The Samba-Bugzilla – Attachment 196 Details for
Bug 609
With ldapsam, if a group exists matching a user account, samba looks up group using the user SID
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
Log extracts and user/group details
samba-3.0.1pre1-wrong-sid-lookup.log (text/plain), 14.19 KB, created by
Buchan Milne
on 2003-10-13 08:17:01 UTC
(
hide
)
Description:
Log extracts and user/group details
Filename:
MIME Type:
Creator:
Buchan Milne
Created:
2003-10-13 08:17:01 UTC
Size:
14.19 KB
patch
obsolete
>Extract from log: > >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint32(635) > 001c type[00] : 00000001 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_ntstatus(665) > 0020 status: NT_STATUS_OK >[2003/10/13 10:45:11, 5] rpc_server/srv_pipe.c:api_rpcTNP(1543) > api_rpcTNP: called samr successfully >[2003/10/13 10:45:11, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(544) > free_pipe_context: destroying talloc pool of size 48 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_debug(82) > 000000 smb_io_rpc_hdr hdr >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0000 major : 05 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0001 minor : 00 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0002 pkt_type : 02 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0003 flags : 03 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0004 pack_type0: 10 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0005 pack_type1: 00 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0006 pack_type2: 00 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0007 pack_type3: 00 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint16(606) > 0008 frag_len : 003c >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint16(606) > 000a auth_len : 0000 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint32(635) > 000c call_id : 000000e2 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_debug(82) > 000010 smb_io_rpc_hdr_resp resp >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint32(635) > 0010 alloc_hint: 00000024 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint16(606) > 0014 context_id: 0000 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0016 cancel_ct : 00 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0017 reserved : 00 >[2003/10/13 10:45:11, 5] smbd/ipc.c:copy_trans_params_and_data(62) > copy_trans_params_and_data: params[0..0] data[0..60] >[2003/10/13 10:45:11, 5] lib/util.c:show_msg(456) >[2003/10/13 10:45:11, 5] lib/util.c:show_msg(466) > size=116 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51201 > smb_tid=1 > smb_pid=708 > smb_uid=100 > smb_mid=16577 > smt_wct=10 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 60 (0x3C) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 60 (0x3C) > smb_vwv[ 7]= 56 (0x38) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=61 >[2003/10/13 10:45:11, 3] smbd/process.c:process_smb(890) > Transaction 261 of length 140 >[2003/10/13 10:45:11, 5] lib/util.c:show_msg(456) >[2003/10/13 10:45:11, 5] lib/util.c:show_msg(466) > size=136 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51207 > smb_tid=1 > smb_pid=708 > smb_uid=100 > smb_mid=16640 > smt_wct=16 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 52 (0x34) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 1024 (0x400) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 84 (0x54) > smb_vwv[11]= 52 (0x34) > smb_vwv[12]= 84 (0x54) > smb_vwv[13]= 2 (0x2) > smb_vwv[14]= 38 (0x26) > smb_vwv[15]=30184 (0x75E8) > smb_bcc=69 >[2003/10/13 10:45:11, 3] smbd/process.c:switch_message(685) > switch message SMBtrans (pid 12508) >[2003/10/13 10:45:11, 4] smbd/uid.c:change_to_user(122) > change_to_user: Skipping user change - already user >[2003/10/13 10:45:11, 3] smbd/ipc.c:reply_trans(514) > trans <\PIPE\> data=52 params=0 setup=2 >[2003/10/13 10:45:11, 5] smbd/ipc.c:reply_trans(533) > calling named_pipe >[2003/10/13 10:45:11, 3] smbd/ipc.c:named_pipe(326) > named pipe command on <> name >[2003/10/13 10:45:11, 5] smbd/ipc.c:api_fd_reply(267) > api_fd_reply >[2003/10/13 10:45:11, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1151) > search for pipe pnum=75e8 >[2003/10/13 10:45:11, 5] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1155) > pipe name lsarpc pnum=75e9 (pipes_open=2) >[2003/10/13 10:45:11, 5] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1155) > pipe name samr pnum=75e8 (pipes_open=2) >[2003/10/13 10:45:11, 3] smbd/ipc.c:api_fd_reply(288) > Got API command 0x26 on pipe "samr" (pnum 75e8)000000 smb_io_rpc_hdr >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0000 major : 05 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0001 minor : 00 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0002 pkt_type : 00 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0003 flags : 03 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0004 pack_type0: 10 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0005 pack_type1: 00 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0006 pack_type2: 00 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0007 pack_type3: 00 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint16(606) > 0008 frag_len : 0034 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint16(606) > 000a auth_len : 0000 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint32(635) > 000c call_id : 000000e3 >[2003/10/13 10:45:11, 5] rpc_server/srv_pipe_hnd.c:unmarshall_rpc_header(488) > unmarshall_rpc_header: using little-endian RPC >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_debug(82) > 000000 smb_io_rpc_hdr_req req >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint32(635) > 0000 alloc_hint: 0000001c >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint16(606) > 0004 context_id: 0000 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint16(606) > 0006 opnum : 0013 >[2003/10/13 10:45:11, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(544) > free_pipe_context: destroying talloc pool of size 0 >[2003/10/13 10:45:11, 5] rpc_server/srv_pipe.c:api_pipe_request(1462) > Requested \PIPE\samr >[2003/10/13 10:45:11, 4] rpc_server/srv_pipe.c:api_rpcTNP(1496) > api_rpcTNP: samr op 0x13 - api_rpcTNP: rpc command: SAMR_OPEN_GROUP >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_debug(82) > 000000 samr_io_q_open_group >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint32(635) > 0000 data1: 00000000 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint32(635) > 0004 data2: 00000010 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint16(606) > 0008 data3: 0000 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint16(606) > 000a data4: 0000 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8s(722) > 000c data5: 3b 65 8a 3f dc 30 00 00 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint32(635) > 0014 access_mask: 0000001f >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint32(635) > 0018 rid_group: 000007d2 >[2003/10/13 10:45:11, 4] rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162) > Found policy hnd[0] [000] 00 00 00 00 10 00 00 00 00 00 00 00 3B 65 8A 3F ........ ....;e.? > [010] DC 30 00 00 Ü0.. >[2003/10/13 10:45:11, 5] rpc_server/srv_samr_nt.c:access_check_samr_function(106) > _samr_open_group: access check ((granted: 0x000203f3; required: 0x00000200) >[2003/10/13 10:45:11, 3] lib/util_seaccess.c:se_access_check(251) >[2003/10/13 10:45:11, 3] lib/util_seaccess.c:se_access_check(252) > se_access_check: user sid is S-1-5-21-2244014245-3637982190-3323613867-1000 > se_access_check: also S-1-5-21-2244014245-3637982190-3323613867-1001 > se_access_check: also S-1-1-0 > se_access_check: also S-1-5-2 > se_access_check: also S-1-5-11 >[2003/10/13 10:45:11, 5] lib/util_seaccess.c:se_access_check(315) > se_access_check: access (1f) denied. >[2003/10/13 10:45:11, 4] rpc_server/srv_samr_nt.c:access_check_samr_object(87) > _samr_open_group: ACCESS should be DENIED (requested: 0x0000001f) > but overritten by euid == sec_initial_uid() >[2003/10/13 10:45:11, 2] passdb/pdb_ldap.c:ldapsam_search_one_group(1615) > ldapsam_search_one_group: searching for:[(&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-21-2244014245-3637982190-3323613867-2002))] >[2003/10/13 10:45:11, 4] passdb/pdb_ldap.c:ldapsam_getgroup(1760) > ldapsam_getgroup: Did not find group >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_debug(82) > 000000 samr_io_r_open_group >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint32(635) > 0000 data1: 00000000 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint32(635) > 0004 data2: 00000000 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint16(606) > 0008 data3: 0000 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint16(606) > 000a data4: 0000 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8s(722) > 000c data5: 00 00 00 00 00 00 00 00 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_ntstatus(665) > 0014 status: NT_STATUS_NO_SUCH_GROUP >[2003/10/13 10:45:11, 5] rpc_server/srv_pipe.c:api_rpcTNP(1543) > api_rpcTNP: called samr successfully >[2003/10/13 10:45:11, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(544) > free_pipe_context: destroying talloc pool of size 732 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_debug(82) > 000000 smb_io_rpc_hdr hdr >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0000 major : 05 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0001 minor : 00 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0002 pkt_type : 02 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0003 flags : 03 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0004 pack_type0: 10 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0005 pack_type1: 00 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0006 pack_type2: 00 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0007 pack_type3: 00 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint16(606) > 0008 frag_len : 0030 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint16(606) > 000a auth_len : 0000 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint32(635) > 000c call_id : 000000e3 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_debug(82) > 000010 smb_io_rpc_hdr_resp resp >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint32(635) > 0010 alloc_hint: 00000018 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint16(606) > 0014 context_id: 0000 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0016 cancel_ct : 00 >[2003/10/13 10:45:11, 5] rpc_parse/parse_prs.c:prs_uint8(577) > 0017 reserved : 00 >[2003/10/13 10:45:11, 5] smbd/ipc.c:copy_trans_params_and_data(62) > copy_trans_params_and_data: params[0..0] data[0..48] >[2003/10/13 10:45:11, 5] lib/util.c:show_msg(456) >[2003/10/13 10:45:11, 5] lib/util.c:show_msg(466) > size=104 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51201 > smb_tid=1 > smb_pid=708 > smb_uid=100 > smb_mid=16640 > smt_wct=10 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 48 (0x30) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 48 (0x30) > smb_vwv[ 7]= 56 (0x38) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=49 >[2003/10/13 10:46:11, 3] smbd/sec_ctx.c:set_sec_ctx(288) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2003/10/13 10:46:11, 5] auth/auth_util.c:debug_nt_user_token(486) > NT user token: (NULL) >[2003/10/13 10:46:11, 5] auth/auth_util.c:debug_unix_user_token(505) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2003/10/13 10:46:11, 5] smbd/uid.c:change_to_root_user(218) > change_to_root_user: now uid=(0,0) gid=(0,0) > > ># pdbedit3 -L -v -u bgmilne >Unix username: bgmilne >NT username: bgmilne >Account Flags: [U ] >User SID: S-1-5-21-2244014245-3637982190-3323613867-2002 >Primary Group SID: S-1-5-21-2244014245-3637982190-3323613867-512 >Full Name: Buchan Milne >Home Directory: \\%N\bgmilne >HomeDir Drive: Z: >Logon Script: >Profile Path: \\cm3-samba3\Profiles\bgmilne >Domain: CMDOM >Account desc: >Workstations: >Munged dial: >Logon time: Fri, 13 Dec 1901 22:45:51 GMT >Logoff time: Fri, 13 Dec 1901 22:45:51 GMT >Kickoff time: Fri, 13 Dec 1901 22:45:51 GMT >Password last set: Mon, 29 Sep 2003 11:54:34 GMT >Password can change: Mon, 29 Sep 2003 11:54:34 GMT >Password must change: Mon, 20 Oct 2003 11:54:34 GMT > ># net groupmap list verbose >bgmilne > SID : S-1-5-21-2244014245-3637982190-3323613867-2003 > Unix group: bgmilne > Group type: Domain group > Comment : >milne > SID : S-1-5-21-2244014245-3637982190-3323613867-2009 > Unix group: milne > Group type: Domain group > Comment : Local Unix group >mom > SID : S-1-5-21-2244014245-3637982190-3323613867-2011 > Unix group: mom > Group type: Domain group > Comment : >home > SID : S-1-5-21-2244014245-3637982190-3323613867-3001 > Unix group: home > Group type: Domain group > Comment : >Domain Admins > SID : S-1-5-21-2244014245-3637982190-3323613867-512 > Unix group: adm > Group type: Domain group > Comment : >Domain Users > SID : S-1-5-21-2244014245-3637982190-3323613867-513 > Unix group: users > Group type: Domain group > Comment : >Domain Guests > SID : S-1-5-21-2244014245-3637982190-3323613867-132069 > Unix group: nogroup > Group type: Domain group > Comment : >Machine accounts > SID : S-1-5-21-2244014245-3637982190-3323613867-1843 > Unix group: machines > Group type: Domain group > Comment : >usb > SID : S-1-5-21-2244014245-3637982190-3323613867-1087 > Unix group: usb > Group type: Domain group > Comment : >nttest > SID : S-1-5-21-2244014245-3637982190-3323613867-3005 > Unix group: nttest > Group type: Domain group > Comment : >root > SID : S-1-5-21-2244014245-3637982190-3323613867-1001 > Unix group: root > Group type: Domain group > Comment : Local Unix group > > ># getent group bgmilne milne mom home adm users nogroup machines usb nttest root >bgmilne:x:501:bgmilne >milne:x:504: >mom:x:505: >home:x:1000:mom,milne,bgmilne >adm:x:4:admin,ldap,bgmilne >users:x:100:bgmilne >nogroup:x:65534: >machines:x:421: >usb:x:43:bgmilne >nttest:x:1002: >root:x:0:
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=196">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 609
: 196