18434 (0x4802)
  smb_bcc=375
[2005/12/05 17:56:11, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 68  01 20 00 08 00 00 00 30  .......h . .....0
  [020] 01 00 00 00 00 02 00 D8  A7 28 7E E6 F8 C3 9A EA  ........ .(~.....
  [030] CB D9 63 FE 23 73 03 96  9E 7E AC 40 74 E9 81 FC  ..c.#s.. .~.@t...
  [040] 5A DC 35 12 1C CE 96 6E  F5 68 4C BB 30 37 58 07  Z.5....n .hL.07X.
  [050] 7F B1 21 8D B5 14 8E BC  80 D4 D2 75 32 6E AE E9  ..!..... ...u2n..
  [060] 25 AF 9A A7 29 A2 D7 78  F8 59 E1 88 3D 3C CE 89  %...)..x .Y..=<..
  [070] 39 B7 F8 24 44 DD A2 74  43 7A C7 5B CF 36 4A 2E  9..$D..t Cz.[.6J.
  [080] 63 3F DF 0F 7B D1 A2 22  3F 86 7D 88 DB 25 D8 12  c?..{.." ?.}..%..
  [090] 7F 1D C7 7E 51 56 28 98  DA 9A EC 3C 5B A5 0A 08  ...~QV(. ...<[...
  [0A0] 32 01 6E 65 8A 9F C3 85  C6 07 65 06 65 84 83 36  2.ne.... ..e.e..6
  [0B0] 70 D7 B5 EE 22 54 7F 42  26 5C AE 6D 8C 38 63 74  p..."T.B &\.m.8ct
  [0C0] 84 6F 51 E3 EC 05 3D CD  88 A3 63 F0 78 01 DC 89  .oQ...=. ..c.x...
  [0D0] 2C 8A F0 4D 42 E1 9A 91  10 65 39 BF 08 CD 1D 82  ,..MB... .e9.....
  [0E0] B7 83 42 15 F8 A5 22 91  BA 5E DA F1 00 46 42 F8  ..B...". .^...FB.
  [0F0] 6B 66 7F B0 1A 60 E3 05  32 26 32 34 4F AA A2 2B  kf...`.. 2&24O..+
  [100] 02 8D AB 9D 2D 38 54 C3  0D 6F 0C 74 B3 A6 A3 0F  ....-8T. .o.t....
  [110] 09 5A 5E DC DB BF B8 40  0A 60 F4 3C 51 DB 2F EE  .Z^....@ .`.<Q./.
  [120] 61 12 41 06 41 C8 92 37  5F 97 C1 7C AD 94 C1 A2  a.A.A..7 _..|....
  [130] B7 89 CF 8D 9D 8F 47 1D  D1 CA 5D A5 BA F6 C4 0B  ......G. ..].....
  [140] 7A 63 8B 74 F1 E3 C1 89  16 4F 83 94 23 20 8C 44  zc.t.... .O..# .D
  [150] 06 06 00 01 00 00 00 77  00 7A 00 FF FF 00 00 14  .......w .z......
  [160] BF CC E8 43 65 5F CC B4  3D 05 47 8F 38 02 BF AA  ...Ce_.. =.G.8...
  [170] 90 A7 6D 0E BC E2 1F                              ..m.... 
[2005/12/05 17:56:11, 6] libsmb/clientgen.c:(132)
  write_socket(26,446)
[2005/12/05 17:56:11, 6] libsmb/clientgen.c:(135)
  write_socket(26,446) wrote 446
[2005/12/05 17:56:11, 10] lib/util_sock.c:(615)
  got smb length of 488
[2005/12/05 17:56:11, 5] lib/util.c:(454)
[2005/12/05 17:56:11, 5] lib/util.c:(464)
  size=488
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=8198
  smb_pid=29633
  smb_uid=16384
  smb_mid=11
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  432 (0x1B0)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  432 (0x1B0)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=433
[2005/12/05 17:56:11, 10] lib/util.c:(2053)
  [000] 68 05 00 02 03 10 00 00  00 B0 01 20 00 08 00 00  h....... ... ....
  [010] 00 70 01 00 00 00 00 00  00 F0 DF 08 98 D9 F0 66  .p...... .......f
  [020] 1D FE 84 E4 FF 91 FC C1  B9 EF D3 5A E8 90 80 82  ........ ...Z....
  [030] 8E FF 20 7E 8A EA 91 78  B9 01 60 CA AD 8C 5D 1D  .. ~...x ..`...].
  [040] F1 E0 49 01 24 44 9C 8F  E7 03 7A EA 53 C9 E4 54  ..I.$D.. ..z.S..T
  [050] D8 46 F4 68 76 10 28 D8  03 08 93 A5 11 CB A9 51  .F.hv.(. .......Q
  [060] 20 B7 25 99 9B 47 B1 4F  7F 0B 0E 4E 65 FE 94 64   .%..G.O ...Ne..d
  [070] 3C 14 20 65 35 CA 50 37  4D 5B EB F8 83 FA D2 6D  <. e5.P7 M[.....m
  [080] 12 96 C9 54 E5 09 1D 8F  A7 DB DA 27 A0 1A F9 97  ...T.... ...'....
  [090] 4F 1F FC BF CF 5D E3 A7  09 F3 E3 04 B0 67 DE FE  O....].. .....g..
  [0A0] 86 0D 4C 56 7F 43 85 62  14 92 2E DE F8 E0 84 BE  ..LV.C.b ........
  [0B0] B2 E9 44 01 84 48 D3 23  5A 1C 45 24 93 9E A0 72  ..D..H.# Z.E$...r
  [0C0] D6 CB 60 43 61 ED 3B 50  19 DB 16 23 D1 EC 45 9D  ..`Ca.;P ...#..E.
  [0D0] 33 33 6D D0 7E C3 F8 07  9D AB 21 6A 34 D2 E8 91  33m.~... ..!j4...
  [0E0] 63 04 F3 A7 D9 2D 65 C7  0E 65 49 2E 1D 6D 8F 3F  c....-e. .eI..m.?
  [0F0] A8 0B 27 08 57 D4 0A AE  4A 2E 29 07 C9 59 C8 0A  ..'.W... J.)..Y..
  [100] 7C B0 DF 90 3B 25 2E 19  76 64 9A 74 2D 98 F1 2A  |...;%.. vd.t-..*
  [110] 6B 43 0B 41 CC 82 4D E8  5E 61 92 E0 A8 A5 85 63  kC.A..M. ^a.....c
  [120] 6E B2 65 87 7D 91 19 43  82 19 D5 38 51 0D A1 DD  n.e.}..C ...8Q...
  [130] 65 B4 81 E7 D6 91 41 75  F7 A7 46 A4 ED 44 42 81  e.....Au ..F..DB.
  [140] 3C EA 73 DA CA 2A A8 3B  F9 45 E8 8A F0 38 B5 DF  <.s..*.; .E...8..
  [150] 16 4A 66 47 6B 82 49 F7  E4 B5 E8 C8 2E 57 C6 CB  .JfGk.I. .....W..
  [160] C7 83 AC 13 FB CF 32 BB  15 21 98 2B 42 BB 5D 69  ......2. .!.+B.]i
  [170] 67 98 21 36 16 46 C7 A0  C0 45 56 B6 EA 4D 03 4A  g.!6.F.. .EV..M.J
  [180] 46 A8 EC 56 15 C5 EA AD  80 44 06 00 00 01 00 00  F..V.... .D......
  [190] 00 77 00 7A 00 FF FF 00  00 15 A5 D0 C8 EC 5A C0  .w.z.... ......Z.
  [1A0] B4 10 29 6D 4F 8F 79 CC  52 B0 15 64 61 F5 23 E5  ..)mO.y. R..da.#.
  [1B0] 2E                                                . 
[2005/12/05 17:56:11, 5] lib/util.c:(454)
[2005/12/05 17:56:11, 5] lib/util.c:(464)
  size=488
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=8198
  smb_pid=29633
  smb_uid=16384
  smb_mid=11
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  432 (0x1B0)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  432 (0x1B0)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=433
[2005/12/05 17:56:11, 10] lib/util.c:(2053)
  [000] 68 05 00 02 03 10 00 00  00 B0 01 20 00 08 00 00  h....... ... ....
  [010] 00 70 01 00 00 00 00 00  00 F0 DF 08 98 D9 F0 66  .p...... .......f
  [020] 1D FE 84 E4 FF 91 FC C1  B9 EF D3 5A E8 90 80 82  ........ ...Z....
  [030] 8E FF 20 7E 8A EA 91 78  B9 01 60 CA AD 8C 5D 1D  .. ~...x ..`...].
  [040] F1 E0 49 01 24 44 9C 8F  E7 03 7A EA 53 C9 E4 54  ..I.$D.. ..z.S..T
  [050] D8 46 F4 68 76 10 28 D8  03 08 93 A5 11 CB A9 51  .F.hv.(. .......Q
  [060] 20 B7 25 99 9B 47 B1 4F  7F 0B 0E 4E 65 FE 94 64   .%..G.O ...Ne..d
  [070] 3C 14 20 65 35 CA 50 37  4D 5B EB F8 83 FA D2 6D  <. e5.P7 M[.....m
  [080] 12 96 C9 54 E5 09 1D 8F  A7 DB DA 27 A0 1A F9 97  ...T.... ...'....
  [090] 4F 1F FC BF CF 5D E3 A7  09 F3 E3 04 B0 67 DE FE  O....].. .....g..
  [0A0] 86 0D 4C 56 7F 43 85 62  14 92 2E DE F8 E0 84 BE  ..LV.C.b ........
  [0B0] B2 E9 44 01 84 48 D3 23  5A 1C 45 24 93 9E A0 72  ..D..H.# Z.E$...r
  [0C0] D6 CB 60 43 61 ED 3B 50  19 DB 16 23 D1 EC 45 9D  ..`Ca.;P ...#..E.
  [0D0] 33 33 6D D0 7E C3 F8 07  9D AB 21 6A 34 D2 E8 91  33m.~... ..!j4...
  [0E0] 63 04 F3 A7 D9 2D 65 C7  0E 65 49 2E 1D 6D 8F 3F  c....-e. .eI..m.?
  [0F0] A8 0B 27 08 57 D4 0A AE  4A 2E 29 07 C9 59 C8 0A  ..'.W... J.)..Y..
  [100] 7C B0 DF 90 3B 25 2E 19  76 64 9A 74 2D 98 F1 2A  |...;%.. vd.t-..*
  [110] 6B 43 0B 41 CC 82 4D E8  5E 61 92 E0 A8 A5 85 63  kC.A..M. ^a.....c
  [120] 6E B2 65 87 7D 91 19 43  82 19 D5 38 51 0D A1 DD  n.e.}..C ...8Q...
  [130] 65 B4 81 E7 D6 91 41 75  F7 A7 46 A4 ED 44 42 81  e.....Au ..F..DB.
  [140] 3C EA 73 DA CA 2A A8 3B  F9 45 E8 8A F0 38 B5 DF  <.s..*.; .E...8..
  [150] 16 4A 66 47 6B 82 49 F7  E4 B5 E8 C8 2E 57 C6 CB  .JfGk.I. .....W..
  [160] C7 83 AC 13 FB CF 32 BB  15 21 98 2B 42 BB 5D 69  ......2. .!.+B.]i
  [170] 67 98 21 36 16 46 C7 A0  C0 45 56 B6 EA 4D 03 4A  g.!6.F.. .EV..M.J
  [180] 46 A8 EC 56 15 C5 EA AD  80 44 06 00 00 01 00 00  F..V.... .D......
  [190] 00 77 00 7A 00 FF FF 00  00 15 A5 D0 C8 EC 5A C0  .w.z.... ......Z.
  [1A0] B4 10 29 6D 4F 8F 79 CC  52 B0 15 64 61 F5 23 E5  ..)mO.y. R..da.#.
  [1B0] 2E                                                . 
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 432
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 01b0
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0020
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000008
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000170
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 432
[2005/12/05 17:56:11, 5] rpc_client/cli_pipe.c:(214)
  rpc_auth_pipe: pkt_type: 2 len: 432 auth_len: 32 NTLMSSP No schannel Yes sign Yes seal Yes 
[2005/12/05 17:56:11, 10] rpc_client/cli_pipe.c:(221)
  rpc_auth_pipe: packet:
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr_auth auth_hdr
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0000 auth_type    : 44
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0001 auth_level   : 06
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0002 auth_pad_len : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
      0003 auth_reserved: 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      0004 auth_context_id: 00000001
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000008 smb_io_rpc_auth_netsec_chk schannel_auth_sign
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
      0008 sig  : 77 00 7a 00 ff ff 00 00 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
      0010 seq_num: 15 a5 d0 c8 ec 5a c0 b4 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
      0018 packet_digest: 10 29 6d 4f 8f 79 cc 52 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
      0020 confounder: b0 15 64 61 f5 23 e5 2e 
[2005/12/05 17:56:11, 10] rpc_parse/parse_prs.c:(1613)
  SCHANNEL: netsec_encode seq_num=1 data_len=368
[2005/12/05 17:56:11, 10] rpc_parse/parse_prs.c:(1633)
  SCHANNEL: netsec_decode seq_num=1 data_len=368
[2005/12/05 17:56:11, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(82)
  000018 net_io_r_sam_logon 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      0018 buffer_creds: 00188078
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      00001c smb_io_cred 
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          00001c smb_io_chal 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
              001c data: c5 df 6b d1 ed 6c 37 5f 
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000024 smb_io_utime 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0024 time: 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
      0028 switch_value: 0003
[2005/12/05 17:56:11, 6] rpc_parse/parse_prs.c:(82)
      00002c net_io_user_info3 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          002c ptr_user_info : 00182f80
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000030 smb_io_time logon time
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0030 low : fa608040
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0034 high: 01c5f92d
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000038 smb_io_time logoff time
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0038 low : ffffffff
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              003c high: 7fffffff
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000040 smb_io_time kickoff time
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0040 low : ffffffff
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0044 high: 7fffffff
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000048 smb_io_time last set time
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0048 low : 6f2e05a6
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              004c high: 01c5f9b4
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000050 smb_io_time can change time
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0050 low : 6f2e05a6
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0054 high: 01c5f9b4
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000058 smb_io_time must change time
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0058 low : ffffffff
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              005c high: 7fffffff
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000060 smb_io_unihdr hdr_user_name
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              0060 uni_str_len: 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              0062 uni_max_len: 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0064 buffer     : 00000000
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000068 smb_io_unihdr hdr_full_name
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              0068 uni_str_len: 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              006a uni_max_len: 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              006c buffer     : 00000000
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000070 smb_io_unihdr hdr_logon_script
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              0070 uni_str_len: 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              0072 uni_max_len: 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0074 buffer     : 00000000
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000078 smb_io_unihdr hdr_profile_path
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              0078 uni_str_len: 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              007a uni_max_len: 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              007c buffer     : 00000000
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000080 smb_io_unihdr hdr_home_dir
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              0080 uni_str_len: 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              0082 uni_max_len: 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0084 buffer     : 00000000
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000088 smb_io_unihdr hdr_dir_drive
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              0088 uni_str_len: 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              008a uni_max_len: 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              008c buffer     : 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
          0090 logon_count   : 040d
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
          0092 bad_pw_count  : 0000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          0094 user_rid      : 000003f0
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          0098 group_rid     : 00000201
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          009c num_groups    : 00000007
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          00a0 buffer_groups : 0018304c
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          00a4 user_flgs     : 00000120
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
          00a8 user_sess_key: 72 7c ed 09 bd f3 34 67 de c8 04 9b 24 50 e8 52 
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          0000b8 smb_io_unihdr hdr_logon_srv
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              00b8 uni_str_len: 000c
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              00ba uni_max_len: 000e
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              00bc buffer     : 0018309c
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          0000c0 smb_io_unihdr hdr_logon_dom
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              00c0 uni_str_len: 0006
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(642)
              00c2 uni_max_len: 0008
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              00c4 buffer     : 001830aa
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          00c8 buffer_dom_id : 00183084
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(758)
          00cc lm_sess_key: c0 4b aa 57 fb cd d4 78 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          00d4 acct_flags : 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          00d8 unkown: 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          00dc unkown: 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          00e0 unkown: 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          00e4 unkown: 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          00e8 unkown: 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          00ec unkown: 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          00f0 unkown: 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          00f4 num_other_sids: 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          00f8 buffer_other_sids: 00000000
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_user_name
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_full_name
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_logon_script
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_profile_path
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_home_dir
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_dir_drive
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
          00fc num_groups2   : 00000007
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000100 smb_io_gid 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0100 g_rid: 00000201
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0104 attr : 00000007
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000108 smb_io_gid 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0108 g_rid: 0000046f
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              010c attr : 00000007
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000110 smb_io_gid 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0110 g_rid: 0000048c
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0114 attr : 00000007
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000118 smb_io_gid 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0118 g_rid: 00000549
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              011c attr : 00000007
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000120 smb_io_gid 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0120 g_rid: 00000576
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0124 attr : 00000007
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000128 smb_io_gid 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0128 g_rid: 00000784
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              012c attr : 00000007
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000130 smb_io_gid 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0130 g_rid: 000007ab
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0134 attr : 00000007
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000138 smb_io_unistr2 uni_logon_srv
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0138 uni_max_len: 00000007
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              013c offset     : 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0140 uni_str_len: 00000006
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(843)
              0144 buffer     : N.T.R.Z.1.3.
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000150 smb_io_unistr2 uni_logon_dom
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0150 uni_max_len: 00000004
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0154 offset     : 00000000
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0158 uni_str_len: 00000003
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(843)
              015c buffer     : H.R.Z.
[2005/12/05 17:56:11, 7] rpc_parse/parse_prs.c:(82)
          000162 smb_io_dom_sid2 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
              0164 num_auths: 00000004
[2005/12/05 17:56:11, 8] rpc_parse/parse_prs.c:(82)
              000168 smb_io_dom_sid sid
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
                  0168 sid_rev_num: 01
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
                  0169 num_auths  : 04
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
                  016a id_auth[0] : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
                  016b id_auth[1] : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
                  016c id_auth[2] : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
                  016d id_auth[3] : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
                  016e id_auth[4] : 00
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(582)
                  016f id_auth[5] : 05
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(898)
                  0170 sub_auths : 00000015 413b77f4 713029db 374c57ac 
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(671)
      0180 auth_resp   : 82282901
[2005/12/05 17:56:11, 5] rpc_parse/parse_prs.c:(701)
      0184 status      : NT_STATUS_OK
[2005/12/05 17:56:11, 10] passdb/secrets.c:(771)
  secrets_named_mutex: released mutex for NTRZ13
[2005/12/05 17:56:11, 5] lib/username.c:(313)
  Finding user HRZ\ratzka
[2005/12/05 17:56:11, 5] lib/username.c:(262)
  Trying _Get_Pwnam(), username as lowercase is hrz\ratzka
[2005/12/05 17:56:11, 5] lib/username.c:(269)
  Trying _Get_Pwnam(), username as given is HRZ\ratzka
[2005/12/05 17:56:11, 5] lib/username.c:(278)
  Trying _Get_Pwnam(), username as uppercase is HRZ\RATZKA
[2005/12/05 17:56:11, 5] lib/username.c:(286)
  Checking combinations of 0 uppercase letters in hrz\ratzka
[2005/12/05 17:56:11, 5] lib/username.c:(290)
  Get_Pwnam_internals didn't find user [HRZ\ratzka]!
[2005/12/05 17:56:11, 5] lib/username.c:(313)
  Finding user ratzka
[2005/12/05 17:56:11, 5] lib/username.c:(262)
  Trying _Get_Pwnam(), username as lowercase is ratzka
[2005/12/05 17:56:11, 5] lib/username.c:(290)
  Get_Pwnam_internals did find user [ratzka]!
[2005/12/05 17:56:11, 5] auth/auth_util.c:(994)
  fill_sam_account: located username was [ratzka]
[2005/12/05 17:56:11, 10] passdb/pdb_get_set.c:(617)
  pdb_set_username: setting username ratzka, was 
[2005/12/05 17:56:11, 10] passdb/pdb_get_set.c:(698)
  pdb_set_full_name: setting full name Wolfgang Ratzka, HRZ, x5876, was 
[2005/12/05 17:56:11, 10] passdb/pdb_get_set.c:(833)
  pdb_set_unix_homedir: setting home dir /home/ratzka, was NULL
[2005/12/05 17:56:11, 10] passdb/pdb_get_set.c:(644)
  pdb_set_domain: setting domain HRZ_SMB, was 
[2005/12/05 17:56:11, 10] passdb/pdb_get_set.c:(544)
  pdb_set_user_sid: setting user sid S-1-5-21-1686530679-3929198075-576801238-66824
[2005/12/05 17:56:11, 10] passdb/pdb_compat.c:(73)
  pdb_set_user_sid_from_rid:
  	setting user sid S-1-5-21-1686530679-3929198075-576801238-66824 from rid 66824
[2005/12/05 17:56:11, 3] smbd/sec_ctx.c:(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/12/05 17:56:11, 3] smbd/uid.c:(388)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/12/05 17:56:11, 3] smbd/sec_ctx.c:(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/12/05 17:56:11, 5] auth/auth_util.c:(452)
  NT user token: (NULL)
[2005/12/05 17:56:11, 5] auth/auth_util.c:(473)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/12/05 17:56:11, 3] smbd/sec_ctx.c:(386)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/12/05 17:56:11, 10] passdb/pdb_get_set.c:(580)
  pdb_set_group_sid: setting group sid S-1-5-21-1686530679-3929198075-576801238-1201
[2005/12/05 17:56:11, 10] passdb/pdb_compat.c:(100)
  pdb_set_group_sid_from_rid:
  	setting group sid S-1-5-21-1686530679-3929198075-576801238-1201 from rid 1201
[2005/12/05 17:56:11, 4] lib/substitute.c:(337)
  Home server: hrz_smb
[2005/12/05 17:56:11, 10] passdb/pdb_get_set.c:(752)
  pdb_set_profile_path: setting profile path \\hrz_smb\ratzka\profile, was 
[2005/12/05 17:56:11, 4] lib/substitute.c:(337)
  Home server: hrz_smb
[2005/12/05 17:56:11, 10] passdb/pdb_get_set.c:(806)
  pdb_set_homedir: setting home dir \\hrz_smb\ratzka, was 
[2005/12/05 17:56:11, 10] passdb/pdb_get_set.c:(779)
  pdb_set_dir_drive: setting dir drive , was NULL
[2005/12/05 17:56:11, 10] passdb/pdb_get_set.c:(725)
  pdb_set_logon_script: setting logon script , was 
[2005/12/05 17:56:11, 10] passdb/pdb_get_set.c:(671)
  pdb_set_nt_username: setting nt username ratzka, was 
[2005/12/05 17:56:11, 10] passdb/pdb_get_set.c:(617)
  pdb_set_username: setting username ratzka, was ratzka
[2005/12/05 17:56:11, 10] passdb/pdb_get_set.c:(644)
  pdb_set_domain: setting domain HRZ, was HRZ_SMB
[2005/12/05 17:56:11, 10] passdb/pdb_get_set.c:(544)
  pdb_set_user_sid: setting user sid S-1-5-21-1094416372-1898981851-927750060-1008
[2005/12/05 17:56:11, 10] passdb/pdb_get_set.c:(580)
  pdb_set_group_sid: setting group sid S-1-5-21-1094416372-1898981851-927750060-513
[2005/12/05 17:56:11, 10] passdb/pdb_get_set.c:(698)
  pdb_set_full_name: setting full name , was Wolfgang Ratzka, HRZ, x5876
[2005/12/05 17:56:11, 10] passdb/pdb_get_set.c:(725)
  pdb_set_logon_script: setting logon script , was 
[2005/12/05 17:56:11, 10] passdb/pdb_get_set.c:(752)
  pdb_set_profile_path: setting profile path , was \\hrz_smb\ratzka\profile
[2005/12/05 17:56:11, 10] passdb/pdb_get_set.c:(806)
  pdb_set_homedir: setting home dir , was \\hrz_smb\ratzka
[2005/12/05 17:56:11, 10] passdb/pdb_get_set.c:(779)
  pdb_set_dir_drive: setting dir drive , was 
[2005/12/05 17:56:11, 3] smbd/sec_ctx.c:(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/12/05 17:56:11, 3] smbd/uid.c:(388)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/12/05 17:56:11, 3] smbd/sec_ctx.c:(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/12/05 17:56:11, 5] auth/auth_util.c:(452)
  NT user token: (NULL)
[2005/12/05 17:56:11, 5] auth/auth_util.c:(473)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/12/05 17:56:11, 10] lib/system_smbd.c:(116)
  sys_getgrouplist: user [ratzka]
[2005/12/05 17:56:11, 10] lib/system_smbd.c:(125)
  sys_getgrouplist(): disabled winbindd for group lookup [user == ratzka]
[2005/12/05 17:56:11, 3] smbd/sec_ctx.c:(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2005/12/05 17:56:11, 3] smbd/uid.c:(388)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 1
[2005/12/05 17:56:11, 3] smbd/sec_ctx.c:(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2005/12/05 17:56:11, 5] auth/auth_util.c:(452)
  NT user token: (NULL)
[2005/12/05 17:56:11, 5] auth/auth_util.c:(473)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/12/05 17:56:50, 6] param/loadparm.c:(2834)
  lp_file_list_changed()
  file /opt/csw/etc/samba/smb.conf -> /opt/csw/etc/samba/smb.conf  last mod_time: Fri Dec  2 16:33:42 2005
  
[2005/12/05 17:56:50, 5] auth/auth_util.c:(191)
  make_user_info_map: Mapping user [HRZ]\[ratzka] from workstation [PCRZ478-WXP]
[2005/12/05 17:56:50, 10] lib/gencache.c:(263)
  Returning valid cache entry: key = TDOMCACHE/TIMESTAMP, value = 0, timeout = Mon Dec  5 18:06:10 2005
  
[2005/12/05 17:56:50, 10] lib/gencache.c:(127)
  Adding cache entry with key = TDOMCACHE/TIMESTAMP; value = 0 and timeout = Mon Dec  5 18:06:50 2005
   (600 seconds ahead)
[2005/12/05 17:56:50, 4] passdb/secrets.c:(281)
  Using cleartext machine password
[2005/12/05 17:56:50, 8] libsmb/namequery.c:(1433)
  get_sorted_dc_list: attempting lookup using [lmhosts wins host bcast]
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(1028)
  internal_resolve_name: looking up HRZ#1c
[2005/12/05 17:56:50, 10] lib/gencache.c:(263)
  Returning valid cache entry: key = NBT/HRZ#1C, value = 137.248.3.174:0,137.248.3.163:0,137.248.3.45:0, timeout = Mon Dec  5 18:06:09 2005
  
[2005/12/05 17:56:50, 5] libsmb/namecache.c:(201)
  name HRZ#1C found.
[2005/12/05 17:56:50, 8] libsmb/namequery.c:(1316)
  Adding 3 DC's from auto lookup
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(320)
  remove_duplicate_addrs2: looking for duplicate address/port pairs
[2005/12/05 17:56:50, 4] libsmb/namequery.c:(1406)
  get_dc_list: returning 3 ip addresses in an unordered list
[2005/12/05 17:56:50, 4] libsmb/namequery.c:(1407)
  get_dc_list: 137.248.3.174:0 137.248.3.163:0 137.248.3.45:0 
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(188)
  name_status_find: looking up HRZ#1c at 137.248.3.174
[2005/12/05 17:56:50, 10] lib/gencache.c:(285)
  Cache entry with key = NBT/HRZ#1C.20.137.248.3.174 couldn't be found
[2005/12/05 17:56:50, 5] libsmb/namecache.c:(308)
  namecache_status_fetch: no entry for NBT/HRZ#1C.20.137.248.3.174 found.
[2005/12/05 17:56:50, 10] lib/gencache.c:(214)
  Deleting cache entry (key = NBT/HRZ#1C.20.137.248.3.174)
[2005/12/05 17:56:50, 10] lib/util_sock.c:(832)
  bind succeeded on port 0
[2005/12/05 17:56:50, 5] libsmb/nmblib.c:(777)
  Sending a packet of len 50 to (137.248.3.174) on port 137
[2005/12/05 17:56:50, 10] lib/util_sock.c:(286)
  read_udp_socket: lastip 137.248.3.174 lastport 137 read: 247
[2005/12/05 17:56:50, 10] libsmb/nmblib.c:(506)
  parse_nmb: packet id = 3185
[2005/12/05 17:56:50, 5] libsmb/nmblib.c:(755)
  Received a packet of len 247 from (137.248.3.174) port 137
[2005/12/05 17:56:50, 4] libsmb/nmblib.c:(112)
  nmb packet from 137.248.3.174(137) header: id=3185 opcode=Query(0) response=Yes
      header: flags: bcast=No rec_avail=No rec_des=No trunc=No auth=Yes
      header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
      answers: nmb_name=HRZ<1c> rr_type=33 rr_class=1 ttl=0
      answers   0 char .NTRZ13            hex 074E54525A3133202020202020202020
      answers  10 char .D.HRZ             hex 00440048525A20202020202020202020
      answers  20 char   ...HRZ           hex 202000C40048525A2020202020202020
      answers  30 char     ...NTRZ13      hex 202020201CC4004E54525A3133202020
      answers  40 char        D.HRZ       hex 20202020202020440048525A20202020
      answers  50 char         ...NTRZ1   hex 20202020202020201EC4004E54525A31
      answers  60 char 3         .D.NTR   hex 332020202020202020200344004E5452
      answers  70 char Z13         .D..   hex 5A313320202020202020202001440000
      answers  80 char ...e............   hex 01020A65D90000000000000000000000
      answers  90 char ................   hex 00000000000000000000000000000000
      answers  a0 char .............   hex 00000000000000000000000000
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  NTRZ13#00: flags = 0x44
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  HRZ#00: flags = 0xc4
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  HRZ#1c: flags = 0xc4
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  NTRZ13#20: flags = 0x44
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  HRZ#1e: flags = 0xc4
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  NTRZ13#03: flags = 0x44
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  NTRZ13#01: flags = 0x44
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(227)
  name_status_find: name found, name NTRZ13 ip address is 137.248.3.174
[2005/12/05 17:56:50, 3] libsmb/namequery_dc.c:(145)
  rpc_dc_name: Returning DC NTRZ13 (137.248.3.174) for domain HRZ
[2005/12/05 17:56:50, 3] libsmb/cliconnect.c:(1407)
  Connecting to host=NTRZ13
[2005/12/05 17:56:50, 3] lib/util_sock.c:(867)
  Connecting to 137.248.3.174 at port 445
[2005/12/05 17:56:50, 2] lib/util_sock.c:(904)
  error connecting to 137.248.3.174:445 (Connection refused)
[2005/12/05 17:56:50, 3] lib/util_sock.c:(867)
  Connecting to 137.248.3.174 at port 139
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option SO_KEEPALIVE = 0
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option SO_REUSEADDR = 0
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option SO_BROADCAST = 0
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option TCP_NODELAY = 1
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option IPTOS_LOWDELAY = 0
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option IPTOS_THROUGHPUT = 0
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option SO_SNDBUF = 49152
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option SO_RCVBUF = 49640
[2005/12/05 17:56:50, 5] lib/util_sock.c:(201)
  Could not test socket option SO_SNDLOWAT.
[2005/12/05 17:56:50, 5] lib/util_sock.c:(201)
  Could not test socket option SO_RCVLOWAT.
[2005/12/05 17:56:50, 5] lib/util_sock.c:(201)
  Could not test socket option SO_SNDTIMEO.
[2005/12/05 17:56:50, 5] lib/util_sock.c:(201)
  Could not test socket option SO_RCVTIMEO.
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,72)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,72) wrote 72
[2005/12/05 17:56:50, 5] libsmb/cliconnect.c:(1233)
  Sent session request
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 0
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=0
  smb_com=0x0
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=0
  smb_flg2=0
  smb_tid=0
  smb_pid=0
  smb_uid=0
  smb_mid=0
  smt_wct=0
  smb_bcc=0
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,183)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,183) wrote 183
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 85
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=85
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=55297
  smb_tid=0
  smb_pid=29648
  smb_uid=0
  smb_mid=2
  smt_wct=17
  smb_vwv[ 0]=    8 (0x8)
  smb_vwv[ 1]=12803 (0x3203)
  smb_vwv[ 2]=  256 (0x100)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=   17 (0x11)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  256 (0x100)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=64768 (0xFD00)
  smb_vwv[10]=   67 (0x43)
  smb_vwv[11]=16896 (0x4200)
  smb_vwv[12]= 3352 (0xD18)
  smb_vwv[13]=48355 (0xBCE3)
  smb_vwv[14]=50681 (0xC5F9)
  smb_vwv[15]=50177 (0xC401)
  smb_vwv[16]= 2303 (0x8FF)
  smb_bcc=16
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 42 B5 53 80 5D 9E 0A 76  48 00 52 00 5A 00 00 00  B.S.]..v H.R.Z...
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=85
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=55297
  smb_tid=0
  smb_pid=29648
  smb_uid=0
  smb_mid=2
  smt_wct=17
  smb_vwv[ 0]=    8 (0x8)
  smb_vwv[ 1]=12803 (0x3203)
  smb_vwv[ 2]=  256 (0x100)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=   17 (0x11)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  256 (0x100)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=64768 (0xFD00)
  smb_vwv[10]=   67 (0x43)
  smb_vwv[11]=16896 (0x4200)
  smb_vwv[12]= 3352 (0xD18)
  smb_vwv[13]=48355 (0xBCE3)
  smb_vwv[14]=50681 (0xC5F9)
  smb_vwv[15]=50177 (0xC401)
  smb_vwv[16]= 2303 (0x8FF)
  smb_bcc=16
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 42 B5 53 80 5D 9E 0A 76  48 00 52 00 5A 00 00 00  B.S.]..v H.R.Z...
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,92)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,92) wrote 92
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 118
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=118
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=0
  smb_pid=29648
  smb_uid=38913
  smb_mid=3
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  118 (0x76)
  smb_vwv[ 2]=    0 (0x0)
  smb_bcc=77
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 00 57 00 69 00 6E 00 64  00 6F 00 77 00 73 00 20  .W.i.n.d .o.w.s. 
  [010] 00 4E 00 54 00 20 00 34  00 2E 00 30 00 00 00 4E  .N.T. .4 ...0...N
  [020] 00 54 00 20 00 4C 00 41  00 4E 00 20 00 4D 00 61  .T. .L.A .N. .M.a
  [030] 00 6E 00 61 00 67 00 65  00 72 00 20 00 34 00 2E  .n.a.g.e .r. .4..
  [040] 00 30 00 00 00 48 00 52  00 5A 00 00 00           .0...H.R .Z...
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=118
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=0
  smb_pid=29648
  smb_uid=38913
  smb_mid=3
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  118 (0x76)
  smb_vwv[ 2]=    0 (0x0)
  smb_bcc=77
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 00 57 00 69 00 6E 00 64  00 6F 00 77 00 73 00 20  .W.i.n.d .o.w.s. 
  [010] 00 4E 00 54 00 20 00 34  00 2E 00 30 00 00 00 4E  .N.T. .4 ...0...N
  [020] 00 54 00 20 00 4C 00 41  00 4E 00 20 00 4D 00 61  .T. .L.A .N. .M.a
  [030] 00 6E 00 61 00 67 00 65  00 72 00 20 00 34 00 2E  .n.a.g.e .r. .4..
  [040] 00 30 00 00 00 48 00 52  00 5A 00 00 00           .0...H.R .Z...
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,80)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,80) wrote 80
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 48
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=48
  smb_com=0x75
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=24576
  smb_pid=29648
  smb_uid=38913
  smb_mid=4
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=   48 (0x30)
  smb_vwv[ 2]=    1 (0x1)
  smb_bcc=7
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 49 50 43 00 00 00 00                              IPC.... 
[2005/12/05 17:56:50, 10] libsmb/clientgen.c:(232)
  cli_init_creds: user  domain 
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,104)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,104) wrote 104
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 103
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=103
  smb_com=0xa2
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=24576
  smb_pid=29648
  smb_uid=38913
  smb_mid=5
  smt_wct=34
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  103 (0x67)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=  400 (0x190)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=    0 (0x0)
  smb_vwv[11]=    0 (0x0)
  smb_vwv[12]=    0 (0x0)
  smb_vwv[13]=    0 (0x0)
  smb_vwv[14]=    0 (0x0)
  smb_vwv[15]=    0 (0x0)
  smb_vwv[16]=    0 (0x0)
  smb_vwv[17]=    0 (0x0)
  smb_vwv[18]=    0 (0x0)
  smb_vwv[19]=    0 (0x0)
  smb_vwv[20]=    0 (0x0)
  smb_vwv[21]=32768 (0x8000)
  smb_vwv[22]=    0 (0x0)
  smb_vwv[23]=    0 (0x0)
  smb_vwv[24]=   16 (0x10)
  smb_vwv[25]=    0 (0x0)
  smb_vwv[26]=    0 (0x0)
  smb_vwv[27]=    0 (0x0)
  smb_vwv[28]=    0 (0x0)
  smb_vwv[29]=    0 (0x0)
  smb_vwv[30]=    0 (0x0)
  smb_vwv[31]=  512 (0x200)
  smb_vwv[32]=65280 (0xFF00)
  smb_vwv[33]=    5 (0x5)
  smb_bcc=0
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(1343)
  Bind RPC Pipe[9000]: \PIPE\lsarpc
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(1237)
  Bind Abstract Syntax: [000] 12 34 57 78 12 34 AB CD  EF 00 01 23 45 67 89 AB  .4Wx.4.. ...#Eg..
  [010] 00 00 00 00                                       .... 
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(1240)
  Bind Transfer Syntax: [000] 8A 88 5D 04 1C EB 11 C9  9F E8 08 00 2B 10 48 60  ..]..... ....+.H`
  [010] 00 00 00 02                                       .... 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0b
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0048
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000001
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_rb 
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0018 num_contexts: 01
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      001c context_id  : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      001e num_transfer_syntaxes: 01
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      00001f smb_io_rpc_iface 
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000020 smb_io_uuid uuid
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0020 data   : 12345778
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0024 data   : 1234
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0026 data   : abcd
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              0028 data   : ef 00 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              002a data   : 01 23 45 67 89 ab 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0030 version: 00000000
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000034 smb_io_rpc_iface 
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000034 smb_io_uuid uuid
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0034 data   : 8a885d04
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0038 data   : 1ceb
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              003a data   : 11c9
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              003c data   : 9f e8 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              003e data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0044 version: 00000002
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:9000
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=154
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=24576
  smb_pid=29648
  smb_uid=38913
  smb_mid=6
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   72 (0x48)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   72 (0x48)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=36864 (0x9000)
  smb_bcc=87
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 0B 03 10 00 00 00 48  00 00 00 01 00 00 00 B8  .......H ........
  [020] 10 B8 10 00 00 00 00 01  00 00 00 00 00 01 00 78  ........ .......x
  [030] 57 34 12 34 12 CD AB EF  00 01 23 45 67 89 AB 00  W4.4.... ..#Eg...
  [040] 00 00 00 04 5D 88 8A EB  1C C9 11 9F E8 08 00 2B  ....]... .......+
  [050] 10 48 60 02 00 00 00                              .H`.... 
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,158)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,158) wrote 158
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 124
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=124
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=24576
  smb_pid=29648
  smb_uid=38913
  smb_mid=6
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   68 (0x44)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=69
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 48 05 00 0C 03 10 00 00  00 44 00 00 00 01 00 00  H....... .D......
  [010] 00 B8 10 B8 10 32 97 13  00 0C 00 5C 50 49 50 45  .....2.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 00  00 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00                                    `.... 
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=124
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=24576
  smb_pid=29648
  smb_uid=38913
  smb_mid=6
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   68 (0x44)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=69
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 48 05 00 0C 03 10 00 00  00 44 00 00 00 01 00 00  H....... .D......
  [010] 00 B8 10 B8 10 32 97 13  00 0C 00 5C 50 49 50 45  .....2.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 00  00 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00                                    `.... 
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 68
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0c
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0044
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000001
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 68
[2005/12/05 17:56:50, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(1419)
  rpc_pipe_bind: rpc_api_pipe returned OK.
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_ba 
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00139732
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_rpc_addr_str 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0018 len: 000c
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
          001a str: \PIPE\lsass.
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000026 smb_io_rpc_results 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
          0028 num_results: 01
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          002c result     : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          002e reason     : 0000
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000030 smb_io_rpc_iface 
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000030 smb_io_uuid uuid
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0030 data   : 8a885d04
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0034 data   : 1ceb
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0036 data   : 11c9
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              0038 data   : 9f e8 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              003a data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0040 version: 00000002
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(1293)
  bind_rpc_pipe: accepted!
[2005/12/05 17:56:50, 5] rpc_parse/parse_lsa.c:(142)
  init_lsa_sec_qos
[2005/12/05 17:56:50, 5] rpc_parse/parse_lsa.c:(261)
  init_open_pol: attr:0 da:1
[2005/12/05 17:56:50, 5] rpc_parse/parse_lsa.c:(193)
  init_lsa_obj_attr
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 lsa_io_q_open_pol 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0000 ptr       : 00000001
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0004 system_name: 005c
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000008 lsa_io_obj_attr 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0008 len         : 00000018
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          000c ptr_root_dir: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0010 ptr_obj_name: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0014 attributes  : 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0018 ptr_sec_desc: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          001c ptr_sec_qos : 00000001
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000020 lsa_io_obj_qos sec_qos
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0020 len           : 0000000c
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0024 sec_imp_level : 0002
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
              0026 sec_ctxt_mode : 01
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
              0027 effective_only: 00
[2005/12/05 17:56:50, 3] rpc_parse/parse_lsa.c:(181)
  lsa_io_sec_qos: length c does not match size 8
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0028 des_access: 00000001
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0x6 data_len: 0x44
[2005/12/05 17:56:50, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 44 auth_len: 0 alloc_hint: 34
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0044
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000002
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000034
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 0006
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:9000
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=150
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=24576
  smb_pid=29648
  smb_uid=38913
  smb_mid=7
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   68 (0x44)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=36864 (0x9000)
  smb_bcc=83
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 44  00 00 00 02 00 00 00 34  .......D .......4
  [020] 00 00 00 00 00 06 00 01  00 00 00 5C 00 00 00 18  ........ ...\....
  [030] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
  [040] 00 00 00 01 00 00 00 0C  00 00 00 02 00 01 00 01  ........ ........
  [050] 00 00 00                                          ... 
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,154)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,154) wrote 154
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 104
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=104
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=24576
  smb_pid=29648
  smb_uid=38913
  smb_mid=7
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   48 (0x30)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   48 (0x30)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=49
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 44 05 00 02 03 10 00 00  00 30 00 00 00 02 00 00  D....... .0......
  [010] 00 18 00 00 00 00 00 00  00 00 00 00 00 A8 31 E5  ........ ......1.
  [020] EA 4D D6 EF 4E AB 48 70  8E 4D B1 6F B3 00 00 00  .M..N.Hp .M.o....
  [030] 00                                                . 
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=104
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=24576
  smb_pid=29648
  smb_uid=38913
  smb_mid=7
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   48 (0x30)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   48 (0x30)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=49
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 44 05 00 02 03 10 00 00  00 30 00 00 00 02 00 00  D....... .0......
  [010] 00 18 00 00 00 00 00 00  00 00 00 00 00 A8 31 E5  ........ ......1.
  [020] EA 4D D6 EF 4E AB 48 70  8E 4D B1 6F B3 00 00 00  .M..N.Hp .M.o....
  [030] 00                                                . 
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 48
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0030
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000002
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000018
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 48
[2005/12/05 17:56:50, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000018 lsa_io_r_open_pol 
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_pol_hnd 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0018 data1: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          001c data2: eae531a8
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0020 data3: d64d
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0022 data4: 4eef
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
          0024 data5: ab 48 70 8e 4d b1 6f b3 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(701)
      002c status: NT_STATUS_OK
[2005/12/05 17:56:50, 5] rpc_parse/parse_lsa.c:(477)
  init_q_enum_trust_dom
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 lsa_io_q_enum_trust_dom 
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000000 smb_io_pol_hnd 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0000 data1: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0004 data2: eae531a8
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0008 data3: d64d
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          000a data4: 4eef
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
          000c data5: ab 48 70 8e 4d b1 6f b3 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0014 enum_context : 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0018 preferred_len: 00010000
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0xd data_len: 0x34
[2005/12/05 17:56:50, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 34 auth_len: 0 alloc_hint: 24
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0034
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000003
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000024
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 000d
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:9000
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=134
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=24576
  smb_pid=29648
  smb_uid=38913
  smb_mid=8
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   52 (0x34)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   52 (0x34)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=36864 (0x9000)
  smb_bcc=67
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 34  00 00 00 03 00 00 00 24  .......4 .......$
  [020] 00 00 00 00 00 0D 00 00  00 00 00 A8 31 E5 EA 4D  ........ ....1..M
  [030] D6 EF 4E AB 48 70 8E 4D  B1 6F B3 00 00 00 00 00  ..N.Hp.M .o......
  [040] 00 01 00                                          ... 
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,138)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,138) wrote 138
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 96
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=96
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=24576
  smb_pid=29648
  smb_uid=38913
  smb_mid=8
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   40 (0x28)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   40 (0x28)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=41
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 34 05 00 02 03 10 00 00  00 28 00 00 00 03 00 00  4....... .(......
  [010] 00 10 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
  [020] 00 00 00 00 00 1A 00 00  80                       ........ .
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=96
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=24576
  smb_pid=29648
  smb_uid=38913
  smb_mid=8
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   40 (0x28)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   40 (0x28)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=41
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 34 05 00 02 03 10 00 00  00 28 00 00 00 03 00 00  4....... .(......
  [010] 00 10 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
  [020] 00 00 00 00 00 1A 00 00  80                       ........ .
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 40
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0028
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000003
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000010
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 40
[2005/12/05 17:56:50, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000018 lsa_io_r_enum_trust_dom 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0018 enum_context: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      001c count: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0020 ptr: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(701)
      0024 status: NT_STATUS_NO_MORE_ENTRIES
[2005/12/05 17:56:50, 10] libsmb/trusts_util.c:(181)
  enumerate_domain_trusts: shutting down connection...
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,45)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,45) wrote 45
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 35
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=35
  smb_com=0x4
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=24576
  smb_pid=29648
  smb_uid=38913
  smb_mid=9
  smt_wct=0
  smb_bcc=0
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,39)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,39) wrote 39
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 35
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=35
  smb_com=0x71
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=24576
  smb_pid=29648
  smb_uid=38913
  smb_mid=10
  smt_wct=0
  smb_bcc=0
[2005/12/05 17:56:50, 10] lib/gencache.c:(285)
  Cache entry with key = TDOM/HRZ couldn't be found
[2005/12/05 17:56:50, 5] libsmb/trustdom_cache.c:(184)
  no entry for trusted domain HRZ found.
[2005/12/05 17:56:50, 5] auth/auth_util.c:(99)
  attempting to make a user_info for ratzka (ratzka)
[2005/12/05 17:56:50, 5] auth/auth_util.c:(109)
  making strings for ratzka's user_info struct
[2005/12/05 17:56:50, 5] auth/auth_util.c:(151)
  making blobs for ratzka's user_info struct
[2005/12/05 17:56:50, 10] auth/auth_util.c:(167)
  made an encrypted user_info for ratzka (ratzka)
[2005/12/05 17:56:50, 3] auth/auth.c:(219)
  check_ntlm_password:  Checking password for unmapped user [HRZ]\[ratzka]@[PCRZ478-WXP] with the new password interface
[2005/12/05 17:56:50, 3] auth/auth.c:(222)
  check_ntlm_password:  mapped user is: [HRZ]\[ratzka]@[PCRZ478-WXP]
[2005/12/05 17:56:50, 10] auth/auth.c:(231)
  check_ntlm_password: auth_context challenge created by NTLMSSP callback (NTLM2)
[2005/12/05 17:56:50, 10] auth/auth.c:(233)
  challenge is: 
[2005/12/05 17:56:50, 5] lib/util.c:(2053)
  [000] 39 55 77 6B 19 DB 0A E0                           9Uwk.... 
[2005/12/05 17:56:50, 10] auth/auth.c:(259)
  check_ntlm_password: guest had nothing to say
[2005/12/05 17:56:50, 8] lib/util.c:(1874)
  is_myname("HRZ") returns 0
[2005/12/05 17:56:50, 6] auth/auth_sam.c:(379)
  check_samstrict_security: HRZ is not one of my local names (ROLE_DOMAIN_MEMBER)
[2005/12/05 17:56:50, 10] auth/auth.c:(259)
  check_ntlm_password: sam had nothing to say
[2005/12/05 17:56:50, 3] smbd/sec_ctx.c:(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/12/05 17:56:50, 3] smbd/uid.c:(388)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/12/05 17:56:50, 3] smbd/sec_ctx.c:(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/12/05 17:56:50, 5] auth/auth_util.c:(452)
  NT user token: (NULL)
[2005/12/05 17:56:50, 5] auth/auth_util.c:(473)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/12/05 17:56:50, 3] smbd/sec_ctx.c:(386)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/12/05 17:56:50, 4] passdb/secrets.c:(281)
  Using cleartext machine password
[2005/12/05 17:56:50, 4] passdb/secrets.c:(281)
  Using cleartext machine password
[2005/12/05 17:56:50, 8] libsmb/namequery.c:(1433)
  get_sorted_dc_list: attempting lookup using [lmhosts wins host bcast]
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(1028)
  internal_resolve_name: looking up HRZ#1c
[2005/12/05 17:56:50, 10] lib/gencache.c:(263)
  Returning valid cache entry: key = NBT/HRZ#1C, value = 137.248.3.174:0,137.248.3.163:0,137.248.3.45:0, timeout = Mon Dec  5 18:06:09 2005
  
[2005/12/05 17:56:50, 5] libsmb/namecache.c:(201)
  name HRZ#1C found.
[2005/12/05 17:56:50, 8] libsmb/namequery.c:(1316)
  Adding 3 DC's from auto lookup
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(320)
  remove_duplicate_addrs2: looking for duplicate address/port pairs
[2005/12/05 17:56:50, 4] libsmb/namequery.c:(1406)
  get_dc_list: returning 3 ip addresses in an unordered list
[2005/12/05 17:56:50, 4] libsmb/namequery.c:(1407)
  get_dc_list: 137.248.3.174:0 137.248.3.163:0 137.248.3.45:0 
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(188)
  name_status_find: looking up HRZ#1c at 137.248.3.174
[2005/12/05 17:56:50, 10] lib/gencache.c:(285)
  Cache entry with key = NBT/HRZ#1C.20.137.248.3.174 couldn't be found
[2005/12/05 17:56:50, 5] libsmb/namecache.c:(308)
  namecache_status_fetch: no entry for NBT/HRZ#1C.20.137.248.3.174 found.
[2005/12/05 17:56:50, 10] lib/gencache.c:(214)
  Deleting cache entry (key = NBT/HRZ#1C.20.137.248.3.174)
[2005/12/05 17:56:50, 10] lib/util_sock.c:(832)
  bind succeeded on port 0
[2005/12/05 17:56:50, 5] libsmb/nmblib.c:(777)
  Sending a packet of len 50 to (137.248.3.174) on port 137
[2005/12/05 17:56:50, 10] lib/util_sock.c:(286)
  read_udp_socket: lastip 137.248.3.174 lastport 137 read: 247
[2005/12/05 17:56:50, 10] libsmb/nmblib.c:(506)
  parse_nmb: packet id = 30717
[2005/12/05 17:56:50, 5] libsmb/nmblib.c:(755)
  Received a packet of len 247 from (137.248.3.174) port 137
[2005/12/05 17:56:50, 4] libsmb/nmblib.c:(112)
  nmb packet from 137.248.3.174(137) header: id=30717 opcode=Query(0) response=Yes
      header: flags: bcast=No rec_avail=No rec_des=No trunc=No auth=Yes
      header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
      answers: nmb_name=HRZ<1c> rr_type=33 rr_class=1 ttl=0
      answers   0 char .NTRZ13            hex 074E54525A3133202020202020202020
      answers  10 char .D.HRZ             hex 00440048525A20202020202020202020
      answers  20 char   ...HRZ           hex 202000C40048525A2020202020202020
      answers  30 char     ...NTRZ13      hex 202020201CC4004E54525A3133202020
      answers  40 char        D.HRZ       hex 20202020202020440048525A20202020
      answers  50 char         ...NTRZ1   hex 20202020202020201EC4004E54525A31
      answers  60 char 3         .D.NTR   hex 332020202020202020200344004E5452
      answers  70 char Z13         .D..   hex 5A313320202020202020202001440000
      answers  80 char ...e............   hex 01020A65D90000000000000000000000
      answers  90 char ................   hex 00000000000000000000000000000000
      answers  a0 char .............   hex 00000000000000000000000000
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  NTRZ13#00: flags = 0x44
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  HRZ#00: flags = 0xc4
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  HRZ#1c: flags = 0xc4
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  NTRZ13#20: flags = 0x44
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  HRZ#1e: flags = 0xc4
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  NTRZ13#03: flags = 0x44
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  NTRZ13#01: flags = 0x44
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(227)
  name_status_find: name found, name NTRZ13 ip address is 137.248.3.174
[2005/12/05 17:56:50, 3] libsmb/namequery_dc.c:(145)
  rpc_dc_name: Returning DC NTRZ13 (137.248.3.174) for domain HRZ
[2005/12/05 17:56:50, 10] passdb/secrets.c:(759)
  secrets_named_mutex: got mutex for NTRZ13
[2005/12/05 17:56:50, 3] libsmb/cliconnect.c:(1407)
  Connecting to host=NTRZ13
[2005/12/05 17:56:50, 3] lib/util_sock.c:(867)
  Connecting to 137.248.3.174 at port 445
[2005/12/05 17:56:50, 2] lib/util_sock.c:(904)
  error connecting to 137.248.3.174:445 (Connection refused)
[2005/12/05 17:56:50, 3] lib/util_sock.c:(867)
  Connecting to 137.248.3.174 at port 139
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option SO_KEEPALIVE = 0
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option SO_REUSEADDR = 0
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option SO_BROADCAST = 0
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option TCP_NODELAY = 1
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option IPTOS_LOWDELAY = 0
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option IPTOS_THROUGHPUT = 0
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option SO_SNDBUF = 49152
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option SO_RCVBUF = 49640
[2005/12/05 17:56:50, 5] lib/util_sock.c:(201)
  Could not test socket option SO_SNDLOWAT.
[2005/12/05 17:56:50, 5] lib/util_sock.c:(201)
  Could not test socket option SO_RCVLOWAT.
[2005/12/05 17:56:50, 5] lib/util_sock.c:(201)
  Could not test socket option SO_SNDTIMEO.
[2005/12/05 17:56:50, 5] lib/util_sock.c:(201)
  Could not test socket option SO_RCVTIMEO.
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,72)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,72) wrote 72
[2005/12/05 17:56:50, 5] libsmb/cliconnect.c:(1233)
  Sent session request
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 0
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=0
  smb_com=0x0
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=0
  smb_flg2=0
  smb_tid=0
  smb_pid=0
  smb_uid=0
  smb_mid=0
  smt_wct=0
  smb_bcc=0
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,183)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,183) wrote 183
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 85
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=85
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=55297
  smb_tid=0
  smb_pid=29648
  smb_uid=0
  smb_mid=2
  smt_wct=17
  smb_vwv[ 0]=    8 (0x8)
  smb_vwv[ 1]=12803 (0x3203)
  smb_vwv[ 2]=  256 (0x100)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=   17 (0x11)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  256 (0x100)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=64768 (0xFD00)
  smb_vwv[10]=   67 (0x43)
  smb_vwv[11]=43520 (0xAA00)
  smb_vwv[12]= 5793 (0x16A1)
  smb_vwv[13]=48355 (0xBCE3)
  smb_vwv[14]=50681 (0xC5F9)
  smb_vwv[15]=50177 (0xC401)
  smb_vwv[16]= 2303 (0x8FF)
  smb_bcc=16
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 85 DD 67 A2 F3 5F C0 90  48 00 52 00 5A 00 00 00  ..g.._.. H.R.Z...
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=85
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=55297
  smb_tid=0
  smb_pid=29648
  smb_uid=0
  smb_mid=2
  smt_wct=17
  smb_vwv[ 0]=    8 (0x8)
  smb_vwv[ 1]=12803 (0x3203)
  smb_vwv[ 2]=  256 (0x100)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=   17 (0x11)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  256 (0x100)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=64768 (0xFD00)
  smb_vwv[10]=   67 (0x43)
  smb_vwv[11]=43520 (0xAA00)
  smb_vwv[12]= 5793 (0x16A1)
  smb_vwv[13]=48355 (0xBCE3)
  smb_vwv[14]=50681 (0xC5F9)
  smb_vwv[15]=50177 (0xC401)
  smb_vwv[16]= 2303 (0x8FF)
  smb_bcc=16
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 85 DD 67 A2 F3 5F C0 90  48 00 52 00 5A 00 00 00  ..g.._.. H.R.Z...
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,92)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,92) wrote 92
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 118
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=118
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=0
  smb_pid=29648
  smb_uid=49153
  smb_mid=3
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  118 (0x76)
  smb_vwv[ 2]=    0 (0x0)
  smb_bcc=77
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 00 57 00 69 00 6E 00 64  00 6F 00 77 00 73 00 20  .W.i.n.d .o.w.s. 
  [010] 00 4E 00 54 00 20 00 34  00 2E 00 30 00 00 00 4E  .N.T. .4 ...0...N
  [020] 00 54 00 20 00 4C 00 41  00 4E 00 20 00 4D 00 61  .T. .L.A .N. .M.a
  [030] 00 6E 00 61 00 67 00 65  00 72 00 20 00 34 00 2E  .n.a.g.e .r. .4..
  [040] 00 30 00 00 00 48 00 52  00 5A 00 00 00           .0...H.R .Z...
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=118
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=0
  smb_pid=29648
  smb_uid=49153
  smb_mid=3
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  118 (0x76)
  smb_vwv[ 2]=    0 (0x0)
  smb_bcc=77
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 00 57 00 69 00 6E 00 64  00 6F 00 77 00 73 00 20  .W.i.n.d .o.w.s. 
  [010] 00 4E 00 54 00 20 00 34  00 2E 00 30 00 00 00 4E  .N.T. .4 ...0...N
  [020] 00 54 00 20 00 4C 00 41  00 4E 00 20 00 4D 00 61  .T. .L.A .N. .M.a
  [030] 00 6E 00 61 00 67 00 65  00 72 00 20 00 34 00 2E  .n.a.g.e .r. .4..
  [040] 00 30 00 00 00 48 00 52  00 5A 00 00 00           .0...H.R .Z...
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,80)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,80) wrote 80
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 48
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=48
  smb_com=0x75
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=26629
  smb_pid=29648
  smb_uid=49153
  smb_mid=4
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=   48 (0x30)
  smb_vwv[ 2]=    1 (0x1)
  smb_bcc=7
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 49 50 43 00 00 00 00                              IPC.... 
[2005/12/05 17:56:50, 10] libsmb/clientgen.c:(232)
  cli_init_creds: user  domain 
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,108)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,108) wrote 108
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 103
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=103
  smb_com=0xa2
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=26629
  smb_pid=29648
  smb_uid=49153
  smb_mid=5
  smt_wct=34
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  103 (0x67)
  smb_vwv[ 2]= 8448 (0x2100)
  smb_vwv[ 3]=  360 (0x168)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=    0 (0x0)
  smb_vwv[11]=    0 (0x0)
  smb_vwv[12]=    0 (0x0)
  smb_vwv[13]=    0 (0x0)
  smb_vwv[14]=    0 (0x0)
  smb_vwv[15]=    0 (0x0)
  smb_vwv[16]=    0 (0x0)
  smb_vwv[17]=    0 (0x0)
  smb_vwv[18]=    0 (0x0)
  smb_vwv[19]=    0 (0x0)
  smb_vwv[20]=    0 (0x0)
  smb_vwv[21]=32768 (0x8000)
  smb_vwv[22]=    0 (0x0)
  smb_vwv[23]=    0 (0x0)
  smb_vwv[24]=   16 (0x10)
  smb_vwv[25]=    0 (0x0)
  smb_vwv[26]=    0 (0x0)
  smb_vwv[27]=    0 (0x0)
  smb_vwv[28]=    0 (0x0)
  smb_vwv[29]=    0 (0x0)
  smb_vwv[30]=    0 (0x0)
  smb_vwv[31]=  512 (0x200)
  smb_vwv[32]=65280 (0xFF00)
  smb_vwv[33]=    5 (0x5)
  smb_bcc=0
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(1343)
  Bind RPC Pipe[6821]: \PIPE\NETLOGON
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(1237)
  Bind Abstract Syntax: [000] 12 34 56 78 12 34 AB CD  EF 00 01 23 45 67 CF FB  .4Vx.4.. ...#Eg..
  [010] 00 00 00 01                                       .... 
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(1240)
  Bind Transfer Syntax: [000] 8A 88 5D 04 1C EB 11 C9  9F E8 08 00 2B 10 48 60  ..]..... ....+.H`
  [010] 00 00 00 02                                       .... 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0b
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0048
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000004
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_rb 
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0018 num_contexts: 01
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      001c context_id  : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      001e num_transfer_syntaxes: 01
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      00001f smb_io_rpc_iface 
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000020 smb_io_uuid uuid
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0020 data   : 12345678
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0024 data   : 1234
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0026 data   : abcd
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              0028 data   : ef 00 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              002a data   : 01 23 45 67 cf fb 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0030 version: 00000001
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000034 smb_io_rpc_iface 
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000034 smb_io_uuid uuid
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0034 data   : 8a885d04
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0038 data   : 1ceb
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              003a data   : 11c9
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              003c data   : 9f e8 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              003e data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0044 version: 00000002
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:6821
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=154
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=26629
  smb_pid=29648
  smb_uid=49153
  smb_mid=6
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   72 (0x48)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   72 (0x48)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=26657 (0x6821)
  smb_bcc=87
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 0B 03 10 00 00 00 48  00 00 00 04 00 00 00 B8  .......H ........
  [020] 10 B8 10 00 00 00 00 01  00 00 00 00 00 01 00 78  ........ .......x
  [030] 56 34 12 34 12 CD AB EF  00 01 23 45 67 CF FB 01  V4.4.... ..#Eg...
  [040] 00 00 00 04 5D 88 8A EB  1C C9 11 9F E8 08 00 2B  ....]... .......+
  [050] 10 48 60 02 00 00 00                              .H`.... 
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,158)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,158) wrote 158
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 124
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=124
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=26629
  smb_pid=29648
  smb_uid=49153
  smb_mid=6
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   68 (0x44)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=69
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 48 05 00 0C 03 10 00 00  00 44 00 00 00 04 00 00  H....... .D......
  [010] 00 B8 10 B8 10 33 97 13  00 0C 00 5C 50 49 50 45  .....3.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 00  80 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00                                    `.... 
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=124
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=26629
  smb_pid=29648
  smb_uid=49153
  smb_mid=6
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   68 (0x44)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=69
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 48 05 00 0C 03 10 00 00  00 44 00 00 00 04 00 00  H....... .D......
  [010] 00 B8 10 B8 10 33 97 13  00 0C 00 5C 50 49 50 45  .....3.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 00  80 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00                                    `.... 
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 68
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0c
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0044
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000004
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 68
[2005/12/05 17:56:50, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(1419)
  rpc_pipe_bind: rpc_api_pipe returned OK.
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_ba 
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00139733
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_rpc_addr_str 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0018 len: 000c
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
          001a str: \PIPE\lsass.
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000026 smb_io_rpc_results 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
          0028 num_results: 01
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          002c result     : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          002e reason     : 0000
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000030 smb_io_rpc_iface 
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000030 smb_io_uuid uuid
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0030 data   : 8a885d04
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0034 data   : 1ceb
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0036 data   : 11c9
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              0038 data   : 9f e8 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              003a data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0040 version: 00000002
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(1293)
  bind_rpc_pipe: accepted!
[2005/12/05 17:56:50, 4] rpc_client/cli_netlogon.c:(45)
  cli_net_req_chal: LSA Request Challenge from HRZ_SMB to NTRZ13: DBFD06EE5CF2CE72
[2005/12/05 17:56:50, 5] rpc_parse/parse_net.c:(676)
  init_q_req_chal: 676
[2005/12/05 17:56:50, 5] rpc_parse/parse_net.c:(685)
  init_q_req_chal: 685
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 net_io_q_req_chal 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0000 undoc_buffer: 00000001
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000004 smb_io_unistr2 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0004 uni_max_len: 00000009
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0008 offset     : 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          000c uni_str_len: 00000009
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(843)
          0010 buffer     : \.\.N.T.R.Z.1.3...
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000022 smb_io_unistr2 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0024 uni_max_len: 00000008
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0028 offset     : 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          002c uni_str_len: 00000008
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(843)
          0030 buffer     : H.R.Z._.S.M.B...
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000040 smb_io_chal 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
          0040 data: db fd 06 ee 5c f2 ce 72 
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0x4 data_len: 0x60
[2005/12/05 17:56:50, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 60 auth_len: 0 alloc_hint: 50
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0060
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000005
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000050
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 0004
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:6821
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=178
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=26629
  smb_pid=29648
  smb_uid=49153
  smb_mid=7
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   96 (0x60)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   96 (0x60)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=26657 (0x6821)
  smb_bcc=111
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 60  00 00 00 05 00 00 00 50  .......` .......P
  [020] 00 00 00 00 00 04 00 01  00 00 00 09 00 00 00 00  ........ ........
  [030] 00 00 00 09 00 00 00 5C  00 5C 00 4E 00 54 00 52  .......\ .\.N.T.R
  [040] 00 5A 00 31 00 33 00 00  00 00 00 08 00 00 00 00  .Z.1.3.. ........
  [050] 00 00 00 08 00 00 00 48  00 52 00 5A 00 5F 00 53  .......H .R.Z._.S
  [060] 00 4D 00 42 00 00 00 DB  FD 06 EE 5C F2 CE 72     .M.B.... ...\..r
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,182)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,182) wrote 182
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 92
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=92
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=26629
  smb_pid=29648
  smb_uid=49153
  smb_mid=7
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   36 (0x24)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   36 (0x24)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=37
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 60 05 00 02 03 10 00 00  00 24 00 00 00 05 00 00  `....... .$......
  [010] 00 0C 00 00 00 00 00 00  00 86 40 AE 43 28 00 00  ........ ..@.C(..
  [020] 00 00 00 00 00                                    ..... 
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=92
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=26629
  smb_pid=29648
  smb_uid=49153
  smb_mid=7
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   36 (0x24)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   36 (0x24)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=37
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 60 05 00 02 03 10 00 00  00 24 00 00 00 05 00 00  `....... .$......
  [010] 00 0C 00 00 00 00 00 00  00 86 40 AE 43 28 00 00  ........ ..@.C(..
  [020] 00 00 00 00 00                                    ..... 
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 36
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0024
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000005
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 0000000c
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 36
[2005/12/05 17:56:50, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000018 net_io_r_req_chal 
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_chal 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
          0018 data: 86 40 ae 43 28 00 00 00 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(701)
      0020 status: NT_STATUS_OK
[2005/12/05 17:56:50, 4] libsmb/credentials.c:(59)
  cred_session_key
[2005/12/05 17:56:50, 5] libsmb/credentials.c:(61)
  	clnt_chal: DBFD06EE5CF2CE72
[2005/12/05 17:56:50, 5] libsmb/credentials.c:(62)
  	srv_chal : 8640AE4328000000
[2005/12/05 17:56:50, 5] libsmb/credentials.c:(63)
  	clnt+srv : 613EB53184F2CE72
[2005/12/05 17:56:50, 5] libsmb/credentials.c:(64)
  	sess_key : A6F5F5DFFF114970
[2005/12/05 17:56:50, 4] libsmb/credentials.c:(90)
  cred_create
[2005/12/05 17:56:50, 5] libsmb/credentials.c:(92)
  	sess_key : A6F5F5DFFF114970
[2005/12/05 17:56:50, 5] libsmb/credentials.c:(93)
  	stor_cred: DBFD06EE5CF2CE72
[2005/12/05 17:56:50, 5] libsmb/credentials.c:(94)
  	timestamp: 0
[2005/12/05 17:56:50, 5] libsmb/credentials.c:(95)
  	timecred : DBFD06EE5CF2CE72
[2005/12/05 17:56:50, 5] libsmb/credentials.c:(96)
  	calc_cred: EE23D2BDA4EAE3C0
[2005/12/05 17:56:50, 4] rpc_client/cli_netlogon.c:(157)
  cli_net_auth2: srv:\\NTRZ13 acct:HRZ_SMB$ sc:2 mc: HRZ_SMB chal EE23D2BDA4EAE3C0 neg: 400701ff
[2005/12/05 17:56:50, 5] rpc_parse/parse_net.c:(797)
  init_q_auth_2: 797
[2005/12/05 17:56:50, 5] rpc_parse/parse_misc.c:(1407)
  make_log_info 1407
[2005/12/05 17:56:50, 5] rpc_parse/parse_net.c:(803)
  init_q_auth_2: 803
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 net_io_q_auth_2 
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000000 smb_io_log_info 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0000 undoc_buffer: 00000001
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000004 smb_io_unistr2 unistr2
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0004 uni_max_len: 00000009
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0008 offset     : 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              000c uni_str_len: 00000009
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(843)
              0010 buffer     : \.\.N.T.R.Z.1.3...
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000022 smb_io_unistr2 unistr2
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0024 uni_max_len: 00000009
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0028 offset     : 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              002c uni_str_len: 00000009
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(843)
              0030 buffer     : H.R.Z._.S.M.B.$...
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0042 sec_chan: 0002
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000044 smb_io_unistr2 unistr2
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0044 uni_max_len: 00000008
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0048 offset     : 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              004c uni_str_len: 00000008
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(843)
              0050 buffer     : H.R.Z._.S.M.B...
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000060 smb_io_chal 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
          0060 data: ee 23 d2 bd a4 ea e3 c0 
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000068 net_io_neg_flags 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0068 neg_flags: 400701ff
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0xf data_len: 0x84
[2005/12/05 17:56:50, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 84 auth_len: 0 alloc_hint: 74
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0084
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000006
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000074
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 000f
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:6821
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=214
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=26629
  smb_pid=29648
  smb_uid=49153
  smb_mid=8
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  132 (0x84)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=  132 (0x84)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=26657 (0x6821)
  smb_bcc=147
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 84  00 00 00 06 00 00 00 74  ........ .......t
  [020] 00 00 00 00 00 0F 00 01  00 00 00 09 00 00 00 00  ........ ........
  [030] 00 00 00 09 00 00 00 5C  00 5C 00 4E 00 54 00 52  .......\ .\.N.T.R
  [040] 00 5A 00 31 00 33 00 00  00 00 00 09 00 00 00 00  .Z.1.3.. ........
  [050] 00 00 00 09 00 00 00 48  00 52 00 5A 00 5F 00 53  .......H .R.Z._.S
  [060] 00 4D 00 42 00 24 00 00  00 02 00 08 00 00 00 00  .M.B.$.. ........
  [070] 00 00 00 08 00 00 00 48  00 52 00 5A 00 5F 00 53  .......H .R.Z._.S
  [080] 00 4D 00 42 00 00 00 EE  23 D2 BD A4 EA E3 C0 FF  .M.B.... #.......
  [090] 01 07 40                                          ..@ 
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,218)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,218) wrote 218
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 96
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=96
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=26629
  smb_pid=29648
  smb_uid=49153
  smb_mid=8
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   40 (0x28)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   40 (0x28)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=41
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 84 05 00 02 03 10 00 00  00 28 00 00 00 06 00 00  ........ .(......
  [010] 00 10 00 00 00 00 00 00  00 14 94 A0 12 97 2D D6  ........ ......-.
  [020] E2 FF 01 00 40 00 00 00  00                       ....@... .
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=96
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=26629
  smb_pid=29648
  smb_uid=49153
  smb_mid=8
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   40 (0x28)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   40 (0x28)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=41
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 84 05 00 02 03 10 00 00  00 28 00 00 00 06 00 00  ........ .(......
  [010] 00 10 00 00 00 00 00 00  00 14 94 A0 12 97 2D D6  ........ ......-.
  [020] E2 FF 01 00 40 00 00 00  00                       ....@... .
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 40
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0028
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000006
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000010
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 40
[2005/12/05 17:56:50, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000018 net_io_r_auth_2 
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_chal 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
          0018 data: 14 94 a0 12 97 2d d6 e2 
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000020 net_io_neg_flags 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0020 neg_flags: 400001ff
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(701)
      0024 status: NT_STATUS_OK
[2005/12/05 17:56:50, 4] libsmb/credentials.c:(90)
  cred_create
[2005/12/05 17:56:50, 5] libsmb/credentials.c:(92)
  	sess_key : A6F5F5DFFF114970
[2005/12/05 17:56:50, 5] libsmb/credentials.c:(93)
  	stor_cred: 8640AE4328000000
[2005/12/05 17:56:50, 5] libsmb/credentials.c:(94)
  	timestamp: 0
[2005/12/05 17:56:50, 5] libsmb/credentials.c:(95)
  	timecred : 8640AE4328000000
[2005/12/05 17:56:50, 5] libsmb/credentials.c:(96)
  	calc_cred: 1494A012972DD6E2
[2005/12/05 17:56:50, 4] libsmb/credentials.c:(121)
  cred_assert
[2005/12/05 17:56:50, 5] libsmb/credentials.c:(123)
  	challenge : 1494A012972DD6E2
[2005/12/05 17:56:50, 5] libsmb/credentials.c:(124)
  	calculated: 1494A012972DD6E2
[2005/12/05 17:56:50, 5] libsmb/credentials.c:(128)
  credentials check ok
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,108)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,108) wrote 108
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 103
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=103
  smb_com=0xa2
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=26629
  smb_pid=29648
  smb_uid=49153
  smb_mid=9
  smt_wct=34
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  103 (0x67)
  smb_vwv[ 2]= 9728 (0x2600)
  smb_vwv[ 3]=  352 (0x160)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=    0 (0x0)
  smb_vwv[11]=    0 (0x0)
  smb_vwv[12]=    0 (0x0)
  smb_vwv[13]=    0 (0x0)
  smb_vwv[14]=    0 (0x0)
  smb_vwv[15]=    0 (0x0)
  smb_vwv[16]=    0 (0x0)
  smb_vwv[17]=    0 (0x0)
  smb_vwv[18]=    0 (0x0)
  smb_vwv[19]=    0 (0x0)
  smb_vwv[20]=    0 (0x0)
  smb_vwv[21]=32768 (0x8000)
  smb_vwv[22]=    0 (0x0)
  smb_vwv[23]=    0 (0x0)
  smb_vwv[24]=   16 (0x10)
  smb_vwv[25]=    0 (0x0)
  smb_vwv[26]=    0 (0x0)
  smb_vwv[27]=    0 (0x0)
  smb_vwv[28]=    0 (0x0)
  smb_vwv[29]=    0 (0x0)
  smb_vwv[30]=    0 (0x0)
  smb_vwv[31]=  512 (0x200)
  smb_vwv[32]=65280 (0xFF00)
  smb_vwv[33]=    5 (0x5)
  smb_bcc=0
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(1343)
  Bind RPC Pipe[6026]: \PIPE\NETLOGON
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(1237)
  Bind Abstract Syntax: [000] 12 34 56 78 12 34 AB CD  EF 00 01 23 45 67 CF FB  .4Vx.4.. ...#Eg..
  [010] 00 00 00 01                                       .... 
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(1240)
  Bind Transfer Syntax: [000] 8A 88 5D 04 1C EB 11 C9  9F E8 08 00 2B 10 48 60  ..]..... ....+.H`
  [010] 00 00 00 02                                       .... 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr_auth hdr_auth
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 auth_type    : 44
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 auth_level   : 06
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 auth_pad_len : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 auth_reserved: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0004 auth_context_id: 00000001
[2005/12/05 17:56:50, 10] rpc_client/cli_pipe.c:(724)
  create_rpc_bind_req: no domain; assuming my own
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000008 smb_io_rpc_auth_netsec_neg netsec_neg
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0008 type1: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      000c type2: 00000003
[2005/12/05 17:56:50, 6] lib/util.c:(2053)
  [000] 48 52 5A                                          HRZ 
[2005/12/05 17:56:50, 6] lib/util.c:(2053)
  [000] 48 52 5A 5F 53 4D 42                              HRZ_SMB 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0b
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0064
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0014
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000007
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_rb 
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0018 num_contexts: 01
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      001c context_id  : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      001e num_transfer_syntaxes: 01
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      00001f smb_io_rpc_iface 
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000020 smb_io_uuid uuid
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0020 data   : 12345678
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0024 data   : 1234
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0026 data   : abcd
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              0028 data   : ef 00 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              002a data   : 01 23 45 67 cf fb 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0030 version: 00000001
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000034 smb_io_rpc_iface 
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000034 smb_io_uuid uuid
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0034 data   : 8a885d04
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0038 data   : 1ceb
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              003a data   : 11c9
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              003c data   : 9f e8 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              003e data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0044 version: 00000002
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:6026
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=182
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=26629
  smb_pid=29648
  smb_uid=49153
  smb_mid=10
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  100 (0x64)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=  100 (0x64)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=24614 (0x6026)
  smb_bcc=115
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 0B 03 10 00 00 00 64  00 14 00 07 00 00 00 B8  .......d ........
  [020] 10 B8 10 00 00 00 00 01  00 00 00 00 00 01 00 78  ........ .......x
  [030] 56 34 12 34 12 CD AB EF  00 01 23 45 67 CF FB 01  V4.4.... ..#Eg...
  [040] 00 00 00 04 5D 88 8A EB  1C C9 11 9F E8 08 00 2B  ....]... .......+
  [050] 10 48 60 02 00 00 00 44  06 00 00 01 00 00 00 00  .H`....D ........
  [060] 00 00 00 03 00 00 00 48  52 5A 00 48 52 5A 5F 53  .......H RZ.HRZ_S
  [070] 4D 42 00                                          MB. 
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,186)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,186) wrote 186
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 144
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=144
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=26629
  smb_pid=29648
  smb_uid=49153
  smb_mid=10
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   88 (0x58)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   88 (0x58)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=89
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 64 05 00 0C 03 10 00 00  00 58 00 0C 00 07 00 00  d....... .X......
  [010] 00 B8 10 B8 10 34 97 13  00 0C 00 5C 50 49 50 45  .....4.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 C1  B9 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00 44 06 00  00 01 00 00 00 01 00 00  `....D.. ........
  [050] 00 00 00 00 00 00 28 D8  03                       ......(. .
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=144
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=26629
  smb_pid=29648
  smb_uid=49153
  smb_mid=10
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   88 (0x58)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   88 (0x58)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=89
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 64 05 00 0C 03 10 00 00  00 58 00 0C 00 07 00 00  d....... .X......
  [010] 00 B8 10 B8 10 34 97 13  00 0C 00 5C 50 49 50 45  .....4.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 C1  B9 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00 44 06 00  00 01 00 00 00 01 00 00  `....D.. ........
  [050] 00 00 00 00 00 00 28 D8  03                       ......(. .
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 88
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0c
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0058
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 000c
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000007
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 88
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(214)
  rpc_auth_pipe: pkt_type: 12 len: 88 auth_len: 12 NTLMSSP No schannel Yes sign Yes seal Yes 
[2005/12/05 17:56:50, 10] rpc_client/cli_pipe.c:(221)
  rpc_auth_pipe: packet:
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr_auth auth_hdr
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 auth_type    : 44
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 auth_level   : 06
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 auth_pad_len : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 auth_reserved: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0004 auth_context_id: 00000001
[2005/12/05 17:56:50, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(1419)
  rpc_pipe_bind: rpc_api_pipe returned OK.
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_ba 
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00139734
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_rpc_addr_str 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0018 len: 000c
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
          001a str: \PIPE\lsass.
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000026 smb_io_rpc_results 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
          0028 num_results: 01
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          002c result     : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          002e reason     : 0000
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000030 smb_io_rpc_iface 
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000030 smb_io_uuid uuid
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0030 data   : 8a885d04
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0034 data   : 1ceb
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0036 data   : 11c9
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              0038 data   : 9f e8 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              003a data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0040 version: 00000002
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(1293)
  bind_rpc_pipe: accepted!
[2005/12/05 17:56:50, 4] libsmb/credentials.c:(90)
  cred_create
[2005/12/05 17:56:50, 5] libsmb/credentials.c:(92)
  	sess_key : A6F5F5DFFF114970
[2005/12/05 17:56:50, 5] libsmb/credentials.c:(93)
  	stor_cred: EE23D2BDA4EAE3C0
[2005/12/05 17:56:50, 5] libsmb/credentials.c:(94)
  	timestamp: 43947152
[2005/12/05 17:56:50, 5] libsmb/credentials.c:(95)
  	timecred : 40956601A4EAE3C0
[2005/12/05 17:56:50, 5] libsmb/credentials.c:(96)
  	calc_cred: AB3F2FFB8C4840C9
[2005/12/05 17:56:50, 5] rpc_parse/parse_net.c:(1178)
  init_id_info2: 1178
[2005/12/05 17:56:50, 5] rpc_parse/parse_misc.c:(1586)
  make_logon_id: 1586
[2005/12/05 17:56:50, 5] rpc_parse/parse_net.c:(1272)
  init_sam_info: 1272
[2005/12/05 17:56:50, 5] rpc_parse/parse_misc.c:(1501)
  make_clnt_info: 1501
[2005/12/05 17:56:50, 5] rpc_parse/parse_misc.c:(1346)
  init_clnt_srv: 1346
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 net_io_q_sam_logon 
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000000 smb_io_sam_info 
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000000 smb_io_clnt_info2 
[2005/12/05 17:56:50, 8] rpc_parse/parse_prs.c:(82)
              000000 smb_io_clnt_srv 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                  0000 undoc_buffer : 00000001
[2005/12/05 17:56:50, 9] rpc_parse/parse_prs.c:(82)
                  000004 smb_io_unistr2 unistr2
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      0004 uni_max_len: 00000009
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      0008 offset     : 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      000c uni_str_len: 00000009
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(843)
                      0010 buffer     : \.\.N.T.R.Z.1.3...
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                  0024 undoc_buffer2: 00000001
[2005/12/05 17:56:50, 9] rpc_parse/parse_prs.c:(82)
                  000028 smb_io_unistr2 unistr2
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      0028 uni_max_len: 00000008
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      002c offset     : 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      0030 uni_str_len: 00000008
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(843)
                      0034 buffer     : H.R.Z._.S.M.B...
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0044 ptr_cred: 00000001
[2005/12/05 17:56:50, 8] rpc_parse/parse_prs.c:(82)
              000048 smb_io_cred 
[2005/12/05 17:56:50, 9] rpc_parse/parse_prs.c:(82)
                  000048 smb_io_chal 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
                      0048 data: ab 3f 2f fb 8c 48 40 c9 
[2005/12/05 17:56:50, 9] rpc_parse/parse_prs.c:(82)
                  000050 smb_io_utime 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      0050 time: 43947152
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0054 ptr_rtn_cred : 00000001
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000058 smb_io_cred 
[2005/12/05 17:56:50, 8] rpc_parse/parse_prs.c:(82)
              000058 smb_io_chal 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
                  0058 data: 00 00 00 00 00 00 00 00 
[2005/12/05 17:56:50, 8] rpc_parse/parse_prs.c:(82)
              000060 smb_io_utime 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                  0060 time: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0064 logon_level  : 0002
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000066 smb_io_sam_info logon_info
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0066 switch_value : 0002
[2005/12/05 17:56:50, 8] rpc_parse/parse_prs.c:(82)
              000068 net_io_id_info2 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                  0068 ptr_id_info2: 00000001
[2005/12/05 17:56:50, 9] rpc_parse/parse_prs.c:(82)
                  00006c smb_io_unihdr unihdr
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
                      006c uni_str_len: 0006
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
                      006e uni_max_len: 0006
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      0070 buffer     : 00000001
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                  0074 param_ctrl: 00000000
[2005/12/05 17:56:50, 9] rpc_parse/parse_prs.c:(82)
                  000078 smb_io_logon_id 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      0078 low : 0000dead
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      007c high: 0000beef
[2005/12/05 17:56:50, 9] rpc_parse/parse_prs.c:(82)
                  000080 smb_io_unihdr unihdr
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
                      0080 uni_str_len: 000c
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
                      0082 uni_max_len: 000c
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      0084 buffer     : 00000001
[2005/12/05 17:56:50, 9] rpc_parse/parse_prs.c:(82)
                  000088 smb_io_unihdr unihdr
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
                      0088 uni_str_len: 001a
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
                      008a uni_max_len: 001a
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      008c buffer     : 00000001
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
                  0090 lm_chal: 39 55 77 6b 19 db 0a e0 
[2005/12/05 17:56:50, 9] rpc_parse/parse_prs.c:(82)
                  000098 smb_io_strhdr hdr_nt_chal_resp
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
                      0098 str_str_len: 0018
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
                      009a str_max_len: 0018
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      009c buffer     : 00000001
[2005/12/05 17:56:50, 9] rpc_parse/parse_prs.c:(82)
                  0000a0 smb_io_strhdr hdr_lm_chal_resp
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
                      00a0 str_str_len: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
                      00a2 str_max_len: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      00a4 buffer     : 00000000
[2005/12/05 17:56:50, 9] rpc_parse/parse_prs.c:(82)
                  0000a8 smb_io_unistr2 uni_domain_name
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      00a8 uni_max_len: 00000003
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      00ac offset     : 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      00b0 uni_str_len: 00000003
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(843)
                      00b4 buffer     : H.R.Z.
[2005/12/05 17:56:50, 9] rpc_parse/parse_prs.c:(82)
                  0000ba smb_io_unistr2 uni_user_name  
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      00bc uni_max_len: 00000006
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      00c0 offset     : 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      00c4 uni_str_len: 00000006
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(843)
                      00c8 buffer     : r.a.t.z.k.a.
[2005/12/05 17:56:50, 9] rpc_parse/parse_prs.c:(82)
                  0000d4 smb_io_unistr2 uni_wksta_name 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      00d4 uni_max_len: 0000000d
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      00d8 offset     : 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      00dc uni_str_len: 0000000d
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(843)
                      00e0 buffer     : \.\.P.C.R.Z.4.7.8.-.W.X.P.
[2005/12/05 17:56:50, 9] rpc_parse/parse_prs.c:(82)
                  0000fa smb_io_string2 nt_chal_resp
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      00fc str_max_len: 00000018
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      0100 offset     : 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
                      0104 str_str_len: 00000018
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(1003)
                      0108 buffer     : ...a=WW4...J..u.....Lq..
[2005/12/05 17:56:50, 9] rpc_parse/parse_prs.c:(82)
                  000120 smb_io_string2 - NULL lm_chal_resp
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0120 validation_level: 0003
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000128 smb_io_rpc_hdr_auth hdr_auth
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0128 auth_type    : 44
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0129 auth_level   : 06
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      012a auth_pad_len : 06
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      012b auth_reserved: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      012c auth_context_id: 00000001
[2005/12/05 17:56:50, 10] rpc_client/cli_pipe.c:(1047)
  SCHANNEL seq_num=0
[2005/12/05 17:56:50, 10] rpc_parse/parse_prs.c:(1536)
  SCHANNEL: netsec_encode seq_num=0 data_len=296
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000130 smb_io_rpc_auth_netsec_chk 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
      0130 sig  : 77 00 7a 00 ff ff 00 00 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
      0138 seq_num: 1a bc 58 4d da e4 cc c4 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
      0140 packet_digest: d8 73 ff 6e 6d b3 a3 83 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
      0148 confounder: 56 92 bf d7 60 93 b9 bf 
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0x2 data_len: 0x168
[2005/12/05 17:56:50, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 168 auth_len: 20 alloc_hint: 130
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0168
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0020
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000008
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000130
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 0002
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:6026
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=442
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=26629
  smb_pid=29648
  smb_uid=49153
  smb_mid=11
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  360 (0x168)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=  360 (0x168)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=24614 (0x6026)
  smb_bcc=375
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 68  01 20 00 08 00 00 00 30  .......h . .....0
  [020] 01 00 00 00 00 02 00 04  9F 9B B0 07 CD 68 5C DD  ........ .....h\.
  [030] 0A 3B 69 B7 16 2A DA 23  DB 89 28 2C 6E C9 41 4D  .;i..*.# ..(,n.AM
  [040] 46 BB 70 34 9B DB 1C 88  3B 07 CF B6 6C 4E 9B E9  F.p4.... ;...lN..
  [050] 96 64 00 22 6F 53 27 C2  E5 10 82 E6 EF EE 60 A4  .d."oS'. ......`.
  [060] AF A0 BB 2C F8 67 4B AD  C6 85 29 71 4C 51 94 F4  ...,.gK. ..)qLQ..
  [070] 8E 73 67 D2 22 95 60 D7  2D 33 88 20 39 56 58 EC  .sg.".`. -3. 9VX.
  [080] 6C FA 19 61 1C BA 90 4F  5B 8C 81 AF 52 DA FF 2A  l..a...O [...R..*
  [090] 28 4E 7C ED E1 04 07 D5  4E C3 06 94 BE BC 05 4A  (N|..... N......J
  [0A0] 8E 97 2C 07 3A 52 6E BE  2E 70 DD F0 E0 EB 98 07  ..,.:Rn. .p......
  [0B0] 08 41 3C 4F 8A F4 1E 17  9B 52 89 CC A1 D3 33 46  .A<O.... .R....3F
  [0C0] 6F 75 19 A1 A8 C4 EF 2B  4C B8 BA E8 2F CC E5 15  ou.....+ L.../...
  [0D0] 23 ED 79 FA F9 B7 21 B5  5F 87 63 28 BC 06 0E 21  #.y...!. _.c(...!
  [0E0] 35 39 AB 0A B8 D1 37 8F  8F D4 AF 30 FB 25 9C FE  59....7. ...0.%..
  [0F0] A2 53 05 41 43 A7 28 88  2F 9D 5E 27 48 31 37 5E  .S.AC.(. /.^'H17^
  [100] 16 4F 09 94 38 82 94 05  E2 DC 2C C6 5F 1B 5A A2  .O..8... ..,._.Z.
  [110] D3 7B 55 69 71 CE 1B 08  88 85 86 FD 67 F4 5D 49  .{Uiq... ....g.]I
  [120] 94 E5 52 51 D9 D2 D4 53  B6 5C 51 86 B4 2A 1D 99  ..RQ...S .\Q..*..
  [130] DE C9 9C 27 F0 07 65 79  7F DE 0A AC BA A0 07 10  ...'..ey ........
  [140] C9 99 D0 F9 5F 75 0E 0B  C3 6A AB AB 06 47 6F 44  ...._u.. .j...GoD
  [150] 06 06 00 01 00 00 00 77  00 7A 00 FF FF 00 00 1A  .......w .z......
  [160] BC 58 4D DA E4 CC C4 D8  73 FF 6E 6D B3 A3 83 56  .XM..... s.nm...V
  [170] 92 BF D7 60 93 B9 BF                              ...`... 
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,446)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,446) wrote 446
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 488
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=488
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=26629
  smb_pid=29648
  smb_uid=49153
  smb_mid=11
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  432 (0x1B0)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  432 (0x1B0)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=433
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 68 05 00 02 03 10 00 00  00 B0 01 20 00 08 00 00  h....... ... ....
  [010] 00 70 01 00 00 00 00 00  00 A6 98 A2 28 83 33 79  .p...... ....(.3y
  [020] BE 7A 03 42 40 2A C3 FE  14 C2 D6 97 1B 14 D7 19  .z.B@*.. ........
  [030] 19 1F A1 94 5E 9D 38 5F  2C EE 9E B4 02 00 F0 DB  ....^.8_ ,.......
  [040] 6C 3C 8E 77 EC 04 62 5F  78 C6 37 B6 D1 72 18 26  l<.w..b_ x.7..r.&
  [050] AF BE 86 AC 70 0D 30 6C  B3 23 BF EA 41 D8 81 FF  ....p.0l .#..A...
  [060] 38 C0 23 60 86 E8 AE 0B  E6 80 65 2E EC E6 57 D2  8.#`.... ..e...W.
  [070] 2B D6 31 97 57 03 25 CA  E6 60 FE 14 29 A6 19 3F  +.1.W.%. .`..)..?
  [080] E1 11 27 01 30 BC CA F2  B2 0F BC 20 43 7D C3 29  ..'.0... ... C}.)
  [090] 18 E9 86 D3 2D CF BA B2  35 F4 A3 D7 DC 25 01 5A  ....-... 5....%.Z
  [0A0] 03 5F AB 6E 58 6B 6B B4  19 45 B2 CD 44 E1 75 36  ._.nXkk. .E..D.u6
  [0B0] F0 38 5C E5 B9 CD 64 EC  35 F2 E3 9A B7 46 38 16  .8\...d. 5....F8.
  [0C0] DF 78 40 C8 E1 9E 4F B3  97 22 F1 7B CF 5C 1B 1F  .x@...O. .".{.\..
  [0D0] D5 99 2C 0B 02 69 F1 B9  0D BB 52 AE 86 FC 97 7F  ..,..i.. ..R.....
  [0E0] B5 E4 4D B5 E2 3E 5E 11  26 EA 54 AD 1C 79 43 20  ..M..>^. &.T..yC 
  [0F0] 18 7E EE 6E 4A CC 80 E5  0A 68 A3 A3 AA 7C 86 60  .~.nJ... .h...|.`
  [100] 27 42 2A AD 5F E5 81 6F  4F 4C E4 42 D9 02 1A 6B  'B*._..o OL.B...k
  [110] 07 34 AE AA C1 57 14 84  AF AA D2 8A 49 78 05 C6  .4...W.. ....Ix..
  [120] 8B C2 E2 87 80 57 E1 39  39 A0 CE A0 90 4F F9 B3  .....W.9 9....O..
  [130] B8 A5 09 DC 9F FE 5C 49  4A 4C 72 2D 67 E9 0B 80  ......\I JLr-g...
  [140] 9B 52 DC DC 9D 8E 65 C7  4C 67 BA 95 97 FA C3 E9  .R....e. Lg......
  [150] D5 49 74 56 AD F1 04 57  0E 05 10 0A 5C FF 7D 48  .ItV...W ....\.}H
  [160] 62 50 03 8D DE 8C 42 06  60 B5 4E CC 29 A4 BB 95  bP....B. `.N.)...
  [170] 35 96 6C 22 90 11 02 2C  F1 C5 F8 CC 9B 92 D9 0D  5.l"..., ........
  [180] 9C 42 9A 52 0C 88 A1 9E  D1 44 06 00 00 01 00 00  .B.R.... .D......
  [190] 00 77 00 7A 00 FF FF 00  00 D6 26 23 28 01 F3 F2  .w.z.... ..&#(...
  [1A0] 91 B8 8E DB 06 F2 B3 B5  70 F3 79 AC 72 1F 9B 8E  ........ p.y.r...
  [1B0] BE                                                . 
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=488
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=26629
  smb_pid=29648
  smb_uid=49153
  smb_mid=11
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  432 (0x1B0)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  432 (0x1B0)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=433
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 68 05 00 02 03 10 00 00  00 B0 01 20 00 08 00 00  h....... ... ....
  [010] 00 70 01 00 00 00 00 00  00 A6 98 A2 28 83 33 79  .p...... ....(.3y
  [020] BE 7A 03 42 40 2A C3 FE  14 C2 D6 97 1B 14 D7 19  .z.B@*.. ........
  [030] 19 1F A1 94 5E 9D 38 5F  2C EE 9E B4 02 00 F0 DB  ....^.8_ ,.......
  [040] 6C 3C 8E 77 EC 04 62 5F  78 C6 37 B6 D1 72 18 26  l<.w..b_ x.7..r.&
  [050] AF BE 86 AC 70 0D 30 6C  B3 23 BF EA 41 D8 81 FF  ....p.0l .#..A...
  [060] 38 C0 23 60 86 E8 AE 0B  E6 80 65 2E EC E6 57 D2  8.#`.... ..e...W.
  [070] 2B D6 31 97 57 03 25 CA  E6 60 FE 14 29 A6 19 3F  +.1.W.%. .`..)..?
  [080] E1 11 27 01 30 BC CA F2  B2 0F BC 20 43 7D C3 29  ..'.0... ... C}.)
  [090] 18 E9 86 D3 2D CF BA B2  35 F4 A3 D7 DC 25 01 5A  ....-... 5....%.Z
  [0A0] 03 5F AB 6E 58 6B 6B B4  19 45 B2 CD 44 E1 75 36  ._.nXkk. .E..D.u6
  [0B0] F0 38 5C E5 B9 CD 64 EC  35 F2 E3 9A B7 46 38 16  .8\...d. 5....F8.
  [0C0] DF 78 40 C8 E1 9E 4F B3  97 22 F1 7B CF 5C 1B 1F  .x@...O. .".{.\..
  [0D0] D5 99 2C 0B 02 69 F1 B9  0D BB 52 AE 86 FC 97 7F  ..,..i.. ..R.....
  [0E0] B5 E4 4D B5 E2 3E 5E 11  26 EA 54 AD 1C 79 43 20  ..M..>^. &.T..yC 
  [0F0] 18 7E EE 6E 4A CC 80 E5  0A 68 A3 A3 AA 7C 86 60  .~.nJ... .h...|.`
  [100] 27 42 2A AD 5F E5 81 6F  4F 4C E4 42 D9 02 1A 6B  'B*._..o OL.B...k
  [110] 07 34 AE AA C1 57 14 84  AF AA D2 8A 49 78 05 C6  .4...W.. ....Ix..
  [120] 8B C2 E2 87 80 57 E1 39  39 A0 CE A0 90 4F F9 B3  .....W.9 9....O..
  [130] B8 A5 09 DC 9F FE 5C 49  4A 4C 72 2D 67 E9 0B 80  ......\I JLr-g...
  [140] 9B 52 DC DC 9D 8E 65 C7  4C 67 BA 95 97 FA C3 E9  .R....e. Lg......
  [150] D5 49 74 56 AD F1 04 57  0E 05 10 0A 5C FF 7D 48  .ItV...W ....\.}H
  [160] 62 50 03 8D DE 8C 42 06  60 B5 4E CC 29 A4 BB 95  bP....B. `.N.)...
  [170] 35 96 6C 22 90 11 02 2C  F1 C5 F8 CC 9B 92 D9 0D  5.l"..., ........
  [180] 9C 42 9A 52 0C 88 A1 9E  D1 44 06 00 00 01 00 00  .B.R.... .D......
  [190] 00 77 00 7A 00 FF FF 00  00 D6 26 23 28 01 F3 F2  .w.z.... ..&#(...
  [1A0] 91 B8 8E DB 06 F2 B3 B5  70 F3 79 AC 72 1F 9B 8E  ........ p.y.r...
  [1B0] BE                                                . 
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 432
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 01b0
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0020
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000008
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000170
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 432
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(214)
  rpc_auth_pipe: pkt_type: 2 len: 432 auth_len: 32 NTLMSSP No schannel Yes sign Yes seal Yes 
[2005/12/05 17:56:50, 10] rpc_client/cli_pipe.c:(221)
  rpc_auth_pipe: packet:
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr_auth auth_hdr
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 auth_type    : 44
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 auth_level   : 06
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 auth_pad_len : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 auth_reserved: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0004 auth_context_id: 00000001
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000008 smb_io_rpc_auth_netsec_chk schannel_auth_sign
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
      0008 sig  : 77 00 7a 00 ff ff 00 00 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
      0010 seq_num: d6 26 23 28 01 f3 f2 91 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
      0018 packet_digest: b8 8e db 06 f2 b3 b5 70 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
      0020 confounder: f3 79 ac 72 1f 9b 8e be 
[2005/12/05 17:56:50, 10] rpc_parse/parse_prs.c:(1613)
  SCHANNEL: netsec_encode seq_num=1 data_len=368
[2005/12/05 17:56:50, 10] rpc_parse/parse_prs.c:(1633)
  SCHANNEL: netsec_decode seq_num=1 data_len=368
[2005/12/05 17:56:50, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000018 net_io_r_sam_logon 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0018 buffer_creds: 00188078
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      00001c smb_io_cred 
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          00001c smb_io_chal 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              001c data: ff 7f 27 50 6b c9 ff 56 
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000024 smb_io_utime 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0024 time: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0028 switch_value: 0003
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      00002c net_io_user_info3 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          002c ptr_user_info : 00182f80
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000030 smb_io_time logon time
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0030 low : fa608040
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0034 high: 01c5f92d
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000038 smb_io_time logoff time
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0038 low : ffffffff
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              003c high: 7fffffff
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000040 smb_io_time kickoff time
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0040 low : ffffffff
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0044 high: 7fffffff
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000048 smb_io_time last set time
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0048 low : 6f2e05a6
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              004c high: 01c5f9b4
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000050 smb_io_time can change time
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0050 low : 6f2e05a6
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0054 high: 01c5f9b4
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000058 smb_io_time must change time
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0058 low : ffffffff
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              005c high: 7fffffff
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000060 smb_io_unihdr hdr_user_name
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0060 uni_str_len: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0062 uni_max_len: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0064 buffer     : 00000000
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000068 smb_io_unihdr hdr_full_name
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0068 uni_str_len: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              006a uni_max_len: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              006c buffer     : 00000000
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000070 smb_io_unihdr hdr_logon_script
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0070 uni_str_len: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0072 uni_max_len: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0074 buffer     : 00000000
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000078 smb_io_unihdr hdr_profile_path
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0078 uni_str_len: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              007a uni_max_len: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              007c buffer     : 00000000
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000080 smb_io_unihdr hdr_home_dir
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0080 uni_str_len: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0082 uni_max_len: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0084 buffer     : 00000000
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000088 smb_io_unihdr hdr_dir_drive
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0088 uni_str_len: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              008a uni_max_len: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              008c buffer     : 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0090 logon_count   : 040d
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0092 bad_pw_count  : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0094 user_rid      : 000003f0
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0098 group_rid     : 00000201
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          009c num_groups    : 00000007
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          00a0 buffer_groups : 0018304c
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          00a4 user_flgs     : 00000120
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
          00a8 user_sess_key: fb 16 a5 81 6b a1 f3 2e 43 84 39 1d 5d 73 e4 32 
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          0000b8 smb_io_unihdr hdr_logon_srv
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              00b8 uni_str_len: 000c
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              00ba uni_max_len: 000e
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              00bc buffer     : 0018309c
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          0000c0 smb_io_unihdr hdr_logon_dom
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              00c0 uni_str_len: 0006
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              00c2 uni_max_len: 0008
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              00c4 buffer     : 001830aa
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          00c8 buffer_dom_id : 00183084
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
          00cc lm_sess_key: 49 21 e2 df 2d 9f 13 31 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          00d4 acct_flags : 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          00d8 unkown: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          00dc unkown: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          00e0 unkown: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          00e4 unkown: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          00e8 unkown: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          00ec unkown: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          00f0 unkown: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          00f4 num_other_sids: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          00f8 buffer_other_sids: 00000000
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_user_name
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_full_name
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_logon_script
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_profile_path
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_home_dir
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_dir_drive
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          00fc num_groups2   : 00000007
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000100 smb_io_gid 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0100 g_rid: 00000201
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0104 attr : 00000007
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000108 smb_io_gid 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0108 g_rid: 0000046f
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              010c attr : 00000007
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000110 smb_io_gid 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0110 g_rid: 0000048c
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0114 attr : 00000007
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000118 smb_io_gid 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0118 g_rid: 00000549
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              011c attr : 00000007
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000120 smb_io_gid 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0120 g_rid: 00000576
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0124 attr : 00000007
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000128 smb_io_gid 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0128 g_rid: 00000784
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              012c attr : 00000007
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000130 smb_io_gid 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0130 g_rid: 000007ab
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0134 attr : 00000007
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000138 smb_io_unistr2 uni_logon_srv
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0138 uni_max_len: 00000007
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              013c offset     : 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0140 uni_str_len: 00000006
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(843)
              0144 buffer     : N.T.R.Z.1.3.
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000150 smb_io_unistr2 uni_logon_dom
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0150 uni_max_len: 00000004
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0154 offset     : 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0158 uni_str_len: 00000003
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(843)
              015c buffer     : H.R.Z.
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000162 smb_io_dom_sid2 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0164 num_auths: 00000004
[2005/12/05 17:56:50, 8] rpc_parse/parse_prs.c:(82)
              000168 smb_io_dom_sid sid
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
                  0168 sid_rev_num: 01
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
                  0169 num_auths  : 04
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
                  016a id_auth[0] : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
                  016b id_auth[1] : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
                  016c id_auth[2] : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
                  016d id_auth[3] : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
                  016e id_auth[4] : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
                  016f id_auth[5] : 05
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(898)
                  0170 sub_auths : 00000015 413b77f4 713029db 374c57ac 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0180 auth_resp   : 1556ec01
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(701)
      0184 status      : NT_STATUS_OK
[2005/12/05 17:56:50, 10] passdb/secrets.c:(771)
  secrets_named_mutex: released mutex for NTRZ13
[2005/12/05 17:56:50, 5] lib/username.c:(313)
  Finding user HRZ\ratzka
[2005/12/05 17:56:50, 5] lib/username.c:(262)
  Trying _Get_Pwnam(), username as lowercase is hrz\ratzka
[2005/12/05 17:56:50, 5] lib/username.c:(269)
  Trying _Get_Pwnam(), username as given is HRZ\ratzka
[2005/12/05 17:56:50, 5] lib/username.c:(278)
  Trying _Get_Pwnam(), username as uppercase is HRZ\RATZKA
[2005/12/05 17:56:50, 5] lib/username.c:(286)
  Checking combinations of 0 uppercase letters in hrz\ratzka
[2005/12/05 17:56:50, 5] lib/username.c:(290)
  Get_Pwnam_internals didn't find user [HRZ\ratzka]!
[2005/12/05 17:56:50, 5] lib/username.c:(313)
  Finding user ratzka
[2005/12/05 17:56:50, 5] lib/username.c:(262)
  Trying _Get_Pwnam(), username as lowercase is ratzka
[2005/12/05 17:56:50, 5] lib/username.c:(290)
  Get_Pwnam_internals did find user [ratzka]!
[2005/12/05 17:56:50, 5] auth/auth_util.c:(994)
  fill_sam_account: located username was [ratzka]
[2005/12/05 17:56:50, 10] passdb/pdb_get_set.c:(617)
  pdb_set_username: setting username ratzka, was 
[2005/12/05 17:56:50, 10] passdb/pdb_get_set.c:(698)
  pdb_set_full_name: setting full name Wolfgang Ratzka, HRZ, x5876, was 
[2005/12/05 17:56:50, 10] passdb/pdb_get_set.c:(833)
  pdb_set_unix_homedir: setting home dir /home/ratzka, was NULL
[2005/12/05 17:56:50, 10] passdb/pdb_get_set.c:(644)
  pdb_set_domain: setting domain HRZ_SMB, was 
[2005/12/05 17:56:50, 10] passdb/pdb_get_set.c:(544)
  pdb_set_user_sid: setting user sid S-1-5-21-1686530679-3929198075-576801238-66824
[2005/12/05 17:56:50, 10] passdb/pdb_compat.c:(73)
  pdb_set_user_sid_from_rid:
  	setting user sid S-1-5-21-1686530679-3929198075-576801238-66824 from rid 66824
[2005/12/05 17:56:50, 3] smbd/sec_ctx.c:(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/12/05 17:56:50, 3] smbd/uid.c:(388)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/12/05 17:56:50, 3] smbd/sec_ctx.c:(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/12/05 17:56:50, 5] auth/auth_util.c:(452)
  NT user token: (NULL)
[2005/12/05 17:56:50, 5] auth/auth_util.c:(473)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/12/05 17:56:50, 3] smbd/sec_ctx.c:(386)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/12/05 17:56:50, 10] passdb/pdb_get_set.c:(580)
  pdb_set_group_sid: setting group sid S-1-5-21-1686530679-3929198075-576801238-1201
[2005/12/05 17:56:50, 10] passdb/pdb_compat.c:(100)
  pdb_set_group_sid_from_rid:
  	setting group sid S-1-5-21-1686530679-3929198075-576801238-1201 from rid 1201
[2005/12/05 17:56:50, 4] lib/substitute.c:(337)
  Home server: hrz_smb
[2005/12/05 17:56:50, 10] passdb/pdb_get_set.c:(752)
  pdb_set_profile_path: setting profile path \\hrz_smb\ratzka\profile, was 
[2005/12/05 17:56:50, 4] lib/substitute.c:(337)
  Home server: hrz_smb
[2005/12/05 17:56:50, 10] passdb/pdb_get_set.c:(806)
  pdb_set_homedir: setting home dir \\hrz_smb\ratzka, was 
[2005/12/05 17:56:50, 10] passdb/pdb_get_set.c:(779)
  pdb_set_dir_drive: setting dir drive , was NULL
[2005/12/05 17:56:50, 10] passdb/pdb_get_set.c:(725)
  pdb_set_logon_script: setting logon script , was 
[2005/12/05 17:56:50, 10] passdb/pdb_get_set.c:(671)
  pdb_set_nt_username: setting nt username ratzka, was 
[2005/12/05 17:56:50, 10] passdb/pdb_get_set.c:(617)
  pdb_set_username: setting username ratzka, was ratzka
[2005/12/05 17:56:50, 10] passdb/pdb_get_set.c:(644)
  pdb_set_domain: setting domain HRZ, was HRZ_SMB
[2005/12/05 17:56:50, 10] passdb/pdb_get_set.c:(544)
  pdb_set_user_sid: setting user sid S-1-5-21-1094416372-1898981851-927750060-1008
[2005/12/05 17:56:50, 10] passdb/pdb_get_set.c:(580)
  pdb_set_group_sid: setting group sid S-1-5-21-1094416372-1898981851-927750060-513
[2005/12/05 17:56:50, 10] passdb/pdb_get_set.c:(698)
  pdb_set_full_name: setting full name , was Wolfgang Ratzka, HRZ, x5876
[2005/12/05 17:56:50, 10] passdb/pdb_get_set.c:(725)
  pdb_set_logon_script: setting logon script , was 
[2005/12/05 17:56:50, 10] passdb/pdb_get_set.c:(752)
  pdb_set_profile_path: setting profile path , was \\hrz_smb\ratzka\profile
[2005/12/05 17:56:50, 10] passdb/pdb_get_set.c:(806)
  pdb_set_homedir: setting home dir , was \\hrz_smb\ratzka
[2005/12/05 17:56:50, 10] passdb/pdb_get_set.c:(779)
  pdb_set_dir_drive: setting dir drive , was 
[2005/12/05 17:56:50, 3] smbd/sec_ctx.c:(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/12/05 17:56:50, 3] smbd/uid.c:(388)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/12/05 17:56:50, 3] smbd/sec_ctx.c:(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/12/05 17:56:50, 5] auth/auth_util.c:(452)
  NT user token: (NULL)
[2005/12/05 17:56:50, 5] auth/auth_util.c:(473)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/12/05 17:56:50, 10] lib/system_smbd.c:(116)
  sys_getgrouplist: user [ratzka]
[2005/12/05 17:56:50, 10] lib/system_smbd.c:(125)
  sys_getgrouplist(): disabled winbindd for group lookup [user == ratzka]
[2005/12/05 17:56:50, 3] smbd/sec_ctx.c:(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2005/12/05 17:56:50, 3] smbd/uid.c:(388)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 1
[2005/12/05 17:56:50, 3] smbd/sec_ctx.c:(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2005/12/05 17:56:50, 5] auth/auth_util.c:(452)
  NT user token: (NULL)
[2005/12/05 17:56:50, 5] auth/auth_util.c:(473)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/12/05 17:56:50, 6] param/loadparm.c:(2834)
  lp_file_list_changed()
  file /opt/csw/etc/samba/smb.conf -> /opt/csw/etc/samba/smb.conf  last mod_time: Fri Dec  2 16:33:42 2005
  
[2005/12/05 17:56:50, 5] auth/auth_util.c:(191)
  make_user_info_map: Mapping user [HRZ]\[ratzka] from workstation [PCRZ478-WXP]
[2005/12/05 17:56:50, 10] lib/gencache.c:(263)
  Returning valid cache entry: key = TDOMCACHE/TIMESTAMP, value = 0, timeout = Mon Dec  5 18:06:50 2005
  
[2005/12/05 17:56:50, 10] lib/gencache.c:(127)
  Adding cache entry with key = TDOMCACHE/TIMESTAMP; value = 0 and timeout = Mon Dec  5 18:06:50 2005
   (600 seconds ahead)
[2005/12/05 17:56:50, 4] passdb/secrets.c:(281)
  Using cleartext machine password
[2005/12/05 17:56:50, 8] libsmb/namequery.c:(1433)
  get_sorted_dc_list: attempting lookup using [lmhosts wins host bcast]
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(1028)
  internal_resolve_name: looking up HRZ#1c
[2005/12/05 17:56:50, 10] lib/gencache.c:(263)
  Returning valid cache entry: key = NBT/HRZ#1C, value = 137.248.3.174:0,137.248.3.163:0,137.248.3.45:0, timeout = Mon Dec  5 18:06:09 2005
  
[2005/12/05 17:56:50, 5] libsmb/namecache.c:(201)
  name HRZ#1C found.
[2005/12/05 17:56:50, 8] libsmb/namequery.c:(1316)
  Adding 3 DC's from auto lookup
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(320)
  remove_duplicate_addrs2: looking for duplicate address/port pairs
[2005/12/05 17:56:50, 4] libsmb/namequery.c:(1406)
  get_dc_list: returning 3 ip addresses in an unordered list
[2005/12/05 17:56:50, 4] libsmb/namequery.c:(1407)
  get_dc_list: 137.248.3.174:0 137.248.3.163:0 137.248.3.45:0 
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(188)
  name_status_find: looking up HRZ#1c at 137.248.3.174
[2005/12/05 17:56:50, 10] lib/gencache.c:(285)
  Cache entry with key = NBT/HRZ#1C.20.137.248.3.174 couldn't be found
[2005/12/05 17:56:50, 5] libsmb/namecache.c:(308)
  namecache_status_fetch: no entry for NBT/HRZ#1C.20.137.248.3.174 found.
[2005/12/05 17:56:50, 10] lib/gencache.c:(214)
  Deleting cache entry (key = NBT/HRZ#1C.20.137.248.3.174)
[2005/12/05 17:56:50, 10] lib/util_sock.c:(832)
  bind succeeded on port 0
[2005/12/05 17:56:50, 5] libsmb/nmblib.c:(777)
  Sending a packet of len 50 to (137.248.3.174) on port 137
[2005/12/05 17:56:50, 10] lib/util_sock.c:(286)
  read_udp_socket: lastip 137.248.3.174 lastport 137 read: 247
[2005/12/05 17:56:50, 10] libsmb/nmblib.c:(506)
  parse_nmb: packet id = 21120
[2005/12/05 17:56:50, 5] libsmb/nmblib.c:(755)
  Received a packet of len 247 from (137.248.3.174) port 137
[2005/12/05 17:56:50, 4] libsmb/nmblib.c:(112)
  nmb packet from 137.248.3.174(137) header: id=21120 opcode=Query(0) response=Yes
      header: flags: bcast=No rec_avail=No rec_des=No trunc=No auth=Yes
      header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
      answers: nmb_name=HRZ<1c> rr_type=33 rr_class=1 ttl=0
      answers   0 char .NTRZ13            hex 074E54525A3133202020202020202020
      answers  10 char .D.HRZ             hex 00440048525A20202020202020202020
      answers  20 char   ...HRZ           hex 202000C40048525A2020202020202020
      answers  30 char     ...NTRZ13      hex 202020201CC4004E54525A3133202020
      answers  40 char        D.HRZ       hex 20202020202020440048525A20202020
      answers  50 char         ...NTRZ1   hex 20202020202020201EC4004E54525A31
      answers  60 char 3         .D.NTR   hex 332020202020202020200344004E5452
      answers  70 char Z13         .D..   hex 5A313320202020202020202001440000
      answers  80 char ...e............   hex 01020A65D90000000000000000000000
      answers  90 char ................   hex 00000000000000000000000000000000
      answers  a0 char .............   hex 00000000000000000000000000
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  NTRZ13#00: flags = 0x44
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  HRZ#00: flags = 0xc4
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  HRZ#1c: flags = 0xc4
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  NTRZ13#20: flags = 0x44
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  HRZ#1e: flags = 0xc4
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  NTRZ13#03: flags = 0x44
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  NTRZ13#01: flags = 0x44
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(227)
  name_status_find: name found, name NTRZ13 ip address is 137.248.3.174
[2005/12/05 17:56:50, 3] libsmb/namequery_dc.c:(145)
  rpc_dc_name: Returning DC NTRZ13 (137.248.3.174) for domain HRZ
[2005/12/05 17:56:50, 3] libsmb/cliconnect.c:(1407)
  Connecting to host=NTRZ13
[2005/12/05 17:56:50, 3] lib/util_sock.c:(867)
  Connecting to 137.248.3.174 at port 445
[2005/12/05 17:56:50, 2] lib/util_sock.c:(904)
  error connecting to 137.248.3.174:445 (Connection refused)
[2005/12/05 17:56:50, 3] lib/util_sock.c:(867)
  Connecting to 137.248.3.174 at port 139
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option SO_KEEPALIVE = 0
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option SO_REUSEADDR = 0
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option SO_BROADCAST = 0
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option TCP_NODELAY = 1
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option IPTOS_LOWDELAY = 0
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option IPTOS_THROUGHPUT = 0
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option SO_SNDBUF = 49152
[2005/12/05 17:56:50, 5] lib/util_sock.c:(203)
  socket option SO_RCVBUF = 49640
[2005/12/05 17:56:50, 5] lib/util_sock.c:(201)
  Could not test socket option SO_SNDLOWAT.
[2005/12/05 17:56:50, 5] lib/util_sock.c:(201)
  Could not test socket option SO_RCVLOWAT.
[2005/12/05 17:56:50, 5] lib/util_sock.c:(201)
  Could not test socket option SO_SNDTIMEO.
[2005/12/05 17:56:50, 5] lib/util_sock.c:(201)
  Could not test socket option SO_RCVTIMEO.
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,72)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,72) wrote 72
[2005/12/05 17:56:50, 5] libsmb/cliconnect.c:(1233)
  Sent session request
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 0
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=0
  smb_com=0x0
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=0
  smb_flg2=0
  smb_tid=0
  smb_pid=0
  smb_uid=0
  smb_mid=0
  smt_wct=0
  smb_bcc=0
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,183)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,183) wrote 183
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 85
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=85
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=55297
  smb_tid=0
  smb_pid=29649
  smb_uid=0
  smb_mid=2
  smt_wct=17
  smb_vwv[ 0]=    8 (0x8)
  smb_vwv[ 1]=12803 (0x3203)
  smb_vwv[ 2]=  256 (0x100)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=   17 (0x11)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  256 (0x100)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=64768 (0xFD00)
  smb_vwv[10]=   67 (0x43)
  smb_vwv[11]=31232 (0x7A00)
  smb_vwv[12]=10676 (0x29B4)
  smb_vwv[13]=48355 (0xBCE3)
  smb_vwv[14]=50681 (0xC5F9)
  smb_vwv[15]=50177 (0xC401)
  smb_vwv[16]= 2303 (0x8FF)
  smb_bcc=16
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 88 2A 7A F0 12 3C 56 5C  48 00 52 00 5A 00 00 00  .*z..<V\ H.R.Z...
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=85
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=55297
  smb_tid=0
  smb_pid=29649
  smb_uid=0
  smb_mid=2
  smt_wct=17
  smb_vwv[ 0]=    8 (0x8)
  smb_vwv[ 1]=12803 (0x3203)
  smb_vwv[ 2]=  256 (0x100)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=   17 (0x11)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  256 (0x100)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=64768 (0xFD00)
  smb_vwv[10]=   67 (0x43)
  smb_vwv[11]=31232 (0x7A00)
  smb_vwv[12]=10676 (0x29B4)
  smb_vwv[13]=48355 (0xBCE3)
  smb_vwv[14]=50681 (0xC5F9)
  smb_vwv[15]=50177 (0xC401)
  smb_vwv[16]= 2303 (0x8FF)
  smb_bcc=16
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 88 2A 7A F0 12 3C 56 5C  48 00 52 00 5A 00 00 00  .*z..<V\ H.R.Z...
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,92)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,92) wrote 92
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 118
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=118
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=0
  smb_pid=29649
  smb_uid=10241
  smb_mid=3
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  118 (0x76)
  smb_vwv[ 2]=    0 (0x0)
  smb_bcc=77
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 00 57 00 69 00 6E 00 64  00 6F 00 77 00 73 00 20  .W.i.n.d .o.w.s. 
  [010] 00 4E 00 54 00 20 00 34  00 2E 00 30 00 00 00 4E  .N.T. .4 ...0...N
  [020] 00 54 00 20 00 4C 00 41  00 4E 00 20 00 4D 00 61  .T. .L.A .N. .M.a
  [030] 00 6E 00 61 00 67 00 65  00 72 00 20 00 34 00 2E  .n.a.g.e .r. .4..
  [040] 00 30 00 00 00 48 00 52  00 5A 00 00 00           .0...H.R .Z...
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=118
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=0
  smb_pid=29649
  smb_uid=10241
  smb_mid=3
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  118 (0x76)
  smb_vwv[ 2]=    0 (0x0)
  smb_bcc=77
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 00 57 00 69 00 6E 00 64  00 6F 00 77 00 73 00 20  .W.i.n.d .o.w.s. 
  [010] 00 4E 00 54 00 20 00 34  00 2E 00 30 00 00 00 4E  .N.T. .4 ...0...N
  [020] 00 54 00 20 00 4C 00 41  00 4E 00 20 00 4D 00 61  .T. .L.A .N. .M.a
  [030] 00 6E 00 61 00 67 00 65  00 72 00 20 00 34 00 2E  .n.a.g.e .r. .4..
  [040] 00 30 00 00 00 48 00 52  00 5A 00 00 00           .0...H.R .Z...
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,80)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,80) wrote 80
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 48
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=48
  smb_com=0x75
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6145
  smb_pid=29649
  smb_uid=10241
  smb_mid=4
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=   48 (0x30)
  smb_vwv[ 2]=    1 (0x1)
  smb_bcc=7
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 49 50 43 00 00 00 00                              IPC.... 
[2005/12/05 17:56:50, 10] libsmb/clientgen.c:(232)
  cli_init_creds: user  domain 
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,104)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,104) wrote 104
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 103
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=103
  smb_com=0xa2
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6145
  smb_pid=29649
  smb_uid=10241
  smb_mid=5
  smt_wct=34
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  103 (0x67)
  smb_vwv[ 2]= 3840 (0xF00)
  smb_vwv[ 3]=  280 (0x118)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=    0 (0x0)
  smb_vwv[11]=    0 (0x0)
  smb_vwv[12]=    0 (0x0)
  smb_vwv[13]=    0 (0x0)
  smb_vwv[14]=    0 (0x0)
  smb_vwv[15]=    0 (0x0)
  smb_vwv[16]=    0 (0x0)
  smb_vwv[17]=    0 (0x0)
  smb_vwv[18]=    0 (0x0)
  smb_vwv[19]=    0 (0x0)
  smb_vwv[20]=    0 (0x0)
  smb_vwv[21]=32768 (0x8000)
  smb_vwv[22]=    0 (0x0)
  smb_vwv[23]=    0 (0x0)
  smb_vwv[24]=   16 (0x10)
  smb_vwv[25]=    0 (0x0)
  smb_vwv[26]=    0 (0x0)
  smb_vwv[27]=    0 (0x0)
  smb_vwv[28]=    0 (0x0)
  smb_vwv[29]=    0 (0x0)
  smb_vwv[30]=    0 (0x0)
  smb_vwv[31]=  512 (0x200)
  smb_vwv[32]=65280 (0xFF00)
  smb_vwv[33]=    5 (0x5)
  smb_bcc=0
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(1343)
  Bind RPC Pipe[180f]: \PIPE\lsarpc
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(1237)
  Bind Abstract Syntax: [000] 12 34 57 78 12 34 AB CD  EF 00 01 23 45 67 89 AB  .4Wx.4.. ...#Eg..
  [010] 00 00 00 00                                       .... 
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(1240)
  Bind Transfer Syntax: [000] 8A 88 5D 04 1C EB 11 C9  9F E8 08 00 2B 10 48 60  ..]..... ....+.H`
  [010] 00 00 00 02                                       .... 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0b
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0048
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000001
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_rb 
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0018 num_contexts: 01
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      001c context_id  : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      001e num_transfer_syntaxes: 01
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      00001f smb_io_rpc_iface 
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000020 smb_io_uuid uuid
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0020 data   : 12345778
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0024 data   : 1234
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0026 data   : abcd
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              0028 data   : ef 00 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              002a data   : 01 23 45 67 89 ab 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0030 version: 00000000
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000034 smb_io_rpc_iface 
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000034 smb_io_uuid uuid
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0034 data   : 8a885d04
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0038 data   : 1ceb
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              003a data   : 11c9
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              003c data   : 9f e8 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              003e data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0044 version: 00000002
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:180f
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=154
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=6145
  smb_pid=29649
  smb_uid=10241
  smb_mid=6
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   72 (0x48)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   72 (0x48)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]= 6159 (0x180F)
  smb_bcc=87
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 0B 03 10 00 00 00 48  00 00 00 01 00 00 00 B8  .......H ........
  [020] 10 B8 10 00 00 00 00 01  00 00 00 00 00 01 00 78  ........ .......x
  [030] 57 34 12 34 12 CD AB EF  00 01 23 45 67 89 AB 00  W4.4.... ..#Eg...
  [040] 00 00 00 04 5D 88 8A EB  1C C9 11 9F E8 08 00 2B  ....]... .......+
  [050] 10 48 60 02 00 00 00                              .H`.... 
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,158)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,158) wrote 158
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 124
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=124
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6145
  smb_pid=29649
  smb_uid=10241
  smb_mid=6
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   68 (0x44)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=69
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 48 05 00 0C 03 10 00 00  00 44 00 00 00 01 00 00  H....... .D......
  [010] 00 B8 10 B8 10 35 97 13  00 0C 00 5C 50 49 50 45  .....5.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 00  00 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00                                    `.... 
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=124
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6145
  smb_pid=29649
  smb_uid=10241
  smb_mid=6
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   68 (0x44)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=69
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 48 05 00 0C 03 10 00 00  00 44 00 00 00 01 00 00  H....... .D......
  [010] 00 B8 10 B8 10 35 97 13  00 0C 00 5C 50 49 50 45  .....5.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 00  00 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00                                    `.... 
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 68
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0c
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0044
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000001
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 68
[2005/12/05 17:56:50, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(1419)
  rpc_pipe_bind: rpc_api_pipe returned OK.
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_ba 
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00139735
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_rpc_addr_str 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0018 len: 000c
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
          001a str: \PIPE\lsass.
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000026 smb_io_rpc_results 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
          0028 num_results: 01
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          002c result     : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          002e reason     : 0000
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000030 smb_io_rpc_iface 
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000030 smb_io_uuid uuid
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0030 data   : 8a885d04
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0034 data   : 1ceb
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0036 data   : 11c9
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              0038 data   : 9f e8 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
              003a data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0040 version: 00000002
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(1293)
  bind_rpc_pipe: accepted!
[2005/12/05 17:56:50, 5] rpc_parse/parse_lsa.c:(142)
  init_lsa_sec_qos
[2005/12/05 17:56:50, 5] rpc_parse/parse_lsa.c:(261)
  init_open_pol: attr:0 da:1
[2005/12/05 17:56:50, 5] rpc_parse/parse_lsa.c:(193)
  init_lsa_obj_attr
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 lsa_io_q_open_pol 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0000 ptr       : 00000001
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0004 system_name: 005c
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000008 lsa_io_obj_attr 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0008 len         : 00000018
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          000c ptr_root_dir: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0010 ptr_obj_name: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0014 attributes  : 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0018 ptr_sec_desc: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          001c ptr_sec_qos : 00000001
[2005/12/05 17:56:50, 7] rpc_parse/parse_prs.c:(82)
          000020 lsa_io_obj_qos sec_qos
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
              0020 len           : 0000000c
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
              0024 sec_imp_level : 0002
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
              0026 sec_ctxt_mode : 01
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
              0027 effective_only: 00
[2005/12/05 17:56:50, 3] rpc_parse/parse_lsa.c:(181)
  lsa_io_sec_qos: length c does not match size 8
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0028 des_access: 00000001
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0x6 data_len: 0x44
[2005/12/05 17:56:50, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 44 auth_len: 0 alloc_hint: 34
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0044
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000002
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000034
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 0006
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:180f
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=150
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=6145
  smb_pid=29649
  smb_uid=10241
  smb_mid=7
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   68 (0x44)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]= 6159 (0x180F)
  smb_bcc=83
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 44  00 00 00 02 00 00 00 34  .......D .......4
  [020] 00 00 00 00 00 06 00 01  00 00 00 5C 00 00 00 18  ........ ...\....
  [030] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
  [040] 00 00 00 01 00 00 00 0C  00 00 00 02 00 01 00 01  ........ ........
  [050] 00 00 00                                          ... 
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,154)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,154) wrote 154
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 104
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=104
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6145
  smb_pid=29649
  smb_uid=10241
  smb_mid=7
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   48 (0x30)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   48 (0x30)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=49
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 44 05 00 02 03 10 00 00  00 30 00 00 00 02 00 00  D....... .0......
  [010] 00 18 00 00 00 00 00 00  00 00 00 00 00 AF DB BA  ........ ........
  [020] B9 FA 60 7F 4B B4 84 5E  0E 5F 2B DB 71 00 00 00  ..`.K..^ ._+.q...
  [030] 00                                                . 
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=104
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6145
  smb_pid=29649
  smb_uid=10241
  smb_mid=7
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   48 (0x30)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   48 (0x30)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=49
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 44 05 00 02 03 10 00 00  00 30 00 00 00 02 00 00  D....... .0......
  [010] 00 18 00 00 00 00 00 00  00 00 00 00 00 AF DB BA  ........ ........
  [020] B9 FA 60 7F 4B B4 84 5E  0E 5F 2B DB 71 00 00 00  ..`.K..^ ._+.q...
  [030] 00                                                . 
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 48
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0030
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000002
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000018
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 48
[2005/12/05 17:56:50, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000018 lsa_io_r_open_pol 
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_pol_hnd 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0018 data1: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          001c data2: b9badbaf
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0020 data3: 60fa
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0022 data4: 4b7f
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
          0024 data5: b4 84 5e 0e 5f 2b db 71 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(701)
      002c status: NT_STATUS_OK
[2005/12/05 17:56:50, 5] rpc_parse/parse_lsa.c:(477)
  init_q_enum_trust_dom
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 lsa_io_q_enum_trust_dom 
[2005/12/05 17:56:50, 6] rpc_parse/parse_prs.c:(82)
      000000 smb_io_pol_hnd 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0000 data1: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
          0004 data2: b9badbaf
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          0008 data3: 60fa
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
          000a data4: 4b7f
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(758)
          000c data5: b4 84 5e 0e 5f 2b db 71 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0014 enum_context : 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0018 preferred_len: 00010000
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0xd data_len: 0x34
[2005/12/05 17:56:50, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 34 auth_len: 0 alloc_hint: 24
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0034
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000003
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000024
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 000d
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:180f
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=134
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=6145
  smb_pid=29649
  smb_uid=10241
  smb_mid=8
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   52 (0x34)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   52 (0x34)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]= 6159 (0x180F)
  smb_bcc=67
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 34  00 00 00 03 00 00 00 24  .......4 .......$
  [020] 00 00 00 00 00 0D 00 00  00 00 00 AF DB BA B9 FA  ........ ........
  [030] 60 7F 4B B4 84 5E 0E 5F  2B DB 71 00 00 00 00 00  `.K..^._ +.q.....
  [040] 00 01 00                                          ... 
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,138)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,138) wrote 138
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 96
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=96
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6145
  smb_pid=29649
  smb_uid=10241
  smb_mid=8
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   40 (0x28)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   40 (0x28)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=41
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 34 05 00 02 03 10 00 00  00 28 00 00 00 03 00 00  4....... .(......
  [010] 00 10 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
  [020] 00 00 00 00 00 1A 00 00  80                       ........ .
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=96
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6145
  smb_pid=29649
  smb_uid=10241
  smb_mid=8
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   40 (0x28)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   40 (0x28)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=41
[2005/12/05 17:56:50, 10] lib/util.c:(2053)
  [000] 34 05 00 02 03 10 00 00  00 28 00 00 00 03 00 00  4....... .(......
  [010] 00 10 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
  [020] 00 00 00 00 00 1A 00 00  80                       ........ .
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 40
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0028
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000003
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000010
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:50, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 40
[2005/12/05 17:56:50, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(82)
  000018 lsa_io_r_enum_trust_dom 
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0018 enum_context: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      001c count: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(671)
      0020 ptr: 00000000
[2005/12/05 17:56:50, 5] rpc_parse/parse_prs.c:(701)
      0024 status: NT_STATUS_NO_MORE_ENTRIES
[2005/12/05 17:56:50, 10] libsmb/trusts_util.c:(181)
  enumerate_domain_trusts: shutting down connection...
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,45)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,45) wrote 45
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 35
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=35
  smb_com=0x4
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6145
  smb_pid=29649
  smb_uid=10241
  smb_mid=9
  smt_wct=0
  smb_bcc=0
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(132)
  write_socket(26,39)
[2005/12/05 17:56:50, 6] libsmb/clientgen.c:(135)
  write_socket(26,39) wrote 39
[2005/12/05 17:56:50, 10] lib/util_sock.c:(615)
  got smb length of 35
[2005/12/05 17:56:50, 5] lib/util.c:(454)
[2005/12/05 17:56:50, 5] lib/util.c:(464)
  size=35
  smb_com=0x71
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6145
  smb_pid=29649
  smb_uid=10241
  smb_mid=10
  smt_wct=0
  smb_bcc=0
[2005/12/05 17:56:50, 10] lib/gencache.c:(285)
  Cache entry with key = TDOM/HRZ couldn't be found
[2005/12/05 17:56:50, 5] libsmb/trustdom_cache.c:(184)
  no entry for trusted domain HRZ found.
[2005/12/05 17:56:50, 5] auth/auth_util.c:(99)
  attempting to make a user_info for ratzka (ratzka)
[2005/12/05 17:56:50, 5] auth/auth_util.c:(109)
  making strings for ratzka's user_info struct
[2005/12/05 17:56:50, 5] auth/auth_util.c:(151)
  making blobs for ratzka's user_info struct
[2005/12/05 17:56:50, 10] auth/auth_util.c:(167)
  made an encrypted user_info for ratzka (ratzka)
[2005/12/05 17:56:50, 3] auth/auth.c:(219)
  check_ntlm_password:  Checking password for unmapped user [HRZ]\[ratzka]@[PCRZ478-WXP] with the new password interface
[2005/12/05 17:56:50, 3] auth/auth.c:(222)
  check_ntlm_password:  mapped user is: [HRZ]\[ratzka]@[PCRZ478-WXP]
[2005/12/05 17:56:50, 10] auth/auth.c:(231)
  check_ntlm_password: auth_context challenge created by NTLMSSP callback (NTLM2)
[2005/12/05 17:56:50, 10] auth/auth.c:(233)
  challenge is: 
[2005/12/05 17:56:50, 5] lib/util.c:(2053)
  [000] 3C 1D 33 5D 19 B8 DE FA                           <.3].... 
[2005/12/05 17:56:50, 10] auth/auth.c:(259)
  check_ntlm_password: guest had nothing to say
[2005/12/05 17:56:50, 8] lib/util.c:(1874)
  is_myname("HRZ") returns 0
[2005/12/05 17:56:50, 6] auth/auth_sam.c:(379)
  check_samstrict_security: HRZ is not one of my local names (ROLE_DOMAIN_MEMBER)
[2005/12/05 17:56:50, 10] auth/auth.c:(259)
  check_ntlm_password: sam had nothing to say
[2005/12/05 17:56:50, 3] smbd/sec_ctx.c:(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/12/05 17:56:50, 3] smbd/uid.c:(388)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/12/05 17:56:50, 3] smbd/sec_ctx.c:(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/12/05 17:56:50, 5] auth/auth_util.c:(452)
  NT user token: (NULL)
[2005/12/05 17:56:50, 5] auth/auth_util.c:(473)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/12/05 17:56:50, 3] smbd/sec_ctx.c:(386)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/12/05 17:56:50, 4] passdb/secrets.c:(281)
  Using cleartext machine password
[2005/12/05 17:56:50, 4] passdb/secrets.c:(281)
  Using cleartext machine password
[2005/12/05 17:56:50, 8] libsmb/namequery.c:(1433)
  get_sorted_dc_list: attempting lookup using [lmhosts wins host bcast]
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(1028)
  internal_resolve_name: looking up HRZ#1c
[2005/12/05 17:56:50, 10] lib/gencache.c:(263)
  Returning valid cache entry: key = NBT/HRZ#1C, value = 137.248.3.174:0,137.248.3.163:0,137.248.3.45:0, timeout = Mon Dec  5 18:06:09 2005
  
[2005/12/05 17:56:50, 5] libsmb/namecache.c:(201)
  name HRZ#1C found.
[2005/12/05 17:56:50, 8] libsmb/namequery.c:(1316)
  Adding 3 DC's from auto lookup
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(320)
  remove_duplicate_addrs2: looking for duplicate address/port pairs
[2005/12/05 17:56:50, 4] libsmb/namequery.c:(1406)
  get_dc_list: returning 3 ip addresses in an unordered list
[2005/12/05 17:56:50, 4] libsmb/namequery.c:(1407)
  get_dc_list: 137.248.3.174:0 137.248.3.163:0 137.248.3.45:0 
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(188)
  name_status_find: looking up HRZ#1c at 137.248.3.174
[2005/12/05 17:56:50, 10] lib/gencache.c:(285)
  Cache entry with key = NBT/HRZ#1C.20.137.248.3.174 couldn't be found
[2005/12/05 17:56:50, 5] libsmb/namecache.c:(308)
  namecache_status_fetch: no entry for NBT/HRZ#1C.20.137.248.3.174 found.
[2005/12/05 17:56:50, 10] lib/gencache.c:(214)
  Deleting cache entry (key = NBT/HRZ#1C.20.137.248.3.174)
[2005/12/05 17:56:50, 10] lib/util_sock.c:(832)
  bind succeeded on port 0
[2005/12/05 17:56:50, 5] libsmb/nmblib.c:(777)
  Sending a packet of len 50 to (137.248.3.174) on port 137
[2005/12/05 17:56:50, 10] lib/util_sock.c:(286)
  read_udp_socket: lastip 137.248.3.174 lastport 137 read: 247
[2005/12/05 17:56:50, 10] libsmb/nmblib.c:(506)
  parse_nmb: packet id = 24848
[2005/12/05 17:56:50, 5] libsmb/nmblib.c:(755)
  Received a packet of len 247 from (137.248.3.174) port 137
[2005/12/05 17:56:50, 4] libsmb/nmblib.c:(112)
  nmb packet from 137.248.3.174(137) header: id=24848 opcode=Query(0) response=Yes
      header: flags: bcast=No rec_avail=No rec_des=No trunc=No auth=Yes
      header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
      answers: nmb_name=HRZ<1c> rr_type=33 rr_class=1 ttl=0
      answers   0 char .NTRZ13            hex 074E54525A3133202020202020202020
      answers  10 char .D.HRZ             hex 00440048525A20202020202020202020
      answers  20 char   ...HRZ           hex 202000C40048525A2020202020202020
      answers  30 char     ...NTRZ13      hex 202020201CC4004E54525A3133202020
      answers  40 char        D.HRZ       hex 20202020202020440048525A20202020
      answers  50 char         ...NTRZ1   hex 20202020202020201EC4004E54525A31
      answers  60 char 3         .D.NTR   hex 332020202020202020200344004E5452
      answers  70 char Z13         .D..   hex 5A313320202020202020202001440000
      answers  80 char ...e............   hex 01020A65D90000000000000000000000
      answers  90 char ................   hex 00000000000000000000000000000000
      answers  a0 char .............   hex 00000000000000000000000000
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  NTRZ13#00: flags = 0x44
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  HRZ#00: flags = 0xc4
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  HRZ#1c: flags = 0xc4
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  NTRZ13#20: flags = 0x44
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  HRZ#1e: flags = 0xc4
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  NTRZ13#03: flags = 0x44
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(70)
  NTRZ13#01: flags = 0x44
[2005/12/05 17:56:50, 10] libsmb/namequery.c:(227)
  name_status_find: name found, name NTRZ13 ip address is 137.248.3.174
[2005/12/05 17:56:50, 3] libsmb/namequery_dc.c:(145)
  rpc_dc_name: Returning DC NTRZ13 (137.248.3.174) for domain HRZ
[2005/12/05 17:56:50, 10] passdb/secrets.c:(759)
  secrets_named_mutex: got mutex for NTRZ13
[2005/12/05 17:56:50, 3] libsmb/cliconnect.c:(1407)
  Connecting to host=NTRZ13
[2005/12/05 17:56:50, 3] lib/util_sock.c:(867)
  Connecting to 137.248.3.174 at port 445
[2005/12/05 17:56:50, 2] lib/util_sock.c:(904)
  error connecting to 137.248.3.174:445 (Connection refused)
[2005/12/05 17:56:50, 3] lib/util_sock.c:(867)
  Connecting to 137.248.3.174 at port 139
[2005/12/05 17:56:51, 5] lib/util_sock.c:(203)
  socket option SO_KEEPALIVE = 0
[2005/12/05 17:56:51, 5] lib/util_sock.c:(203)
  socket option SO_REUSEADDR = 0
[2005/12/05 17:56:51, 5] lib/util_sock.c:(203)
  socket option SO_BROADCAST = 0
[2005/12/05 17:56:51, 5] lib/util_sock.c:(203)
  socket option TCP_NODELAY = 1
[2005/12/05 17:56:51, 5] lib/util_sock.c:(203)
  socket option IPTOS_LOWDELAY = 0
[2005/12/05 17:56:51, 5] lib/util_sock.c:(203)
  socket option IPTOS_THROUGHPUT = 0
[2005/12/05 17:56:51, 5] lib/util_sock.c:(203)
  socket option SO_SNDBUF = 49152
[2005/12/05 17:56:51, 5] lib/util_sock.c:(203)
  socket option SO_RCVBUF = 49640
[2005/12/05 17:56:51, 5] lib/util_sock.c:(201)
  Could not test socket option SO_SNDLOWAT.
[2005/12/05 17:56:51, 5] lib/util_sock.c:(201)
  Could not test socket option SO_RCVLOWAT.
[2005/12/05 17:56:51, 5] lib/util_sock.c:(201)
  Could not test socket option SO_SNDTIMEO.
[2005/12/05 17:56:51, 5] lib/util_sock.c:(201)
  Could not test socket option SO_RCVTIMEO.
[2005/12/05 17:56:51, 6] libsmb/clientgen.c:(132)
  write_socket(26,72)
[2005/12/05 17:56:51, 6] libsmb/clientgen.c:(135)
  write_socket(26,72) wrote 72
[2005/12/05 17:56:51, 5] libsmb/cliconnect.c:(1233)
  Sent session request
[2005/12/05 17:56:51, 10] lib/util_sock.c:(615)
  got smb length of 0
[2005/12/05 17:56:51, 5] lib/util.c:(454)
[2005/12/05 17:56:51, 5] lib/util.c:(464)
  size=0
  smb_com=0x0
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=0
  smb_flg2=0
  smb_tid=0
  smb_pid=0
  smb_uid=0
  smb_mid=0
  smt_wct=0
  smb_bcc=0
[2005/12/05 17:56:51, 6] libsmb/clientgen.c:(132)
  write_socket(26,183)
[2005/12/05 17:56:51, 6] libsmb/clientgen.c:(135)
  write_socket(26,183) wrote 183
[2005/12/05 17:56:51, 10] lib/util_sock.c:(615)
  got smb length of 85
[2005/12/05 17:56:51, 5] lib/util.c:(454)
[2005/12/05 17:56:51, 5] lib/util.c:(464)
  size=85
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=55297
  smb_tid=0
  smb_pid=29649
  smb_uid=0
  smb_mid=2
  smt_wct=17
  smb_vwv[ 0]=    8 (0x8)
  smb_vwv[ 1]=12803 (0x3203)
  smb_vwv[ 2]=  256 (0x100)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=   17 (0x11)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  256 (0x100)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=64768 (0xFD00)
  smb_vwv[10]=   67 (0x43)
  smb_vwv[11]=57856 (0xE200)
  smb_vwv[12]=13117 (0x333D)
  smb_vwv[13]=48355 (0xBCE3)
  smb_vwv[14]=50681 (0xC5F9)
  smb_vwv[15]=50177 (0xC401)
  smb_vwv[16]= 2303 (0x8FF)
  smb_bcc=16
[2005/12/05 17:56:51, 10] lib/util.c:(2053)
  [000] 4A 6E 3A BB 25 F9 3C 10  48 00 52 00 5A 00 00 00  Jn:.%.<. H.R.Z...
[2005/12/05 17:56:51, 5] lib/util.c:(454)
[2005/12/05 17:56:51, 5] lib/util.c:(464)
  size=85
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=55297
  smb_tid=0
  smb_pid=29649
  smb_uid=0
  smb_mid=2
  smt_wct=17
  smb_vwv[ 0]=    8 (0x8)
  smb_vwv[ 1]=12803 (0x3203)
  smb_vwv[ 2]=  256 (0x100)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=   17 (0x11)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  256 (0x100)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=64768 (0xFD00)
  smb_vwv[10]=   67 (0x43)
  smb_vwv[11]=57856 (0xE200)
  smb_vwv[12]=13117 (0x333D)
  smb_vwv[13]=48355 (0xBCE3)
  smb_vwv[14]=50681 (0xC5F9)
  smb_vwv[15]=50177 (0xC401)
  smb_vwv[16]= 2303 (0x8FF)
  smb_bcc=16
[2005/12/05 17:56:51, 10] lib/util.c:(2053)
  [000] 4A 6E 3A BB 25 F9 3C 10  48 00 52 00 5A 00 00 00  Jn:.%.<. H.R.Z...
[2005/12/05 17:56:51, 6] libsmb/clientgen.c:(132)
  write_socket(26,92)
[2005/12/05 17:56:51, 6] libsmb/clientgen.c:(135)
  write_socket(26,92) wrote 92
[2005/12/05 17:56:51, 10] lib/util_sock.c:(615)
  got smb length of 118
[2005/12/05 17:56:51, 5] lib/util.c:(454)
[2005/12/05 17:56:51, 5] lib/util.c:(464)
  size=118
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=0
  smb_pid=29649
  smb_uid=4098
  smb_mid=3
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  118 (0x76)
  smb_vwv[ 2]=    0 (0x0)
  smb_bcc=77
[2005/12/05 17:56:51, 10] lib/util.c:(2053)
  [000] 00 57 00 69 00 6E 00 64  00 6F 00 77 00 73 00 20  .W.i.n.d .o.w.s. 
  [010] 00 4E 00 54 00 20 00 34  00 2E 00 30 00 00 00 4E  .N.T. .4 ...0...N
  [020] 00 54 00 20 00 4C 00 41  00 4E 00 20 00 4D 00 61  .T. .L.A .N. .M.a
  [030] 00 6E 00 61 00 67 00 65  00 72 00 20 00 34 00 2E  .n.a.g.e .r. .4..
  [040] 00 30 00 00 00 48 00 52  00 5A 00 00 00           .0...H.R .Z...
[2005/12/05 17:56:51, 5] lib/util.c:(454)
[2005/12/05 17:56:51, 5] lib/util.c:(464)
  size=118
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=0
  smb_pid=29649
  smb_uid=4098
  smb_mid=3
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  118 (0x76)
  smb_vwv[ 2]=    0 (0x0)
  smb_bcc=77
[2005/12/05 17:56:51, 10] lib/util.c:(2053)
  [000] 00 57 00 69 00 6E 00 64  00 6F 00 77 00 73 00 20  .W.i.n.d .o.w.s. 
  [010] 00 4E 00 54 00 20 00 34  00 2E 00 30 00 00 00 4E  .N.T. .4 ...0...N
  [020] 00 54 00 20 00 4C 00 41  00 4E 00 20 00 4D 00 61  .T. .L.A .N. .M.a
  [030] 00 6E 00 61 00 67 00 65  00 72 00 20 00 34 00 2E  .n.a.g.e .r. .4..
  [040] 00 30 00 00 00 48 00 52  00 5A 00 00 00           .0...H.R .Z...
[2005/12/05 17:56:51, 6] libsmb/clientgen.c:(132)
  write_socket(26,80)
[2005/12/05 17:56:51, 6] libsmb/clientgen.c:(135)
  write_socket(26,80) wrote 80
[2005/12/05 17:56:51, 10] lib/util_sock.c:(615)
  got smb length of 48
[2005/12/05 17:56:51, 5] lib/util.c:(454)
[2005/12/05 17:56:51, 5] lib/util.c:(464)
  size=48
  smb_com=0x75
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=2054
  smb_pid=29649
  smb_uid=4098
  smb_mid=4
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=   48 (0x30)
  smb_vwv[ 2]=    1 (0x1)
  smb_bcc=7
[2005/12/05 17:56:51, 10] lib/util.c:(2053)
  [000] 49 50 43 00 00 00 00                              IPC.... 
[2005/12/05 17:56:51, 10] libsmb/clientgen.c:(232)
  cli_init_creds: user  domain 
[2005/12/05 17:56:51, 6] libsmb/clientgen.c:(132)
  write_socket(26,108)
[2005/12/05 17:56:51, 6] libsmb/clientgen.c:(135)
  write_socket(26,108) wrote 108
[2005/12/05 17:56:51, 10] lib/util_sock.c:(615)
  got smb length of 103
[2005/12/05 17:56:51, 5] lib/util.c:(454)
[2005/12/05 17:56:51, 5] lib/util.c:(464)
  size=103
  smb_com=0xa2
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=2054
  smb_pid=29649
  smb_uid=4098
  smb_mid=5
  smt_wct=34
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  103 (0x67)
  smb_vwv[ 2]= 1792 (0x700)
  smb_vwv[ 3]=  264 (0x108)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=    0 (0x0)
  smb_vwv[11]=    0 (0x0)
  smb_vwv[12]=    0 (0x0)
  smb_vwv[13]=    0 (0x0)
  smb_vwv[14]=    0 (0x0)
  smb_vwv[15]=    0 (0x0)
  smb_vwv[16]=    0 (0x0)
  smb_vwv[17]=    0 (0x0)
  smb_vwv[18]=    0 (0x0)
  smb_vwv[19]=    0 (0x0)
  smb_vwv[20]=    0 (0x0)
  smb_vwv[21]=32768 (0x8000)
  smb_vwv[22]=    0 (0x0)
  smb_vwv[23]=    0 (0x0)
  smb_vwv[24]=   16 (0x10)
  smb_vwv[25]=    0 (0x0)
  smb_vwv[26]=    0 (0x0)
  smb_vwv[27]=    0 (0x0)
  smb_vwv[28]=    0 (0x0)
  smb_vwv[29]=    0 (0x0)
  smb_vwv[30]=    0 (0x0)
  smb_vwv[31]=  512 (0x200)
  smb_vwv[32]=65280 (0xFF00)
  smb_vwv[33]=    5 (0x5)
  smb_bcc=0
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(1343)
  Bind RPC Pipe[807]: \PIPE\NETLOGON
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(1237)
  Bind Abstract Syntax: [000] 12 34 56 78 12 34 AB CD  EF 00 01 23 45 67 CF FB  .4Vx.4.. ...#Eg..
  [010] 00 00 00 01                                       .... 
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(1240)
  Bind Transfer Syntax: [000] 8A 88 5D 04 1C EB 11 C9  9F E8 08 00 2B 10 48 60  ..]..... ....+.H`
  [010] 00 00 00 02                                       .... 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0b
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0048
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000004
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_rb 
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0018 num_contexts: 01
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      001c context_id  : 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      001e num_transfer_syntaxes: 01
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      00001f smb_io_rpc_iface 
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000020 smb_io_uuid uuid
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0020 data   : 12345678
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              0024 data   : 1234
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              0026 data   : abcd
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
              0028 data   : ef 00 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
              002a data   : 01 23 45 67 cf fb 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          0030 version: 00000001
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      000034 smb_io_rpc_iface 
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000034 smb_io_uuid uuid
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0034 data   : 8a885d04
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              0038 data   : 1ceb
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              003a data   : 11c9
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
              003c data   : 9f e8 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
              003e data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          0044 version: 00000002
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:807
[2005/12/05 17:56:51, 5] lib/util.c:(454)
[2005/12/05 17:56:51, 5] lib/util.c:(464)
  size=154
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=2054
  smb_pid=29649
  smb_uid=4098
  smb_mid=6
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   72 (0x48)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   72 (0x48)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]= 2055 (0x807)
  smb_bcc=87
[2005/12/05 17:56:51, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 0B 03 10 00 00 00 48  00 00 00 04 00 00 00 B8  .......H ........
  [020] 10 B8 10 00 00 00 00 01  00 00 00 00 00 01 00 78  ........ .......x
  [030] 56 34 12 34 12 CD AB EF  00 01 23 45 67 CF FB 01  V4.4.... ..#Eg...
  [040] 00 00 00 04 5D 88 8A EB  1C C9 11 9F E8 08 00 2B  ....]... .......+
  [050] 10 48 60 02 00 00 00                              .H`.... 
[2005/12/05 17:56:51, 6] libsmb/clientgen.c:(132)
  write_socket(26,158)
[2005/12/05 17:56:51, 6] libsmb/clientgen.c:(135)
  write_socket(26,158) wrote 158
[2005/12/05 17:56:51, 10] lib/util_sock.c:(615)
  got smb length of 124
[2005/12/05 17:56:51, 5] lib/util.c:(454)
[2005/12/05 17:56:51, 5] lib/util.c:(464)
  size=124
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=2054
  smb_pid=29649
  smb_uid=4098
  smb_mid=6
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   68 (0x44)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=69
[2005/12/05 17:56:51, 10] lib/util.c:(2053)
  [000] 48 05 00 0C 03 10 00 00  00 44 00 00 00 04 00 00  H....... .D......
  [010] 00 B8 10 B8 10 36 97 13  00 0C 00 5C 50 49 50 45  .....6.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 00  80 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00                                    `.... 
[2005/12/05 17:56:51, 5] lib/util.c:(454)
[2005/12/05 17:56:51, 5] lib/util.c:(464)
  size=124
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=2054
  smb_pid=29649
  smb_uid=4098
  smb_mid=6
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   68 (0x44)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=69
[2005/12/05 17:56:51, 10] lib/util.c:(2053)
  [000] 48 05 00 0C 03 10 00 00  00 44 00 00 00 04 00 00  H....... .D......
  [010] 00 B8 10 B8 10 36 97 13  00 0C 00 5C 50 49 50 45  .....6.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 00  80 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00                                    `.... 
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 68
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0c
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0044
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000004
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 68
[2005/12/05 17:56:51, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(1419)
  rpc_pipe_bind: rpc_api_pipe returned OK.
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_ba 
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00139736
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_rpc_addr_str 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
          0018 len: 000c
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
          001a str: \PIPE\lsass.
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      000026 smb_io_rpc_results 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
          0028 num_results: 01
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
          002c result     : 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
          002e reason     : 0000
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      000030 smb_io_rpc_iface 
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000030 smb_io_uuid uuid
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0030 data   : 8a885d04
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              0034 data   : 1ceb
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              0036 data   : 11c9
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
              0038 data   : 9f e8 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
              003a data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          0040 version: 00000002
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(1293)
  bind_rpc_pipe: accepted!
[2005/12/05 17:56:51, 4] rpc_client/cli_netlogon.c:(45)
  cli_net_req_chal: LSA Request Challenge from HRZ_SMB to NTRZ13: CD9B98CD98B0EEF9
[2005/12/05 17:56:51, 5] rpc_parse/parse_net.c:(676)
  init_q_req_chal: 676
[2005/12/05 17:56:51, 5] rpc_parse/parse_net.c:(685)
  init_q_req_chal: 685
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000000 net_io_q_req_chal 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      0000 undoc_buffer: 00000001
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      000004 smb_io_unistr2 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          0004 uni_max_len: 00000009
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          0008 offset     : 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          000c uni_str_len: 00000009
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(843)
          0010 buffer     : \.\.N.T.R.Z.1.3...
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      000022 smb_io_unistr2 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          0024 uni_max_len: 00000008
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          0028 offset     : 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          002c uni_str_len: 00000008
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(843)
          0030 buffer     : H.R.Z._.S.M.B...
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      000040 smb_io_chal 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
          0040 data: cd 9b 98 cd 98 b0 ee f9 
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0x4 data_len: 0x60
[2005/12/05 17:56:51, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 60 auth_len: 0 alloc_hint: 50
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0060
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000005
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000050
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 0004
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:807
[2005/12/05 17:56:51, 5] lib/util.c:(454)
[2005/12/05 17:56:51, 5] lib/util.c:(464)
  size=178
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=2054
  smb_pid=29649
  smb_uid=4098
  smb_mid=7
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   96 (0x60)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   96 (0x60)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]= 2055 (0x807)
  smb_bcc=111
[2005/12/05 17:56:51, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 60  00 00 00 05 00 00 00 50  .......` .......P
  [020] 00 00 00 00 00 04 00 01  00 00 00 09 00 00 00 00  ........ ........
  [030] 00 00 00 09 00 00 00 5C  00 5C 00 4E 00 54 00 52  .......\ .\.N.T.R
  [040] 00 5A 00 31 00 33 00 00  00 00 00 08 00 00 00 00  .Z.1.3.. ........
  [050] 00 00 00 08 00 00 00 48  00 52 00 5A 00 5F 00 53  .......H .R.Z._.S
  [060] 00 4D 00 42 00 00 00 CD  9B 98 CD 98 B0 EE F9     .M.B.... .......
[2005/12/05 17:56:51, 6] libsmb/clientgen.c:(132)
  write_socket(26,182)
[2005/12/05 17:56:51, 6] libsmb/clientgen.c:(135)
  write_socket(26,182) wrote 182
[2005/12/05 17:56:51, 10] lib/util_sock.c:(615)
  got smb length of 92
[2005/12/05 17:56:51, 5] lib/util.c:(454)
[2005/12/05 17:56:51, 5] lib/util.c:(464)
  size=92
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=2054
  smb_pid=29649
  smb_uid=4098
  smb_mid=7
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   36 (0x24)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   36 (0x24)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=37
[2005/12/05 17:56:51, 10] lib/util.c:(2053)
  [000] 60 05 00 02 03 10 00 00  00 24 00 00 00 05 00 00  `....... .$......
  [010] 00 0C 00 00 00 00 00 00  00 0E DF DC E6 28 00 00  ........ .....(..
  [020] 00 00 00 00 00                                    ..... 
[2005/12/05 17:56:51, 5] lib/util.c:(454)
[2005/12/05 17:56:51, 5] lib/util.c:(464)
  size=92
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=2054
  smb_pid=29649
  smb_uid=4098
  smb_mid=7
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   36 (0x24)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   36 (0x24)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=37
[2005/12/05 17:56:51, 10] lib/util.c:(2053)
  [000] 60 05 00 02 03 10 00 00  00 24 00 00 00 05 00 00  `....... .$......
  [010] 00 0C 00 00 00 00 00 00  00 0E DF DC E6 28 00 00  ........ .....(..
  [020] 00 00 00 00 00                                    ..... 
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 36
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0024
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000005
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 0000000c
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 36
[2005/12/05 17:56:51, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000018 net_io_r_req_chal 
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_chal 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
          0018 data: 0e df dc e6 28 00 00 00 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(701)
      0020 status: NT_STATUS_OK
[2005/12/05 17:56:51, 4] libsmb/credentials.c:(59)
  cred_session_key
[2005/12/05 17:56:51, 5] libsmb/credentials.c:(61)
  	clnt_chal: CD9B98CD98B0EEF9
[2005/12/05 17:56:51, 5] libsmb/credentials.c:(62)
  	srv_chal : 0EDFDCE628000000
[2005/12/05 17:56:51, 5] libsmb/credentials.c:(63)
  	clnt+srv : DB7A75B4C0B0EEF9
[2005/12/05 17:56:51, 5] libsmb/credentials.c:(64)
  	sess_key : FDF8117B38882F69
[2005/12/05 17:56:51, 4] libsmb/credentials.c:(90)
  cred_create
[2005/12/05 17:56:51, 5] libsmb/credentials.c:(92)
  	sess_key : FDF8117B38882F69
[2005/12/05 17:56:51, 5] libsmb/credentials.c:(93)
  	stor_cred: CD9B98CD98B0EEF9
[2005/12/05 17:56:51, 5] libsmb/credentials.c:(94)
  	timestamp: 0
[2005/12/05 17:56:51, 5] libsmb/credentials.c:(95)
  	timecred : CD9B98CD98B0EEF9
[2005/12/05 17:56:51, 5] libsmb/credentials.c:(96)
  	calc_cred: 5C8E517A37FF4A79
[2005/12/05 17:56:51, 4] rpc_client/cli_netlogon.c:(157)
  cli_net_auth2: srv:\\NTRZ13 acct:HRZ_SMB$ sc:2 mc: HRZ_SMB chal 5C8E517A37FF4A79 neg: 400701ff
[2005/12/05 17:56:51, 5] rpc_parse/parse_net.c:(797)
  init_q_auth_2: 797
[2005/12/05 17:56:51, 5] rpc_parse/parse_misc.c:(1407)
  make_log_info 1407
[2005/12/05 17:56:51, 5] rpc_parse/parse_net.c:(803)
  init_q_auth_2: 803
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000000 net_io_q_auth_2 
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      000000 smb_io_log_info 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          0000 undoc_buffer: 00000001
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000004 smb_io_unistr2 unistr2
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0004 uni_max_len: 00000009
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0008 offset     : 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              000c uni_str_len: 00000009
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(843)
              0010 buffer     : \.\.N.T.R.Z.1.3...
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000022 smb_io_unistr2 unistr2
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0024 uni_max_len: 00000009
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0028 offset     : 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              002c uni_str_len: 00000009
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(843)
              0030 buffer     : H.R.Z._.S.M.B.$...
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
          0042 sec_chan: 0002
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000044 smb_io_unistr2 unistr2
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0044 uni_max_len: 00000008
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0048 offset     : 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              004c uni_str_len: 00000008
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(843)
              0050 buffer     : H.R.Z._.S.M.B...
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      000060 smb_io_chal 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
          0060 data: 5c 8e 51 7a 37 ff 4a 79 
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      000068 net_io_neg_flags 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          0068 neg_flags: 400701ff
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0xf data_len: 0x84
[2005/12/05 17:56:51, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 84 auth_len: 0 alloc_hint: 74
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0084
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000006
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000074
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 000f
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:807
[2005/12/05 17:56:51, 5] lib/util.c:(454)
[2005/12/05 17:56:51, 5] lib/util.c:(464)
  size=214
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=2054
  smb_pid=29649
  smb_uid=4098
  smb_mid=8
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  132 (0x84)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=  132 (0x84)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]= 2055 (0x807)
  smb_bcc=147
[2005/12/05 17:56:51, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 84  00 00 00 06 00 00 00 74  ........ .......t
  [020] 00 00 00 00 00 0F 00 01  00 00 00 09 00 00 00 00  ........ ........
  [030] 00 00 00 09 00 00 00 5C  00 5C 00 4E 00 54 00 52  .......\ .\.N.T.R
  [040] 00 5A 00 31 00 33 00 00  00 00 00 09 00 00 00 00  .Z.1.3.. ........
  [050] 00 00 00 09 00 00 00 48  00 52 00 5A 00 5F 00 53  .......H .R.Z._.S
  [060] 00 4D 00 42 00 24 00 00  00 02 00 08 00 00 00 00  .M.B.$.. ........
  [070] 00 00 00 08 00 00 00 48  00 52 00 5A 00 5F 00 53  .......H .R.Z._.S
  [080] 00 4D 00 42 00 00 00 5C  8E 51 7A 37 FF 4A 79 FF  .M.B...\ .Qz7.Jy.
  [090] 01 07 40                                          ..@ 
[2005/12/05 17:56:51, 6] libsmb/clientgen.c:(132)
  write_socket(26,218)
[2005/12/05 17:56:51, 6] libsmb/clientgen.c:(135)
  write_socket(26,218) wrote 218
[2005/12/05 17:56:51, 10] lib/util_sock.c:(615)
  got smb length of 96
[2005/12/05 17:56:51, 5] lib/util.c:(454)
[2005/12/05 17:56:51, 5] lib/util.c:(464)
  size=96
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=2054
  smb_pid=29649
  smb_uid=4098
  smb_mid=8
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   40 (0x28)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   40 (0x28)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=41
[2005/12/05 17:56:51, 10] lib/util.c:(2053)
  [000] 84 05 00 02 03 10 00 00  00 28 00 00 00 06 00 00  ........ .(......
  [010] 00 10 00 00 00 00 00 00  00 D6 01 FD BA E2 18 9A  ........ ........
  [020] BB FF 01 00 40 00 00 00  00                       ....@... .
[2005/12/05 17:56:51, 5] lib/util.c:(454)
[2005/12/05 17:56:51, 5] lib/util.c:(464)
  size=96
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=2054
  smb_pid=29649
  smb_uid=4098
  smb_mid=8
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   40 (0x28)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   40 (0x28)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=41
[2005/12/05 17:56:51, 10] lib/util.c:(2053)
  [000] 84 05 00 02 03 10 00 00  00 28 00 00 00 06 00 00  ........ .(......
  [010] 00 10 00 00 00 00 00 00  00 D6 01 FD BA E2 18 9A  ........ ........
  [020] BB FF 01 00 40 00 00 00  00                       ....@... .
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 40
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0028
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000006
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000010
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 40
[2005/12/05 17:56:51, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000018 net_io_r_auth_2 
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_chal 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
          0018 data: d6 01 fd ba e2 18 9a bb 
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      000020 net_io_neg_flags 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          0020 neg_flags: 400001ff
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(701)
      0024 status: NT_STATUS_OK
[2005/12/05 17:56:51, 4] libsmb/credentials.c:(90)
  cred_create
[2005/12/05 17:56:51, 5] libsmb/credentials.c:(92)
  	sess_key : FDF8117B38882F69
[2005/12/05 17:56:51, 5] libsmb/credentials.c:(93)
  	stor_cred: 0EDFDCE628000000
[2005/12/05 17:56:51, 5] libsmb/credentials.c:(94)
  	timestamp: 0
[2005/12/05 17:56:51, 5] libsmb/credentials.c:(95)
  	timecred : 0EDFDCE628000000
[2005/12/05 17:56:51, 5] libsmb/credentials.c:(96)
  	calc_cred: D601FDBAE2189ABB
[2005/12/05 17:56:51, 4] libsmb/credentials.c:(121)
  cred_assert
[2005/12/05 17:56:51, 5] libsmb/credentials.c:(123)
  	challenge : D601FDBAE2189ABB
[2005/12/05 17:56:51, 5] libsmb/credentials.c:(124)
  	calculated: D601FDBAE2189ABB
[2005/12/05 17:56:51, 5] libsmb/credentials.c:(128)
  credentials check ok
[2005/12/05 17:56:51, 6] libsmb/clientgen.c:(132)
  write_socket(26,108)
[2005/12/05 17:56:51, 6] libsmb/clientgen.c:(135)
  write_socket(26,108) wrote 108
[2005/12/05 17:56:51, 10] lib/util_sock.c:(615)
  got smb length of 103
[2005/12/05 17:56:51, 5] lib/util.c:(454)
[2005/12/05 17:56:51, 5] lib/util.c:(464)
  size=103
  smb_com=0xa2
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=2054
  smb_pid=29649
  smb_uid=4098
  smb_mid=9
  smt_wct=34
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  103 (0x67)
  smb_vwv[ 2]= 2048 (0x800)
  smb_vwv[ 3]=  264 (0x108)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=    0 (0x0)
  smb_vwv[11]=    0 (0x0)
  smb_vwv[12]=    0 (0x0)
  smb_vwv[13]=    0 (0x0)
  smb_vwv[14]=    0 (0x0)
  smb_vwv[15]=    0 (0x0)
  smb_vwv[16]=    0 (0x0)
  smb_vwv[17]=    0 (0x0)
  smb_vwv[18]=    0 (0x0)
  smb_vwv[19]=    0 (0x0)
  smb_vwv[20]=    0 (0x0)
  smb_vwv[21]=32768 (0x8000)
  smb_vwv[22]=    0 (0x0)
  smb_vwv[23]=    0 (0x0)
  smb_vwv[24]=   16 (0x10)
  smb_vwv[25]=    0 (0x0)
  smb_vwv[26]=    0 (0x0)
  smb_vwv[27]=    0 (0x0)
  smb_vwv[28]=    0 (0x0)
  smb_vwv[29]=    0 (0x0)
  smb_vwv[30]=    0 (0x0)
  smb_vwv[31]=  512 (0x200)
  smb_vwv[32]=65280 (0xFF00)
  smb_vwv[33]=    5 (0x5)
  smb_bcc=0
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(1343)
  Bind RPC Pipe[808]: \PIPE\NETLOGON
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(1237)
  Bind Abstract Syntax: [000] 12 34 56 78 12 34 AB CD  EF 00 01 23 45 67 CF FB  .4Vx.4.. ...#Eg..
  [010] 00 00 00 01                                       .... 
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(1240)
  Bind Transfer Syntax: [000] 8A 88 5D 04 1C EB 11 C9  9F E8 08 00 2B 10 48 60  ..]..... ....+.H`
  [010] 00 00 00 02                                       .... 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr_auth hdr_auth
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0000 auth_type    : 44
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0001 auth_level   : 06
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0002 auth_pad_len : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0003 auth_reserved: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      0004 auth_context_id: 00000001
[2005/12/05 17:56:51, 10] rpc_client/cli_pipe.c:(724)
  create_rpc_bind_req: no domain; assuming my own
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000008 smb_io_rpc_auth_netsec_neg netsec_neg
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      0008 type1: 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      000c type2: 00000003
[2005/12/05 17:56:51, 6] lib/util.c:(2053)
  [000] 48 52 5A                                          HRZ 
[2005/12/05 17:56:51, 6] lib/util.c:(2053)
  [000] 48 52 5A 5F 53 4D 42                              HRZ_SMB 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0b
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0064
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0014
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000007
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_rb 
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0018 num_contexts: 01
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      001c context_id  : 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      001e num_transfer_syntaxes: 01
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      00001f smb_io_rpc_iface 
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000020 smb_io_uuid uuid
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0020 data   : 12345678
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              0024 data   : 1234
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              0026 data   : abcd
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
              0028 data   : ef 00 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
              002a data   : 01 23 45 67 cf fb 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          0030 version: 00000001
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      000034 smb_io_rpc_iface 
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000034 smb_io_uuid uuid
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0034 data   : 8a885d04
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              0038 data   : 1ceb
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              003a data   : 11c9
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
              003c data   : 9f e8 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
              003e data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          0044 version: 00000002
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:808
[2005/12/05 17:56:51, 5] lib/util.c:(454)
[2005/12/05 17:56:51, 5] lib/util.c:(464)
  size=182
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=2054
  smb_pid=29649
  smb_uid=4098
  smb_mid=10
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  100 (0x64)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=  100 (0x64)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]= 2056 (0x808)
  smb_bcc=115
[2005/12/05 17:56:51, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 0B 03 10 00 00 00 64  00 14 00 07 00 00 00 B8  .......d ........
  [020] 10 B8 10 00 00 00 00 01  00 00 00 00 00 01 00 78  ........ .......x
  [030] 56 34 12 34 12 CD AB EF  00 01 23 45 67 CF FB 01  V4.4.... ..#Eg...
  [040] 00 00 00 04 5D 88 8A EB  1C C9 11 9F E8 08 00 2B  ....]... .......+
  [050] 10 48 60 02 00 00 00 44  06 00 00 01 00 00 00 00  .H`....D ........
  [060] 00 00 00 03 00 00 00 48  52 5A 00 48 52 5A 5F 53  .......H RZ.HRZ_S
  [070] 4D 42 00                                          MB. 
[2005/12/05 17:56:51, 6] libsmb/clientgen.c:(132)
  write_socket(26,186)
[2005/12/05 17:56:51, 6] libsmb/clientgen.c:(135)
  write_socket(26,186) wrote 186
[2005/12/05 17:56:51, 10] lib/util_sock.c:(615)
  got smb length of 144
[2005/12/05 17:56:51, 5] lib/util.c:(454)
[2005/12/05 17:56:51, 5] lib/util.c:(464)
  size=144
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=2054
  smb_pid=29649
  smb_uid=4098
  smb_mid=10
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   88 (0x58)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   88 (0x58)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=89
[2005/12/05 17:56:51, 10] lib/util.c:(2053)
  [000] 64 05 00 0C 03 10 00 00  00 58 00 0C 00 07 00 00  d....... .X......
  [010] 00 B8 10 B8 10 37 97 13  00 0C 00 5C 50 49 50 45  .....7.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 FE  14 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00 44 06 00  00 01 00 00 00 01 00 00  `....D.. ........
  [050] 00 00 00 00 00 00 30 6C  B3                       ......0l .
[2005/12/05 17:56:51, 5] lib/util.c:(454)
[2005/12/05 17:56:51, 5] lib/util.c:(464)
  size=144
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=2054
  smb_pid=29649
  smb_uid=4098
  smb_mid=10
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   88 (0x58)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   88 (0x58)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=89
[2005/12/05 17:56:51, 10] lib/util.c:(2053)
  [000] 64 05 00 0C 03 10 00 00  00 58 00 0C 00 07 00 00  d....... .X......
  [010] 00 B8 10 B8 10 37 97 13  00 0C 00 5C 50 49 50 45  .....7.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 FE  14 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00 44 06 00  00 01 00 00 00 01 00 00  `....D.. ........
  [050] 00 00 00 00 00 00 30 6C  B3                       ......0l .
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 88
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0c
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0058
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 000c
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000007
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 88
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(214)
  rpc_auth_pipe: pkt_type: 12 len: 88 auth_len: 12 NTLMSSP No schannel Yes sign Yes seal Yes 
[2005/12/05 17:56:51, 10] rpc_client/cli_pipe.c:(221)
  rpc_auth_pipe: packet:
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr_auth auth_hdr
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0000 auth_type    : 44
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0001 auth_level   : 06
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0002 auth_pad_len : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0003 auth_reserved: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      0004 auth_context_id: 00000001
[2005/12/05 17:56:51, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(1419)
  rpc_pipe_bind: rpc_api_pipe returned OK.
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_ba 
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00139737
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_rpc_addr_str 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
          0018 len: 000c
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
          001a str: \PIPE\lsass.
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      000026 smb_io_rpc_results 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
          0028 num_results: 01
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
          002c result     : 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
          002e reason     : 0000
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      000030 smb_io_rpc_iface 
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000030 smb_io_uuid uuid
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0030 data   : 8a885d04
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              0034 data   : 1ceb
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              0036 data   : 11c9
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
              0038 data   : 9f e8 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
              003a data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          0040 version: 00000002
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(1293)
  bind_rpc_pipe: accepted!
[2005/12/05 17:56:51, 4] libsmb/credentials.c:(90)
  cred_create
[2005/12/05 17:56:51, 5] libsmb/credentials.c:(92)
  	sess_key : FDF8117B38882F69
[2005/12/05 17:56:51, 5] libsmb/credentials.c:(93)
  	stor_cred: 5C8E517A37FF4A79
[2005/12/05 17:56:51, 5] libsmb/credentials.c:(94)
  	timestamp: 43947153
[2005/12/05 17:56:51, 5] libsmb/credentials.c:(95)
  	timecred : AFFFE5BD37FF4A79
[2005/12/05 17:56:51, 5] libsmb/credentials.c:(96)
  	calc_cred: F20002C0826DAB70
[2005/12/05 17:56:51, 5] rpc_parse/parse_net.c:(1178)
  init_id_info2: 1178
[2005/12/05 17:56:51, 5] rpc_parse/parse_misc.c:(1586)
  make_logon_id: 1586
[2005/12/05 17:56:51, 5] rpc_parse/parse_net.c:(1272)
  init_sam_info: 1272
[2005/12/05 17:56:51, 5] rpc_parse/parse_misc.c:(1501)
  make_clnt_info: 1501
[2005/12/05 17:56:51, 5] rpc_parse/parse_misc.c:(1346)
  init_clnt_srv: 1346
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000000 net_io_q_sam_logon 
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      000000 smb_io_sam_info 
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000000 smb_io_clnt_info2 
[2005/12/05 17:56:51, 8] rpc_parse/parse_prs.c:(82)
              000000 smb_io_clnt_srv 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                  0000 undoc_buffer : 00000001
[2005/12/05 17:56:51, 9] rpc_parse/parse_prs.c:(82)
                  000004 smb_io_unistr2 unistr2
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      0004 uni_max_len: 00000009
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      0008 offset     : 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      000c uni_str_len: 00000009
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(843)
                      0010 buffer     : \.\.N.T.R.Z.1.3...
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                  0024 undoc_buffer2: 00000001
[2005/12/05 17:56:51, 9] rpc_parse/parse_prs.c:(82)
                  000028 smb_io_unistr2 unistr2
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      0028 uni_max_len: 00000008
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      002c offset     : 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      0030 uni_str_len: 00000008
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(843)
                      0034 buffer     : H.R.Z._.S.M.B...
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0044 ptr_cred: 00000001
[2005/12/05 17:56:51, 8] rpc_parse/parse_prs.c:(82)
              000048 smb_io_cred 
[2005/12/05 17:56:51, 9] rpc_parse/parse_prs.c:(82)
                  000048 smb_io_chal 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
                      0048 data: f2 00 02 c0 82 6d ab 70 
[2005/12/05 17:56:51, 9] rpc_parse/parse_prs.c:(82)
                  000050 smb_io_utime 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      0050 time: 43947153
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          0054 ptr_rtn_cred : 00000001
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000058 smb_io_cred 
[2005/12/05 17:56:51, 8] rpc_parse/parse_prs.c:(82)
              000058 smb_io_chal 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
                  0058 data: 00 00 00 00 00 00 00 00 
[2005/12/05 17:56:51, 8] rpc_parse/parse_prs.c:(82)
              000060 smb_io_utime 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                  0060 time: 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
          0064 logon_level  : 0002
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000066 smb_io_sam_info logon_info
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              0066 switch_value : 0002
[2005/12/05 17:56:51, 8] rpc_parse/parse_prs.c:(82)
              000068 net_io_id_info2 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                  0068 ptr_id_info2: 00000001
[2005/12/05 17:56:51, 9] rpc_parse/parse_prs.c:(82)
                  00006c smb_io_unihdr unihdr
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
                      006c uni_str_len: 0006
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
                      006e uni_max_len: 0006
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      0070 buffer     : 00000001
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                  0074 param_ctrl: 00000000
[2005/12/05 17:56:51, 9] rpc_parse/parse_prs.c:(82)
                  000078 smb_io_logon_id 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      0078 low : 0000dead
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      007c high: 0000beef
[2005/12/05 17:56:51, 9] rpc_parse/parse_prs.c:(82)
                  000080 smb_io_unihdr unihdr
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
                      0080 uni_str_len: 000c
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
                      0082 uni_max_len: 000c
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      0084 buffer     : 00000001
[2005/12/05 17:56:51, 9] rpc_parse/parse_prs.c:(82)
                  000088 smb_io_unihdr unihdr
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
                      0088 uni_str_len: 001a
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
                      008a uni_max_len: 001a
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      008c buffer     : 00000001
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
                  0090 lm_chal: 3c 1d 33 5d 19 b8 de fa 
[2005/12/05 17:56:51, 9] rpc_parse/parse_prs.c:(82)
                  000098 smb_io_strhdr hdr_nt_chal_resp
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
                      0098 str_str_len: 0018
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
                      009a str_max_len: 0018
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      009c buffer     : 00000001
[2005/12/05 17:56:51, 9] rpc_parse/parse_prs.c:(82)
                  0000a0 smb_io_strhdr hdr_lm_chal_resp
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
                      00a0 str_str_len: 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
                      00a2 str_max_len: 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      00a4 buffer     : 00000000
[2005/12/05 17:56:51, 9] rpc_parse/parse_prs.c:(82)
                  0000a8 smb_io_unistr2 uni_domain_name
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      00a8 uni_max_len: 00000003
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      00ac offset     : 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      00b0 uni_str_len: 00000003
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(843)
                      00b4 buffer     : H.R.Z.
[2005/12/05 17:56:51, 9] rpc_parse/parse_prs.c:(82)
                  0000ba smb_io_unistr2 uni_user_name  
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      00bc uni_max_len: 00000006
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      00c0 offset     : 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      00c4 uni_str_len: 00000006
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(843)
                      00c8 buffer     : r.a.t.z.k.a.
[2005/12/05 17:56:51, 9] rpc_parse/parse_prs.c:(82)
                  0000d4 smb_io_unistr2 uni_wksta_name 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      00d4 uni_max_len: 0000000d
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      00d8 offset     : 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      00dc uni_str_len: 0000000d
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(843)
                      00e0 buffer     : \.\.P.C.R.Z.4.7.8.-.W.X.P.
[2005/12/05 17:56:51, 9] rpc_parse/parse_prs.c:(82)
                  0000fa smb_io_string2 nt_chal_resp
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      00fc str_max_len: 00000018
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      0100 offset     : 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
                      0104 str_str_len: 00000018
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(1003)
                      0108 buffer     : f.X.6I.........M0..}.K..
[2005/12/05 17:56:51, 9] rpc_parse/parse_prs.c:(82)
                  000120 smb_io_string2 - NULL lm_chal_resp
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      0120 validation_level: 0003
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000128 smb_io_rpc_hdr_auth hdr_auth
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0128 auth_type    : 44
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0129 auth_level   : 06
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      012a auth_pad_len : 06
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      012b auth_reserved: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      012c auth_context_id: 00000001
[2005/12/05 17:56:51, 10] rpc_client/cli_pipe.c:(1047)
  SCHANNEL seq_num=0
[2005/12/05 17:56:51, 10] rpc_parse/parse_prs.c:(1536)
  SCHANNEL: netsec_encode seq_num=0 data_len=296
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000130 smb_io_rpc_auth_netsec_chk 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
      0130 sig  : 77 00 7a 00 ff ff 00 00 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
      0138 seq_num: 36 53 d4 89 d2 97 e7 5a 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
      0140 packet_digest: bf 6e f9 b8 e7 a0 28 f5 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
      0148 confounder: d5 73 09 03 1a 5e 97 2b 
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0x2 data_len: 0x168
[2005/12/05 17:56:51, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 168 auth_len: 20 alloc_hint: 130
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0168
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0020
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000008
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000130
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 0002
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:808
[2005/12/05 17:56:51, 5] lib/util.c:(454)
[2005/12/05 17:56:51, 5] lib/util.c:(464)
  size=442
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=2054
  smb_pid=29649
  smb_uid=4098
  smb_mid=11
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  360 (0x168)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=  360 (0x168)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]= 2056 (0x808)
  smb_bcc=375
[2005/12/05 17:56:51, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 68  01 20 00 08 00 00 00 30  .......h . .....0
  [020] 01 00 00 00 00 02 00 23  A7 5F 82 9E F3 1B 1B 47  .......# ._.....G
  [030] 92 E7 80 C2 9E 16 0B 20  7A BB A3 99 88 4E EE 28  .......  z....N.(
  [040] 73 D1 22 05 91 38 95 80  07 EE B0 76 72 F0 FC 89  s."..8.. ...vr...
  [050] 42 AF 96 A0 83 93 31 4A  48 E6 6D DC 0E 0E BE B2  B.....1J H.m.....
  [060] B0 EA 21 C1 05 C7 B7 87  49 20 19 14 DD 04 7E E7  ..!..... I ....~.
  [070] D4 80 FB 84 12 AB 82 78  42 54 36 48 C4 B0 D3 10  .......x BT6H....
  [080] C7 D7 37 E1 43 32 02 0F  F9 28 2D 79 75 60 68 14  ..7.C2.. .(-yu`h.
  [090] 11 93 DF 00 9B FB 47 17  91 0E 8D 21 7F 63 2B 6D  ......G. ...!.c+m
  [0A0] 45 43 EB 43 C3 86 52 02  9B DE ED ED F4 13 A8 43  EC.C..R. .......C
  [0B0] 7F 68 B6 F5 D8 60 CC 62  10 24 78 CA 82 B6 2E 56  .h...`.b .$x....V
  [0C0] 4D 32 F3 72 98 92 4F A9  F2 9F 29 1A 06 9C 03 CE  M2.r..O. ..).....
  [0D0] 6D BF 12 BA 93 82 C4 81  DD 98 0F 32 D8 4F C1 9E  m....... ...2.O..
  [0E0] C3 AB 4C CD 1A EA E5 40  3C 75 8B 7D 46 7D 76 FA  ..L....@ <u.}F}v.
  [0F0] D8 FC A1 5B 1E 6E 55 1C  CF F6 14 FC 17 F9 12 06  ...[.nU. ........
  [100] 5B C8 B0 C2 D5 1B 46 BB  62 ED 92 FD 40 D6 09 66  [.....F. b...@..f
  [110] 1B B1 32 10 33 E0 91 27  2C 1D D3 22 14 D0 12 7A  ..2.3..' ,.."...z
  [120] D8 77 52 CA 55 C6 E9 70  51 66 26 86 09 61 56 FC  .wR.U..p Qf&..aV.
  [130] CE 15 C5 92 E4 10 05 30  6B 91 A2 CD 43 99 F1 8A  .......0 k...C...
  [140] 66 BF BD D0 D0 9E DA 8C  AA 93 AA D3 CC E4 43 44  f....... ......CD
  [150] 06 06 00 01 00 00 00 77  00 7A 00 FF FF 00 00 36  .......w .z.....6
  [160] 53 D4 89 D2 97 E7 5A BF  6E F9 B8 E7 A0 28 F5 D5  S.....Z. n....(..
  [170] 73 09 03 1A 5E 97 2B                              s...^.+ 
[2005/12/05 17:56:51, 6] libsmb/clientgen.c:(132)
  write_socket(26,446)
[2005/12/05 17:56:51, 6] libsmb/clientgen.c:(135)
  write_socket(26,446) wrote 446
[2005/12/05 17:56:51, 10] lib/util_sock.c:(615)
  got smb length of 488
[2005/12/05 17:56:51, 5] lib/util.c:(454)
[2005/12/05 17:56:51, 5] lib/util.c:(464)
  size=488
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=2054
  smb_pid=29649
  smb_uid=4098
  smb_mid=11
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  432 (0x1B0)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  432 (0x1B0)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=433
[2005/12/05 17:56:51, 10] lib/util.c:(2053)
  [000] 68 05 00 02 03 10 00 00  00 B0 01 20 00 08 00 00  h....... ... ....
  [010] 00 70 01 00 00 00 00 00  00 D5 5F 26 BD 65 65 36  .p...... .._&.ee6
  [020] 24 AC 49 51 63 03 4A 06  D1 57 01 DF 43 01 EA 79  $.IQc.J. .W..C..y
  [030] 62 09 D7 5C 3E 88 26 DF  F8 10 80 80 7D 8A 09 8D  b..\>.&. ....}...
  [040] 70 BF 8B D2 CC 55 78 CA  9A B2 A9 B0 19 A0 56 B3  p....Ux. ......V.
  [050] DC 31 A4 0F 29 F9 E8 74  8E 50 CF BE 5D 66 24 DA  .1..)..t .P..]f$.
  [060] 96 8A 39 1C BA 72 68 3F  DF 26 56 4E 86 CB 65 27  ..9..rh? .&VN..e'
  [070] 21 B2 A0 54 7D 6F BD E6  80 54 1B 8A 28 D8 39 D8  !..T}o.. .T..(.9.
  [080] DD 0A 4F 3C 99 A8 99 E7  61 80 23 1B 12 53 F5 B4  ..O<.... a.#..S..
  [090] 87 E1 A0 6A F4 53 B2 D0  8E AC A2 29 3C 89 3A 4C  ...j.S.. ...)<.:L
  [0A0] 9A E1 FF C0 1C CA AD 17  79 29 D4 7C 27 40 FB 96  ........ y).|'@..
  [0B0] 2A 55 46 2C 60 80 0B 2A  6C 14 99 CD 00 4C 00 B3  *UF,`..* l....L..
  [0C0] 94 20 66 CA 63 9A 50 3C  7B EC 70 62 BC A9 72 20  . f.c.P< {.pb..r 
  [0D0] 3C 34 AD 5F 55 90 2D 81  10 E6 A6 D9 4D C4 F5 45  <4._U.-. ....M..E
  [0E0] 99 1F 09 84 F4 3F B7 1F  F6 2A 59 32 94 56 C1 51  .....?.. .*Y2.V.Q
  [0F0] 3A 0A C7 B8 67 41 E1 01  84 3B 04 A4 3F FE 60 D4  :...gA.. .;..?.`.
  [100] 92 5B 0C ED 73 30 17 F8  E9 7C 40 40 C7 6C 10 36  .[..s0.. .|@@.l.6
  [110] 28 DA 84 F9 FF DB 5B 05  4A 28 63 9A EA 0D 45 73  (.....[. J(c...Es
  [120] 41 52 3C D0 78 05 EE 00  F2 94 13 F7 B2 BC B6 ED  AR<.x... ........
  [130] D5 CB 01 B8 E5 5A 0D 48  41 8F 4C 56 2A A2 05 65  .....Z.H A.LV*..e
  [140] 98 63 4F 26 CA F8 9B 04  17 57 9A 42 98 9B 47 AB  .cO&.... .W.B..G.
  [150] 19 4D DB 1F 1C 01 7E 30  37 DB 5E 89 8C 3F 2D 98  .M....~0 7.^..?-.
  [160] F4 56 DA 8F B8 F8 E8 CF  3F 01 43 B0 61 8D 04 39  .V...... ?.C.a..9
  [170] 35 75 F6 82 87 AF 90 4D  6F AC DE D9 90 99 E2 FB  5u.....M o.......
  [180] AF 8C 84 F0 A1 43 F1 9E  09 44 06 00 00 01 00 00  .....C.. .D......
  [190] 00 77 00 7A 00 FF FF 00  00 13 47 D9 18 42 4C 3B  .w.z.... ..G..BL;
  [1A0] 30 66 1D 02 F0 C5 55 52  6B E1 0B F4 C0 E2 52 7D  0f....UR k.....R}
  [1B0] BC                                                . 
[2005/12/05 17:56:51, 5] lib/util.c:(454)
[2005/12/05 17:56:51, 5] lib/util.c:(464)
  size=488
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=2054
  smb_pid=29649
  smb_uid=4098
  smb_mid=11
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  432 (0x1B0)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  432 (0x1B0)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=433
[2005/12/05 17:56:51, 10] lib/util.c:(2053)
  [000] 68 05 00 02 03 10 00 00  00 B0 01 20 00 08 00 00  h....... ... ....
  [010] 00 70 01 00 00 00 00 00  00 D5 5F 26 BD 65 65 36  .p...... .._&.ee6
  [020] 24 AC 49 51 63 03 4A 06  D1 57 01 DF 43 01 EA 79  $.IQc.J. .W..C..y
  [030] 62 09 D7 5C 3E 88 26 DF  F8 10 80 80 7D 8A 09 8D  b..\>.&. ....}...
  [040] 70 BF 8B D2 CC 55 78 CA  9A B2 A9 B0 19 A0 56 B3  p....Ux. ......V.
  [050] DC 31 A4 0F 29 F9 E8 74  8E 50 CF BE 5D 66 24 DA  .1..)..t .P..]f$.
  [060] 96 8A 39 1C BA 72 68 3F  DF 26 56 4E 86 CB 65 27  ..9..rh? .&VN..e'
  [070] 21 B2 A0 54 7D 6F BD E6  80 54 1B 8A 28 D8 39 D8  !..T}o.. .T..(.9.
  [080] DD 0A 4F 3C 99 A8 99 E7  61 80 23 1B 12 53 F5 B4  ..O<.... a.#..S..
  [090] 87 E1 A0 6A F4 53 B2 D0  8E AC A2 29 3C 89 3A 4C  ...j.S.. ...)<.:L
  [0A0] 9A E1 FF C0 1C CA AD 17  79 29 D4 7C 27 40 FB 96  ........ y).|'@..
  [0B0] 2A 55 46 2C 60 80 0B 2A  6C 14 99 CD 00 4C 00 B3  *UF,`..* l....L..
  [0C0] 94 20 66 CA 63 9A 50 3C  7B EC 70 62 BC A9 72 20  . f.c.P< {.pb..r 
  [0D0] 3C 34 AD 5F 55 90 2D 81  10 E6 A6 D9 4D C4 F5 45  <4._U.-. ....M..E
  [0E0] 99 1F 09 84 F4 3F B7 1F  F6 2A 59 32 94 56 C1 51  .....?.. .*Y2.V.Q
  [0F0] 3A 0A C7 B8 67 41 E1 01  84 3B 04 A4 3F FE 60 D4  :...gA.. .;..?.`.
  [100] 92 5B 0C ED 73 30 17 F8  E9 7C 40 40 C7 6C 10 36  .[..s0.. .|@@.l.6
  [110] 28 DA 84 F9 FF DB 5B 05  4A 28 63 9A EA 0D 45 73  (.....[. J(c...Es
  [120] 41 52 3C D0 78 05 EE 00  F2 94 13 F7 B2 BC B6 ED  AR<.x... ........
  [130] D5 CB 01 B8 E5 5A 0D 48  41 8F 4C 56 2A A2 05 65  .....Z.H A.LV*..e
  [140] 98 63 4F 26 CA F8 9B 04  17 57 9A 42 98 9B 47 AB  .cO&.... .W.B..G.
  [150] 19 4D DB 1F 1C 01 7E 30  37 DB 5E 89 8C 3F 2D 98  .M....~0 7.^..?-.
  [160] F4 56 DA 8F B8 F8 E8 CF  3F 01 43 B0 61 8D 04 39  .V...... ?.C.a..9
  [170] 35 75 F6 82 87 AF 90 4D  6F AC DE D9 90 99 E2 FB  5u.....M o.......
  [180] AF 8C 84 F0 A1 43 F1 9E  09 44 06 00 00 01 00 00  .....C.. .D......
  [190] 00 77 00 7A 00 FF FF 00  00 13 47 D9 18 42 4C 3B  .w.z.... ..G..BL;
  [1A0] 30 66 1D 02 F0 C5 55 52  6B E1 0B F4 C0 E2 52 7D  0f....UR k.....R}
  [1B0] BC                                                . 
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 432
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 01b0
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0020
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000008
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000170
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 432
[2005/12/05 17:56:51, 5] rpc_client/cli_pipe.c:(214)
  rpc_auth_pipe: pkt_type: 2 len: 432 auth_len: 32 NTLMSSP No schannel Yes sign Yes seal Yes 
[2005/12/05 17:56:51, 10] rpc_client/cli_pipe.c:(221)
  rpc_auth_pipe: packet:
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr_auth auth_hdr
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0000 auth_type    : 44
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0001 auth_level   : 06
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0002 auth_pad_len : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
      0003 auth_reserved: 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      0004 auth_context_id: 00000001
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000008 smb_io_rpc_auth_netsec_chk schannel_auth_sign
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
      0008 sig  : 77 00 7a 00 ff ff 00 00 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
      0010 seq_num: 13 47 d9 18 42 4c 3b 30 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
      0018 packet_digest: 66 1d 02 f0 c5 55 52 6b 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
      0020 confounder: e1 0b f4 c0 e2 52 7d bc 
[2005/12/05 17:56:51, 10] rpc_parse/parse_prs.c:(1613)
  SCHANNEL: netsec_encode seq_num=1 data_len=368
[2005/12/05 17:56:51, 10] rpc_parse/parse_prs.c:(1633)
  SCHANNEL: netsec_decode seq_num=1 data_len=368
[2005/12/05 17:56:51, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(82)
  000018 net_io_r_sam_logon 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      0018 buffer_creds: 00188078
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      00001c smb_io_cred 
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          00001c smb_io_chal 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
              001c data: 8a 6e 64 2f 7a 0d 40 43 
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000024 smb_io_utime 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0024 time: 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
      0028 switch_value: 0003
[2005/12/05 17:56:51, 6] rpc_parse/parse_prs.c:(82)
      00002c net_io_user_info3 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          002c ptr_user_info : 00182f80
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000030 smb_io_time logon time
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0030 low : fa608040
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0034 high: 01c5f92d
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000038 smb_io_time logoff time
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0038 low : ffffffff
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              003c high: 7fffffff
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000040 smb_io_time kickoff time
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0040 low : ffffffff
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0044 high: 7fffffff
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000048 smb_io_time last set time
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0048 low : 6f2e05a6
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              004c high: 01c5f9b4
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000050 smb_io_time can change time
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0050 low : 6f2e05a6
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0054 high: 01c5f9b4
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000058 smb_io_time must change time
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0058 low : ffffffff
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              005c high: 7fffffff
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000060 smb_io_unihdr hdr_user_name
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              0060 uni_str_len: 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              0062 uni_max_len: 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0064 buffer     : 00000000
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000068 smb_io_unihdr hdr_full_name
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              0068 uni_str_len: 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              006a uni_max_len: 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              006c buffer     : 00000000
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000070 smb_io_unihdr hdr_logon_script
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              0070 uni_str_len: 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              0072 uni_max_len: 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0074 buffer     : 00000000
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000078 smb_io_unihdr hdr_profile_path
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              0078 uni_str_len: 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              007a uni_max_len: 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              007c buffer     : 00000000
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000080 smb_io_unihdr hdr_home_dir
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              0080 uni_str_len: 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              0082 uni_max_len: 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0084 buffer     : 00000000
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000088 smb_io_unihdr hdr_dir_drive
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              0088 uni_str_len: 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              008a uni_max_len: 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              008c buffer     : 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
          0090 logon_count   : 040d
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
          0092 bad_pw_count  : 0000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          0094 user_rid      : 000003f0
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          0098 group_rid     : 00000201
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          009c num_groups    : 00000007
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          00a0 buffer_groups : 0018304c
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          00a4 user_flgs     : 00000120
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
          00a8 user_sess_key: 2e 1e 4f 51 44 a2 3e 52 59 ee 87 54 74 55 b0 c0 
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          0000b8 smb_io_unihdr hdr_logon_srv
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              00b8 uni_str_len: 000c
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              00ba uni_max_len: 000e
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              00bc buffer     : 0018309c
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          0000c0 smb_io_unihdr hdr_logon_dom
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              00c0 uni_str_len: 0006
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(642)
              00c2 uni_max_len: 0008
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              00c4 buffer     : 001830aa
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          00c8 buffer_dom_id : 00183084
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(758)
          00cc lm_sess_key: 9c 29 08 0f 02 9c de 4d 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          00d4 acct_flags : 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          00d8 unkown: 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          00dc unkown: 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          00e0 unkown: 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          00e4 unkown: 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          00e8 unkown: 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          00ec unkown: 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          00f0 unkown: 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          00f4 num_other_sids: 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          00f8 buffer_other_sids: 00000000
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_user_name
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_full_name
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_logon_script
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_profile_path
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_home_dir
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_dir_drive
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
          00fc num_groups2   : 00000007
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000100 smb_io_gid 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0100 g_rid: 00000201
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0104 attr : 00000007
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000108 smb_io_gid 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0108 g_rid: 0000046f
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              010c attr : 00000007
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000110 smb_io_gid 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0110 g_rid: 0000048c
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0114 attr : 00000007
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000118 smb_io_gid 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0118 g_rid: 00000549
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              011c attr : 00000007
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000120 smb_io_gid 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0120 g_rid: 00000576
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0124 attr : 00000007
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000128 smb_io_gid 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0128 g_rid: 00000784
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              012c attr : 00000007
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000130 smb_io_gid 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0130 g_rid: 000007ab
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0134 attr : 00000007
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000138 smb_io_unistr2 uni_logon_srv
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0138 uni_max_len: 00000007
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              013c offset     : 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0140 uni_str_len: 00000006
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(843)
              0144 buffer     : N.T.R.Z.1.3.
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000150 smb_io_unistr2 uni_logon_dom
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0150 uni_max_len: 00000004
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0154 offset     : 00000000
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0158 uni_str_len: 00000003
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(843)
              015c buffer     : H.R.Z.
[2005/12/05 17:56:51, 7] rpc_parse/parse_prs.c:(82)
          000162 smb_io_dom_sid2 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
              0164 num_auths: 00000004
[2005/12/05 17:56:51, 8] rpc_parse/parse_prs.c:(82)
              000168 smb_io_dom_sid sid
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
                  0168 sid_rev_num: 01
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
                  0169 num_auths  : 04
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
                  016a id_auth[0] : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
                  016b id_auth[1] : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
                  016c id_auth[2] : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
                  016d id_auth[3] : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
                  016e id_auth[4] : 00
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(582)
                  016f id_auth[5] : 05
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(898)
                  0170 sub_auths : 00000015 413b77f4 713029db 374c57ac 
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(671)
      0180 auth_resp   : 0c529a01
[2005/12/05 17:56:51, 5] rpc_parse/parse_prs.c:(701)
      0184 status      : NT_STATUS_OK
[2005/12/05 17:56:51, 10] passdb/secrets.c:(771)
  secrets_named_mutex: released mutex for NTRZ13
[2005/12/05 17:56:51, 5] lib/username.c:(313)
  Finding user HRZ\ratzka
[2005/12/05 17:56:51, 5] lib/username.c:(262)
  Trying _Get_Pwnam(), username as lowercase is hrz\ratzka
[2005/12/05 17:56:51, 5] lib/username.c:(269)
  Trying _Get_Pwnam(), username as given is HRZ\ratzka
[2005/12/05 17:56:51, 5] lib/username.c:(278)
  Trying _Get_Pwnam(), username as uppercase is HRZ\RATZKA
[2005/12/05 17:56:51, 5] lib/username.c:(286)
  Checking combinations of 0 uppercase letters in hrz\ratzka
[2005/12/05 17:56:51, 5] lib/username.c:(290)
  Get_Pwnam_internals didn't find user [HRZ\ratzka]!
[2005/12/05 17:56:51, 5] lib/username.c:(313)
  Finding user ratzka
[2005/12/05 17:56:51, 5] lib/username.c:(262)
  Trying _Get_Pwnam(), username as lowercase is ratzka
[2005/12/05 17:56:51, 5] lib/username.c:(290)
  Get_Pwnam_internals did find user [ratzka]!
[2005/12/05 17:56:51, 5] auth/auth_util.c:(994)
  fill_sam_account: located username was [ratzka]
[2005/12/05 17:56:51, 10] passdb/pdb_get_set.c:(617)
  pdb_set_username: setting username ratzka, was 
[2005/12/05 17:56:51, 10] passdb/pdb_get_set.c:(698)
  pdb_set_full_name: setting full name Wolfgang Ratzka, HRZ, x5876, was 
[2005/12/05 17:56:51, 10] passdb/pdb_get_set.c:(833)
  pdb_set_unix_homedir: setting home dir /home/ratzka, was NULL
[2005/12/05 17:56:51, 10] passdb/pdb_get_set.c:(644)
  pdb_set_domain: setting domain HRZ_SMB, was 
[2005/12/05 17:56:51, 10] passdb/pdb_get_set.c:(544)
  pdb_set_user_sid: setting user sid S-1-5-21-1686530679-3929198075-576801238-66824
[2005/12/05 17:56:51, 10] passdb/pdb_compat.c:(73)
  pdb_set_user_sid_from_rid:
  	setting user sid S-1-5-21-1686530679-3929198075-576801238-66824 from rid 66824
[2005/12/05 17:56:51, 3] smbd/sec_ctx.c:(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/12/05 17:56:51, 3] smbd/uid.c:(388)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/12/05 17:56:51, 3] smbd/sec_ctx.c:(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/12/05 17:56:51, 5] auth/auth_util.c:(452)
  NT user token: (NULL)
[2005/12/05 17:56:51, 5] auth/auth_util.c:(473)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/12/05 17:56:51, 3] smbd/sec_ctx.c:(386)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/12/05 17:56:51, 10] passdb/pdb_get_set.c:(580)
  pdb_set_group_sid: setting group sid S-1-5-21-1686530679-3929198075-576801238-1201
[2005/12/05 17:56:51, 10] passdb/pdb_compat.c:(100)
  pdb_set_group_sid_from_rid:
  	setting group sid S-1-5-21-1686530679-3929198075-576801238-1201 from rid 1201
[2005/12/05 17:56:51, 4] lib/substitute.c:(337)
  Home server: hrz_smb
[2005/12/05 17:56:51, 10] passdb/pdb_get_set.c:(752)
  pdb_set_profile_path: setting profile path \\hrz_smb\ratzka\profile, was 
[2005/12/05 17:56:51, 4] lib/substitute.c:(337)
  Home server: hrz_smb
[2005/12/05 17:56:51, 10] passdb/pdb_get_set.c:(806)
  pdb_set_homedir: setting home dir \\hrz_smb\ratzka, was 
[2005/12/05 17:56:51, 10] passdb/pdb_get_set.c:(779)
  pdb_set_dir_drive: setting dir drive , was NULL
[2005/12/05 17:56:51, 10] passdb/pdb_get_set.c:(725)
  pdb_set_logon_script: setting logon script , was 
[2005/12/05 17:56:51, 10] passdb/pdb_get_set.c:(671)
  pdb_set_nt_username: setting nt username ratzka, was 
[2005/12/05 17:56:51, 10] passdb/pdb_get_set.c:(617)
  pdb_set_username: setting username ratzka, was ratzka
[2005/12/05 17:56:51, 10] passdb/pdb_get_set.c:(644)
  pdb_set_domain: setting domain HRZ, was HRZ_SMB
[2005/12/05 17:56:51, 10] passdb/pdb_get_set.c:(544)
  pdb_set_user_sid: setting user sid S-1-5-21-1094416372-1898981851-927750060-1008
[2005/12/05 17:56:51, 10] passdb/pdb_get_set.c:(580)
  pdb_set_group_sid: setting group sid S-1-5-21-1094416372-1898981851-927750060-513
[2005/12/05 17:56:51, 10] passdb/pdb_get_set.c:(698)
  pdb_set_full_name: setting full name , was Wolfgang Ratzka, HRZ, x5876
[2005/12/05 17:56:51, 10] passdb/pdb_get_set.c:(725)
  pdb_set_logon_script: setting logon script , was 
[2005/12/05 17:56:51, 10] passdb/pdb_get_set.c:(752)
  pdb_set_profile_path: setting profile path , was \\hrz_smb\ratzka\profile
[2005/12/05 17:56:51, 10] passdb/pdb_get_set.c:(806)
  pdb_set_homedir: setting home dir , was \\hrz_smb\ratzka
[2005/12/05 17:56:51, 10] passdb/pdb_get_set.c:(779)
  pdb_set_dir_drive: setting dir drive , was 
[2005/12/05 17:56:51, 3] smbd/sec_ctx.c:(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/12/05 17:56:51, 3] smbd/uid.c:(388)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/12/05 17:56:51, 3] smbd/sec_ctx.c:(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/12/05 17:56:51, 5] auth/auth_util.c:(452)
  NT user token: (NULL)
[2005/12/05 17:56:51, 5] auth/auth_util.c:(473)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/12/05 17:56:51, 10] lib/system_smbd.c:(116)
  sys_getgrouplist: user [ratzka]
[2005/12/05 17:56:51, 10] lib/system_smbd.c:(125)
  sys_getgrouplist(): disabled winbindd for group lookup [user == ratzka]
[2005/12/05 17:56:51, 3] smbd/sec_ctx.c:(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2005/12/05 17:56:51, 3] smbd/uid.c:(388)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 1
[2005/12/05 17:56:51, 3] smbd/sec_ctx.c:(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2005/12/05 17:56:51, 5] auth/auth_util.c:(452)
  NT user token: (NULL)
[2005/12/05 17:56:51, 5] auth/auth_util.c:(473)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/12/05 17:56:52, 6] param/loadparm.c:(2834)
  lp_file_list_changed()
  file /opt/csw/etc/samba/smb.conf -> /opt/csw/etc/samba/smb.conf  last mod_time: Fri Dec  2 16:33:42 2005
  
[2005/12/05 17:56:52, 5] auth/auth_util.c:(191)
  make_user_info_map: Mapping user [HRZ]\[ratzka] from workstation [PCRZ478-WXP]
[2005/12/05 17:56:52, 10] lib/gencache.c:(263)
  Returning valid cache entry: key = TDOMCACHE/TIMESTAMP, value = 0, timeout = Mon Dec  5 18:06:50 2005
  
[2005/12/05 17:56:52, 10] lib/gencache.c:(127)
  Adding cache entry with key = TDOMCACHE/TIMESTAMP; value = 0 and timeout = Mon Dec  5 18:06:52 2005
   (600 seconds ahead)
[2005/12/05 17:56:52, 4] passdb/secrets.c:(281)
  Using cleartext machine password
[2005/12/05 17:56:52, 8] libsmb/namequery.c:(1433)
  get_sorted_dc_list: attempting lookup using [lmhosts wins host bcast]
[2005/12/05 17:56:52, 10] libsmb/namequery.c:(1028)
  internal_resolve_name: looking up HRZ#1c
[2005/12/05 17:56:52, 10] lib/gencache.c:(263)
  Returning valid cache entry: key = NBT/HRZ#1C, value = 137.248.3.174:0,137.248.3.163:0,137.248.3.45:0, timeout = Mon Dec  5 18:06:09 2005
  
[2005/12/05 17:56:52, 5] libsmb/namecache.c:(201)
  name HRZ#1C found.
[2005/12/05 17:56:52, 8] libsmb/namequery.c:(1316)
  Adding 3 DC's from auto lookup
[2005/12/05 17:56:52, 10] libsmb/namequery.c:(320)
  remove_duplicate_addrs2: looking for duplicate address/port pairs
[2005/12/05 17:56:52, 4] libsmb/namequery.c:(1406)
  get_dc_list: returning 3 ip addresses in an unordered list
[2005/12/05 17:56:52, 4] libsmb/namequery.c:(1407)
  get_dc_list: 137.248.3.174:0 137.248.3.163:0 137.248.3.45:0 
[2005/12/05 17:56:52, 10] libsmb/namequery.c:(188)
  name_status_find: looking up HRZ#1c at 137.248.3.174
[2005/12/05 17:56:52, 10] lib/gencache.c:(285)
  Cache entry with key = NBT/HRZ#1C.20.137.248.3.174 couldn't be found
[2005/12/05 17:56:52, 5] libsmb/namecache.c:(308)
  namecache_status_fetch: no entry for NBT/HRZ#1C.20.137.248.3.174 found.
[2005/12/05 17:56:52, 10] lib/gencache.c:(214)
  Deleting cache entry (key = NBT/HRZ#1C.20.137.248.3.174)
[2005/12/05 17:56:52, 10] lib/util_sock.c:(832)
  bind succeeded on port 0
[2005/12/05 17:56:52, 5] libsmb/nmblib.c:(777)
  Sending a packet of len 50 to (137.248.3.174) on port 137
[2005/12/05 17:56:52, 10] lib/util_sock.c:(286)
  read_udp_socket: lastip 137.248.3.174 lastport 137 read: 247
[2005/12/05 17:56:52, 10] libsmb/nmblib.c:(506)
  parse_nmb: packet id = 9393
[2005/12/05 17:56:52, 5] libsmb/nmblib.c:(755)
  Received a packet of len 247 from (137.248.3.174) port 137
[2005/12/05 17:56:52, 4] libsmb/nmblib.c:(112)
  nmb packet from 137.248.3.174(137) header: id=9393 opcode=Query(0) response=Yes
      header: flags: bcast=No rec_avail=No rec_des=No trunc=No auth=Yes
      header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
      answers: nmb_name=HRZ<1c> rr_type=33 rr_class=1 ttl=0
      answers   0 char .NTRZ13            hex 074E54525A3133202020202020202020
      answers  10 char .D.HRZ             hex 00440048525A20202020202020202020
      answers  20 char   ...HRZ           hex 202000C40048525A2020202020202020
      answers  30 char     ...NTRZ13      hex 202020201CC4004E54525A3133202020
      answers  40 char        D.HRZ       hex 20202020202020440048525A20202020
      answers  50 char         ...NTRZ1   hex 20202020202020201EC4004E54525A31
      answers  60 char 3         .D.NTR   hex 332020202020202020200344004E5452
      answers  70 char Z13         .D..   hex 5A313320202020202020202001440000
      answers  80 char ...e............   hex 01020A65D90000000000000000000000
      answers  90 char ................   hex 00000000000000000000000000000000
      answers  a0 char .............   hex 00000000000000000000000000
[2005/12/05 17:56:52, 10] libsmb/namequery.c:(70)
  NTRZ13#00: flags = 0x44
[2005/12/05 17:56:52, 10] libsmb/namequery.c:(70)
  HRZ#00: flags = 0xc4
[2005/12/05 17:56:52, 10] libsmb/namequery.c:(70)
  HRZ#1c: flags = 0xc4
[2005/12/05 17:56:52, 10] libsmb/namequery.c:(70)
  NTRZ13#20: flags = 0x44
[2005/12/05 17:56:52, 10] libsmb/namequery.c:(70)
  HRZ#1e: flags = 0xc4
[2005/12/05 17:56:52, 10] libsmb/namequery.c:(70)
  NTRZ13#03: flags = 0x44
[2005/12/05 17:56:52, 10] libsmb/namequery.c:(70)
  NTRZ13#01: flags = 0x44
[2005/12/05 17:56:52, 10] libsmb/namequery.c:(227)
  name_status_find: name found, name NTRZ13 ip address is 137.248.3.174
[2005/12/05 17:56:52, 3] libsmb/namequery_dc.c:(145)
  rpc_dc_name: Returning DC NTRZ13 (137.248.3.174) for domain HRZ
[2005/12/05 17:56:52, 3] libsmb/cliconnect.c:(1407)
  Connecting to host=NTRZ13
[2005/12/05 17:56:52, 3] lib/util_sock.c:(867)
  Connecting to 137.248.3.174 at port 445
[2005/12/05 17:56:52, 2] lib/util_sock.c:(904)
  error connecting to 137.248.3.174:445 (Connection refused)
[2005/12/05 17:56:52, 3] lib/util_sock.c:(867)
  Connecting to 137.248.3.174 at port 139
[2005/12/05 17:56:52, 5] lib/util_sock.c:(203)
  socket option SO_KEEPALIVE = 0
[2005/12/05 17:56:52, 5] lib/util_sock.c:(203)
  socket option SO_REUSEADDR = 0
[2005/12/05 17:56:52, 5] lib/util_sock.c:(203)
  socket option SO_BROADCAST = 0
[2005/12/05 17:56:52, 5] lib/util_sock.c:(203)
  socket option TCP_NODELAY = 1
[2005/12/05 17:56:52, 5] lib/util_sock.c:(203)
  socket option IPTOS_LOWDELAY = 0
[2005/12/05 17:56:52, 5] lib/util_sock.c:(203)
  socket option IPTOS_THROUGHPUT = 0
[2005/12/05 17:56:52, 5] lib/util_sock.c:(203)
  socket option SO_SNDBUF = 49152
[2005/12/05 17:56:52, 5] lib/util_sock.c:(203)
  socket option SO_RCVBUF = 49640
[2005/12/05 17:56:52, 5] lib/util_sock.c:(201)
  Could not test socket option SO_SNDLOWAT.
[2005/12/05 17:56:52, 5] lib/util_sock.c:(201)
  Could not test socket option SO_RCVLOWAT.
[2005/12/05 17:56:52, 5] lib/util_sock.c:(201)
  Could not test socket option SO_SNDTIMEO.
[2005/12/05 17:56:52, 5] lib/util_sock.c:(201)
  Could not test socket option SO_RCVTIMEO.
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(132)
  write_socket(26,72)
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(135)
  write_socket(26,72) wrote 72
[2005/12/05 17:56:52, 5] libsmb/cliconnect.c:(1233)
  Sent session request
[2005/12/05 17:56:52, 10] lib/util_sock.c:(615)
  got smb length of 0
[2005/12/05 17:56:52, 5] lib/util.c:(454)
[2005/12/05 17:56:52, 5] lib/util.c:(464)
  size=0
  smb_com=0x0
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=0
  smb_flg2=0
  smb_tid=0
  smb_pid=0
  smb_uid=0
  smb_mid=0
  smt_wct=0
  smb_bcc=0
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(132)
  write_socket(26,183)
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(135)
  write_socket(26,183) wrote 183
[2005/12/05 17:56:52, 10] lib/util_sock.c:(615)
  got smb length of 85
[2005/12/05 17:56:52, 5] lib/util.c:(454)
[2005/12/05 17:56:52, 5] lib/util.c:(464)
  size=85
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=55297
  smb_tid=0
  smb_pid=29652
  smb_uid=0
  smb_mid=2
  smt_wct=17
  smb_vwv[ 0]=    8 (0x8)
  smb_vwv[ 1]=12803 (0x3203)
  smb_vwv[ 2]=  256 (0x100)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=   17 (0x11)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  256 (0x100)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=64768 (0xFD00)
  smb_vwv[10]=   67 (0x43)
  smb_vwv[11]=31232 (0x7A00)
  smb_vwv[12]=23265 (0x5AE1)
  smb_vwv[13]=48356 (0xBCE4)
  smb_vwv[14]=50681 (0xC5F9)
  smb_vwv[15]=50177 (0xC401)
  smb_vwv[16]= 2303 (0x8FF)
  smb_bcc=16
[2005/12/05 17:56:52, 10] lib/util.c:(2053)
  [000] 26 16 9A E3 45 1C 2D 0D  48 00 52 00 5A 00 00 00  &...E.-. H.R.Z...
[2005/12/05 17:56:52, 5] lib/util.c:(454)
[2005/12/05 17:56:52, 5] lib/util.c:(464)
  size=85
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=55297
  smb_tid=0
  smb_pid=29652
  smb_uid=0
  smb_mid=2
  smt_wct=17
  smb_vwv[ 0]=    8 (0x8)
  smb_vwv[ 1]=12803 (0x3203)
  smb_vwv[ 2]=  256 (0x100)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=   17 (0x11)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  256 (0x100)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=64768 (0xFD00)
  smb_vwv[10]=   67 (0x43)
  smb_vwv[11]=31232 (0x7A00)
  smb_vwv[12]=23265 (0x5AE1)
  smb_vwv[13]=48356 (0xBCE4)
  smb_vwv[14]=50681 (0xC5F9)
  smb_vwv[15]=50177 (0xC401)
  smb_vwv[16]= 2303 (0x8FF)
  smb_bcc=16
[2005/12/05 17:56:52, 10] lib/util.c:(2053)
  [000] 26 16 9A E3 45 1C 2D 0D  48 00 52 00 5A 00 00 00  &...E.-. H.R.Z...
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(132)
  write_socket(26,92)
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(135)
  write_socket(26,92) wrote 92
[2005/12/05 17:56:52, 10] lib/util_sock.c:(615)
  got smb length of 118
[2005/12/05 17:56:52, 5] lib/util.c:(454)
[2005/12/05 17:56:52, 5] lib/util.c:(464)
  size=118
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=0
  smb_pid=29652
  smb_uid=16386
  smb_mid=3
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  118 (0x76)
  smb_vwv[ 2]=    0 (0x0)
  smb_bcc=77
[2005/12/05 17:56:52, 10] lib/util.c:(2053)
  [000] 00 57 00 69 00 6E 00 64  00 6F 00 77 00 73 00 20  .W.i.n.d .o.w.s. 
  [010] 00 4E 00 54 00 20 00 34  00 2E 00 30 00 00 00 4E  .N.T. .4 ...0...N
  [020] 00 54 00 20 00 4C 00 41  00 4E 00 20 00 4D 00 61  .T. .L.A .N. .M.a
  [030] 00 6E 00 61 00 67 00 65  00 72 00 20 00 34 00 2E  .n.a.g.e .r. .4..
  [040] 00 30 00 00 00 48 00 52  00 5A 00 00 00           .0...H.R .Z...
[2005/12/05 17:56:52, 5] lib/util.c:(454)
[2005/12/05 17:56:52, 5] lib/util.c:(464)
  size=118
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=0
  smb_pid=29652
  smb_uid=16386
  smb_mid=3
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  118 (0x76)
  smb_vwv[ 2]=    0 (0x0)
  smb_bcc=77
[2005/12/05 17:56:52, 10] lib/util.c:(2053)
  [000] 00 57 00 69 00 6E 00 64  00 6F 00 77 00 73 00 20  .W.i.n.d .o.w.s. 
  [010] 00 4E 00 54 00 20 00 34  00 2E 00 30 00 00 00 4E  .N.T. .4 ...0...N
  [020] 00 54 00 20 00 4C 00 41  00 4E 00 20 00 4D 00 61  .T. .L.A .N. .M.a
  [030] 00 6E 00 61 00 67 00 65  00 72 00 20 00 34 00 2E  .n.a.g.e .r. .4..
  [040] 00 30 00 00 00 48 00 52  00 5A 00 00 00           .0...H.R .Z...
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(132)
  write_socket(26,80)
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(135)
  write_socket(26,80) wrote 80
[2005/12/05 17:56:52, 10] lib/util_sock.c:(615)
  got smb length of 48
[2005/12/05 17:56:52, 5] lib/util.c:(454)
[2005/12/05 17:56:52, 5] lib/util.c:(464)
  size=48
  smb_com=0x75
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=10240
  smb_pid=29652
  smb_uid=16386
  smb_mid=4
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=   48 (0x30)
  smb_vwv[ 2]=    1 (0x1)
  smb_bcc=7
[2005/12/05 17:56:52, 10] lib/util.c:(2053)
  [000] 49 50 43 00 00 00 00                              IPC.... 
[2005/12/05 17:56:52, 10] libsmb/clientgen.c:(232)
  cli_init_creds: user  domain 
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(132)
  write_socket(26,104)
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(135)
  write_socket(26,104) wrote 104
[2005/12/05 17:56:52, 10] lib/util_sock.c:(615)
  got smb length of 103
[2005/12/05 17:56:52, 5] lib/util.c:(454)
[2005/12/05 17:56:52, 5] lib/util.c:(464)
  size=103
  smb_com=0xa2
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=10240
  smb_pid=29652
  smb_uid=16386
  smb_mid=5
  smt_wct=34
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  103 (0x67)
  smb_vwv[ 2]= 1792 (0x700)
  smb_vwv[ 3]=  368 (0x170)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=    0 (0x0)
  smb_vwv[11]=    0 (0x0)
  smb_vwv[12]=    0 (0x0)
  smb_vwv[13]=    0 (0x0)
  smb_vwv[14]=    0 (0x0)
  smb_vwv[15]=    0 (0x0)
  smb_vwv[16]=    0 (0x0)
  smb_vwv[17]=    0 (0x0)
  smb_vwv[18]=    0 (0x0)
  smb_vwv[19]=    0 (0x0)
  smb_vwv[20]=    0 (0x0)
  smb_vwv[21]=32768 (0x8000)
  smb_vwv[22]=    0 (0x0)
  smb_vwv[23]=    0 (0x0)
  smb_vwv[24]=   16 (0x10)
  smb_vwv[25]=    0 (0x0)
  smb_vwv[26]=    0 (0x0)
  smb_vwv[27]=    0 (0x0)
  smb_vwv[28]=    0 (0x0)
  smb_vwv[29]=    0 (0x0)
  smb_vwv[30]=    0 (0x0)
  smb_vwv[31]=  512 (0x200)
  smb_vwv[32]=65280 (0xFF00)
  smb_vwv[33]=    5 (0x5)
  smb_bcc=0
[2005/12/05 17:56:52, 5] rpc_client/cli_pipe.c:(1343)
  Bind RPC Pipe[7007]: \PIPE\lsarpc
[2005/12/05 17:56:52, 5] rpc_client/cli_pipe.c:(1237)
  Bind Abstract Syntax: [000] 12 34 57 78 12 34 AB CD  EF 00 01 23 45 67 89 AB  .4Wx.4.. ...#Eg..
  [010] 00 00 00 00                                       .... 
[2005/12/05 17:56:52, 5] rpc_client/cli_pipe.c:(1240)
  Bind Transfer Syntax: [000] 8A 88 5D 04 1C EB 11 C9  9F E8 08 00 2B 10 48 60  ..]..... ....+.H`
  [010] 00 00 00 02                                       .... 
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0b
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0048
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000001
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_rb 
[2005/12/05 17:56:52, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00000000
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0018 num_contexts: 01
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
      001c context_id  : 0000
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      001e num_transfer_syntaxes: 01
[2005/12/05 17:56:52, 6] rpc_parse/parse_prs.c:(82)
      00001f smb_io_rpc_iface 
[2005/12/05 17:56:52, 7] rpc_parse/parse_prs.c:(82)
          000020 smb_io_uuid uuid
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
              0020 data   : 12345778
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
              0024 data   : 1234
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
              0026 data   : abcd
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(758)
              0028 data   : ef 00 
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(758)
              002a data   : 01 23 45 67 89 ab 
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
          0030 version: 00000000
[2005/12/05 17:56:52, 6] rpc_parse/parse_prs.c:(82)
      000034 smb_io_rpc_iface 
[2005/12/05 17:56:52, 7] rpc_parse/parse_prs.c:(82)
          000034 smb_io_uuid uuid
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
              0034 data   : 8a885d04
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
              0038 data   : 1ceb
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
              003a data   : 11c9
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(758)
              003c data   : 9f e8 
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(758)
              003e data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
          0044 version: 00000002
[2005/12/05 17:56:52, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:7007
[2005/12/05 17:56:52, 5] lib/util.c:(454)
[2005/12/05 17:56:52, 5] lib/util.c:(464)
  size=154
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=10240
  smb_pid=29652
  smb_uid=16386
  smb_mid=6
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   72 (0x48)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   72 (0x48)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=28679 (0x7007)
  smb_bcc=87
[2005/12/05 17:56:52, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 0B 03 10 00 00 00 48  00 00 00 01 00 00 00 B8  .......H ........
  [020] 10 B8 10 00 00 00 00 01  00 00 00 00 00 01 00 78  ........ .......x
  [030] 57 34 12 34 12 CD AB EF  00 01 23 45 67 89 AB 00  W4.4.... ..#Eg...
  [040] 00 00 00 04 5D 88 8A EB  1C C9 11 9F E8 08 00 2B  ....]... .......+
  [050] 10 48 60 02 00 00 00                              .H`.... 
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(132)
  write_socket(26,158)
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(135)
  write_socket(26,158) wrote 158
[2005/12/05 17:56:52, 10] lib/util_sock.c:(615)
  got smb length of 124
[2005/12/05 17:56:52, 5] lib/util.c:(454)
[2005/12/05 17:56:52, 5] lib/util.c:(464)
  size=124
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=10240
  smb_pid=29652
  smb_uid=16386
  smb_mid=6
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   68 (0x44)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=69
[2005/12/05 17:56:52, 10] lib/util.c:(2053)
  [000] 48 05 00 0C 03 10 00 00  00 44 00 00 00 01 00 00  H....... .D......
  [010] 00 B8 10 B8 10 38 97 13  00 0C 00 5C 50 49 50 45  .....8.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 00  00 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00                                    `.... 
[2005/12/05 17:56:52, 5] lib/util.c:(454)
[2005/12/05 17:56:52, 5] lib/util.c:(464)
  size=124
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=10240
  smb_pid=29652
  smb_uid=16386
  smb_mid=6
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   68 (0x44)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=69
[2005/12/05 17:56:52, 10] lib/util.c:(2053)
  [000] 48 05 00 0C 03 10 00 00  00 44 00 00 00 01 00 00  H....... .D......
  [010] 00 B8 10 B8 10 38 97 13  00 0C 00 5C 50 49 50 45  .....8.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 00  00 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00                                    `.... 
[2005/12/05 17:56:52, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 68
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0c
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0044
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000001
[2005/12/05 17:56:52, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 68
[2005/12/05 17:56:52, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:52, 5] rpc_client/cli_pipe.c:(1419)
  rpc_pipe_bind: rpc_api_pipe returned OK.
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_ba 
[2005/12/05 17:56:52, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00139738
[2005/12/05 17:56:52, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_rpc_addr_str 
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
          0018 len: 000c
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(758)
          001a str: \PIPE\lsass.
[2005/12/05 17:56:52, 6] rpc_parse/parse_prs.c:(82)
      000026 smb_io_rpc_results 
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
          0028 num_results: 01
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
          002c result     : 0000
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
          002e reason     : 0000
[2005/12/05 17:56:52, 6] rpc_parse/parse_prs.c:(82)
      000030 smb_io_rpc_iface 
[2005/12/05 17:56:52, 7] rpc_parse/parse_prs.c:(82)
          000030 smb_io_uuid uuid
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
              0030 data   : 8a885d04
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
              0034 data   : 1ceb
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
              0036 data   : 11c9
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(758)
              0038 data   : 9f e8 
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(758)
              003a data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
          0040 version: 00000002
[2005/12/05 17:56:52, 5] rpc_client/cli_pipe.c:(1293)
  bind_rpc_pipe: accepted!
[2005/12/05 17:56:52, 5] rpc_parse/parse_lsa.c:(142)
  init_lsa_sec_qos
[2005/12/05 17:56:52, 5] rpc_parse/parse_lsa.c:(261)
  init_open_pol: attr:0 da:1
[2005/12/05 17:56:52, 5] rpc_parse/parse_lsa.c:(193)
  init_lsa_obj_attr
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(82)
  000000 lsa_io_q_open_pol 
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
      0000 ptr       : 00000001
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
      0004 system_name: 005c
[2005/12/05 17:56:52, 6] rpc_parse/parse_prs.c:(82)
      000008 lsa_io_obj_attr 
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
          0008 len         : 00000018
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
          000c ptr_root_dir: 00000000
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
          0010 ptr_obj_name: 00000000
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
          0014 attributes  : 00000000
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
          0018 ptr_sec_desc: 00000000
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
          001c ptr_sec_qos : 00000001
[2005/12/05 17:56:52, 7] rpc_parse/parse_prs.c:(82)
          000020 lsa_io_obj_qos sec_qos
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
              0020 len           : 0000000c
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
              0024 sec_imp_level : 0002
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
              0026 sec_ctxt_mode : 01
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
              0027 effective_only: 00
[2005/12/05 17:56:52, 3] rpc_parse/parse_lsa.c:(181)
  lsa_io_sec_qos: length c does not match size 8
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
      0028 des_access: 00000001
[2005/12/05 17:56:52, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0x6 data_len: 0x44
[2005/12/05 17:56:52, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 44 auth_len: 0 alloc_hint: 34
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0044
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000002
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000034
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 0006
[2005/12/05 17:56:52, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:7007
[2005/12/05 17:56:52, 5] lib/util.c:(454)
[2005/12/05 17:56:52, 5] lib/util.c:(464)
  size=150
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=10240
  smb_pid=29652
  smb_uid=16386
  smb_mid=7
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   68 (0x44)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=28679 (0x7007)
  smb_bcc=83
[2005/12/05 17:56:52, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 44  00 00 00 02 00 00 00 34  .......D .......4
  [020] 00 00 00 00 00 06 00 01  00 00 00 5C 00 00 00 18  ........ ...\....
  [030] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
  [040] 00 00 00 01 00 00 00 0C  00 00 00 02 00 01 00 01  ........ ........
  [050] 00 00 00                                          ... 
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(132)
  write_socket(26,154)
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(135)
  write_socket(26,154) wrote 154
[2005/12/05 17:56:52, 10] lib/util_sock.c:(615)
  got smb length of 104
[2005/12/05 17:56:52, 5] lib/util.c:(454)
[2005/12/05 17:56:52, 5] lib/util.c:(464)
  size=104
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=10240
  smb_pid=29652
  smb_uid=16386
  smb_mid=7
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   48 (0x30)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   48 (0x30)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=49
[2005/12/05 17:56:52, 10] lib/util.c:(2053)
  [000] 44 05 00 02 03 10 00 00  00 30 00 00 00 02 00 00  D....... .0......
  [010] 00 18 00 00 00 00 00 00  00 00 00 00 00 23 A6 12  ........ .....#..
  [020] FF FA 47 5B 4C B2 EE D6  05 4E A8 A7 6F 00 00 00  ..G[L... .N..o...
  [030] 00                                                . 
[2005/12/05 17:56:52, 5] lib/util.c:(454)
[2005/12/05 17:56:52, 5] lib/util.c:(464)
  size=104
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=10240
  smb_pid=29652
  smb_uid=16386
  smb_mid=7
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   48 (0x30)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   48 (0x30)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=49
[2005/12/05 17:56:52, 10] lib/util.c:(2053)
  [000] 44 05 00 02 03 10 00 00  00 30 00 00 00 02 00 00  D....... .0......
  [010] 00 18 00 00 00 00 00 00  00 00 00 00 00 23 A6 12  ........ .....#..
  [020] FF FA 47 5B 4C B2 EE D6  05 4E A8 A7 6F 00 00 00  ..G[L... .N..o...
  [030] 00                                                . 
[2005/12/05 17:56:52, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 48
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0030
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000002
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000018
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:52, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 48
[2005/12/05 17:56:52, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(82)
  000018 lsa_io_r_open_pol 
[2005/12/05 17:56:52, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_pol_hnd 
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
          0018 data1: 00000000
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
          001c data2: ff12a623
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
          0020 data3: 47fa
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
          0022 data4: 4c5b
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(758)
          0024 data5: b2 ee d6 05 4e a8 a7 6f 
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(701)
      002c status: NT_STATUS_OK
[2005/12/05 17:56:52, 5] rpc_parse/parse_lsa.c:(477)
  init_q_enum_trust_dom
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(82)
  000000 lsa_io_q_enum_trust_dom 
[2005/12/05 17:56:52, 6] rpc_parse/parse_prs.c:(82)
      000000 smb_io_pol_hnd 
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
          0000 data1: 00000000
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
          0004 data2: ff12a623
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
          0008 data3: 47fa
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
          000a data4: 4c5b
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(758)
          000c data5: b2 ee d6 05 4e a8 a7 6f 
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
      0014 enum_context : 00000000
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
      0018 preferred_len: 00010000
[2005/12/05 17:56:52, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0xd data_len: 0x34
[2005/12/05 17:56:52, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 34 auth_len: 0 alloc_hint: 24
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0034
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000003
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000024
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 000d
[2005/12/05 17:56:52, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:7007
[2005/12/05 17:56:52, 5] lib/util.c:(454)
[2005/12/05 17:56:52, 5] lib/util.c:(464)
  size=134
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=10240
  smb_pid=29652
  smb_uid=16386
  smb_mid=8
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   52 (0x34)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   52 (0x34)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=28679 (0x7007)
  smb_bcc=67
[2005/12/05 17:56:52, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 34  00 00 00 03 00 00 00 24  .......4 .......$
  [020] 00 00 00 00 00 0D 00 00  00 00 00 23 A6 12 FF FA  ........ ...#....
  [030] 47 5B 4C B2 EE D6 05 4E  A8 A7 6F 00 00 00 00 00  G[L....N ..o.....
  [040] 00 01 00                                          ... 
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(132)
  write_socket(26,138)
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(135)
  write_socket(26,138) wrote 138
[2005/12/05 17:56:52, 10] lib/util_sock.c:(615)
  got smb length of 96
[2005/12/05 17:56:52, 5] lib/util.c:(454)
[2005/12/05 17:56:52, 5] lib/util.c:(464)
  size=96
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=10240
  smb_pid=29652
  smb_uid=16386
  smb_mid=8
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   40 (0x28)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   40 (0x28)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=41
[2005/12/05 17:56:52, 10] lib/util.c:(2053)
  [000] 34 05 00 02 03 10 00 00  00 28 00 00 00 03 00 00  4....... .(......
  [010] 00 10 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
  [020] 00 00 00 00 00 1A 00 00  80                       ........ .
[2005/12/05 17:56:52, 5] lib/util.c:(454)
[2005/12/05 17:56:52, 5] lib/util.c:(464)
  size=96
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=10240
  smb_pid=29652
  smb_uid=16386
  smb_mid=8
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   40 (0x28)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   40 (0x28)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=41
[2005/12/05 17:56:52, 10] lib/util.c:(2053)
  [000] 34 05 00 02 03 10 00 00  00 28 00 00 00 03 00 00  4....... .(......
  [010] 00 10 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
  [020] 00 00 00 00 00 1A 00 00  80                       ........ .
[2005/12/05 17:56:52, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 40
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0028
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000003
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000010
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:52, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 40
[2005/12/05 17:56:52, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(82)
  000018 lsa_io_r_enum_trust_dom 
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
      0018 enum_context: 00000000
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
      001c count: 00000000
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(671)
      0020 ptr: 00000000
[2005/12/05 17:56:52, 5] rpc_parse/parse_prs.c:(701)
      0024 status: NT_STATUS_NO_MORE_ENTRIES
[2005/12/05 17:56:52, 10] libsmb/trusts_util.c:(181)
  enumerate_domain_trusts: shutting down connection...
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(132)
  write_socket(26,45)
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(135)
  write_socket(26,45) wrote 45
[2005/12/05 17:56:52, 10] lib/util_sock.c:(615)
  got smb length of 35
[2005/12/05 17:56:52, 5] lib/util.c:(454)
[2005/12/05 17:56:52, 5] lib/util.c:(464)
  size=35
  smb_com=0x4
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=10240
  smb_pid=29652
  smb_uid=16386
  smb_mid=9
  smt_wct=0
  smb_bcc=0
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(132)
  write_socket(26,39)
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(135)
  write_socket(26,39) wrote 39
[2005/12/05 17:56:52, 10] lib/util_sock.c:(615)
  got smb length of 35
[2005/12/05 17:56:52, 5] lib/util.c:(454)
[2005/12/05 17:56:52, 5] lib/util.c:(464)
  size=35
  smb_com=0x71
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=10240
  smb_pid=29652
  smb_uid=16386
  smb_mid=10
  smt_wct=0
  smb_bcc=0
[2005/12/05 17:56:52, 10] lib/gencache.c:(285)
  Cache entry with key = TDOM/HRZ couldn't be found
[2005/12/05 17:56:52, 5] libsmb/trustdom_cache.c:(184)
  no entry for trusted domain HRZ found.
[2005/12/05 17:56:52, 5] auth/auth_util.c:(99)
  attempting to make a user_info for ratzka (ratzka)
[2005/12/05 17:56:52, 5] auth/auth_util.c:(109)
  making strings for ratzka's user_info struct
[2005/12/05 17:56:52, 5] auth/auth_util.c:(151)
  making blobs for ratzka's user_info struct
[2005/12/05 17:56:52, 10] auth/auth_util.c:(167)
  made an encrypted user_info for ratzka (ratzka)
[2005/12/05 17:56:52, 3] auth/auth.c:(219)
  check_ntlm_password:  Checking password for unmapped user [HRZ]\[ratzka]@[PCRZ478-WXP] with the new password interface
[2005/12/05 17:56:52, 3] auth/auth.c:(222)
  check_ntlm_password:  mapped user is: [HRZ]\[ratzka]@[PCRZ478-WXP]
[2005/12/05 17:56:52, 10] auth/auth.c:(231)
  check_ntlm_password: auth_context challenge created by NTLMSSP callback (NTLM2)
[2005/12/05 17:56:52, 10] auth/auth.c:(233)
  challenge is: 
[2005/12/05 17:56:52, 5] lib/util.c:(2053)
  [000] 26 8D 63 80 8C B7 45 F1                           &.c...E. 
[2005/12/05 17:56:52, 10] auth/auth.c:(259)
  check_ntlm_password: guest had nothing to say
[2005/12/05 17:56:52, 8] lib/util.c:(1874)
  is_myname("HRZ") returns 0
[2005/12/05 17:56:52, 6] auth/auth_sam.c:(379)
  check_samstrict_security: HRZ is not one of my local names (ROLE_DOMAIN_MEMBER)
[2005/12/05 17:56:52, 10] auth/auth.c:(259)
  check_ntlm_password: sam had nothing to say
[2005/12/05 17:56:52, 3] smbd/sec_ctx.c:(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/12/05 17:56:52, 3] smbd/uid.c:(388)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/12/05 17:56:52, 3] smbd/sec_ctx.c:(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/12/05 17:56:52, 5] auth/auth_util.c:(452)
  NT user token: (NULL)
[2005/12/05 17:56:52, 5] auth/auth_util.c:(473)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/12/05 17:56:52, 3] smbd/sec_ctx.c:(386)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/12/05 17:56:52, 4] passdb/secrets.c:(281)
  Using cleartext machine password
[2005/12/05 17:56:52, 4] passdb/secrets.c:(281)
  Using cleartext machine password
[2005/12/05 17:56:52, 8] libsmb/namequery.c:(1433)
  get_sorted_dc_list: attempting lookup using [lmhosts wins host bcast]
[2005/12/05 17:56:52, 10] libsmb/namequery.c:(1028)
  internal_resolve_name: looking up HRZ#1c
[2005/12/05 17:56:52, 10] lib/gencache.c:(263)
  Returning valid cache entry: key = NBT/HRZ#1C, value = 137.248.3.174:0,137.248.3.163:0,137.248.3.45:0, timeout = Mon Dec  5 18:06:09 2005
  
[2005/12/05 17:56:52, 5] libsmb/namecache.c:(201)
  name HRZ#1C found.
[2005/12/05 17:56:52, 8] libsmb/namequery.c:(1316)
  Adding 3 DC's from auto lookup
[2005/12/05 17:56:52, 10] libsmb/namequery.c:(320)
  remove_duplicate_addrs2: looking for duplicate address/port pairs
[2005/12/05 17:56:52, 4] libsmb/namequery.c:(1406)
  get_dc_list: returning 3 ip addresses in an unordered list
[2005/12/05 17:56:52, 4] libsmb/namequery.c:(1407)
  get_dc_list: 137.248.3.174:0 137.248.3.163:0 137.248.3.45:0 
[2005/12/05 17:56:52, 10] libsmb/namequery.c:(188)
  name_status_find: looking up HRZ#1c at 137.248.3.174
[2005/12/05 17:56:52, 10] lib/gencache.c:(285)
  Cache entry with key = NBT/HRZ#1C.20.137.248.3.174 couldn't be found
[2005/12/05 17:56:52, 5] libsmb/namecache.c:(308)
  namecache_status_fetch: no entry for NBT/HRZ#1C.20.137.248.3.174 found.
[2005/12/05 17:56:52, 10] lib/gencache.c:(214)
  Deleting cache entry (key = NBT/HRZ#1C.20.137.248.3.174)
[2005/12/05 17:56:52, 10] lib/util_sock.c:(832)
  bind succeeded on port 0
[2005/12/05 17:56:52, 5] libsmb/nmblib.c:(777)
  Sending a packet of len 50 to (137.248.3.174) on port 137
[2005/12/05 17:56:52, 10] lib/util_sock.c:(286)
  read_udp_socket: lastip 137.248.3.174 lastport 137 read: 247
[2005/12/05 17:56:52, 10] libsmb/nmblib.c:(506)
  parse_nmb: packet id = 7241
[2005/12/05 17:56:52, 5] libsmb/nmblib.c:(755)
  Received a packet of len 247 from (137.248.3.174) port 137
[2005/12/05 17:56:52, 4] libsmb/nmblib.c:(112)
  nmb packet from 137.248.3.174(137) header: id=7241 opcode=Query(0) response=Yes
      header: flags: bcast=No rec_avail=No rec_des=No trunc=No auth=Yes
      header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
      answers: nmb_name=HRZ<1c> rr_type=33 rr_class=1 ttl=0
      answers   0 char .NTRZ13            hex 074E54525A3133202020202020202020
      answers  10 char .D.HRZ             hex 00440048525A20202020202020202020
      answers  20 char   ...HRZ           hex 202000C40048525A2020202020202020
      answers  30 char     ...NTRZ13      hex 202020201CC4004E54525A3133202020
      answers  40 char        D.HRZ       hex 20202020202020440048525A20202020
      answers  50 char         ...NTRZ1   hex 20202020202020201EC4004E54525A31
      answers  60 char 3         .D.NTR   hex 332020202020202020200344004E5452
      answers  70 char Z13         .D..   hex 5A313320202020202020202001440000
      answers  80 char ...e............   hex 01020A65D90000000000000000000000
      answers  90 char ................   hex 00000000000000000000000000000000
      answers  a0 char .............   hex 00000000000000000000000000
[2005/12/05 17:56:52, 10] libsmb/namequery.c:(70)
  NTRZ13#00: flags = 0x44
[2005/12/05 17:56:52, 10] libsmb/namequery.c:(70)
  HRZ#00: flags = 0xc4
[2005/12/05 17:56:52, 10] libsmb/namequery.c:(70)
  HRZ#1c: flags = 0xc4
[2005/12/05 17:56:52, 10] libsmb/namequery.c:(70)
  NTRZ13#20: flags = 0x44
[2005/12/05 17:56:52, 10] libsmb/namequery.c:(70)
  HRZ#1e: flags = 0xc4
[2005/12/05 17:56:52, 10] libsmb/namequery.c:(70)
  NTRZ13#03: flags = 0x44
[2005/12/05 17:56:52, 10] libsmb/namequery.c:(70)
  NTRZ13#01: flags = 0x44
[2005/12/05 17:56:52, 10] libsmb/namequery.c:(227)
  name_status_find: name found, name NTRZ13 ip address is 137.248.3.174
[2005/12/05 17:56:52, 3] libsmb/namequery_dc.c:(145)
  rpc_dc_name: Returning DC NTRZ13 (137.248.3.174) for domain HRZ
[2005/12/05 17:56:52, 10] passdb/secrets.c:(759)
  secrets_named_mutex: got mutex for NTRZ13
[2005/12/05 17:56:52, 3] libsmb/cliconnect.c:(1407)
  Connecting to host=NTRZ13
[2005/12/05 17:56:52, 3] lib/util_sock.c:(867)
  Connecting to 137.248.3.174 at port 445
[2005/12/05 17:56:52, 2] lib/util_sock.c:(904)
  error connecting to 137.248.3.174:445 (Connection refused)
[2005/12/05 17:56:52, 3] lib/util_sock.c:(867)
  Connecting to 137.248.3.174 at port 139
[2005/12/05 17:56:52, 5] lib/util_sock.c:(203)
  socket option SO_KEEPALIVE = 0
[2005/12/05 17:56:52, 5] lib/util_sock.c:(203)
  socket option SO_REUSEADDR = 0
[2005/12/05 17:56:52, 5] lib/util_sock.c:(203)
  socket option SO_BROADCAST = 0
[2005/12/05 17:56:52, 5] lib/util_sock.c:(203)
  socket option TCP_NODELAY = 1
[2005/12/05 17:56:52, 5] lib/util_sock.c:(203)
  socket option IPTOS_LOWDELAY = 0
[2005/12/05 17:56:52, 5] lib/util_sock.c:(203)
  socket option IPTOS_THROUGHPUT = 0
[2005/12/05 17:56:52, 5] lib/util_sock.c:(203)
  socket option SO_SNDBUF = 49152
[2005/12/05 17:56:52, 5] lib/util_sock.c:(203)
  socket option SO_RCVBUF = 49640
[2005/12/05 17:56:52, 5] lib/util_sock.c:(201)
  Could not test socket option SO_SNDLOWAT.
[2005/12/05 17:56:52, 5] lib/util_sock.c:(201)
  Could not test socket option SO_RCVLOWAT.
[2005/12/05 17:56:52, 5] lib/util_sock.c:(201)
  Could not test socket option SO_SNDTIMEO.
[2005/12/05 17:56:52, 5] lib/util_sock.c:(201)
  Could not test socket option SO_RCVTIMEO.
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(132)
  write_socket(26,72)
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(135)
  write_socket(26,72) wrote 72
[2005/12/05 17:56:52, 5] libsmb/cliconnect.c:(1233)
  Sent session request
[2005/12/05 17:56:52, 10] lib/util_sock.c:(615)
  got smb length of 0
[2005/12/05 17:56:52, 5] lib/util.c:(454)
[2005/12/05 17:56:52, 5] lib/util.c:(464)
  size=0
  smb_com=0x0
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=0
  smb_flg2=0
  smb_tid=0
  smb_pid=0
  smb_uid=0
  smb_mid=0
  smt_wct=0
  smb_bcc=0
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(132)
  write_socket(26,183)
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(135)
  write_socket(26,183) wrote 183
[2005/12/05 17:56:52, 10] lib/util_sock.c:(615)
  got smb length of 85
[2005/12/05 17:56:52, 5] lib/util.c:(454)
[2005/12/05 17:56:52, 5] lib/util.c:(464)
  size=85
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=55297
  smb_tid=0
  smb_pid=29652
  smb_uid=0
  smb_mid=2
  smt_wct=17
  smb_vwv[ 0]=    8 (0x8)
  smb_vwv[ 1]=12803 (0x3203)
  smb_vwv[ 2]=  256 (0x100)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=   17 (0x11)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  256 (0x100)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=64768 (0xFD00)
  smb_vwv[10]=   67 (0x43)
  smb_vwv[11]=34816 (0x8800)
  smb_vwv[12]=25096 (0x6208)
  smb_vwv[13]=48356 (0xBCE4)
  smb_vwv[14]=50681 (0xC5F9)
  smb_vwv[15]=50177 (0xC401)
  smb_vwv[16]= 2303 (0x8FF)
  smb_bcc=16
[2005/12/05 17:56:52, 10] lib/util.c:(2053)
  [000] 13 64 64 DD B1 D2 E4 6E  48 00 52 00 5A 00 00 00  .dd....n H.R.Z...
[2005/12/05 17:56:52, 5] lib/util.c:(454)
[2005/12/05 17:56:52, 5] lib/util.c:(464)
  size=85
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=55297
  smb_tid=0
  smb_pid=29652
  smb_uid=0
  smb_mid=2
  smt_wct=17
  smb_vwv[ 0]=    8 (0x8)
  smb_vwv[ 1]=12803 (0x3203)
  smb_vwv[ 2]=  256 (0x100)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=   17 (0x11)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  256 (0x100)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=64768 (0xFD00)
  smb_vwv[10]=   67 (0x43)
  smb_vwv[11]=34816 (0x8800)
  smb_vwv[12]=25096 (0x6208)
  smb_vwv[13]=48356 (0xBCE4)
  smb_vwv[14]=50681 (0xC5F9)
  smb_vwv[15]=50177 (0xC401)
  smb_vwv[16]= 2303 (0x8FF)
  smb_bcc=16
[2005/12/05 17:56:52, 10] lib/util.c:(2053)
  [000] 13 64 64 DD B1 D2 E4 6E  48 00 52 00 5A 00 00 00  .dd....n H.R.Z...
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(132)
  write_socket(26,92)
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(135)
  write_socket(26,92) wrote 92
[2005/12/05 17:56:52, 10] lib/util_sock.c:(615)
  got smb length of 118
[2005/12/05 17:56:52, 5] lib/util.c:(454)
[2005/12/05 17:56:52, 5] lib/util.c:(464)
  size=118
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=0
  smb_pid=29652
  smb_uid=12288
  smb_mid=3
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  118 (0x76)
  smb_vwv[ 2]=    0 (0x0)
  smb_bcc=77
[2005/12/05 17:56:52, 10] lib/util.c:(2053)
  [000] 00 57 00 69 00 6E 00 64  00 6F 00 77 00 73 00 20  .W.i.n.d .o.w.s. 
  [010] 00 4E 00 54 00 20 00 34  00 2E 00 30 00 00 00 4E  .N.T. .4 ...0...N
  [020] 00 54 00 20 00 4C 00 41  00 4E 00 20 00 4D 00 61  .T. .L.A .N. .M.a
  [030] 00 6E 00 61 00 67 00 65  00 72 00 20 00 34 00 2E  .n.a.g.e .r. .4..
  [040] 00 30 00 00 00 48 00 52  00 5A 00 00 00           .0...H.R .Z...
[2005/12/05 17:56:52, 5] lib/util.c:(454)
[2005/12/05 17:56:52, 5] lib/util.c:(464)
  size=118
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=0
  smb_pid=29652
  smb_uid=12288
  smb_mid=3
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  118 (0x76)
  smb_vwv[ 2]=    0 (0x0)
  smb_bcc=77
[2005/12/05 17:56:52, 10] lib/util.c:(2053)
  [000] 00 57 00 69 00 6E 00 64  00 6F 00 77 00 73 00 20  .W.i.n.d .o.w.s. 
  [010] 00 4E 00 54 00 20 00 34  00 2E 00 30 00 00 00 4E  .N.T. .4 ...0...N
  [020] 00 54 00 20 00 4C 00 41  00 4E 00 20 00 4D 00 61  .T. .L.A .N. .M.a
  [030] 00 6E 00 61 00 67 00 65  00 72 00 20 00 34 00 2E  .n.a.g.e .r. .4..
  [040] 00 30 00 00 00 48 00 52  00 5A 00 00 00           .0...H.R .Z...
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(132)
  write_socket(26,80)
[2005/12/05 17:56:52, 6] libsmb/clientgen.c:(135)
  write_socket(26,80) wrote 80
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 48
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=48
  smb_com=0x75
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6148
  smb_pid=29652
  smb_uid=12288
  smb_mid=4
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=   48 (0x30)
  smb_vwv[ 2]=    1 (0x1)
  smb_bcc=7
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 49 50 43 00 00 00 00                              IPC.... 
[2005/12/05 17:56:53, 10] libsmb/clientgen.c:(232)
  cli_init_creds: user  domain 
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,108)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,108) wrote 108
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 103
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=103
  smb_com=0xa2
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6148
  smb_pid=29652
  smb_uid=12288
  smb_mid=5
  smt_wct=34
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  103 (0x67)
  smb_vwv[ 2]= 1536 (0x600)
  smb_vwv[ 3]=  352 (0x160)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=    0 (0x0)
  smb_vwv[11]=    0 (0x0)
  smb_vwv[12]=    0 (0x0)
  smb_vwv[13]=    0 (0x0)
  smb_vwv[14]=    0 (0x0)
  smb_vwv[15]=    0 (0x0)
  smb_vwv[16]=    0 (0x0)
  smb_vwv[17]=    0 (0x0)
  smb_vwv[18]=    0 (0x0)
  smb_vwv[19]=    0 (0x0)
  smb_vwv[20]=    0 (0x0)
  smb_vwv[21]=32768 (0x8000)
  smb_vwv[22]=    0 (0x0)
  smb_vwv[23]=    0 (0x0)
  smb_vwv[24]=   16 (0x10)
  smb_vwv[25]=    0 (0x0)
  smb_vwv[26]=    0 (0x0)
  smb_vwv[27]=    0 (0x0)
  smb_vwv[28]=    0 (0x0)
  smb_vwv[29]=    0 (0x0)
  smb_vwv[30]=    0 (0x0)
  smb_vwv[31]=  512 (0x200)
  smb_vwv[32]=65280 (0xFF00)
  smb_vwv[33]=    5 (0x5)
  smb_bcc=0
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1343)
  Bind RPC Pipe[6006]: \PIPE\NETLOGON
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1237)
  Bind Abstract Syntax: [000] 12 34 56 78 12 34 AB CD  EF 00 01 23 45 67 CF FB  .4Vx.4.. ...#Eg..
  [010] 00 00 00 01                                       .... 
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1240)
  Bind Transfer Syntax: [000] 8A 88 5D 04 1C EB 11 C9  9F E8 08 00 2B 10 48 60  ..]..... ....+.H`
  [010] 00 00 00 02                                       .... 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0b
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0048
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000004
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_rb 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0018 num_contexts: 01
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      001c context_id  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      001e num_transfer_syntaxes: 01
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      00001f smb_io_rpc_iface 
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000020 smb_io_uuid uuid
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0020 data   : 12345678
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0024 data   : 1234
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0026 data   : abcd
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              0028 data   : ef 00 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              002a data   : 01 23 45 67 cf fb 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0030 version: 00000001
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000034 smb_io_rpc_iface 
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000034 smb_io_uuid uuid
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0034 data   : 8a885d04
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0038 data   : 1ceb
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              003a data   : 11c9
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              003c data   : 9f e8 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              003e data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0044 version: 00000002
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:6006
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=154
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=6148
  smb_pid=29652
  smb_uid=12288
  smb_mid=6
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   72 (0x48)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   72 (0x48)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=24582 (0x6006)
  smb_bcc=87
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 0B 03 10 00 00 00 48  00 00 00 04 00 00 00 B8  .......H ........
  [020] 10 B8 10 00 00 00 00 01  00 00 00 00 00 01 00 78  ........ .......x
  [030] 56 34 12 34 12 CD AB EF  00 01 23 45 67 CF FB 01  V4.4.... ..#Eg...
  [040] 00 00 00 04 5D 88 8A EB  1C C9 11 9F E8 08 00 2B  ....]... .......+
  [050] 10 48 60 02 00 00 00                              .H`.... 
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,158)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,158) wrote 158
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 124
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=124
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6148
  smb_pid=29652
  smb_uid=12288
  smb_mid=6
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   68 (0x44)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=69
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 48 05 00 0C 03 10 00 00  00 44 00 00 00 04 00 00  H....... .D......
  [010] 00 B8 10 B8 10 3A 97 13  00 0C 00 5C 50 49 50 45  .....:.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 00  00 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00                                    `.... 
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=124
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6148
  smb_pid=29652
  smb_uid=12288
  smb_mid=6
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   68 (0x44)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=69
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 48 05 00 0C 03 10 00 00  00 44 00 00 00 04 00 00  H....... .D......
  [010] 00 B8 10 B8 10 3A 97 13  00 0C 00 5C 50 49 50 45  .....:.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 00  00 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00                                    `.... 
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 68
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0044
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000004
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 68
[2005/12/05 17:56:53, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1419)
  rpc_pipe_bind: rpc_api_pipe returned OK.
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_ba 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 0013973a
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_rpc_addr_str 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0018 len: 000c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
          001a str: \PIPE\lsass.
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000026 smb_io_rpc_results 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
          0028 num_results: 01
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          002c result     : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          002e reason     : 0000
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000030 smb_io_rpc_iface 
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000030 smb_io_uuid uuid
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0030 data   : 8a885d04
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0034 data   : 1ceb
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0036 data   : 11c9
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              0038 data   : 9f e8 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              003a data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0040 version: 00000002
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1293)
  bind_rpc_pipe: accepted!
[2005/12/05 17:56:53, 4] rpc_client/cli_netlogon.c:(45)
  cli_net_req_chal: LSA Request Challenge from HRZ_SMB to NTRZ13: 4AD36E35E990434B
[2005/12/05 17:56:53, 5] rpc_parse/parse_net.c:(676)
  init_q_req_chal: 676
[2005/12/05 17:56:53, 5] rpc_parse/parse_net.c:(685)
  init_q_req_chal: 685
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 net_io_q_req_chal 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0000 undoc_buffer: 00000001
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000004 smb_io_unistr2 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0004 uni_max_len: 00000009
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0008 offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          000c uni_str_len: 00000009
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
          0010 buffer     : \.\.N.T.R.Z.1.3...
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000022 smb_io_unistr2 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0024 uni_max_len: 00000008
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0028 offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          002c uni_str_len: 00000008
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
          0030 buffer     : H.R.Z._.S.M.B...
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000040 smb_io_chal 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
          0040 data: 4a d3 6e 35 e9 90 43 4b 
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0x4 data_len: 0x60
[2005/12/05 17:56:53, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 60 auth_len: 0 alloc_hint: 50
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0060
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000005
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000050
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 0004
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:6006
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=178
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=6148
  smb_pid=29652
  smb_uid=12288
  smb_mid=7
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   96 (0x60)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   96 (0x60)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=24582 (0x6006)
  smb_bcc=111
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 60  00 00 00 05 00 00 00 50  .......` .......P
  [020] 00 00 00 00 00 04 00 01  00 00 00 09 00 00 00 00  ........ ........
  [030] 00 00 00 09 00 00 00 5C  00 5C 00 4E 00 54 00 52  .......\ .\.N.T.R
  [040] 00 5A 00 31 00 33 00 00  00 00 00 08 00 00 00 00  .Z.1.3.. ........
  [050] 00 00 00 08 00 00 00 48  00 52 00 5A 00 5F 00 53  .......H .R.Z._.S
  [060] 00 4D 00 42 00 00 00 4A  D3 6E 35 E9 90 43 4B     .M.B...J .n5..CK
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,182)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,182) wrote 182
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 92
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=92
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6148
  smb_pid=29652
  smb_uid=12288
  smb_mid=7
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   36 (0x24)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   36 (0x24)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=37
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 60 05 00 02 03 10 00 00  00 24 00 00 00 05 00 00  `....... .$......
  [010] 00 0C 00 00 00 00 00 00  00 87 B1 93 D3 48 00 00  ........ .....H..
  [020] 00 00 00 00 00                                    ..... 
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=92
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6148
  smb_pid=29652
  smb_uid=12288
  smb_mid=7
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   36 (0x24)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   36 (0x24)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=37
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 60 05 00 02 03 10 00 00  00 24 00 00 00 05 00 00  `....... .$......
  [010] 00 0C 00 00 00 00 00 00  00 87 B1 93 D3 48 00 00  ........ .....H..
  [020] 00 00 00 00 00                                    ..... 
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 36
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0024
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000005
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 0000000c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 36
[2005/12/05 17:56:53, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000018 net_io_r_req_chal 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_chal 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
          0018 data: 87 b1 93 d3 48 00 00 00 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(701)
      0020 status: NT_STATUS_OK
[2005/12/05 17:56:53, 4] libsmb/credentials.c:(59)
  cred_session_key
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(61)
  	clnt_chal: 4AD36E35E990434B
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(62)
  	srv_chal : 87B193D348000000
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(63)
  	clnt+srv : D18402093191434B
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(64)
  	sess_key : 3DDF01A9741E7752
[2005/12/05 17:56:53, 4] libsmb/credentials.c:(90)
  cred_create
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(92)
  	sess_key : 3DDF01A9741E7752
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(93)
  	stor_cred: 4AD36E35E990434B
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(94)
  	timestamp: 0
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(95)
  	timecred : 4AD36E35E990434B
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(96)
  	calc_cred: 597C5948BC55BE9C
[2005/12/05 17:56:53, 4] rpc_client/cli_netlogon.c:(157)
  cli_net_auth2: srv:\\NTRZ13 acct:HRZ_SMB$ sc:2 mc: HRZ_SMB chal 597C5948BC55BE9C neg: 400701ff
[2005/12/05 17:56:53, 5] rpc_parse/parse_net.c:(797)
  init_q_auth_2: 797
[2005/12/05 17:56:53, 5] rpc_parse/parse_misc.c:(1407)
  make_log_info 1407
[2005/12/05 17:56:53, 5] rpc_parse/parse_net.c:(803)
  init_q_auth_2: 803
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 net_io_q_auth_2 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000000 smb_io_log_info 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0000 undoc_buffer: 00000001
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000004 smb_io_unistr2 unistr2
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0004 uni_max_len: 00000009
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0008 offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              000c uni_str_len: 00000009
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
              0010 buffer     : \.\.N.T.R.Z.1.3...
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000022 smb_io_unistr2 unistr2
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0024 uni_max_len: 00000009
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0028 offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              002c uni_str_len: 00000009
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
              0030 buffer     : H.R.Z._.S.M.B.$...
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0042 sec_chan: 0002
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000044 smb_io_unistr2 unistr2
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0044 uni_max_len: 00000008
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0048 offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              004c uni_str_len: 00000008
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
              0050 buffer     : H.R.Z._.S.M.B...
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000060 smb_io_chal 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
          0060 data: 59 7c 59 48 bc 55 be 9c 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000068 net_io_neg_flags 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0068 neg_flags: 400701ff
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0xf data_len: 0x84
[2005/12/05 17:56:53, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 84 auth_len: 0 alloc_hint: 74
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0084
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000006
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000074
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 000f
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:6006
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=214
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=6148
  smb_pid=29652
  smb_uid=12288
  smb_mid=8
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  132 (0x84)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=  132 (0x84)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=24582 (0x6006)
  smb_bcc=147
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 84  00 00 00 06 00 00 00 74  ........ .......t
  [020] 00 00 00 00 00 0F 00 01  00 00 00 09 00 00 00 00  ........ ........
  [030] 00 00 00 09 00 00 00 5C  00 5C 00 4E 00 54 00 52  .......\ .\.N.T.R
  [040] 00 5A 00 31 00 33 00 00  00 00 00 09 00 00 00 00  .Z.1.3.. ........
  [050] 00 00 00 09 00 00 00 48  00 52 00 5A 00 5F 00 53  .......H .R.Z._.S
  [060] 00 4D 00 42 00 24 00 00  00 02 00 08 00 00 00 00  .M.B.$.. ........
  [070] 00 00 00 08 00 00 00 48  00 52 00 5A 00 5F 00 53  .......H .R.Z._.S
  [080] 00 4D 00 42 00 00 00 59  7C 59 48 BC 55 BE 9C FF  .M.B...Y |YH.U...
  [090] 01 07 40                                          ..@ 
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,218)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,218) wrote 218
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 96
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=96
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6148
  smb_pid=29652
  smb_uid=12288
  smb_mid=8
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   40 (0x28)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   40 (0x28)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=41
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 84 05 00 02 03 10 00 00  00 28 00 00 00 06 00 00  ........ .(......
  [010] 00 10 00 00 00 00 00 00  00 D9 D0 3C F8 5D 65 ED  ........ ...<.]e.
  [020] E9 FF 01 00 40 00 00 00  00                       ....@... .
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=96
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6148
  smb_pid=29652
  smb_uid=12288
  smb_mid=8
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   40 (0x28)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   40 (0x28)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=41
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 84 05 00 02 03 10 00 00  00 28 00 00 00 06 00 00  ........ .(......
  [010] 00 10 00 00 00 00 00 00  00 D9 D0 3C F8 5D 65 ED  ........ ...<.]e.
  [020] E9 FF 01 00 40 00 00 00  00                       ....@... .
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 40
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0028
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000006
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000010
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 40
[2005/12/05 17:56:53, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000018 net_io_r_auth_2 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_chal 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
          0018 data: d9 d0 3c f8 5d 65 ed e9 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000020 net_io_neg_flags 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0020 neg_flags: 400001ff
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(701)
      0024 status: NT_STATUS_OK
[2005/12/05 17:56:53, 4] libsmb/credentials.c:(90)
  cred_create
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(92)
  	sess_key : 3DDF01A9741E7752
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(93)
  	stor_cred: 87B193D348000000
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(94)
  	timestamp: 0
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(95)
  	timecred : 87B193D348000000
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(96)
  	calc_cred: D9D03CF85D65EDE9
[2005/12/05 17:56:53, 4] libsmb/credentials.c:(121)
  cred_assert
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(123)
  	challenge : D9D03CF85D65EDE9
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(124)
  	calculated: D9D03CF85D65EDE9
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(128)
  credentials check ok
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,108)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,108) wrote 108
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 103
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=103
  smb_com=0xa2
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6148
  smb_pid=29652
  smb_uid=12288
  smb_mid=9
  smt_wct=34
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  103 (0x67)
  smb_vwv[ 2]= 1024 (0x400)
  smb_vwv[ 3]=  352 (0x160)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=    0 (0x0)
  smb_vwv[11]=    0 (0x0)
  smb_vwv[12]=    0 (0x0)
  smb_vwv[13]=    0 (0x0)
  smb_vwv[14]=    0 (0x0)
  smb_vwv[15]=    0 (0x0)
  smb_vwv[16]=    0 (0x0)
  smb_vwv[17]=    0 (0x0)
  smb_vwv[18]=    0 (0x0)
  smb_vwv[19]=    0 (0x0)
  smb_vwv[20]=    0 (0x0)
  smb_vwv[21]=32768 (0x8000)
  smb_vwv[22]=    0 (0x0)
  smb_vwv[23]=    0 (0x0)
  smb_vwv[24]=   16 (0x10)
  smb_vwv[25]=    0 (0x0)
  smb_vwv[26]=    0 (0x0)
  smb_vwv[27]=    0 (0x0)
  smb_vwv[28]=    0 (0x0)
  smb_vwv[29]=    0 (0x0)
  smb_vwv[30]=    0 (0x0)
  smb_vwv[31]=  512 (0x200)
  smb_vwv[32]=65280 (0xFF00)
  smb_vwv[33]=    5 (0x5)
  smb_bcc=0
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1343)
  Bind RPC Pipe[6004]: \PIPE\NETLOGON
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1237)
  Bind Abstract Syntax: [000] 12 34 56 78 12 34 AB CD  EF 00 01 23 45 67 CF FB  .4Vx.4.. ...#Eg..
  [010] 00 00 00 01                                       .... 
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1240)
  Bind Transfer Syntax: [000] 8A 88 5D 04 1C EB 11 C9  9F E8 08 00 2B 10 48 60  ..]..... ....+.H`
  [010] 00 00 00 02                                       .... 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr_auth hdr_auth
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 auth_type    : 44
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 auth_level   : 06
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 auth_pad_len : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 auth_reserved: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0004 auth_context_id: 00000001
[2005/12/05 17:56:53, 10] rpc_client/cli_pipe.c:(724)
  create_rpc_bind_req: no domain; assuming my own
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000008 smb_io_rpc_auth_netsec_neg netsec_neg
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0008 type1: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c type2: 00000003
[2005/12/05 17:56:53, 6] lib/util.c:(2053)
  [000] 48 52 5A                                          HRZ 
[2005/12/05 17:56:53, 6] lib/util.c:(2053)
  [000] 48 52 5A 5F 53 4D 42                              HRZ_SMB 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0b
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0064
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0014
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000007
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_rb 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0018 num_contexts: 01
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      001c context_id  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      001e num_transfer_syntaxes: 01
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      00001f smb_io_rpc_iface 
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000020 smb_io_uuid uuid
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0020 data   : 12345678
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0024 data   : 1234
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0026 data   : abcd
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              0028 data   : ef 00 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              002a data   : 01 23 45 67 cf fb 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0030 version: 00000001
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000034 smb_io_rpc_iface 
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000034 smb_io_uuid uuid
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0034 data   : 8a885d04
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0038 data   : 1ceb
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              003a data   : 11c9
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              003c data   : 9f e8 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              003e data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0044 version: 00000002
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:6004
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=182
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=6148
  smb_pid=29652
  smb_uid=12288
  smb_mid=10
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  100 (0x64)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=  100 (0x64)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=24580 (0x6004)
  smb_bcc=115
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 0B 03 10 00 00 00 64  00 14 00 07 00 00 00 B8  .......d ........
  [020] 10 B8 10 00 00 00 00 01  00 00 00 00 00 01 00 78  ........ .......x
  [030] 56 34 12 34 12 CD AB EF  00 01 23 45 67 CF FB 01  V4.4.... ..#Eg...
  [040] 00 00 00 04 5D 88 8A EB  1C C9 11 9F E8 08 00 2B  ....]... .......+
  [050] 10 48 60 02 00 00 00 44  06 00 00 01 00 00 00 00  .H`....D ........
  [060] 00 00 00 03 00 00 00 48  52 5A 00 48 52 5A 5F 53  .......H RZ.HRZ_S
  [070] 4D 42 00                                          MB. 
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,186)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,186) wrote 186
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 144
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=144
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6148
  smb_pid=29652
  smb_uid=12288
  smb_mid=10
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   88 (0x58)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   88 (0x58)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=89
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 64 05 00 0C 03 10 00 00  00 58 00 0C 00 07 00 00  d....... .X......
  [010] 00 B8 10 B8 10 3B 97 13  00 0C 00 5C 50 49 50 45  .....;.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 06  D1 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00 44 06 00  00 01 00 00 00 01 00 00  `....D.. ........
  [050] 00 00 00 00 00 00 E8 74  8E                       .......t .
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=144
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6148
  smb_pid=29652
  smb_uid=12288
  smb_mid=10
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   88 (0x58)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   88 (0x58)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=89
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 64 05 00 0C 03 10 00 00  00 58 00 0C 00 07 00 00  d....... .X......
  [010] 00 B8 10 B8 10 3B 97 13  00 0C 00 5C 50 49 50 45  .....;.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 06  D1 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00 44 06 00  00 01 00 00 00 01 00 00  `....D.. ........
  [050] 00 00 00 00 00 00 E8 74  8E                       .......t .
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 88
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0058
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 000c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000007
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 88
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(214)
  rpc_auth_pipe: pkt_type: 12 len: 88 auth_len: 12 NTLMSSP No schannel Yes sign Yes seal Yes 
[2005/12/05 17:56:53, 10] rpc_client/cli_pipe.c:(221)
  rpc_auth_pipe: packet:
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr_auth auth_hdr
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 auth_type    : 44
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 auth_level   : 06
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 auth_pad_len : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 auth_reserved: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0004 auth_context_id: 00000001
[2005/12/05 17:56:53, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1419)
  rpc_pipe_bind: rpc_api_pipe returned OK.
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_ba 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 0013973b
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_rpc_addr_str 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0018 len: 000c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
          001a str: \PIPE\lsass.
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000026 smb_io_rpc_results 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
          0028 num_results: 01
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          002c result     : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          002e reason     : 0000
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000030 smb_io_rpc_iface 
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000030 smb_io_uuid uuid
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0030 data   : 8a885d04
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0034 data   : 1ceb
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0036 data   : 11c9
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              0038 data   : 9f e8 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              003a data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0040 version: 00000002
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1293)
  bind_rpc_pipe: accepted!
[2005/12/05 17:56:53, 4] libsmb/credentials.c:(90)
  cred_create
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(92)
  	sess_key : 3DDF01A9741E7752
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(93)
  	stor_cred: 597C5948BC55BE9C
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(94)
  	timestamp: 43947155
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(95)
  	timecred : AEEDED8BBC55BE9C
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(96)
  	calc_cred: D104E9C6DFAD7C33
[2005/12/05 17:56:53, 5] rpc_parse/parse_net.c:(1178)
  init_id_info2: 1178
[2005/12/05 17:56:53, 5] rpc_parse/parse_misc.c:(1586)
  make_logon_id: 1586
[2005/12/05 17:56:53, 5] rpc_parse/parse_net.c:(1272)
  init_sam_info: 1272
[2005/12/05 17:56:53, 5] rpc_parse/parse_misc.c:(1501)
  make_clnt_info: 1501
[2005/12/05 17:56:53, 5] rpc_parse/parse_misc.c:(1346)
  init_clnt_srv: 1346
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 net_io_q_sam_logon 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000000 smb_io_sam_info 
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000000 smb_io_clnt_info2 
[2005/12/05 17:56:53, 8] rpc_parse/parse_prs.c:(82)
              000000 smb_io_clnt_srv 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                  0000 undoc_buffer : 00000001
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  000004 smb_io_unistr2 unistr2
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      0004 uni_max_len: 00000009
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      0008 offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      000c uni_str_len: 00000009
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
                      0010 buffer     : \.\.N.T.R.Z.1.3...
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                  0024 undoc_buffer2: 00000001
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  000028 smb_io_unistr2 unistr2
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      0028 uni_max_len: 00000008
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      002c offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      0030 uni_str_len: 00000008
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
                      0034 buffer     : H.R.Z._.S.M.B...
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0044 ptr_cred: 00000001
[2005/12/05 17:56:53, 8] rpc_parse/parse_prs.c:(82)
              000048 smb_io_cred 
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  000048 smb_io_chal 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
                      0048 data: d1 04 e9 c6 df ad 7c 33 
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  000050 smb_io_utime 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      0050 time: 43947155
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0054 ptr_rtn_cred : 00000001
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000058 smb_io_cred 
[2005/12/05 17:56:53, 8] rpc_parse/parse_prs.c:(82)
              000058 smb_io_chal 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
                  0058 data: 00 00 00 00 00 00 00 00 
[2005/12/05 17:56:53, 8] rpc_parse/parse_prs.c:(82)
              000060 smb_io_utime 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                  0060 time: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0064 logon_level  : 0002
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000066 smb_io_sam_info logon_info
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0066 switch_value : 0002
[2005/12/05 17:56:53, 8] rpc_parse/parse_prs.c:(82)
              000068 net_io_id_info2 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                  0068 ptr_id_info2: 00000001
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  00006c smb_io_unihdr unihdr
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
                      006c uni_str_len: 0006
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
                      006e uni_max_len: 0006
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      0070 buffer     : 00000001
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                  0074 param_ctrl: 00000000
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  000078 smb_io_logon_id 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      0078 low : 0000dead
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      007c high: 0000beef
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  000080 smb_io_unihdr unihdr
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
                      0080 uni_str_len: 000c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
                      0082 uni_max_len: 000c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      0084 buffer     : 00000001
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  000088 smb_io_unihdr unihdr
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
                      0088 uni_str_len: 001a
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
                      008a uni_max_len: 001a
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      008c buffer     : 00000001
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
                  0090 lm_chal: 26 8d 63 80 8c b7 45 f1 
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  000098 smb_io_strhdr hdr_nt_chal_resp
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
                      0098 str_str_len: 0018
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
                      009a str_max_len: 0018
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      009c buffer     : 00000001
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  0000a0 smb_io_strhdr hdr_lm_chal_resp
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
                      00a0 str_str_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
                      00a2 str_max_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      00a4 buffer     : 00000000
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  0000a8 smb_io_unistr2 uni_domain_name
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      00a8 uni_max_len: 00000003
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      00ac offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      00b0 uni_str_len: 00000003
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
                      00b4 buffer     : H.R.Z.
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  0000ba smb_io_unistr2 uni_user_name  
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      00bc uni_max_len: 00000006
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      00c0 offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      00c4 uni_str_len: 00000006
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
                      00c8 buffer     : r.a.t.z.k.a.
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  0000d4 smb_io_unistr2 uni_wksta_name 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      00d4 uni_max_len: 0000000d
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      00d8 offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      00dc uni_str_len: 0000000d
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
                      00e0 buffer     : \.\.P.C.R.Z.4.7.8.-.W.X.P.
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  0000fa smb_io_string2 nt_chal_resp
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      00fc str_max_len: 00000018
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      0100 offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      0104 str_str_len: 00000018
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(1003)
                      0108 buffer     : ofW4Fc...Sd]........qh$.
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  000120 smb_io_string2 - NULL lm_chal_resp
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0120 validation_level: 0003
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000128 smb_io_rpc_hdr_auth hdr_auth
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0128 auth_type    : 44
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0129 auth_level   : 06
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      012a auth_pad_len : 06
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      012b auth_reserved: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      012c auth_context_id: 00000001
[2005/12/05 17:56:53, 10] rpc_client/cli_pipe.c:(1047)
  SCHANNEL seq_num=0
[2005/12/05 17:56:53, 10] rpc_parse/parse_prs.c:(1536)
  SCHANNEL: netsec_encode seq_num=0 data_len=296
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000130 smb_io_rpc_auth_netsec_chk 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
      0130 sig  : 77 00 7a 00 ff ff 00 00 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
      0138 seq_num: 99 dd 76 9a 67 df e9 5c 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
      0140 packet_digest: 91 e2 06 18 d6 c6 30 00 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
      0148 confounder: eb ab f4 83 7d 08 81 b2 
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0x2 data_len: 0x168
[2005/12/05 17:56:53, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 168 auth_len: 20 alloc_hint: 130
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0168
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0020
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000008
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000130
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 0002
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:6004
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=442
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=6148
  smb_pid=29652
  smb_uid=12288
  smb_mid=11
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  360 (0x168)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=  360 (0x168)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=24580 (0x6004)
  smb_bcc=375
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 68  01 20 00 08 00 00 00 30  .......h . .....0
  [020] 01 00 00 00 00 02 00 AE  45 B2 44 80 8F B3 9D 13  ........ E.D.....
  [030] 5C 7B 1A 85 0F 7E 1C A2  F7 0B B5 D9 2A DD 8F 90  \{...~.. ....*...
  [040] AD 4F A4 40 5C EC DF AA  99 CD 02 C3 9B 47 8E 7A  .O.@\... .....G.z
  [050] B7 43 64 73 CA F6 B5 28  C0 07 CD CD 5F E6 78 B0  .Cds...( ...._.x.
  [060] F5 17 2F 3C B5 93 43 31  7E EB AF F8 1A 45 BE 7B  ../<..C1 ~....E.{
  [070] C3 37 23 85 D3 F2 54 FB  A4 B6 E2 DF C1 5E 5B C1  .7#...T. .....^[.
  [080] F2 18 52 88 A2 18 9B 60  DD 49 DE 8D 14 A8 93 26  ..R....` .I.....&
  [090] F4 B0 15 2E 2A 89 A3 A6  44 00 47 90 9A 13 83 B5  ....*... D.G.....
  [0A0] E7 88 6E 23 FF 59 41 9C  3B 0E 67 F5 89 D9 6E FA  ..n#.YA. ;.g...n.
  [0B0] DA 30 14 76 E1 B3 15 D7  C3 59 FC 4A 3B 39 3D 30  .0.v.... .Y.J;9=0
  [0C0] 3E DB E2 53 85 C4 F8 E3  52 4B 84 81 7E 03 48 57  >..S.... RK..~.HW
  [0D0] 9F 02 51 FF F1 02 37 98  89 20 51 EE 10 A0 36 2A  ..Q...7. . Q...6*
  [0E0] 83 8B 8F E5 E4 29 DB 0C  EF 2B D0 68 2B 26 E6 96  .....).. .+.h+&..
  [0F0] DF A5 CD FA A5 FA C5 04  0D 82 D5 CA 48 23 71 67  ........ ....H#qg
  [100] 16 33 36 0E 63 2E 54 0D  EE A4 A2 78 34 52 C9 C4  .36.c.T. ...x4R..
  [110] 8D EA BA 3B 88 8F 72 B0  E8 02 3F 21 A1 37 F0 3B  ...;..r. ..?!.7.;
  [120] D2 F0 52 52 4C 90 7E 8D  1F 08 60 75 BC D1 2B 04  ..RRL.~. ..`u..+.
  [130] D5 87 21 A6 80 49 FD 99  5B 17 9C 7B 82 55 2E 28  ..!..I.. [..{.U.(
  [140] 55 92 72 4F 9C 0E 1C 2C  7D A5 F2 EB 61 80 19 44  U.rO..., }...a..D
  [150] 06 06 00 01 00 00 00 77  00 7A 00 FF FF 00 00 99  .......w .z......
  [160] DD 76 9A 67 DF E9 5C 91  E2 06 18 D6 C6 30 00 EB  .v.g..\. .....0..
  [170] AB F4 83 7D 08 81 B2                              ...}... 
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,446)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,446) wrote 446
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 488
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=488
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6148
  smb_pid=29652
  smb_uid=12288
  smb_mid=11
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  432 (0x1B0)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  432 (0x1B0)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=433
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 68 05 00 02 03 10 00 00  00 B0 01 20 00 08 00 00  h....... ... ....
  [010] 00 70 01 00 00 00 00 00  00 D6 91 CB 61 B7 90 27  .p...... ....a..'
  [020] 20 CB F6 F0 07 AB 91 25  F7 3A 4A 08 D8 AE DD B2   ......% .:J.....
  [030] 50 C4 09 B6 B2 C8 CE 5D  6F 9B 24 41 42 74 D8 78  P......] o.$ABt.x
  [040] 8C 27 5E D4 9C 37 9E 49  D6 51 EA 16 F5 D4 43 55  .'^..7.I .Q....CU
  [050] 57 67 06 F5 21 EE 38 4B  B8 BE AD F2 76 AC 4A 07  Wg..!.8K ....v.J.
  [060] 32 90 1D D5 58 81 11 77  C0 41 49 B2 D8 D5 2A 19  2...X..w .AI...*.
  [070] 51 9A A8 9E 08 5A DC 4F  CD F2 24 CA 84 86 DA 92  Q....Z.O ..$.....
  [080] 15 72 42 2F A2 58 9E 19  94 55 94 01 E4 C7 7F 55  .rB/.X.. .U.....U
  [090] AA 52 87 4B 8B 1D 9C B5  53 BF 32 0B EF 57 2F E9  .R.K.... S.2..W/.
  [0A0] 22 10 E6 2D E4 12 DA 03  46 5D 52 AF EB 1E 3F 54  "..-.... F]R...?T
  [0B0] B0 0E BB AA 35 ED 6B AD  F1 88 1C 1F 92 C4 34 25  ....5.k. ......4%
  [0C0] BF 05 BE 9A F1 5F 25 FF  B4 5F 68 01 02 DC 16 7A  ....._%. ._h....z
  [0D0] 55 BB D1 31 6F 46 35 7C  03 1D C9 99 1C 27 31 09  U..1oF5| .....'1.
  [0E0] 64 1A 5E 9D F5 C8 62 A7  87 99 26 9A BE 55 B6 A7  d.^...b. ..&..U..
  [0F0] 10 6A AE EE 27 07 91 65  DE 7E 14 9E 41 64 C0 81  .j..'..e .~..Ad..
  [100] DA A8 4D 28 06 41 45 E0  DB FD AB 2F 0F 6D 0F ED  ..M(.AE. .../.m..
  [110] 26 B6 5F 23 CF 70 90 52  A6 08 2A D0 04 7E DF 94  &._#.p.R ..*..~..
  [120] FA 02 ED C0 C1 15 6E 4B  8B BD D7 25 FA A1 78 EE  ......nK ...%..x.
  [130] 49 2B 31 6C DA 4E AD 78  45 0D 00 67 F5 F5 D0 E8  I+1l.N.x E..g....
  [140] C0 AE 3E 14 10 5A EC BF  14 1F 25 AC 85 7A FD 5F  ..>..Z.. ..%..z._
  [150] 8C 30 41 CF A9 92 26 E4  AC 1E 03 AC 90 4F 05 3E  .0A...&. .....O.>
  [160] 14 3F 72 B1 2C 6F 1F 4A  2D F0 A2 26 65 90 90 BC  .?r.,o.J -..&e...
  [170] BC 90 4B 3A F1 32 50 28  55 5E F1 0A 2C F6 FF 57  ..K:.2P( U^..,..W
  [180] E3 E5 8C 0A D4 89 10 97  00 44 06 00 00 01 00 00  ........ .D......
  [190] 00 77 00 7A 00 FF FF 00  00 9E 1F 76 FA 01 5B 32  .w.z.... ...v..[2
  [1A0] F2 DD C5 B9 4B 27 3D 77  C9 FF CA 74 30 C7 02 9F  ....K'=w ...t0...
  [1B0] 1B                                                . 
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=488
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=6148
  smb_pid=29652
  smb_uid=12288
  smb_mid=11
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  432 (0x1B0)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  432 (0x1B0)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=433
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 68 05 00 02 03 10 00 00  00 B0 01 20 00 08 00 00  h....... ... ....
  [010] 00 70 01 00 00 00 00 00  00 D6 91 CB 61 B7 90 27  .p...... ....a..'
  [020] 20 CB F6 F0 07 AB 91 25  F7 3A 4A 08 D8 AE DD B2   ......% .:J.....
  [030] 50 C4 09 B6 B2 C8 CE 5D  6F 9B 24 41 42 74 D8 78  P......] o.$ABt.x
  [040] 8C 27 5E D4 9C 37 9E 49  D6 51 EA 16 F5 D4 43 55  .'^..7.I .Q....CU
  [050] 57 67 06 F5 21 EE 38 4B  B8 BE AD F2 76 AC 4A 07  Wg..!.8K ....v.J.
  [060] 32 90 1D D5 58 81 11 77  C0 41 49 B2 D8 D5 2A 19  2...X..w .AI...*.
  [070] 51 9A A8 9E 08 5A DC 4F  CD F2 24 CA 84 86 DA 92  Q....Z.O ..$.....
  [080] 15 72 42 2F A2 58 9E 19  94 55 94 01 E4 C7 7F 55  .rB/.X.. .U.....U
  [090] AA 52 87 4B 8B 1D 9C B5  53 BF 32 0B EF 57 2F E9  .R.K.... S.2..W/.
  [0A0] 22 10 E6 2D E4 12 DA 03  46 5D 52 AF EB 1E 3F 54  "..-.... F]R...?T
  [0B0] B0 0E BB AA 35 ED 6B AD  F1 88 1C 1F 92 C4 34 25  ....5.k. ......4%
  [0C0] BF 05 BE 9A F1 5F 25 FF  B4 5F 68 01 02 DC 16 7A  ....._%. ._h....z
  [0D0] 55 BB D1 31 6F 46 35 7C  03 1D C9 99 1C 27 31 09  U..1oF5| .....'1.
  [0E0] 64 1A 5E 9D F5 C8 62 A7  87 99 26 9A BE 55 B6 A7  d.^...b. ..&..U..
  [0F0] 10 6A AE EE 27 07 91 65  DE 7E 14 9E 41 64 C0 81  .j..'..e .~..Ad..
  [100] DA A8 4D 28 06 41 45 E0  DB FD AB 2F 0F 6D 0F ED  ..M(.AE. .../.m..
  [110] 26 B6 5F 23 CF 70 90 52  A6 08 2A D0 04 7E DF 94  &._#.p.R ..*..~..
  [120] FA 02 ED C0 C1 15 6E 4B  8B BD D7 25 FA A1 78 EE  ......nK ...%..x.
  [130] 49 2B 31 6C DA 4E AD 78  45 0D 00 67 F5 F5 D0 E8  I+1l.N.x E..g....
  [140] C0 AE 3E 14 10 5A EC BF  14 1F 25 AC 85 7A FD 5F  ..>..Z.. ..%..z._
  [150] 8C 30 41 CF A9 92 26 E4  AC 1E 03 AC 90 4F 05 3E  .0A...&. .....O.>
  [160] 14 3F 72 B1 2C 6F 1F 4A  2D F0 A2 26 65 90 90 BC  .?r.,o.J -..&e...
  [170] BC 90 4B 3A F1 32 50 28  55 5E F1 0A 2C F6 FF 57  ..K:.2P( U^..,..W
  [180] E3 E5 8C 0A D4 89 10 97  00 44 06 00 00 01 00 00  ........ .D......
  [190] 00 77 00 7A 00 FF FF 00  00 9E 1F 76 FA 01 5B 32  .w.z.... ...v..[2
  [1A0] F2 DD C5 B9 4B 27 3D 77  C9 FF CA 74 30 C7 02 9F  ....K'=w ...t0...
  [1B0] 1B                                                . 
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 432
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 01b0
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0020
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000008
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000170
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 432
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(214)
  rpc_auth_pipe: pkt_type: 2 len: 432 auth_len: 32 NTLMSSP No schannel Yes sign Yes seal Yes 
[2005/12/05 17:56:53, 10] rpc_client/cli_pipe.c:(221)
  rpc_auth_pipe: packet:
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr_auth auth_hdr
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 auth_type    : 44
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 auth_level   : 06
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 auth_pad_len : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 auth_reserved: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0004 auth_context_id: 00000001
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000008 smb_io_rpc_auth_netsec_chk schannel_auth_sign
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
      0008 sig  : 77 00 7a 00 ff ff 00 00 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
      0010 seq_num: 9e 1f 76 fa 01 5b 32 f2 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
      0018 packet_digest: dd c5 b9 4b 27 3d 77 c9 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
      0020 confounder: ff ca 74 30 c7 02 9f 1b 
[2005/12/05 17:56:53, 10] rpc_parse/parse_prs.c:(1613)
  SCHANNEL: netsec_encode seq_num=1 data_len=368
[2005/12/05 17:56:53, 10] rpc_parse/parse_prs.c:(1633)
  SCHANNEL: netsec_decode seq_num=1 data_len=368
[2005/12/05 17:56:53, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000018 net_io_r_sam_logon 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0018 buffer_creds: 00188078
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      00001c smb_io_cred 
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          00001c smb_io_chal 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              001c data: 59 aa ca 94 a4 71 b8 1c 
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000024 smb_io_utime 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0024 time: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0028 switch_value: 0003
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      00002c net_io_user_info3 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          002c ptr_user_info : 00182f80
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000030 smb_io_time logon time
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0030 low : fa608040
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0034 high: 01c5f92d
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000038 smb_io_time logoff time
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0038 low : ffffffff
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              003c high: 7fffffff
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000040 smb_io_time kickoff time
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0040 low : ffffffff
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0044 high: 7fffffff
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000048 smb_io_time last set time
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0048 low : 6f2e05a6
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              004c high: 01c5f9b4
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000050 smb_io_time can change time
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0050 low : 6f2e05a6
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0054 high: 01c5f9b4
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000058 smb_io_time must change time
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0058 low : ffffffff
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              005c high: 7fffffff
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000060 smb_io_unihdr hdr_user_name
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0060 uni_str_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0062 uni_max_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0064 buffer     : 00000000
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000068 smb_io_unihdr hdr_full_name
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0068 uni_str_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              006a uni_max_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              006c buffer     : 00000000
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000070 smb_io_unihdr hdr_logon_script
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0070 uni_str_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0072 uni_max_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0074 buffer     : 00000000
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000078 smb_io_unihdr hdr_profile_path
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0078 uni_str_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              007a uni_max_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              007c buffer     : 00000000
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000080 smb_io_unihdr hdr_home_dir
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0080 uni_str_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0082 uni_max_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0084 buffer     : 00000000
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000088 smb_io_unihdr hdr_dir_drive
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0088 uni_str_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              008a uni_max_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              008c buffer     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0090 logon_count   : 040d
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0092 bad_pw_count  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0094 user_rid      : 000003f0
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0098 group_rid     : 00000201
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          009c num_groups    : 00000007
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00a0 buffer_groups : 0018304c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00a4 user_flgs     : 00000120
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
          00a8 user_sess_key: 99 30 f0 1b b6 56 f6 e9 6a c4 6d c6 47 32 fe e0 
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          0000b8 smb_io_unihdr hdr_logon_srv
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              00b8 uni_str_len: 000c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              00ba uni_max_len: 000e
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              00bc buffer     : 0018309c
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          0000c0 smb_io_unihdr hdr_logon_dom
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              00c0 uni_str_len: 0006
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              00c2 uni_max_len: 0008
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              00c4 buffer     : 001830aa
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00c8 buffer_dom_id : 00183084
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
          00cc lm_sess_key: 2b 07 b7 45 f0 68 16 f6 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00d4 acct_flags : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00d8 unkown: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00dc unkown: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00e0 unkown: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00e4 unkown: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00e8 unkown: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00ec unkown: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00f0 unkown: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00f4 num_other_sids: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00f8 buffer_other_sids: 00000000
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_user_name
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_full_name
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_logon_script
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_profile_path
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_home_dir
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_dir_drive
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00fc num_groups2   : 00000007
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000100 smb_io_gid 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0100 g_rid: 00000201
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0104 attr : 00000007
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000108 smb_io_gid 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0108 g_rid: 0000046f
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              010c attr : 00000007
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000110 smb_io_gid 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0110 g_rid: 0000048c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0114 attr : 00000007
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000118 smb_io_gid 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0118 g_rid: 00000549
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              011c attr : 00000007
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000120 smb_io_gid 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0120 g_rid: 00000576
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0124 attr : 00000007
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000128 smb_io_gid 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0128 g_rid: 00000784
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              012c attr : 00000007
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000130 smb_io_gid 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0130 g_rid: 000007ab
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0134 attr : 00000007
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000138 smb_io_unistr2 uni_logon_srv
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0138 uni_max_len: 00000007
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              013c offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0140 uni_str_len: 00000006
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
              0144 buffer     : N.T.R.Z.1.3.
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000150 smb_io_unistr2 uni_logon_dom
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0150 uni_max_len: 00000004
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0154 offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0158 uni_str_len: 00000003
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
              015c buffer     : H.R.Z.
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000162 smb_io_dom_sid2 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0164 num_auths: 00000004
[2005/12/05 17:56:53, 8] rpc_parse/parse_prs.c:(82)
              000168 smb_io_dom_sid sid
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
                  0168 sid_rev_num: 01
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
                  0169 num_auths  : 04
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
                  016a id_auth[0] : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
                  016b id_auth[1] : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
                  016c id_auth[2] : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
                  016d id_auth[3] : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
                  016e id_auth[4] : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
                  016f id_auth[5] : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(898)
                  0170 sub_auths : 00000015 413b77f4 713029db 374c57ac 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0180 auth_resp   : a1f08401
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(701)
      0184 status      : NT_STATUS_OK
[2005/12/05 17:56:53, 10] passdb/secrets.c:(771)
  secrets_named_mutex: released mutex for NTRZ13
[2005/12/05 17:56:53, 5] lib/username.c:(313)
  Finding user HRZ\ratzka
[2005/12/05 17:56:53, 5] lib/username.c:(262)
  Trying _Get_Pwnam(), username as lowercase is hrz\ratzka
[2005/12/05 17:56:53, 5] lib/username.c:(269)
  Trying _Get_Pwnam(), username as given is HRZ\ratzka
[2005/12/05 17:56:53, 5] lib/username.c:(278)
  Trying _Get_Pwnam(), username as uppercase is HRZ\RATZKA
[2005/12/05 17:56:53, 5] lib/username.c:(286)
  Checking combinations of 0 uppercase letters in hrz\ratzka
[2005/12/05 17:56:53, 5] lib/username.c:(290)
  Get_Pwnam_internals didn't find user [HRZ\ratzka]!
[2005/12/05 17:56:53, 5] lib/username.c:(313)
  Finding user ratzka
[2005/12/05 17:56:53, 5] lib/username.c:(262)
  Trying _Get_Pwnam(), username as lowercase is ratzka
[2005/12/05 17:56:53, 5] lib/username.c:(290)
  Get_Pwnam_internals did find user [ratzka]!
[2005/12/05 17:56:53, 5] auth/auth_util.c:(994)
  fill_sam_account: located username was [ratzka]
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(617)
  pdb_set_username: setting username ratzka, was 
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(698)
  pdb_set_full_name: setting full name Wolfgang Ratzka, HRZ, x5876, was 
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(833)
  pdb_set_unix_homedir: setting home dir /home/ratzka, was NULL
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(644)
  pdb_set_domain: setting domain HRZ_SMB, was 
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(544)
  pdb_set_user_sid: setting user sid S-1-5-21-1686530679-3929198075-576801238-66824
[2005/12/05 17:56:53, 10] passdb/pdb_compat.c:(73)
  pdb_set_user_sid_from_rid:
  	setting user sid S-1-5-21-1686530679-3929198075-576801238-66824 from rid 66824
[2005/12/05 17:56:53, 3] smbd/sec_ctx.c:(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/12/05 17:56:53, 3] smbd/uid.c:(388)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/12/05 17:56:53, 3] smbd/sec_ctx.c:(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/12/05 17:56:53, 5] auth/auth_util.c:(452)
  NT user token: (NULL)
[2005/12/05 17:56:53, 5] auth/auth_util.c:(473)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/12/05 17:56:53, 3] smbd/sec_ctx.c:(386)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(580)
  pdb_set_group_sid: setting group sid S-1-5-21-1686530679-3929198075-576801238-1201
[2005/12/05 17:56:53, 10] passdb/pdb_compat.c:(100)
  pdb_set_group_sid_from_rid:
  	setting group sid S-1-5-21-1686530679-3929198075-576801238-1201 from rid 1201
[2005/12/05 17:56:53, 4] lib/substitute.c:(337)
  Home server: hrz_smb
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(752)
  pdb_set_profile_path: setting profile path \\hrz_smb\ratzka\profile, was 
[2005/12/05 17:56:53, 4] lib/substitute.c:(337)
  Home server: hrz_smb
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(806)
  pdb_set_homedir: setting home dir \\hrz_smb\ratzka, was 
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(779)
  pdb_set_dir_drive: setting dir drive , was NULL
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(725)
  pdb_set_logon_script: setting logon script , was 
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(671)
  pdb_set_nt_username: setting nt username ratzka, was 
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(617)
  pdb_set_username: setting username ratzka, was ratzka
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(644)
  pdb_set_domain: setting domain HRZ, was HRZ_SMB
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(544)
  pdb_set_user_sid: setting user sid S-1-5-21-1094416372-1898981851-927750060-1008
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(580)
  pdb_set_group_sid: setting group sid S-1-5-21-1094416372-1898981851-927750060-513
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(698)
  pdb_set_full_name: setting full name , was Wolfgang Ratzka, HRZ, x5876
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(725)
  pdb_set_logon_script: setting logon script , was 
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(752)
  pdb_set_profile_path: setting profile path , was \\hrz_smb\ratzka\profile
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(806)
  pdb_set_homedir: setting home dir , was \\hrz_smb\ratzka
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(779)
  pdb_set_dir_drive: setting dir drive , was 
[2005/12/05 17:56:53, 3] smbd/sec_ctx.c:(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/12/05 17:56:53, 3] smbd/uid.c:(388)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/12/05 17:56:53, 3] smbd/sec_ctx.c:(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/12/05 17:56:53, 5] auth/auth_util.c:(452)
  NT user token: (NULL)
[2005/12/05 17:56:53, 5] auth/auth_util.c:(473)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/12/05 17:56:53, 10] lib/system_smbd.c:(116)
  sys_getgrouplist: user [ratzka]
[2005/12/05 17:56:53, 10] lib/system_smbd.c:(125)
  sys_getgrouplist(): disabled winbindd for group lookup [user == ratzka]
[2005/12/05 17:56:53, 3] smbd/sec_ctx.c:(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2005/12/05 17:56:53, 3] smbd/uid.c:(388)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 1
[2005/12/05 17:56:53, 3] smbd/sec_ctx.c:(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2005/12/05 17:56:53, 5] auth/auth_util.c:(452)
  NT user token: (NULL)
[2005/12/05 17:56:53, 5] auth/auth_util.c:(473)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/12/05 17:56:53, 0] lib/fault.c:(36)
  ===============================================================
[2005/12/05 17:56:53, 0] lib/fault.c:(37)
  INTERNAL ERROR: Signal 10 in pid 29652 (3.0.20b)
  Please read the Trouble-Shooting section of the Samba3-HOWTO
[2005/12/05 17:56:53, 0] lib/fault.c:(39)
  
  From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf
[2005/12/05 17:56:53, 0] lib/fault.c:(40)
  ===============================================================
[2005/12/05 17:56:53, 0] lib/util.c:(1548)
  PANIC: internal error
[2005/12/05 17:56:53, 6] param/loadparm.c:(2834)
  lp_file_list_changed()
  file /opt/csw/etc/samba/smb.conf -> /opt/csw/etc/samba/smb.conf  last mod_time: Fri Dec  2 16:33:42 2005
  
[2005/12/05 17:56:53, 5] auth/auth_util.c:(191)
  make_user_info_map: Mapping user [HRZ]\[ratzka] from workstation [PCRZ478-WXP]
[2005/12/05 17:56:53, 10] lib/gencache.c:(263)
  Returning valid cache entry: key = TDOMCACHE/TIMESTAMP, value = 0, timeout = Mon Dec  5 18:06:52 2005
  
[2005/12/05 17:56:53, 10] lib/gencache.c:(127)
  Adding cache entry with key = TDOMCACHE/TIMESTAMP; value = 0 and timeout = Mon Dec  5 18:06:53 2005
   (600 seconds ahead)
[2005/12/05 17:56:53, 4] passdb/secrets.c:(281)
  Using cleartext machine password
[2005/12/05 17:56:53, 8] libsmb/namequery.c:(1433)
  get_sorted_dc_list: attempting lookup using [lmhosts wins host bcast]
[2005/12/05 17:56:53, 10] libsmb/namequery.c:(1028)
  internal_resolve_name: looking up HRZ#1c
[2005/12/05 17:56:53, 10] lib/gencache.c:(263)
  Returning valid cache entry: key = NBT/HRZ#1C, value = 137.248.3.174:0,137.248.3.163:0,137.248.3.45:0, timeout = Mon Dec  5 18:06:09 2005
  
[2005/12/05 17:56:53, 5] libsmb/namecache.c:(201)
  name HRZ#1C found.
[2005/12/05 17:56:53, 8] libsmb/namequery.c:(1316)
  Adding 3 DC's from auto lookup
[2005/12/05 17:56:53, 10] libsmb/namequery.c:(320)
  remove_duplicate_addrs2: looking for duplicate address/port pairs
[2005/12/05 17:56:53, 4] libsmb/namequery.c:(1406)
  get_dc_list: returning 3 ip addresses in an unordered list
[2005/12/05 17:56:53, 4] libsmb/namequery.c:(1407)
  get_dc_list: 137.248.3.174:0 137.248.3.163:0 137.248.3.45:0 
[2005/12/05 17:56:53, 10] libsmb/namequery.c:(188)
  name_status_find: looking up HRZ#1c at 137.248.3.174
[2005/12/05 17:56:53, 10] lib/gencache.c:(285)
  Cache entry with key = NBT/HRZ#1C.20.137.248.3.174 couldn't be found
[2005/12/05 17:56:53, 5] libsmb/namecache.c:(308)
  namecache_status_fetch: no entry for NBT/HRZ#1C.20.137.248.3.174 found.
[2005/12/05 17:56:53, 10] lib/gencache.c:(214)
  Deleting cache entry (key = NBT/HRZ#1C.20.137.248.3.174)
[2005/12/05 17:56:53, 10] lib/util_sock.c:(832)
  bind succeeded on port 0
[2005/12/05 17:56:53, 5] libsmb/nmblib.c:(777)
  Sending a packet of len 50 to (137.248.3.174) on port 137
[2005/12/05 17:56:53, 10] lib/util_sock.c:(286)
  read_udp_socket: lastip 137.248.3.174 lastport 137 read: 247
[2005/12/05 17:56:53, 10] libsmb/nmblib.c:(506)
  parse_nmb: packet id = 12497
[2005/12/05 17:56:53, 5] libsmb/nmblib.c:(755)
  Received a packet of len 247 from (137.248.3.174) port 137
[2005/12/05 17:56:53, 4] libsmb/nmblib.c:(112)
  nmb packet from 137.248.3.174(137) header: id=12497 opcode=Query(0) response=Yes
      header: flags: bcast=No rec_avail=No rec_des=No trunc=No auth=Yes
      header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
      answers: nmb_name=HRZ<1c> rr_type=33 rr_class=1 ttl=0
      answers   0 char .NTRZ13            hex 074E54525A3133202020202020202020
      answers  10 char .D.HRZ             hex 00440048525A20202020202020202020
      answers  20 char   ...HRZ           hex 202000C40048525A2020202020202020
      answers  30 char     ...NTRZ13      hex 202020201CC4004E54525A3133202020
      answers  40 char        D.HRZ       hex 20202020202020440048525A20202020
      answers  50 char         ...NTRZ1   hex 20202020202020201EC4004E54525A31
      answers  60 char 3         .D.NTR   hex 332020202020202020200344004E5452
      answers  70 char Z13         .D..   hex 5A313320202020202020202001440000
      answers  80 char ...e............   hex 01020A65D90000000000000000000000
      answers  90 char ................   hex 00000000000000000000000000000000
      answers  a0 char .............   hex 00000000000000000000000000
[2005/12/05 17:56:53, 10] libsmb/namequery.c:(70)
  NTRZ13#00: flags = 0x44
[2005/12/05 17:56:53, 10] libsmb/namequery.c:(70)
  HRZ#00: flags = 0xc4
[2005/12/05 17:56:53, 10] libsmb/namequery.c:(70)
  HRZ#1c: flags = 0xc4
[2005/12/05 17:56:53, 10] libsmb/namequery.c:(70)
  NTRZ13#20: flags = 0x44
[2005/12/05 17:56:53, 10] libsmb/namequery.c:(70)
  HRZ#1e: flags = 0xc4
[2005/12/05 17:56:53, 10] libsmb/namequery.c:(70)
  NTRZ13#03: flags = 0x44
[2005/12/05 17:56:53, 10] libsmb/namequery.c:(70)
  NTRZ13#01: flags = 0x44
[2005/12/05 17:56:53, 10] libsmb/namequery.c:(227)
  name_status_find: name found, name NTRZ13 ip address is 137.248.3.174
[2005/12/05 17:56:53, 3] libsmb/namequery_dc.c:(145)
  rpc_dc_name: Returning DC NTRZ13 (137.248.3.174) for domain HRZ
[2005/12/05 17:56:53, 3] libsmb/cliconnect.c:(1407)
  Connecting to host=NTRZ13
[2005/12/05 17:56:53, 3] lib/util_sock.c:(867)
  Connecting to 137.248.3.174 at port 445
[2005/12/05 17:56:53, 2] lib/util_sock.c:(904)
  error connecting to 137.248.3.174:445 (Connection refused)
[2005/12/05 17:56:53, 3] lib/util_sock.c:(867)
  Connecting to 137.248.3.174 at port 139
[2005/12/05 17:56:53, 5] lib/util_sock.c:(203)
  socket option SO_KEEPALIVE = 0
[2005/12/05 17:56:53, 5] lib/util_sock.c:(203)
  socket option SO_REUSEADDR = 0
[2005/12/05 17:56:53, 5] lib/util_sock.c:(203)
  socket option SO_BROADCAST = 0
[2005/12/05 17:56:53, 5] lib/util_sock.c:(203)
  socket option TCP_NODELAY = 1
[2005/12/05 17:56:53, 5] lib/util_sock.c:(203)
  socket option IPTOS_LOWDELAY = 0
[2005/12/05 17:56:53, 5] lib/util_sock.c:(203)
  socket option IPTOS_THROUGHPUT = 0
[2005/12/05 17:56:53, 5] lib/util_sock.c:(203)
  socket option SO_SNDBUF = 49152
[2005/12/05 17:56:53, 5] lib/util_sock.c:(203)
  socket option SO_RCVBUF = 49640
[2005/12/05 17:56:53, 5] lib/util_sock.c:(201)
  Could not test socket option SO_SNDLOWAT.
[2005/12/05 17:56:53, 5] lib/util_sock.c:(201)
  Could not test socket option SO_RCVLOWAT.
[2005/12/05 17:56:53, 5] lib/util_sock.c:(201)
  Could not test socket option SO_SNDTIMEO.
[2005/12/05 17:56:53, 5] lib/util_sock.c:(201)
  Could not test socket option SO_RCVTIMEO.
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,72)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,72) wrote 72
[2005/12/05 17:56:53, 5] libsmb/cliconnect.c:(1233)
  Sent session request
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 0
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=0
  smb_com=0x0
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=0
  smb_flg2=0
  smb_tid=0
  smb_pid=0
  smb_uid=0
  smb_mid=0
  smt_wct=0
  smb_bcc=0
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,183)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,183) wrote 183
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 85
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=85
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=55297
  smb_tid=0
  smb_pid=29654
  smb_uid=0
  smb_mid=2
  smt_wct=17
  smb_vwv[ 0]=    8 (0x8)
  smb_vwv[ 1]=12803 (0x3203)
  smb_vwv[ 2]=  256 (0x100)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=   17 (0x11)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  256 (0x100)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=64768 (0xFD00)
  smb_vwv[10]=   67 (0x43)
  smb_vwv[11]=45568 (0xB200)
  smb_vwv[12]=30589 (0x777D)
  smb_vwv[13]=48356 (0xBCE4)
  smb_vwv[14]=50681 (0xC5F9)
  smb_vwv[15]=50177 (0xC401)
  smb_vwv[16]= 2303 (0x8FF)
  smb_bcc=16
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 08 BC CB A1 1B A4 5B 2A  48 00 52 00 5A 00 00 00  ......[* H.R.Z...
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=85
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=55297
  smb_tid=0
  smb_pid=29654
  smb_uid=0
  smb_mid=2
  smt_wct=17
  smb_vwv[ 0]=    8 (0x8)
  smb_vwv[ 1]=12803 (0x3203)
  smb_vwv[ 2]=  256 (0x100)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=   17 (0x11)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  256 (0x100)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=64768 (0xFD00)
  smb_vwv[10]=   67 (0x43)
  smb_vwv[11]=45568 (0xB200)
  smb_vwv[12]=30589 (0x777D)
  smb_vwv[13]=48356 (0xBCE4)
  smb_vwv[14]=50681 (0xC5F9)
  smb_vwv[15]=50177 (0xC401)
  smb_vwv[16]= 2303 (0x8FF)
  smb_bcc=16
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 08 BC CB A1 1B A4 5B 2A  48 00 52 00 5A 00 00 00  ......[* H.R.Z...
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,92)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,92) wrote 92
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 118
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=118
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=0
  smb_pid=29654
  smb_uid=16385
  smb_mid=3
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  118 (0x76)
  smb_vwv[ 2]=    0 (0x0)
  smb_bcc=77
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 00 57 00 69 00 6E 00 64  00 6F 00 77 00 73 00 20  .W.i.n.d .o.w.s. 
  [010] 00 4E 00 54 00 20 00 34  00 2E 00 30 00 00 00 4E  .N.T. .4 ...0...N
  [020] 00 54 00 20 00 4C 00 41  00 4E 00 20 00 4D 00 61  .T. .L.A .N. .M.a
  [030] 00 6E 00 61 00 67 00 65  00 72 00 20 00 34 00 2E  .n.a.g.e .r. .4..
  [040] 00 30 00 00 00 48 00 52  00 5A 00 00 00           .0...H.R .Z...
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=118
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=0
  smb_pid=29654
  smb_uid=16385
  smb_mid=3
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  118 (0x76)
  smb_vwv[ 2]=    0 (0x0)
  smb_bcc=77
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 00 57 00 69 00 6E 00 64  00 6F 00 77 00 73 00 20  .W.i.n.d .o.w.s. 
  [010] 00 4E 00 54 00 20 00 34  00 2E 00 30 00 00 00 4E  .N.T. .4 ...0...N
  [020] 00 54 00 20 00 4C 00 41  00 4E 00 20 00 4D 00 61  .T. .L.A .N. .M.a
  [030] 00 6E 00 61 00 67 00 65  00 72 00 20 00 34 00 2E  .n.a.g.e .r. .4..
  [040] 00 30 00 00 00 48 00 52  00 5A 00 00 00           .0...H.R .Z...
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,80)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,80) wrote 80
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 48
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=48
  smb_com=0x75
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=10242
  smb_pid=29654
  smb_uid=16385
  smb_mid=4
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=   48 (0x30)
  smb_vwv[ 2]=    1 (0x1)
  smb_bcc=7
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 49 50 43 00 00 00 00                              IPC.... 
[2005/12/05 17:56:53, 10] libsmb/clientgen.c:(232)
  cli_init_creds: user  domain 
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,104)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,104) wrote 104
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 103
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=103
  smb_com=0xa2
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=10242
  smb_pid=29654
  smb_uid=16385
  smb_mid=5
  smt_wct=34
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  103 (0x67)
  smb_vwv[ 2]=  768 (0x300)
  smb_vwv[ 3]=  328 (0x148)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=    0 (0x0)
  smb_vwv[11]=    0 (0x0)
  smb_vwv[12]=    0 (0x0)
  smb_vwv[13]=    0 (0x0)
  smb_vwv[14]=    0 (0x0)
  smb_vwv[15]=    0 (0x0)
  smb_vwv[16]=    0 (0x0)
  smb_vwv[17]=    0 (0x0)
  smb_vwv[18]=    0 (0x0)
  smb_vwv[19]=    0 (0x0)
  smb_vwv[20]=    0 (0x0)
  smb_vwv[21]=32768 (0x8000)
  smb_vwv[22]=    0 (0x0)
  smb_vwv[23]=    0 (0x0)
  smb_vwv[24]=   16 (0x10)
  smb_vwv[25]=    0 (0x0)
  smb_vwv[26]=    0 (0x0)
  smb_vwv[27]=    0 (0x0)
  smb_vwv[28]=    0 (0x0)
  smb_vwv[29]=    0 (0x0)
  smb_vwv[30]=    0 (0x0)
  smb_vwv[31]=  512 (0x200)
  smb_vwv[32]=65280 (0xFF00)
  smb_vwv[33]=    5 (0x5)
  smb_bcc=0
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1343)
  Bind RPC Pipe[4803]: \PIPE\lsarpc
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1237)
  Bind Abstract Syntax: [000] 12 34 57 78 12 34 AB CD  EF 00 01 23 45 67 89 AB  .4Wx.4.. ...#Eg..
  [010] 00 00 00 00                                       .... 
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1240)
  Bind Transfer Syntax: [000] 8A 88 5D 04 1C EB 11 C9  9F E8 08 00 2B 10 48 60  ..]..... ....+.H`
  [010] 00 00 00 02                                       .... 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0b
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0048
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000001
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_rb 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0018 num_contexts: 01
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      001c context_id  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      001e num_transfer_syntaxes: 01
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      00001f smb_io_rpc_iface 
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000020 smb_io_uuid uuid
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0020 data   : 12345778
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0024 data   : 1234
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0026 data   : abcd
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              0028 data   : ef 00 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              002a data   : 01 23 45 67 89 ab 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0030 version: 00000000
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000034 smb_io_rpc_iface 
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000034 smb_io_uuid uuid
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0034 data   : 8a885d04
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0038 data   : 1ceb
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              003a data   : 11c9
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              003c data   : 9f e8 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              003e data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0044 version: 00000002
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:4803
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=154
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=10242
  smb_pid=29654
  smb_uid=16385
  smb_mid=6
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   72 (0x48)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   72 (0x48)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=18435 (0x4803)
  smb_bcc=87
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 0B 03 10 00 00 00 48  00 00 00 01 00 00 00 B8  .......H ........
  [020] 10 B8 10 00 00 00 00 01  00 00 00 00 00 01 00 78  ........ .......x
  [030] 57 34 12 34 12 CD AB EF  00 01 23 45 67 89 AB 00  W4.4.... ..#Eg...
  [040] 00 00 00 04 5D 88 8A EB  1C C9 11 9F E8 08 00 2B  ....]... .......+
  [050] 10 48 60 02 00 00 00                              .H`.... 
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,158)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,158) wrote 158
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 124
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=124
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=10242
  smb_pid=29654
  smb_uid=16385
  smb_mid=6
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   68 (0x44)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=69
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 48 05 00 0C 03 10 00 00  00 44 00 00 00 01 00 00  H....... .D......
  [010] 00 B8 10 B8 10 3C 97 13  00 0C 00 5C 50 49 50 45  .....<.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 00  00 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00                                    `.... 
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=124
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=10242
  smb_pid=29654
  smb_uid=16385
  smb_mid=6
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   68 (0x44)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=69
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 48 05 00 0C 03 10 00 00  00 44 00 00 00 01 00 00  H....... .D......
  [010] 00 B8 10 B8 10 3C 97 13  00 0C 00 5C 50 49 50 45  .....<.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 00  00 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00                                    `.... 
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 68
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0044
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000001
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 68
[2005/12/05 17:56:53, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1419)
  rpc_pipe_bind: rpc_api_pipe returned OK.
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_ba 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 0013973c
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_rpc_addr_str 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0018 len: 000c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
          001a str: \PIPE\lsass.
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000026 smb_io_rpc_results 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
          0028 num_results: 01
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          002c result     : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          002e reason     : 0000
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000030 smb_io_rpc_iface 
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000030 smb_io_uuid uuid
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0030 data   : 8a885d04
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0034 data   : 1ceb
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0036 data   : 11c9
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              0038 data   : 9f e8 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              003a data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0040 version: 00000002
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1293)
  bind_rpc_pipe: accepted!
[2005/12/05 17:56:53, 5] rpc_parse/parse_lsa.c:(142)
  init_lsa_sec_qos
[2005/12/05 17:56:53, 5] rpc_parse/parse_lsa.c:(261)
  init_open_pol: attr:0 da:1
[2005/12/05 17:56:53, 5] rpc_parse/parse_lsa.c:(193)
  init_lsa_obj_attr
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 lsa_io_q_open_pol 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0000 ptr       : 00000001
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0004 system_name: 005c
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000008 lsa_io_obj_attr 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0008 len         : 00000018
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          000c ptr_root_dir: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0010 ptr_obj_name: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0014 attributes  : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0018 ptr_sec_desc: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          001c ptr_sec_qos : 00000001
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000020 lsa_io_obj_qos sec_qos
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0020 len           : 0000000c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0024 sec_imp_level : 0002
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
              0026 sec_ctxt_mode : 01
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
              0027 effective_only: 00
[2005/12/05 17:56:53, 3] rpc_parse/parse_lsa.c:(181)
  lsa_io_sec_qos: length c does not match size 8
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0028 des_access: 00000001
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0x6 data_len: 0x44
[2005/12/05 17:56:53, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 44 auth_len: 0 alloc_hint: 34
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0044
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000002
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000034
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 0006
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:4803
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=150
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=10242
  smb_pid=29654
  smb_uid=16385
  smb_mid=7
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   68 (0x44)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=18435 (0x4803)
  smb_bcc=83
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 44  00 00 00 02 00 00 00 34  .......D .......4
  [020] 00 00 00 00 00 06 00 01  00 00 00 5C 00 00 00 18  ........ ...\....
  [030] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
  [040] 00 00 00 01 00 00 00 0C  00 00 00 02 00 01 00 01  ........ ........
  [050] 00 00 00                                          ... 
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,154)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,154) wrote 154
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 104
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=104
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=10242
  smb_pid=29654
  smb_uid=16385
  smb_mid=7
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   48 (0x30)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   48 (0x30)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=49
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 44 05 00 02 03 10 00 00  00 30 00 00 00 02 00 00  D....... .0......
  [010] 00 18 00 00 00 00 00 00  00 00 00 00 00 9A 78 9E  ........ ......x.
  [020] 0E B7 FB 6C 45 91 98 0F  E5 2B 3B D1 DE 00 00 00  ...lE... .+;.....
  [030] 00                                                . 
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=104
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=10242
  smb_pid=29654
  smb_uid=16385
  smb_mid=7
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   48 (0x30)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   48 (0x30)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=49
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 44 05 00 02 03 10 00 00  00 30 00 00 00 02 00 00  D....... .0......
  [010] 00 18 00 00 00 00 00 00  00 00 00 00 00 9A 78 9E  ........ ......x.
  [020] 0E B7 FB 6C 45 91 98 0F  E5 2B 3B D1 DE 00 00 00  ...lE... .+;.....
  [030] 00                                                . 
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 48
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0030
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000002
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000018
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 48
[2005/12/05 17:56:53, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000018 lsa_io_r_open_pol 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_pol_hnd 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0018 data1: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          001c data2: 0e9e789a
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0020 data3: fbb7
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0022 data4: 456c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
          0024 data5: 91 98 0f e5 2b 3b d1 de 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(701)
      002c status: NT_STATUS_OK
[2005/12/05 17:56:53, 5] rpc_parse/parse_lsa.c:(477)
  init_q_enum_trust_dom
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 lsa_io_q_enum_trust_dom 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000000 smb_io_pol_hnd 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0000 data1: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0004 data2: 0e9e789a
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0008 data3: fbb7
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          000a data4: 456c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
          000c data5: 91 98 0f e5 2b 3b d1 de 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0014 enum_context : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0018 preferred_len: 00010000
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0xd data_len: 0x34
[2005/12/05 17:56:53, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 34 auth_len: 0 alloc_hint: 24
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0034
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000003
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000024
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 000d
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:4803
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=134
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=10242
  smb_pid=29654
  smb_uid=16385
  smb_mid=8
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   52 (0x34)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   52 (0x34)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=18435 (0x4803)
  smb_bcc=67
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 34  00 00 00 03 00 00 00 24  .......4 .......$
  [020] 00 00 00 00 00 0D 00 00  00 00 00 9A 78 9E 0E B7  ........ ....x...
  [030] FB 6C 45 91 98 0F E5 2B  3B D1 DE 00 00 00 00 00  .lE....+ ;.......
  [040] 00 01 00                                          ... 
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,138)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,138) wrote 138
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 96
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=96
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=10242
  smb_pid=29654
  smb_uid=16385
  smb_mid=8
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   40 (0x28)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   40 (0x28)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=41
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 34 05 00 02 03 10 00 00  00 28 00 00 00 03 00 00  4....... .(......
  [010] 00 10 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
  [020] 00 00 00 00 00 1A 00 00  80                       ........ .
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=96
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=10242
  smb_pid=29654
  smb_uid=16385
  smb_mid=8
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   40 (0x28)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   40 (0x28)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=41
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 34 05 00 02 03 10 00 00  00 28 00 00 00 03 00 00  4....... .(......
  [010] 00 10 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
  [020] 00 00 00 00 00 1A 00 00  80                       ........ .
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 40
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0028
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000003
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000010
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 40
[2005/12/05 17:56:53, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000018 lsa_io_r_enum_trust_dom 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0018 enum_context: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      001c count: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0020 ptr: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(701)
      0024 status: NT_STATUS_NO_MORE_ENTRIES
[2005/12/05 17:56:53, 10] libsmb/trusts_util.c:(181)
  enumerate_domain_trusts: shutting down connection...
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,45)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,45) wrote 45
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 35
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=35
  smb_com=0x4
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=10242
  smb_pid=29654
  smb_uid=16385
  smb_mid=9
  smt_wct=0
  smb_bcc=0
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,39)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,39) wrote 39
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 35
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=35
  smb_com=0x71
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=10242
  smb_pid=29654
  smb_uid=16385
  smb_mid=10
  smt_wct=0
  smb_bcc=0
[2005/12/05 17:56:53, 10] lib/gencache.c:(285)
  Cache entry with key = TDOM/HRZ couldn't be found
[2005/12/05 17:56:53, 5] libsmb/trustdom_cache.c:(184)
  no entry for trusted domain HRZ found.
[2005/12/05 17:56:53, 5] auth/auth_util.c:(99)
  attempting to make a user_info for ratzka (ratzka)
[2005/12/05 17:56:53, 5] auth/auth_util.c:(109)
  making strings for ratzka's user_info struct
[2005/12/05 17:56:53, 5] auth/auth_util.c:(151)
  making blobs for ratzka's user_info struct
[2005/12/05 17:56:53, 10] auth/auth_util.c:(167)
  made an encrypted user_info for ratzka (ratzka)
[2005/12/05 17:56:53, 3] auth/auth.c:(219)
  check_ntlm_password:  Checking password for unmapped user [HRZ]\[ratzka]@[PCRZ478-WXP] with the new password interface
[2005/12/05 17:56:53, 3] auth/auth.c:(222)
  check_ntlm_password:  mapped user is: [HRZ]\[ratzka]@[PCRZ478-WXP]
[2005/12/05 17:56:53, 10] auth/auth.c:(231)
  check_ntlm_password: auth_context challenge created by NTLMSSP callback (NTLM2)
[2005/12/05 17:56:53, 10] auth/auth.c:(233)
  challenge is: 
[2005/12/05 17:56:53, 5] lib/util.c:(2053)
  [000] B3 51 BC 07 70 69 90 F3                           .Q..pi.. 
[2005/12/05 17:56:53, 10] auth/auth.c:(259)
  check_ntlm_password: guest had nothing to say
[2005/12/05 17:56:53, 8] lib/util.c:(1874)
  is_myname("HRZ") returns 0
[2005/12/05 17:56:53, 6] auth/auth_sam.c:(379)
  check_samstrict_security: HRZ is not one of my local names (ROLE_DOMAIN_MEMBER)
[2005/12/05 17:56:53, 10] auth/auth.c:(259)
  check_ntlm_password: sam had nothing to say
[2005/12/05 17:56:53, 3] smbd/sec_ctx.c:(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/12/05 17:56:53, 3] smbd/uid.c:(388)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/12/05 17:56:53, 3] smbd/sec_ctx.c:(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/12/05 17:56:53, 5] auth/auth_util.c:(452)
  NT user token: (NULL)
[2005/12/05 17:56:53, 5] auth/auth_util.c:(473)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/12/05 17:56:53, 3] smbd/sec_ctx.c:(386)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/12/05 17:56:53, 4] passdb/secrets.c:(281)
  Using cleartext machine password
[2005/12/05 17:56:53, 4] passdb/secrets.c:(281)
  Using cleartext machine password
[2005/12/05 17:56:53, 8] libsmb/namequery.c:(1433)
  get_sorted_dc_list: attempting lookup using [lmhosts wins host bcast]
[2005/12/05 17:56:53, 10] libsmb/namequery.c:(1028)
  internal_resolve_name: looking up HRZ#1c
[2005/12/05 17:56:53, 10] lib/gencache.c:(263)
  Returning valid cache entry: key = NBT/HRZ#1C, value = 137.248.3.174:0,137.248.3.163:0,137.248.3.45:0, timeout = Mon Dec  5 18:06:09 2005
  
[2005/12/05 17:56:53, 5] libsmb/namecache.c:(201)
  name HRZ#1C found.
[2005/12/05 17:56:53, 8] libsmb/namequery.c:(1316)
  Adding 3 DC's from auto lookup
[2005/12/05 17:56:53, 10] libsmb/namequery.c:(320)
  remove_duplicate_addrs2: looking for duplicate address/port pairs
[2005/12/05 17:56:53, 4] libsmb/namequery.c:(1406)
  get_dc_list: returning 3 ip addresses in an unordered list
[2005/12/05 17:56:53, 4] libsmb/namequery.c:(1407)
  get_dc_list: 137.248.3.174:0 137.248.3.163:0 137.248.3.45:0 
[2005/12/05 17:56:53, 10] libsmb/namequery.c:(188)
  name_status_find: looking up HRZ#1c at 137.248.3.174
[2005/12/05 17:56:53, 10] lib/gencache.c:(285)
  Cache entry with key = NBT/HRZ#1C.20.137.248.3.174 couldn't be found
[2005/12/05 17:56:53, 5] libsmb/namecache.c:(308)
  namecache_status_fetch: no entry for NBT/HRZ#1C.20.137.248.3.174 found.
[2005/12/05 17:56:53, 10] lib/gencache.c:(214)
  Deleting cache entry (key = NBT/HRZ#1C.20.137.248.3.174)
[2005/12/05 17:56:53, 10] lib/util_sock.c:(832)
  bind succeeded on port 0
[2005/12/05 17:56:53, 5] libsmb/nmblib.c:(777)
  Sending a packet of len 50 to (137.248.3.174) on port 137
[2005/12/05 17:56:53, 10] lib/util_sock.c:(286)
  read_udp_socket: lastip 137.248.3.174 lastport 137 read: 247
[2005/12/05 17:56:53, 10] libsmb/nmblib.c:(506)
  parse_nmb: packet id = 28270
[2005/12/05 17:56:53, 5] libsmb/nmblib.c:(755)
  Received a packet of len 247 from (137.248.3.174) port 137
[2005/12/05 17:56:53, 4] libsmb/nmblib.c:(112)
  nmb packet from 137.248.3.174(137) header: id=28270 opcode=Query(0) response=Yes
      header: flags: bcast=No rec_avail=No rec_des=No trunc=No auth=Yes
      header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
      answers: nmb_name=HRZ<1c> rr_type=33 rr_class=1 ttl=0
      answers   0 char .NTRZ13            hex 074E54525A3133202020202020202020
      answers  10 char .D.HRZ             hex 00440048525A20202020202020202020
      answers  20 char   ...HRZ           hex 202000C40048525A2020202020202020
      answers  30 char     ...NTRZ13      hex 202020201CC4004E54525A3133202020
      answers  40 char        D.HRZ       hex 20202020202020440048525A20202020
      answers  50 char         ...NTRZ1   hex 20202020202020201EC4004E54525A31
      answers  60 char 3         .D.NTR   hex 332020202020202020200344004E5452
      answers  70 char Z13         .D..   hex 5A313320202020202020202001440000
      answers  80 char ...e............   hex 01020A65D90000000000000000000000
      answers  90 char ................   hex 00000000000000000000000000000000
      answers  a0 char .............   hex 00000000000000000000000000
[2005/12/05 17:56:53, 10] libsmb/namequery.c:(70)
  NTRZ13#00: flags = 0x44
[2005/12/05 17:56:53, 10] libsmb/namequery.c:(70)
  HRZ#00: flags = 0xc4
[2005/12/05 17:56:53, 10] libsmb/namequery.c:(70)
  HRZ#1c: flags = 0xc4
[2005/12/05 17:56:53, 10] libsmb/namequery.c:(70)
  NTRZ13#20: flags = 0x44
[2005/12/05 17:56:53, 10] libsmb/namequery.c:(70)
  HRZ#1e: flags = 0xc4
[2005/12/05 17:56:53, 10] libsmb/namequery.c:(70)
  NTRZ13#03: flags = 0x44
[2005/12/05 17:56:53, 10] libsmb/namequery.c:(70)
  NTRZ13#01: flags = 0x44
[2005/12/05 17:56:53, 10] libsmb/namequery.c:(227)
  name_status_find: name found, name NTRZ13 ip address is 137.248.3.174
[2005/12/05 17:56:53, 3] libsmb/namequery_dc.c:(145)
  rpc_dc_name: Returning DC NTRZ13 (137.248.3.174) for domain HRZ
[2005/12/05 17:56:53, 10] passdb/secrets.c:(759)
  secrets_named_mutex: got mutex for NTRZ13
[2005/12/05 17:56:53, 3] libsmb/cliconnect.c:(1407)
  Connecting to host=NTRZ13
[2005/12/05 17:56:53, 3] lib/util_sock.c:(867)
  Connecting to 137.248.3.174 at port 445
[2005/12/05 17:56:53, 2] lib/util_sock.c:(904)
  error connecting to 137.248.3.174:445 (Connection refused)
[2005/12/05 17:56:53, 3] lib/util_sock.c:(867)
  Connecting to 137.248.3.174 at port 139
[2005/12/05 17:56:53, 5] lib/util_sock.c:(203)
  socket option SO_KEEPALIVE = 0
[2005/12/05 17:56:53, 5] lib/util_sock.c:(203)
  socket option SO_REUSEADDR = 0
[2005/12/05 17:56:53, 5] lib/util_sock.c:(203)
  socket option SO_BROADCAST = 0
[2005/12/05 17:56:53, 5] lib/util_sock.c:(203)
  socket option TCP_NODELAY = 1
[2005/12/05 17:56:53, 5] lib/util_sock.c:(203)
  socket option IPTOS_LOWDELAY = 0
[2005/12/05 17:56:53, 5] lib/util_sock.c:(203)
  socket option IPTOS_THROUGHPUT = 0
[2005/12/05 17:56:53, 5] lib/util_sock.c:(203)
  socket option SO_SNDBUF = 49152
[2005/12/05 17:56:53, 5] lib/util_sock.c:(203)
  socket option SO_RCVBUF = 49640
[2005/12/05 17:56:53, 5] lib/util_sock.c:(201)
  Could not test socket option SO_SNDLOWAT.
[2005/12/05 17:56:53, 5] lib/util_sock.c:(201)
  Could not test socket option SO_RCVLOWAT.
[2005/12/05 17:56:53, 5] lib/util_sock.c:(201)
  Could not test socket option SO_SNDTIMEO.
[2005/12/05 17:56:53, 5] lib/util_sock.c:(201)
  Could not test socket option SO_RCVTIMEO.
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,72)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,72) wrote 72
[2005/12/05 17:56:53, 5] libsmb/cliconnect.c:(1233)
  Sent session request
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 0
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=0
  smb_com=0x0
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=0
  smb_flg2=0
  smb_tid=0
  smb_pid=0
  smb_uid=0
  smb_mid=0
  smt_wct=0
  smb_bcc=0
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,183)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,183) wrote 183
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 85
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=85
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=55297
  smb_tid=0
  smb_pid=29654
  smb_uid=0
  smb_mid=2
  smt_wct=17
  smb_vwv[ 0]=    8 (0x8)
  smb_vwv[ 1]=12803 (0x3203)
  smb_vwv[ 2]=  256 (0x100)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=   17 (0x11)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  256 (0x100)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=64768 (0xFD00)
  smb_vwv[10]=   67 (0x43)
  smb_vwv[11]= 6656 (0x1A00)
  smb_vwv[12]=33031 (0x8107)
  smb_vwv[13]=48356 (0xBCE4)
  smb_vwv[14]=50681 (0xC5F9)
  smb_vwv[15]=50177 (0xC401)
  smb_vwv[16]= 2303 (0x8FF)
  smb_bcc=16
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 9C EC CE AA 2C 50 5B 72  48 00 52 00 5A 00 00 00  ....,P[r H.R.Z...
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=85
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=55297
  smb_tid=0
  smb_pid=29654
  smb_uid=0
  smb_mid=2
  smt_wct=17
  smb_vwv[ 0]=    8 (0x8)
  smb_vwv[ 1]=12803 (0x3203)
  smb_vwv[ 2]=  256 (0x100)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=   17 (0x11)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  256 (0x100)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=64768 (0xFD00)
  smb_vwv[10]=   67 (0x43)
  smb_vwv[11]= 6656 (0x1A00)
  smb_vwv[12]=33031 (0x8107)
  smb_vwv[13]=48356 (0xBCE4)
  smb_vwv[14]=50681 (0xC5F9)
  smb_vwv[15]=50177 (0xC401)
  smb_vwv[16]= 2303 (0x8FF)
  smb_bcc=16
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 9C EC CE AA 2C 50 5B 72  48 00 52 00 5A 00 00 00  ....,P[r H.R.Z...
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,92)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,92) wrote 92
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 118
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=118
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=0
  smb_pid=29654
  smb_uid=34816
  smb_mid=3
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  118 (0x76)
  smb_vwv[ 2]=    0 (0x0)
  smb_bcc=77
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 00 57 00 69 00 6E 00 64  00 6F 00 77 00 73 00 20  .W.i.n.d .o.w.s. 
  [010] 00 4E 00 54 00 20 00 34  00 2E 00 30 00 00 00 4E  .N.T. .4 ...0...N
  [020] 00 54 00 20 00 4C 00 41  00 4E 00 20 00 4D 00 61  .T. .L.A .N. .M.a
  [030] 00 6E 00 61 00 67 00 65  00 72 00 20 00 34 00 2E  .n.a.g.e .r. .4..
  [040] 00 30 00 00 00 48 00 52  00 5A 00 00 00           .0...H.R .Z...
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=118
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=0
  smb_pid=29654
  smb_uid=34816
  smb_mid=3
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  118 (0x76)
  smb_vwv[ 2]=    0 (0x0)
  smb_bcc=77
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 00 57 00 69 00 6E 00 64  00 6F 00 77 00 73 00 20  .W.i.n.d .o.w.s. 
  [010] 00 4E 00 54 00 20 00 34  00 2E 00 30 00 00 00 4E  .N.T. .4 ...0...N
  [020] 00 54 00 20 00 4C 00 41  00 4E 00 20 00 4D 00 61  .T. .L.A .N. .M.a
  [030] 00 6E 00 61 00 67 00 65  00 72 00 20 00 34 00 2E  .n.a.g.e .r. .4..
  [040] 00 30 00 00 00 48 00 52  00 5A 00 00 00           .0...H.R .Z...
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,80)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,80) wrote 80
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 48
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=48
  smb_com=0x75
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=22531
  smb_pid=29654
  smb_uid=34816
  smb_mid=4
  smt_wct=3
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=   48 (0x30)
  smb_vwv[ 2]=    1 (0x1)
  smb_bcc=7
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 49 50 43 00 00 00 00                              IPC.... 
[2005/12/05 17:56:53, 10] libsmb/clientgen.c:(232)
  cli_init_creds: user  domain 
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,108)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,108) wrote 108
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 103
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=103
  smb_com=0xa2
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=22531
  smb_pid=29654
  smb_uid=34816
  smb_mid=5
  smt_wct=34
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  103 (0x67)
  smb_vwv[ 2]= 3328 (0xD00)
  smb_vwv[ 3]=  400 (0x190)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=    0 (0x0)
  smb_vwv[11]=    0 (0x0)
  smb_vwv[12]=    0 (0x0)
  smb_vwv[13]=    0 (0x0)
  smb_vwv[14]=    0 (0x0)
  smb_vwv[15]=    0 (0x0)
  smb_vwv[16]=    0 (0x0)
  smb_vwv[17]=    0 (0x0)
  smb_vwv[18]=    0 (0x0)
  smb_vwv[19]=    0 (0x0)
  smb_vwv[20]=    0 (0x0)
  smb_vwv[21]=32768 (0x8000)
  smb_vwv[22]=    0 (0x0)
  smb_vwv[23]=    0 (0x0)
  smb_vwv[24]=   16 (0x10)
  smb_vwv[25]=    0 (0x0)
  smb_vwv[26]=    0 (0x0)
  smb_vwv[27]=    0 (0x0)
  smb_vwv[28]=    0 (0x0)
  smb_vwv[29]=    0 (0x0)
  smb_vwv[30]=    0 (0x0)
  smb_vwv[31]=  512 (0x200)
  smb_vwv[32]=65280 (0xFF00)
  smb_vwv[33]=    5 (0x5)
  smb_bcc=0
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1343)
  Bind RPC Pipe[900d]: \PIPE\NETLOGON
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1237)
  Bind Abstract Syntax: [000] 12 34 56 78 12 34 AB CD  EF 00 01 23 45 67 CF FB  .4Vx.4.. ...#Eg..
  [010] 00 00 00 01                                       .... 
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1240)
  Bind Transfer Syntax: [000] 8A 88 5D 04 1C EB 11 C9  9F E8 08 00 2B 10 48 60  ..]..... ....+.H`
  [010] 00 00 00 02                                       .... 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0b
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0048
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000004
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_rb 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0018 num_contexts: 01
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      001c context_id  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      001e num_transfer_syntaxes: 01
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      00001f smb_io_rpc_iface 
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000020 smb_io_uuid uuid
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0020 data   : 12345678
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0024 data   : 1234
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0026 data   : abcd
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              0028 data   : ef 00 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              002a data   : 01 23 45 67 cf fb 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0030 version: 00000001
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000034 smb_io_rpc_iface 
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000034 smb_io_uuid uuid
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0034 data   : 8a885d04
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0038 data   : 1ceb
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              003a data   : 11c9
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              003c data   : 9f e8 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              003e data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0044 version: 00000002
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:900d
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=154
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=22531
  smb_pid=29654
  smb_uid=34816
  smb_mid=6
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   72 (0x48)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   72 (0x48)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=36877 (0x900D)
  smb_bcc=87
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 0B 03 10 00 00 00 48  00 00 00 04 00 00 00 B8  .......H ........
  [020] 10 B8 10 00 00 00 00 01  00 00 00 00 00 01 00 78  ........ .......x
  [030] 56 34 12 34 12 CD AB EF  00 01 23 45 67 CF FB 01  V4.4.... ..#Eg...
  [040] 00 00 00 04 5D 88 8A EB  1C C9 11 9F E8 08 00 2B  ....]... .......+
  [050] 10 48 60 02 00 00 00                              .H`.... 
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,158)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,158) wrote 158
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 124
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=124
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=22531
  smb_pid=29654
  smb_uid=34816
  smb_mid=6
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   68 (0x44)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=69
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 48 05 00 0C 03 10 00 00  00 44 00 00 00 04 00 00  H....... .D......
  [010] 00 B8 10 B8 10 3D 97 13  00 0C 00 5C 50 49 50 45  .....=.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 00  80 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00                                    `.... 
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=124
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=22531
  smb_pid=29654
  smb_uid=34816
  smb_mid=6
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   68 (0x44)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=69
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 48 05 00 0C 03 10 00 00  00 44 00 00 00 04 00 00  H....... .D......
  [010] 00 B8 10 B8 10 3D 97 13  00 0C 00 5C 50 49 50 45  .....=.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 00  80 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00                                    `.... 
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 68
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0044
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000004
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 68
[2005/12/05 17:56:53, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1419)
  rpc_pipe_bind: rpc_api_pipe returned OK.
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_ba 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 0013973d
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_rpc_addr_str 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0018 len: 000c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
          001a str: \PIPE\lsass.
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000026 smb_io_rpc_results 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
          0028 num_results: 01
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          002c result     : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          002e reason     : 0000
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000030 smb_io_rpc_iface 
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000030 smb_io_uuid uuid
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0030 data   : 8a885d04
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0034 data   : 1ceb
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0036 data   : 11c9
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              0038 data   : 9f e8 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              003a data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0040 version: 00000002
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1293)
  bind_rpc_pipe: accepted!
[2005/12/05 17:56:53, 4] rpc_client/cli_netlogon.c:(45)
  cli_net_req_chal: LSA Request Challenge from HRZ_SMB to NTRZ13: A2B5D3FC44351883
[2005/12/05 17:56:53, 5] rpc_parse/parse_net.c:(676)
  init_q_req_chal: 676
[2005/12/05 17:56:53, 5] rpc_parse/parse_net.c:(685)
  init_q_req_chal: 685
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 net_io_q_req_chal 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0000 undoc_buffer: 00000001
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000004 smb_io_unistr2 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0004 uni_max_len: 00000009
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0008 offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          000c uni_str_len: 00000009
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
          0010 buffer     : \.\.N.T.R.Z.1.3...
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000022 smb_io_unistr2 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0024 uni_max_len: 00000008
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0028 offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          002c uni_str_len: 00000008
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
          0030 buffer     : H.R.Z._.S.M.B...
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000040 smb_io_chal 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
          0040 data: a2 b5 d3 fc 44 35 18 83 
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0x4 data_len: 0x60
[2005/12/05 17:56:53, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 60 auth_len: 0 alloc_hint: 50
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0060
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000005
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000050
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 0004
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:900d
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=178
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=22531
  smb_pid=29654
  smb_uid=34816
  smb_mid=7
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   96 (0x60)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   96 (0x60)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=36877 (0x900D)
  smb_bcc=111
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 60  00 00 00 05 00 00 00 50  .......` .......P
  [020] 00 00 00 00 00 04 00 01  00 00 00 09 00 00 00 00  ........ ........
  [030] 00 00 00 09 00 00 00 5C  00 5C 00 4E 00 54 00 52  .......\ .\.N.T.R
  [040] 00 5A 00 31 00 33 00 00  00 00 00 08 00 00 00 00  .Z.1.3.. ........
  [050] 00 00 00 08 00 00 00 48  00 52 00 5A 00 5F 00 53  .......H .R.Z._.S
  [060] 00 4D 00 42 00 00 00 A2  B5 D3 FC 44 35 18 83     .M.B.... ...D5..
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,182)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,182) wrote 182
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 92
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=92
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=22531
  smb_pid=29654
  smb_uid=34816
  smb_mid=7
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   36 (0x24)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   36 (0x24)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=37
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 60 05 00 02 03 10 00 00  00 24 00 00 00 05 00 00  `....... .$......
  [010] 00 0C 00 00 00 00 00 00  00 CD 50 17 2A 28 00 00  ........ ..P.*(..
  [020] 00 00 00 00 00                                    ..... 
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=92
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=22531
  smb_pid=29654
  smb_uid=34816
  smb_mid=7
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   36 (0x24)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   36 (0x24)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=37
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 60 05 00 02 03 10 00 00  00 24 00 00 00 05 00 00  `....... .$......
  [010] 00 0C 00 00 00 00 00 00  00 CD 50 17 2A 28 00 00  ........ ..P.*(..
  [020] 00 00 00 00 00                                    ..... 
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 36
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0024
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000005
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 0000000c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 36
[2005/12/05 17:56:53, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000018 net_io_r_req_chal 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_chal 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
          0018 data: cd 50 17 2a 28 00 00 00 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(701)
      0020 status: NT_STATUS_OK
[2005/12/05 17:56:53, 4] libsmb/credentials.c:(59)
  cred_session_key
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(61)
  	clnt_chal: A2B5D3FC44351883
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(62)
  	srv_chal : CD50172A28000000
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(63)
  	clnt+srv : 6F06EB266C351883
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(64)
  	sess_key : 0F0582C25C6CB298
[2005/12/05 17:56:53, 4] libsmb/credentials.c:(90)
  cred_create
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(92)
  	sess_key : 0F0582C25C6CB298
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(93)
  	stor_cred: A2B5D3FC44351883
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(94)
  	timestamp: 0
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(95)
  	timecred : A2B5D3FC44351883
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(96)
  	calc_cred: 30659E0DE17286D9
[2005/12/05 17:56:53, 4] rpc_client/cli_netlogon.c:(157)
  cli_net_auth2: srv:\\NTRZ13 acct:HRZ_SMB$ sc:2 mc: HRZ_SMB chal 30659E0DE17286D9 neg: 400701ff
[2005/12/05 17:56:53, 5] rpc_parse/parse_net.c:(797)
  init_q_auth_2: 797
[2005/12/05 17:56:53, 5] rpc_parse/parse_misc.c:(1407)
  make_log_info 1407
[2005/12/05 17:56:53, 5] rpc_parse/parse_net.c:(803)
  init_q_auth_2: 803
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 net_io_q_auth_2 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000000 smb_io_log_info 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0000 undoc_buffer: 00000001
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000004 smb_io_unistr2 unistr2
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0004 uni_max_len: 00000009
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0008 offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              000c uni_str_len: 00000009
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
              0010 buffer     : \.\.N.T.R.Z.1.3...
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000022 smb_io_unistr2 unistr2
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0024 uni_max_len: 00000009
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0028 offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              002c uni_str_len: 00000009
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
              0030 buffer     : H.R.Z._.S.M.B.$...
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0042 sec_chan: 0002
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000044 smb_io_unistr2 unistr2
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0044 uni_max_len: 00000008
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0048 offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              004c uni_str_len: 00000008
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
              0050 buffer     : H.R.Z._.S.M.B...
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000060 smb_io_chal 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
          0060 data: 30 65 9e 0d e1 72 86 d9 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000068 net_io_neg_flags 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0068 neg_flags: 400701ff
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0xf data_len: 0x84
[2005/12/05 17:56:53, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 84 auth_len: 0 alloc_hint: 74
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0084
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000006
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000074
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 000f
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:900d
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=214
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=22531
  smb_pid=29654
  smb_uid=34816
  smb_mid=8
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  132 (0x84)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=  132 (0x84)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=36877 (0x900D)
  smb_bcc=147
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 84  00 00 00 06 00 00 00 74  ........ .......t
  [020] 00 00 00 00 00 0F 00 01  00 00 00 09 00 00 00 00  ........ ........
  [030] 00 00 00 09 00 00 00 5C  00 5C 00 4E 00 54 00 52  .......\ .\.N.T.R
  [040] 00 5A 00 31 00 33 00 00  00 00 00 09 00 00 00 00  .Z.1.3.. ........
  [050] 00 00 00 09 00 00 00 48  00 52 00 5A 00 5F 00 53  .......H .R.Z._.S
  [060] 00 4D 00 42 00 24 00 00  00 02 00 08 00 00 00 00  .M.B.$.. ........
  [070] 00 00 00 08 00 00 00 48  00 52 00 5A 00 5F 00 53  .......H .R.Z._.S
  [080] 00 4D 00 42 00 00 00 30  65 9E 0D E1 72 86 D9 FF  .M.B...0 e...r...
  [090] 01 07 40                                          ..@ 
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,218)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,218) wrote 218
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 96
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=96
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=22531
  smb_pid=29654
  smb_uid=34816
  smb_mid=8
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   40 (0x28)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   40 (0x28)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=41
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 84 05 00 02 03 10 00 00  00 28 00 00 00 06 00 00  ........ .(......
  [010] 00 10 00 00 00 00 00 00  00 48 69 8D E4 76 6D 99  ........ .Hi..vm.
  [020] 3A FF 01 00 40 00 00 00  00                       :...@... .
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=96
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=22531
  smb_pid=29654
  smb_uid=34816
  smb_mid=8
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   40 (0x28)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   40 (0x28)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=41
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 84 05 00 02 03 10 00 00  00 28 00 00 00 06 00 00  ........ .(......
  [010] 00 10 00 00 00 00 00 00  00 48 69 8D E4 76 6D 99  ........ .Hi..vm.
  [020] 3A FF 01 00 40 00 00 00  00                       :...@... .
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 40
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0028
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000006
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000010
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 40
[2005/12/05 17:56:53, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000018 net_io_r_auth_2 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_chal 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
          0018 data: 48 69 8d e4 76 6d 99 3a 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000020 net_io_neg_flags 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0020 neg_flags: 400001ff
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(701)
      0024 status: NT_STATUS_OK
[2005/12/05 17:56:53, 4] libsmb/credentials.c:(90)
  cred_create
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(92)
  	sess_key : 0F0582C25C6CB298
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(93)
  	stor_cred: CD50172A28000000
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(94)
  	timestamp: 0
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(95)
  	timecred : CD50172A28000000
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(96)
  	calc_cred: 48698DE4766D993A
[2005/12/05 17:56:53, 4] libsmb/credentials.c:(121)
  cred_assert
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(123)
  	challenge : 48698DE4766D993A
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(124)
  	calculated: 48698DE4766D993A
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(128)
  credentials check ok
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,108)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,108) wrote 108
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 103
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=103
  smb_com=0xa2
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=22531
  smb_pid=29654
  smb_uid=34816
  smb_mid=9
  smt_wct=34
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  103 (0x67)
  smb_vwv[ 2]= 1024 (0x400)
  smb_vwv[ 3]=  408 (0x198)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=    0 (0x0)
  smb_vwv[11]=    0 (0x0)
  smb_vwv[12]=    0 (0x0)
  smb_vwv[13]=    0 (0x0)
  smb_vwv[14]=    0 (0x0)
  smb_vwv[15]=    0 (0x0)
  smb_vwv[16]=    0 (0x0)
  smb_vwv[17]=    0 (0x0)
  smb_vwv[18]=    0 (0x0)
  smb_vwv[19]=    0 (0x0)
  smb_vwv[20]=    0 (0x0)
  smb_vwv[21]=32768 (0x8000)
  smb_vwv[22]=    0 (0x0)
  smb_vwv[23]=    0 (0x0)
  smb_vwv[24]=   16 (0x10)
  smb_vwv[25]=    0 (0x0)
  smb_vwv[26]=    0 (0x0)
  smb_vwv[27]=    0 (0x0)
  smb_vwv[28]=    0 (0x0)
  smb_vwv[29]=    0 (0x0)
  smb_vwv[30]=    0 (0x0)
  smb_vwv[31]=  512 (0x200)
  smb_vwv[32]=65280 (0xFF00)
  smb_vwv[33]=    5 (0x5)
  smb_bcc=0
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1343)
  Bind RPC Pipe[9804]: \PIPE\NETLOGON
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1237)
  Bind Abstract Syntax: [000] 12 34 56 78 12 34 AB CD  EF 00 01 23 45 67 CF FB  .4Vx.4.. ...#Eg..
  [010] 00 00 00 01                                       .... 
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1240)
  Bind Transfer Syntax: [000] 8A 88 5D 04 1C EB 11 C9  9F E8 08 00 2B 10 48 60  ..]..... ....+.H`
  [010] 00 00 00 02                                       .... 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr_auth hdr_auth
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 auth_type    : 44
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 auth_level   : 06
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 auth_pad_len : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 auth_reserved: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0004 auth_context_id: 00000001
[2005/12/05 17:56:53, 10] rpc_client/cli_pipe.c:(724)
  create_rpc_bind_req: no domain; assuming my own
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000008 smb_io_rpc_auth_netsec_neg netsec_neg
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0008 type1: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c type2: 00000003
[2005/12/05 17:56:53, 6] lib/util.c:(2053)
  [000] 48 52 5A                                          HRZ 
[2005/12/05 17:56:53, 6] lib/util.c:(2053)
  [000] 48 52 5A 5F 53 4D 42                              HRZ_SMB 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0b
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0064
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0014
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000007
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_rb 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0018 num_contexts: 01
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      001c context_id  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      001e num_transfer_syntaxes: 01
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      00001f smb_io_rpc_iface 
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000020 smb_io_uuid uuid
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0020 data   : 12345678
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0024 data   : 1234
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0026 data   : abcd
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              0028 data   : ef 00 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              002a data   : 01 23 45 67 cf fb 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0030 version: 00000001
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000034 smb_io_rpc_iface 
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000034 smb_io_uuid uuid
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0034 data   : 8a885d04
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0038 data   : 1ceb
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              003a data   : 11c9
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              003c data   : 9f e8 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              003e data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0044 version: 00000002
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:9804
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=182
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=22531
  smb_pid=29654
  smb_uid=34816
  smb_mid=10
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  100 (0x64)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=  100 (0x64)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=38916 (0x9804)
  smb_bcc=115
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 0B 03 10 00 00 00 64  00 14 00 07 00 00 00 B8  .......d ........
  [020] 10 B8 10 00 00 00 00 01  00 00 00 00 00 01 00 78  ........ .......x
  [030] 56 34 12 34 12 CD AB EF  00 01 23 45 67 CF FB 01  V4.4.... ..#Eg...
  [040] 00 00 00 04 5D 88 8A EB  1C C9 11 9F E8 08 00 2B  ....]... .......+
  [050] 10 48 60 02 00 00 00 44  06 00 00 01 00 00 00 00  .H`....D ........
  [060] 00 00 00 03 00 00 00 48  52 5A 00 48 52 5A 5F 53  .......H RZ.HRZ_S
  [070] 4D 42 00                                          MB. 
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,186)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,186) wrote 186
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 144
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=144
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=22531
  smb_pid=29654
  smb_uid=34816
  smb_mid=10
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   88 (0x58)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   88 (0x58)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=89
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 64 05 00 0C 03 10 00 00  00 58 00 0C 00 07 00 00  d....... .X......
  [010] 00 B8 10 B8 10 3E 97 13  00 0C 00 5C 50 49 50 45  .....>.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 25  F7 01 00 00 00 00 00 00  \lsass.% ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00 44 06 00  00 01 00 00 00 01 00 00  `....D.. ........
  [050] 00 00 00 00 00 00 38 4B  B8                       ......8K .
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=144
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=22531
  smb_pid=29654
  smb_uid=34816
  smb_mid=10
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   88 (0x58)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   88 (0x58)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=89
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 64 05 00 0C 03 10 00 00  00 58 00 0C 00 07 00 00  d....... .X......
  [010] 00 B8 10 B8 10 3E 97 13  00 0C 00 5C 50 49 50 45  .....>.. ...\PIPE
  [020] 5C 6C 73 61 73 73 00 25  F7 01 00 00 00 00 00 00  \lsass.% ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00 44 06 00  00 01 00 00 00 01 00 00  `....D.. ........
  [050] 00 00 00 00 00 00 38 4B  B8                       ......8K .
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 88
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 0c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0058
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 000c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000007
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 88
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(214)
  rpc_auth_pipe: pkt_type: 12 len: 88 auth_len: 12 NTLMSSP No schannel Yes sign Yes seal Yes 
[2005/12/05 17:56:53, 10] rpc_client/cli_pipe.c:(221)
  rpc_auth_pipe: packet:
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr_auth auth_hdr
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 auth_type    : 44
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 auth_level   : 06
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 auth_pad_len : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 auth_reserved: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0004 auth_context_id: 00000001
[2005/12/05 17:56:53, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1419)
  rpc_pipe_bind: rpc_api_pipe returned OK.
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_ba 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000010 smb_io_rpc_hdr_bba 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0010 max_tsize: 10b8
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0012 max_rsize: 10b8
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0014 assoc_gid: 0013973e
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000018 smb_io_rpc_addr_str 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0018 len: 000c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
          001a str: \PIPE\lsass.
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000026 smb_io_rpc_results 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
          0028 num_results: 01
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          002c result     : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          002e reason     : 0000
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000030 smb_io_rpc_iface 
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000030 smb_io_uuid uuid
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0030 data   : 8a885d04
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0034 data   : 1ceb
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0036 data   : 11c9
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              0038 data   : 9f e8 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              003a data   : 08 00 2b 10 48 60 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0040 version: 00000002
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(1293)
  bind_rpc_pipe: accepted!
[2005/12/05 17:56:53, 4] libsmb/credentials.c:(90)
  cred_create
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(92)
  	sess_key : 0F0582C25C6CB298
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(93)
  	stor_cred: 30659E0DE17286D9
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(94)
  	timestamp: 43947155
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(95)
  	timecred : 85D63251E17286D9
[2005/12/05 17:56:53, 5] libsmb/credentials.c:(96)
  	calc_cred: 08F0B75C39565C2B
[2005/12/05 17:56:53, 5] rpc_parse/parse_net.c:(1178)
  init_id_info2: 1178
[2005/12/05 17:56:53, 5] rpc_parse/parse_misc.c:(1586)
  make_logon_id: 1586
[2005/12/05 17:56:53, 5] rpc_parse/parse_net.c:(1272)
  init_sam_info: 1272
[2005/12/05 17:56:53, 5] rpc_parse/parse_misc.c:(1501)
  make_clnt_info: 1501
[2005/12/05 17:56:53, 5] rpc_parse/parse_misc.c:(1346)
  init_clnt_srv: 1346
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 net_io_q_sam_logon 
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      000000 smb_io_sam_info 
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000000 smb_io_clnt_info2 
[2005/12/05 17:56:53, 8] rpc_parse/parse_prs.c:(82)
              000000 smb_io_clnt_srv 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                  0000 undoc_buffer : 00000001
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  000004 smb_io_unistr2 unistr2
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      0004 uni_max_len: 00000009
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      0008 offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      000c uni_str_len: 00000009
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
                      0010 buffer     : \.\.N.T.R.Z.1.3...
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                  0024 undoc_buffer2: 00000001
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  000028 smb_io_unistr2 unistr2
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      0028 uni_max_len: 00000008
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      002c offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      0030 uni_str_len: 00000008
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
                      0034 buffer     : H.R.Z._.S.M.B...
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0044 ptr_cred: 00000001
[2005/12/05 17:56:53, 8] rpc_parse/parse_prs.c:(82)
              000048 smb_io_cred 
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  000048 smb_io_chal 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
                      0048 data: 08 f0 b7 5c 39 56 5c 2b 
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  000050 smb_io_utime 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      0050 time: 43947155
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0054 ptr_rtn_cred : 00000001
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000058 smb_io_cred 
[2005/12/05 17:56:53, 8] rpc_parse/parse_prs.c:(82)
              000058 smb_io_chal 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
                  0058 data: 00 00 00 00 00 00 00 00 
[2005/12/05 17:56:53, 8] rpc_parse/parse_prs.c:(82)
              000060 smb_io_utime 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                  0060 time: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0064 logon_level  : 0002
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000066 smb_io_sam_info logon_info
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0066 switch_value : 0002
[2005/12/05 17:56:53, 8] rpc_parse/parse_prs.c:(82)
              000068 net_io_id_info2 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                  0068 ptr_id_info2: 00000001
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  00006c smb_io_unihdr unihdr
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
                      006c uni_str_len: 0006
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
                      006e uni_max_len: 0006
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      0070 buffer     : 00000001
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                  0074 param_ctrl: 00000000
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  000078 smb_io_logon_id 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      0078 low : 0000dead
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      007c high: 0000beef
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  000080 smb_io_unihdr unihdr
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
                      0080 uni_str_len: 000c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
                      0082 uni_max_len: 000c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      0084 buffer     : 00000001
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  000088 smb_io_unihdr unihdr
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
                      0088 uni_str_len: 001a
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
                      008a uni_max_len: 001a
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      008c buffer     : 00000001
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
                  0090 lm_chal: b3 51 bc 07 70 69 90 f3 
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  000098 smb_io_strhdr hdr_nt_chal_resp
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
                      0098 str_str_len: 0018
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
                      009a str_max_len: 0018
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      009c buffer     : 00000001
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  0000a0 smb_io_strhdr hdr_lm_chal_resp
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
                      00a0 str_str_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
                      00a2 str_max_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      00a4 buffer     : 00000000
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  0000a8 smb_io_unistr2 uni_domain_name
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      00a8 uni_max_len: 00000003
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      00ac offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      00b0 uni_str_len: 00000003
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
                      00b4 buffer     : H.R.Z.
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  0000ba smb_io_unistr2 uni_user_name  
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      00bc uni_max_len: 00000006
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      00c0 offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      00c4 uni_str_len: 00000006
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
                      00c8 buffer     : r.a.t.z.k.a.
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  0000d4 smb_io_unistr2 uni_wksta_name 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      00d4 uni_max_len: 0000000d
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      00d8 offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      00dc uni_str_len: 0000000d
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
                      00e0 buffer     : \.\.P.C.R.Z.4.7.8.-.W.X.P.
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  0000fa smb_io_string2 nt_chal_resp
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      00fc str_max_len: 00000018
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      0100 offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
                      0104 str_str_len: 00000018
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(1003)
                      0108 buffer     : .5.fN^Jp-........}....*.
[2005/12/05 17:56:53, 9] rpc_parse/parse_prs.c:(82)
                  000120 smb_io_string2 - NULL lm_chal_resp
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0120 validation_level: 0003
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000128 smb_io_rpc_hdr_auth hdr_auth
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0128 auth_type    : 44
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0129 auth_level   : 06
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      012a auth_pad_len : 06
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      012b auth_reserved: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      012c auth_context_id: 00000001
[2005/12/05 17:56:53, 10] rpc_client/cli_pipe.c:(1047)
  SCHANNEL seq_num=0
[2005/12/05 17:56:53, 10] rpc_parse/parse_prs.c:(1536)
  SCHANNEL: netsec_encode seq_num=0 data_len=296
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000130 smb_io_rpc_auth_netsec_chk 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
      0130 sig  : 77 00 7a 00 ff ff 00 00 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
      0138 seq_num: cc 14 ab 67 32 55 b5 52 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
      0140 packet_digest: 18 9a f5 f7 fb d0 51 b1 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
      0148 confounder: b7 b3 b0 7f e2 f8 21 73 
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(865)
  create_rpc_request: opnum: 0x2 data_len: 0x168
[2005/12/05 17:56:53, 10] rpc_client/cli_pipe.c:(882)
  create_rpc_request: data_len: 168 auth_len: 20 alloc_hint: 130
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr hdr    
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 0168
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0020
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000008
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_req hdr_req
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000130
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0016 opnum     : 0002
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(423)
  rpc_api_pipe: fnum:9804
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=442
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=22531
  smb_pid=29654
  smb_uid=34816
  smb_mid=11
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  360 (0x168)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=  360 (0x168)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=38916 (0x9804)
  smb_bcc=375
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 68  01 20 00 08 00 00 00 30  .......h . .....0
  [020] 01 00 00 00 00 02 00 77  E0 36 C8 39 3E F1 77 D1  .......w .6.9>.w.
  [030] 75 B8 AF A5 A8 1D 37 D5  4C E1 B5 E9 F8 73 4C 7D  u.....7. L....sL}
  [040] 91 7C 05 24 AB 78 19 CB  02 DD DE 32 5E B4 A4 15  .|.$.x.. ...2^...
  [050] B5 53 EA FC 5D 13 E1 A5  47 41 84 47 56 4F A2 F4  .S..]... GA.GVO..
  [060] 0C CA 54 2B AD DC FA 2E  87 3B 4D 78 0C 3B 41 3C  ..T+.... .;Mx.;A<
  [070] 1E 74 DE 61 5D BB 1D 31  76 43 A8 2C E8 E5 18 03  .t.a]..1 vC.,....
  [080] A1 E2 C0 28 42 18 27 DD  FD C0 E5 DB 7A 7E 60 00  ...(B.'. ....z~`.
  [090] 85 E1 14 9F D9 EC E2 78  50 87 2C 87 6C AE 9E 11  .......x P.,.l...
  [0A0] 26 5C 41 50 A7 9E F7 3E  44 9A 5C B0 AF 11 6A A3  &\AP...> D.\...j.
  [0B0] 78 03 62 F7 B6 B8 F4 C4  8B 5F 0C 7A 92 E5 39 5D  x.b..... ._.z..9]
  [0C0] B9 F6 83 86 B8 56 E1 5B  23 3B 1D 56 4A 85 81 4C  .....V.[ #;.VJ..L
  [0D0] C4 17 E0 7A 2F 54 73 A6  1D 8D 96 3B 73 03 65 42  ...z/Ts. ...;s.eB
  [0E0] A6 F8 75 B6 86 8A E0 05  15 81 8D DF 42 ED EA 69  ..u..... ....B..i
  [0F0] 08 55 81 E7 67 B3 5E B7  97 3C 9D 2E F3 EA A5 A2  .U..g.^. .<......
  [100] 4A 3B E9 2A 21 5E F3 1C  7F 50 87 9B 43 3A FA E3  J;.*!^.. .P..C:..
  [110] A4 43 83 2E B7 96 55 BB  AA 36 00 4D 20 63 AA E1  .C....U. .6.M c..
  [120] C9 93 DD F6 04 5D 8E 7D  11 4A 3B 90 F1 45 3C BB  .....].} .J;..E<.
  [130] 4F D4 81 1F DB 20 FD A0  F9 7D 31 DF 19 30 CA 97  O.... .. .}1..0..
  [140] 4E 16 79 C4 94 0B 2D D5  67 E8 E7 49 CD 44 E2 44  N.y...-. g..I.D.D
  [150] 06 06 00 01 00 00 00 77  00 7A 00 FF FF 00 00 CC  .......w .z......
  [160] 14 AB 67 32 55 B5 52 18  9A F5 F7 FB D0 51 B1 B7  ..g2U.R. .....Q..
  [170] B3 B0 7F E2 F8 21 73                              .....!s 
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(132)
  write_socket(26,446)
[2005/12/05 17:56:53, 6] libsmb/clientgen.c:(135)
  write_socket(26,446) wrote 446
[2005/12/05 17:56:53, 10] lib/util_sock.c:(615)
  got smb length of 488
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=488
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=22531
  smb_pid=29654
  smb_uid=34816
  smb_mid=11
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  432 (0x1B0)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  432 (0x1B0)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=433
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 68 05 00 02 03 10 00 00  00 B0 01 20 00 08 00 00  h....... ... ....
  [010] 00 70 01 00 00 00 00 00  00 5F FA 72 7D D8 C2 8E  .p...... ._.r}...
  [020] A5 32 C1 51 E5 A8 2D 83  4F 0B 22 D9 CD F0 63 D6  .2.Q..-. O."...c.
  [030] 20 CE 53 B5 CC C6 87 D1  10 47 10 13 B3 D5 F2 86   .S..... .G......
  [040] 89 A4 0A 57 B1 DE FB C8  3A 0A 80 A6 CF 26 1A 56  ...W.... :....&.V
  [050] 63 08 BE D7 60 44 68 94  A2 FB 74 00 7B 16 09 7B  c...`Dh. ..t.{..{
  [060] 33 53 CB E5 09 67 E7 AE  2A 74 32 2E 8D B7 A6 D4  3S...g.. *t2.....
  [070] 9B 17 14 5D 21 45 2E E2  00 B3 94 0C A0 D2 D5 D1  ...]!E.. ........
  [080] 5E 46 45 35 73 4D DC 38  86 0C ED 1B FF 2C 74 E2  ^FE5sM.8 .....,t.
  [090] F4 EE 42 BF FC 28 D2 33  C5 68 1D A7 DA FD 3D A1  ..B..(.3 .h....=.
  [0A0] 05 3F 08 10 9A 1E A5 C8  36 9D 4A 7A 74 F1 0F 29  .?...... 6.Jzt..)
  [0B0] 8E 31 D6 6A 1C B1 55 D9  55 77 E7 43 5B 1A 12 B1  .1.j..U. Uw.C[...
  [0C0] F5 16 40 F5 C2 A1 1C 78  35 B6 D7 14 06 4A B1 09  ..@....x 5....J..
  [0D0] 97 43 A2 3D 90 DE C8 45  A6 B7 AE AE ED 2E 1C 4B  .C.=...E .......K
  [0E0] 3F ED 8E 3F AE 12 F3 FD  46 6D 6A 63 69 76 6A 38  ?..?.... Fmjcivj8
  [0F0] EE AB 6D 4C BD C1 90 A7  E6 2F FC D1 67 D6 6F 42  ..mL.... ./..g.oB
  [100] 35 87 11 70 73 5A BC ED  EF B9 01 CE D1 FF 93 69  5..psZ.. .......i
  [110] A1 B9 B7 AD 27 59 90 4D  18 9F 92 C6 47 31 64 1E  ....'Y.M ....G1d.
  [120] 78 32 C8 C4 AF 5F ED 7D  80 80 02 31 9D 00 5F B8  x2..._.} ...1.._.
  [130] 7C 05 73 AC F5 01 98 86  0E C3 29 77 BA 18 22 08  |.s..... ..)w..".
  [140] 31 03 44 26 ED 5F 0C C6  C9 70 D1 C3 61 77 A4 8D  1.D&._.. .p..aw..
  [150] F4 29 D0 CA F7 E0 D0 1A  89 83 D9 2F 1A 5B 3F 36  .)...... .../.[?6
  [160] 3E D7 C1 B9 11 C8 8F C3  51 B6 CA 89 54 D3 A4 89  >....... Q...T...
  [170] B8 B8 82 B9 21 C9 E1 34  D6 2C F0 6D 1A 7C 92 25  ....!..4 .,.m.|.%
  [180] 89 29 21 94 35 F3 2E C7  AD 44 06 00 00 01 00 00  .)!.5... .D......
  [190] 00 77 00 7A 00 FF FF 00  00 0D FC C3 7A 89 F9 82  .w.z.... ....z...
  [1A0] A3 39 B4 49 B9 6E 2D CB  F6 AA 71 9B DB 07 75 D4  .9.I.n-. ..q...u.
  [1B0] F2                                                . 
[2005/12/05 17:56:53, 5] lib/util.c:(454)
[2005/12/05 17:56:53, 5] lib/util.c:(464)
  size=488
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=22531
  smb_pid=29654
  smb_uid=34816
  smb_mid=11
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  432 (0x1B0)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  432 (0x1B0)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=433
[2005/12/05 17:56:53, 10] lib/util.c:(2053)
  [000] 68 05 00 02 03 10 00 00  00 B0 01 20 00 08 00 00  h....... ... ....
  [010] 00 70 01 00 00 00 00 00  00 5F FA 72 7D D8 C2 8E  .p...... ._.r}...
  [020] A5 32 C1 51 E5 A8 2D 83  4F 0B 22 D9 CD F0 63 D6  .2.Q..-. O."...c.
  [030] 20 CE 53 B5 CC C6 87 D1  10 47 10 13 B3 D5 F2 86   .S..... .G......
  [040] 89 A4 0A 57 B1 DE FB C8  3A 0A 80 A6 CF 26 1A 56  ...W.... :....&.V
  [050] 63 08 BE D7 60 44 68 94  A2 FB 74 00 7B 16 09 7B  c...`Dh. ..t.{..{
  [060] 33 53 CB E5 09 67 E7 AE  2A 74 32 2E 8D B7 A6 D4  3S...g.. *t2.....
  [070] 9B 17 14 5D 21 45 2E E2  00 B3 94 0C A0 D2 D5 D1  ...]!E.. ........
  [080] 5E 46 45 35 73 4D DC 38  86 0C ED 1B FF 2C 74 E2  ^FE5sM.8 .....,t.
  [090] F4 EE 42 BF FC 28 D2 33  C5 68 1D A7 DA FD 3D A1  ..B..(.3 .h....=.
  [0A0] 05 3F 08 10 9A 1E A5 C8  36 9D 4A 7A 74 F1 0F 29  .?...... 6.Jzt..)
  [0B0] 8E 31 D6 6A 1C B1 55 D9  55 77 E7 43 5B 1A 12 B1  .1.j..U. Uw.C[...
  [0C0] F5 16 40 F5 C2 A1 1C 78  35 B6 D7 14 06 4A B1 09  ..@....x 5....J..
  [0D0] 97 43 A2 3D 90 DE C8 45  A6 B7 AE AE ED 2E 1C 4B  .C.=...E .......K
  [0E0] 3F ED 8E 3F AE 12 F3 FD  46 6D 6A 63 69 76 6A 38  ?..?.... Fmjcivj8
  [0F0] EE AB 6D 4C BD C1 90 A7  E6 2F FC D1 67 D6 6F 42  ..mL.... ./..g.oB
  [100] 35 87 11 70 73 5A BC ED  EF B9 01 CE D1 FF 93 69  5..psZ.. .......i
  [110] A1 B9 B7 AD 27 59 90 4D  18 9F 92 C6 47 31 64 1E  ....'Y.M ....G1d.
  [120] 78 32 C8 C4 AF 5F ED 7D  80 80 02 31 9D 00 5F B8  x2..._.} ...1.._.
  [130] 7C 05 73 AC F5 01 98 86  0E C3 29 77 BA 18 22 08  |.s..... ..)w..".
  [140] 31 03 44 26 ED 5F 0C C6  C9 70 D1 C3 61 77 A4 8D  1.D&._.. .p..aw..
  [150] F4 29 D0 CA F7 E0 D0 1A  89 83 D9 2F 1A 5B 3F 36  .)...... .../.[?6
  [160] 3E D7 C1 B9 11 C8 8F C3  51 B6 CA 89 54 D3 A4 89  >....... Q...T...
  [170] B8 B8 82 B9 21 C9 E1 34  D6 2C F0 6D 1A 7C 92 25  ....!..4 .,.m.|.%
  [180] 89 29 21 94 35 F3 2E C7  AD 44 06 00 00 01 00 00  .)!.5... .D......
  [190] 00 77 00 7A 00 FF FF 00  00 0D FC C3 7A 89 F9 82  .w.z.... ....z...
  [1A0] A3 39 B4 49 B9 6E 2D CB  F6 AA 71 9B DB 07 75 D4  .9.I.n-. ..q...u.
  [1B0] F2                                                . 
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(136)
  rpc_check_hdr: rdata->data_size = 432
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr rpc_hdr   
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 major     : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 minor     : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 pkt_type  : 02
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 flags     : 03
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0004 pack_type0: 10
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0005 pack_type1: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0006 pack_type2: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0007 pack_type3: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0008 frag_len  : 01b0
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      000a auth_len  : 0020
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      000c call_id   : 00000008
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0010 alloc_hint: 00000170
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0014 context_id: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0016 cancel_ct : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0017 reserved  : 00
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(499)
  rpc_api_pipe: len left: 0 smbtrans read: 432
[2005/12/05 17:56:53, 5] rpc_client/cli_pipe.c:(214)
  rpc_auth_pipe: pkt_type: 2 len: 432 auth_len: 32 NTLMSSP No schannel Yes sign Yes seal Yes 
[2005/12/05 17:56:53, 10] rpc_client/cli_pipe.c:(221)
  rpc_auth_pipe: packet:
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000000 smb_io_rpc_hdr_auth auth_hdr
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0000 auth_type    : 44
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0001 auth_level   : 06
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0002 auth_pad_len : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
      0003 auth_reserved: 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0004 auth_context_id: 00000001
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000008 smb_io_rpc_auth_netsec_chk schannel_auth_sign
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
      0008 sig  : 77 00 7a 00 ff ff 00 00 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
      0010 seq_num: 0d fc c3 7a 89 f9 82 a3 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
      0018 packet_digest: 39 b4 49 b9 6e 2d cb f6 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
      0020 confounder: aa 71 9b db 07 75 d4 f2 
[2005/12/05 17:56:53, 10] rpc_parse/parse_prs.c:(1613)
  SCHANNEL: netsec_encode seq_num=1 data_len=368
[2005/12/05 17:56:53, 10] rpc_parse/parse_prs.c:(1633)
  SCHANNEL: netsec_decode seq_num=1 data_len=368
[2005/12/05 17:56:53, 6] rpc_client/cli_pipe.c:(541)
  rpc_api_pipe: fragment first and last both set
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(82)
  000018 net_io_r_sam_logon 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0018 buffer_creds: 00188078
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      00001c smb_io_cred 
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          00001c smb_io_chal 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
              001c data: 89 c3 94 2a ce ef 78 b5 
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000024 smb_io_utime 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0024 time: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
      0028 switch_value: 0003
[2005/12/05 17:56:53, 6] rpc_parse/parse_prs.c:(82)
      00002c net_io_user_info3 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          002c ptr_user_info : 00182f80
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000030 smb_io_time logon time
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0030 low : fa608040
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0034 high: 01c5f92d
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000038 smb_io_time logoff time
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0038 low : ffffffff
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              003c high: 7fffffff
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000040 smb_io_time kickoff time
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0040 low : ffffffff
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0044 high: 7fffffff
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000048 smb_io_time last set time
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0048 low : 6f2e05a6
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              004c high: 01c5f9b4
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000050 smb_io_time can change time
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0050 low : 6f2e05a6
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0054 high: 01c5f9b4
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000058 smb_io_time must change time
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0058 low : ffffffff
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              005c high: 7fffffff
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000060 smb_io_unihdr hdr_user_name
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0060 uni_str_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0062 uni_max_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0064 buffer     : 00000000
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000068 smb_io_unihdr hdr_full_name
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0068 uni_str_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              006a uni_max_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              006c buffer     : 00000000
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000070 smb_io_unihdr hdr_logon_script
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0070 uni_str_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0072 uni_max_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0074 buffer     : 00000000
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000078 smb_io_unihdr hdr_profile_path
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0078 uni_str_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              007a uni_max_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              007c buffer     : 00000000
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000080 smb_io_unihdr hdr_home_dir
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0080 uni_str_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0082 uni_max_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0084 buffer     : 00000000
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000088 smb_io_unihdr hdr_dir_drive
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              0088 uni_str_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              008a uni_max_len: 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              008c buffer     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0090 logon_count   : 040d
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
          0092 bad_pw_count  : 0000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0094 user_rid      : 000003f0
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          0098 group_rid     : 00000201
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          009c num_groups    : 00000007
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00a0 buffer_groups : 0018304c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00a4 user_flgs     : 00000120
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
          00a8 user_sess_key: f8 ec dc 20 b9 ec 31 72 7e dc c4 e3 a0 ab ed 63 
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          0000b8 smb_io_unihdr hdr_logon_srv
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              00b8 uni_str_len: 000c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              00ba uni_max_len: 000e
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              00bc buffer     : 0018309c
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          0000c0 smb_io_unihdr hdr_logon_dom
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              00c0 uni_str_len: 0006
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(642)
              00c2 uni_max_len: 0008
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              00c4 buffer     : 001830aa
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00c8 buffer_dom_id : 00183084
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(758)
          00cc lm_sess_key: 4a db 9b 7e ff d2 d1 6d 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00d4 acct_flags : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00d8 unkown: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00dc unkown: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00e0 unkown: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00e4 unkown: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00e8 unkown: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00ec unkown: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00f0 unkown: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00f4 num_other_sids: 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00f8 buffer_other_sids: 00000000
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_user_name
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_full_name
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_logon_script
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_profile_path
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_home_dir
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          0000fc smb_io_unistr2 - NULL uni_dir_drive
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
          00fc num_groups2   : 00000007
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000100 smb_io_gid 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0100 g_rid: 00000201
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0104 attr : 00000007
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000108 smb_io_gid 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0108 g_rid: 0000046f
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              010c attr : 00000007
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000110 smb_io_gid 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0110 g_rid: 0000048c
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0114 attr : 00000007
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000118 smb_io_gid 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0118 g_rid: 00000549
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              011c attr : 00000007
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000120 smb_io_gid 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0120 g_rid: 00000576
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0124 attr : 00000007
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000128 smb_io_gid 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0128 g_rid: 00000784
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              012c attr : 00000007
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000130 smb_io_gid 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0130 g_rid: 000007ab
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0134 attr : 00000007
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000138 smb_io_unistr2 uni_logon_srv
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0138 uni_max_len: 00000007
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              013c offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0140 uni_str_len: 00000006
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
              0144 buffer     : N.T.R.Z.1.3.
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000150 smb_io_unistr2 uni_logon_dom
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0150 uni_max_len: 00000004
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0154 offset     : 00000000
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0158 uni_str_len: 00000003
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(843)
              015c buffer     : H.R.Z.
[2005/12/05 17:56:53, 7] rpc_parse/parse_prs.c:(82)
          000162 smb_io_dom_sid2 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
              0164 num_auths: 00000004
[2005/12/05 17:56:53, 8] rpc_parse/parse_prs.c:(82)
              000168 smb_io_dom_sid sid
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
                  0168 sid_rev_num: 01
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
                  0169 num_auths  : 04
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
                  016a id_auth[0] : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
                  016b id_auth[1] : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
                  016c id_auth[2] : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
                  016d id_auth[3] : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
                  016e id_auth[4] : 00
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(582)
                  016f id_auth[5] : 05
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(898)
                  0170 sub_auths : 00000015 413b77f4 713029db 374c57ac 
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(671)
      0180 auth_resp   : d40a8c01
[2005/12/05 17:56:53, 5] rpc_parse/parse_prs.c:(701)
      0184 status      : NT_STATUS_OK
[2005/12/05 17:56:53, 10] passdb/secrets.c:(771)
  secrets_named_mutex: released mutex for NTRZ13
[2005/12/05 17:56:53, 5] lib/username.c:(313)
  Finding user HRZ\ratzka
[2005/12/05 17:56:53, 5] lib/username.c:(262)
  Trying _Get_Pwnam(), username as lowercase is hrz\ratzka
[2005/12/05 17:56:53, 5] lib/username.c:(269)
  Trying _Get_Pwnam(), username as given is HRZ\ratzka
[2005/12/05 17:56:53, 5] lib/username.c:(278)
  Trying _Get_Pwnam(), username as uppercase is HRZ\RATZKA
[2005/12/05 17:56:53, 5] lib/username.c:(286)
  Checking combinations of 0 uppercase letters in hrz\ratzka
[2005/12/05 17:56:53, 5] lib/username.c:(290)
  Get_Pwnam_internals didn't find user [HRZ\ratzka]!
[2005/12/05 17:56:53, 5] lib/username.c:(313)
  Finding user ratzka
[2005/12/05 17:56:53, 5] lib/username.c:(262)
  Trying _Get_Pwnam(), username as lowercase is ratzka
[2005/12/05 17:56:53, 5] lib/username.c:(290)
  Get_Pwnam_internals did find user [ratzka]!
[2005/12/05 17:56:53, 5] auth/auth_util.c:(994)
  fill_sam_account: located username was [ratzka]
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(617)
  pdb_set_username: setting username ratzka, was 
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(698)
  pdb_set_full_name: setting full name Wolfgang Ratzka, HRZ, x5876, was 
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(833)
  pdb_set_unix_homedir: setting home dir /home/ratzka, was NULL
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(644)
  pdb_set_domain: setting domain HRZ_SMB, was 
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(544)
  pdb_set_user_sid: setting user sid S-1-5-21-1686530679-3929198075-576801238-66824
[2005/12/05 17:56:53, 10] passdb/pdb_compat.c:(73)
  pdb_set_user_sid_from_rid:
  	setting user sid S-1-5-21-1686530679-3929198075-576801238-66824 from rid 66824
[2005/12/05 17:56:53, 3] smbd/sec_ctx.c:(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/12/05 17:56:53, 3] smbd/uid.c:(388)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/12/05 17:56:53, 3] smbd/sec_ctx.c:(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/12/05 17:56:53, 5] auth/auth_util.c:(452)
  NT user token: (NULL)
[2005/12/05 17:56:53, 5] auth/auth_util.c:(473)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/12/05 17:56:53, 3] smbd/sec_ctx.c:(386)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(580)
  pdb_set_group_sid: setting group sid S-1-5-21-1686530679-3929198075-576801238-1201
[2005/12/05 17:56:53, 10] passdb/pdb_compat.c:(100)
  pdb_set_group_sid_from_rid:
  	setting group sid S-1-5-21-1686530679-3929198075-576801238-1201 from rid 1201
[2005/12/05 17:56:53, 4] lib/substitute.c:(337)
  Home server: hrz_smb
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(752)
  pdb_set_profile_path: setting profile path \\hrz_smb\ratzka\profile, was 
[2005/12/05 17:56:53, 4] lib/substitute.c:(337)
  Home server: hrz_smb
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(806)
  pdb_set_homedir: setting home dir \\hrz_smb\ratzka, was 
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(779)
  pdb_set_dir_drive: setting dir drive , was NULL
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(725)
  pdb_set_logon_script: setting logon script , was 
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(671)
  pdb_set_nt_username: setting nt username ratzka, was 
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(617)
  pdb_set_username: setting username ratzka, was ratzka
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(644)
  pdb_set_domain: setting domain HRZ, was HRZ_SMB
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(544)
  pdb_set_user_sid: setting user sid S-1-5-21-1094416372-1898981851-927750060-1008
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(580)
  pdb_set_group_sid: setting group sid S-1-5-21-1094416372-1898981851-927750060-513
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(698)
  pdb_set_full_name: setting full name , was Wolfgang Ratzka, HRZ, x5876
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(725)
  pdb_set_logon_script: setting logon script , was 
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(752)
  pdb_set_profile_path: setting profile path , was \\hrz_smb\ratzka\profile
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(806)
  pdb_set_homedir: setting home dir , was \\hrz_smb\ratzka
[2005/12/05 17:56:53, 10] passdb/pdb_get_set.c:(779)
  pdb_set_dir_drive: setting dir drive , was 
[2005/12/05 17:56:53, 3] smbd/sec_ctx.c:(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/12/05 17:56:53, 3] smbd/uid.c:(388)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/12/05 17:56:53, 3] smbd/sec_ctx.c:(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/12/05 17:56:53, 5] auth/auth_util.c:(452)
  NT user token: (NULL)
[2005/12/05 17:56:53, 5] auth/auth_util.c:(473)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups
[2005/12/05 17:56:53, 10] lib/system_smbd.c:(116)
  sys_getgrouplist: user [ratzka]
[2005/12/05 17:56:53, 10] lib/system_smbd.c:(125)
  sys_getgrouplist(): disabled winbindd for group lookup [user == ratzka]
[2005/12/05 17:56:53, 3] smbd/sec_ctx.c:(256)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
[2005/12/05 17:56:53, 3] smbd/uid.c:(388)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 1
[2005/12/05 17:56:53, 3] smbd/sec_ctx.c:(288)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
[2005/12/05 17:56:53, 5] auth/auth_util.c:(452)
  NT user token: (NULL)
[2005/12/05 17:56:53, 5] auth/auth_util.c:(473)
  UNIX token of user 0
  Primary group is 0 and contains 0 supplementary groups