The Samba-Bugzilla – Attachment 16878 Details for
Bug 14883
smbclient login without password using '-N' fails with NT_STATUS_INVALID_PARAMETER on Samba AD DC
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
smbclient -d10 log
smbclient_N_d10 (text/plain), 11.53 KB, created by
Anoop C S
on 2021-10-27 11:06:13 UTC
(
hide
)
Description:
smbclient -d10 log
Filename:
MIME Type:
Creator:
Anoop C S
Created:
2021-10-27 11:06:13 UTC
Size:
11.53 KB
patch
obsolete
># smbclient -N -L 127.0.0.1 -d10 >INFO: Current debug levels: > all: 10 > tdb: 10 > printdrivers: 10 > lanman: 10 > smb: 10 > rpc_parse: 10 > rpc_srv: 10 > rpc_cli: 10 > passdb: 10 > sam: 10 > auth: 10 > winbind: 10 > vfs: 10 > idmap: 10 > quota: 10 > acls: 10 > locking: 10 > msdfs: 10 > dmapi: 10 > registry: 10 > scavenger: 10 > dns: 10 > ldb: 10 > tevent: 10 > auth_audit: 10 > auth_json_audit: 10 > kerberos: 10 > drs_repl: 10 > smb2: 10 > smb2_credits: 10 > dsdb_audit: 10 > dsdb_json_audit: 10 > dsdb_password_audit: 10 > dsdb_password_json_audit: 10 > dsdb_transaction_audit: 10 > dsdb_transaction_json_audit: 10 > dsdb_group_audit: 10 > dsdb_group_json_audit: 10 >lp_load_ex: refreshing parameters >Initialising global parameters >rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) >INFO: Current debug levels: > all: 10 > tdb: 10 > printdrivers: 10 > lanman: 10 > smb: 10 > rpc_parse: 10 > rpc_srv: 10 > rpc_cli: 10 > passdb: 10 > sam: 10 > auth: 10 > winbind: 10 > vfs: 10 > idmap: 10 > quota: 10 > acls: 10 > locking: 10 > msdfs: 10 > dmapi: 10 > registry: 10 > scavenger: 10 > dns: 10 > ldb: 10 > tevent: 10 > auth_audit: 10 > auth_json_audit: 10 > kerberos: 10 > drs_repl: 10 > smb2: 10 > smb2_credits: 10 > dsdb_audit: 10 > dsdb_json_audit: 10 > dsdb_password_audit: 10 > dsdb_password_json_audit: 10 > dsdb_transaction_audit: 10 > dsdb_transaction_json_audit: 10 > dsdb_group_audit: 10 > dsdb_group_json_audit: 10 >Processing section "[global]" >doing parameter dns forwarder = 192.168.1.1 >doing parameter netbios name = DC1 >doing parameter realm = DOMAIN1.SINK.TEST >doing parameter server role = active directory domain controller >doing parameter workgroup = DOMAIN1 >doing parameter idmap_ldb:use rfc2307 = yes >pm_process() returned Yes >lp_servicenumber: couldn't find homes >added interface eth0 ip=172.17.0.2 bcast=172.17.255.255 netmask=255.255.0.0 >Client started (version 4.16.0pre1-UNKNOWN). >Connecting to 127.0.0.1 at port 445 >socket options: SO_KEEPALIVE=0, SO_REUSEADDR=0, SO_BROADCAST=0, TCP_NODELAY=1, TCP_KEEPCNT=9, TCP_KEEPIDLE=7200, TCP_KEEPINTVL=75, IPTOS_LOWDELAY=0, IPTOS_THROUGHPUT=0, SO_REUSEPORT=0, SO_SNDBUF=2626560, SO_RCVBUF=131072, SO_SNDLOWAT=1, SO_RCVLOWAT=1, SO_SNDTIMEO=0, SO_RCVTIMEO=0, TCP_QUICKACK=1, TCP_DEFER_ACCEPT=0, TCP_USER_TIMEOUT=0 > session request ok > negotiated dialect[SMB3_11] against server[127.0.0.1] >cli_session_setup_spnego_send: Connect to 127.0.0.1 as (null) using SPNEGO >GENSEC backend 'gssapi_spnego' registered >GENSEC backend 'gssapi_krb5' registered >GENSEC backend 'gssapi_krb5_sasl' registered >GENSEC backend 'spnego' registered >GENSEC backend 'schannel' registered >GENSEC backend 'naclrpc_as_system' registered >GENSEC backend 'sasl-EXTERNAL' registered >GENSEC backend 'ntlmssp' registered >GENSEC backend 'ntlmssp_resume_ccache' registered >GENSEC backend 'http_basic' registered >GENSEC backend 'http_ntlm' registered >GENSEC backend 'http_negotiate' registered >GENSEC backend 'krb5' registered >GENSEC backend 'fake_gssapi_krb5' registered >Starting GENSEC mechanism spnego >Starting GENSEC submechanism gse_krb5 >Cannot do GSE to an IP address >Failed to start GENSEC client mech gse_krb5: NT_STATUS_INVALID_PARAMETER >Starting GENSEC submechanism ntlmssp > negotiate: struct NEGOTIATE_MESSAGE > Signature : 'NTLMSSP' > MessageType : NtLmNegotiate (1) > NegotiateFlags : 0x62088215 (1644724757) > 1: NTLMSSP_NEGOTIATE_UNICODE > 0: NTLMSSP_NEGOTIATE_OEM > 1: NTLMSSP_REQUEST_TARGET > 1: NTLMSSP_NEGOTIATE_SIGN > 0: NTLMSSP_NEGOTIATE_SEAL > 0: NTLMSSP_NEGOTIATE_DATAGRAM > 0: NTLMSSP_NEGOTIATE_LM_KEY > 0: NTLMSSP_NEGOTIATE_NETWARE > 1: NTLMSSP_NEGOTIATE_NTLM > 0: NTLMSSP_NEGOTIATE_NT_ONLY > 0: NTLMSSP_ANONYMOUS > 0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED > 0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED > 0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL > 1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN > 0: NTLMSSP_TARGET_TYPE_DOMAIN > 0: NTLMSSP_TARGET_TYPE_SERVER > 0: NTLMSSP_TARGET_TYPE_SHARE > 1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY > 0: NTLMSSP_NEGOTIATE_IDENTIFY > 0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY > 0: NTLMSSP_NEGOTIATE_TARGET_INFO > 1: NTLMSSP_NEGOTIATE_VERSION > 1: NTLMSSP_NEGOTIATE_128 > 1: NTLMSSP_NEGOTIATE_KEY_EXCH > 0: NTLMSSP_NEGOTIATE_56 > DomainNameLen : 0x0000 (0) > DomainNameMaxLen : 0x0000 (0) > DomainName : * > DomainName : '' > WorkstationLen : 0x0000 (0) > WorkstationMaxLen : 0x0000 (0) > Workstation : * > Workstation : '' > Version: struct ntlmssp_VERSION > ProductMajorVersion : NTLMSSP_WINDOWS_MAJOR_VERSION_6 (6) > ProductMinorVersion : NTLMSSP_WINDOWS_MINOR_VERSION_1 (1) > ProductBuild : 0x0000 (0) > Reserved: ARRAY(3) > [0] : 0x00 (0) > [1] : 0x00 (0) > [2] : 0x00 (0) > NTLMRevisionCurrent : NTLMSSP_REVISION_W2K3 (15) >gensec_update_send: ntlmssp[0x564efbeea360]: subreq: 0x564efbed1830 >gensec_update_send: spnego[0x564efbee7960]: subreq: 0x564efbee9600 >gensec_update_done: ntlmssp[0x564efbeea360]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0x564efbed1830/../../auth/ntlmssp/ntlmssp.c:180]: state[2] error[0 (0x0)] state[struct gensec_ntlmssp_update_state (0x564efbed19f0)] timer[(nil)] finish[../../auth/ntlmssp/ntlmssp.c:215] >gensec_update_done: spnego[0x564efbee7960]: NT_STATUS_MORE_PROCESSING_REQUIRED tevent_req[0x564efbee9600/../../auth/gensec/spnego.c:1631]: state[2] error[0 (0x0)] state[struct gensec_spnego_update_state (0x564efbee97c0)] timer[(nil)] finish[../../auth/gensec/spnego.c:2116] >Got challenge flags: >Got NTLMSSP neg_flags=0x62898215 > NTLMSSP_NEGOTIATE_UNICODE > NTLMSSP_REQUEST_TARGET > NTLMSSP_NEGOTIATE_SIGN > NTLMSSP_NEGOTIATE_NTLM > NTLMSSP_NEGOTIATE_ALWAYS_SIGN > NTLMSSP_TARGET_TYPE_DOMAIN > NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY > NTLMSSP_NEGOTIATE_TARGET_INFO > NTLMSSP_NEGOTIATE_VERSION > NTLMSSP_NEGOTIATE_128 > NTLMSSP_NEGOTIATE_KEY_EXCH > challenge: struct CHALLENGE_MESSAGE > Signature : 'NTLMSSP' > MessageType : NtLmChallenge (0x2) > TargetNameLen : 0x000e (14) > TargetNameMaxLen : 0x000e (14) > TargetName : * > TargetName : 'DOMAIN1' > NegotiateFlags : 0x62898215 (1653178901) > 1: NTLMSSP_NEGOTIATE_UNICODE > 0: NTLMSSP_NEGOTIATE_OEM > 1: NTLMSSP_REQUEST_TARGET > 1: NTLMSSP_NEGOTIATE_SIGN > 0: NTLMSSP_NEGOTIATE_SEAL > 0: NTLMSSP_NEGOTIATE_DATAGRAM > 0: NTLMSSP_NEGOTIATE_LM_KEY > 0: NTLMSSP_NEGOTIATE_NETWARE > 1: NTLMSSP_NEGOTIATE_NTLM > 0: NTLMSSP_NEGOTIATE_NT_ONLY > 0: NTLMSSP_ANONYMOUS > 0: NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED > 0: NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED > 0: NTLMSSP_NEGOTIATE_THIS_IS_LOCAL_CALL > 1: NTLMSSP_NEGOTIATE_ALWAYS_SIGN > 1: NTLMSSP_TARGET_TYPE_DOMAIN > 0: NTLMSSP_TARGET_TYPE_SERVER > 0: NTLMSSP_TARGET_TYPE_SHARE > 1: NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY > 0: NTLMSSP_NEGOTIATE_IDENTIFY > 0: NTLMSSP_REQUEST_NON_NT_SESSION_KEY > 1: NTLMSSP_NEGOTIATE_TARGET_INFO > 1: NTLMSSP_NEGOTIATE_VERSION > 1: NTLMSSP_NEGOTIATE_128 > 1: NTLMSSP_NEGOTIATE_KEY_EXCH > 0: NTLMSSP_NEGOTIATE_56 > ServerChallenge : b3b45d6f9c134fa1 > Reserved : 0000000000000000 > TargetInfoLen : 0x0080 (128) > TargetInfoMaxLen : 0x0080 (128) > TargetInfo : * > TargetInfo: struct AV_PAIR_LIST > count : 0x00000006 (6) > pair: ARRAY(6) > pair: struct AV_PAIR > AvId : MsvAvNbDomainName (0x2) > AvLen : 0x000e (14) > Value : union ntlmssp_AvValue(case 0x2) > AvNbDomainName : 'DOMAIN1' > pair: struct AV_PAIR > AvId : MsvAvNbComputerName (0x1) > AvLen : 0x0006 (6) > Value : union ntlmssp_AvValue(case 0x1) > AvNbComputerName : 'DC1' > pair: struct AV_PAIR > AvId : MsvAvDnsDomainName (0x4) > AvLen : 0x0022 (34) > Value : union ntlmssp_AvValue(case 0x4) > AvDnsDomainName : 'domain1.sink.test' > pair: struct AV_PAIR > AvId : MsvAvDnsComputerName (0x3) > AvLen : 0x002a (42) > Value : union ntlmssp_AvValue(case 0x3) > AvDnsComputerName : 'dc1.domain1.sink.test' > pair: struct AV_PAIR > AvId : MsvAvTimestamp (0x7) > AvLen : 0x0008 (8) > Value : union ntlmssp_AvValue(case 0x7) > AvTimestamp : Wed Oct 27 11:01:08 2021 UTC > pair: struct AV_PAIR > AvId : MsvAvEOL (0x0) > AvLen : 0x0000 (0) > Value : union ntlmssp_AvValue(case 0x0) > Version: struct ntlmssp_VERSION > ProductMajorVersion : NTLMSSP_WINDOWS_MAJOR_VERSION_6 (0x6) > ProductMinorVersion : NTLMSSP_WINDOWS_MINOR_VERSION_1 (0x1) > ProductBuild : 0x0000 (0) > Reserved : 000000 > NTLMRevisionCurrent : NTLMSSP_REVISION_W2K3 (0xF) >User is NULL, returning INVALID_PARAMETER >gensec_update_send: ntlmssp[0x564efbeea360]: subreq: 0x564efbee5be0 >gensec_update_send: spnego[0x564efbee7960]: subreq: 0x564efbeecce0 >gensec_update_done: ntlmssp[0x564efbeea360]: NT_STATUS_INVALID_PARAMETER tevent_req[0x564efbee5be0/../../auth/ntlmssp/ntlmssp.c:180]: state[3] error[-7963671676338569203 (0x917B5ACDC000000D)] state[struct gensec_ntlmssp_update_state (0x564efbee5da0)] timer[(nil)] finish[../../auth/ntlmssp/ntlmssp.c:218] >gensec_spnego_client_negTokenTarg_step: SPNEGO(ntlmssp) login failed: NT_STATUS_INVALID_PARAMETER >gensec_update_done: spnego[0x564efbee7960]: NT_STATUS_INVALID_PARAMETER tevent_req[0x564efbeecce0/../../auth/gensec/spnego.c:1631]: state[3] error[-7963671676338569203 (0x917B5ACDC000000D)] state[struct gensec_spnego_update_state (0x564efbeecea0)] timer[(nil)] finish[../../auth/gensec/spnego.c:2039] >SPNEGO login failed: An invalid parameter was passed to a service or function. >session setup failed: NT_STATUS_INVALID_PARAMETER
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=16878">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 14883
: 16878 |
16990
|
16991