Maximum core file size limits now 16777216(soft) -1(hard) get_current_groups: user is in 1 groups: 0 smbd version 3.2.1-0.1.126-1867-SUSE-SL11.0 started. Copyright Andrew Tridgell and the Samba Team 1992-2008 uid=0 gid=0 euid=0 egid=0 Build environment: Built by: abuild@adalid.suse.de Built on: Tue Aug 5 21:40:11 UTC 2008 Built using: gcc Build host: Linux adalid.suse.de 2.6.25 #1 SMP 2008-07-17 18:46:12 +0200 i686 athlon i386 GNU/Linux SRCDIR: /usr/src/packages/BUILD/samba-3.2.1/source BUILDDIR: /usr/src/packages/BUILD/samba-3.2.1/source Paths: SBINDIR: /usr/sbin BINDIR: /usr/bin SWATDIR: /usr/share/samba/swat CONFIGFILE: /etc/samba/smb.conf LOGFILEBASE: /var/log/samba LMHOSTSFILE: /etc/samba/lmhosts LIBDIR: /usr/lib/samba SHLIBEXT: so LOCKDIR: /var/lib/samba PIDDIR: /var/run/samba SMB_PASSWD_FILE: /etc/samba/smbpasswd PRIVATE_DIR: /etc/samba System Headers: HAVE_SYS_ACL_H HAVE_SYS_CDEFS_H HAVE_SYS_FCNTL_H HAVE_SYS_IOCTL_H HAVE_SYS_IPC_H HAVE_SYS_MMAN_H HAVE_SYS_MOUNT_H HAVE_SYS_PARAM_H HAVE_SYS_PRCTL_H HAVE_SYS_QUOTA_H HAVE_SYS_RESOURCE_H HAVE_SYS_SELECT_H HAVE_SYS_SHM_H HAVE_SYS_SOCKET_H HAVE_SYS_STATFS_H HAVE_SYS_STATVFS_H HAVE_SYS_STAT_H HAVE_SYS_SYSCALL_H HAVE_SYS_SYSLOG_H HAVE_SYS_SYSMACROS_H HAVE_SYS_TIME_H HAVE_SYS_TYPES_H HAVE_SYS_UIO_H HAVE_SYS_UNISTD_H HAVE_SYS_UN_H HAVE_SYS_VFS_H HAVE_SYS_WAIT_H HAVE_SYS_XATTR_H Headers: HAVE_ACL_LIBACL_H HAVE_AIO_H HAVE_ALLOCA_H HAVE_ARPA_INET_H HAVE_ASM_TYPES_H HAVE_ASM_UNISTD_H HAVE_ATTR_XATTR_H HAVE_CTYPE_H HAVE_DIRENT_H HAVE_DLFCN_H HAVE_EXECINFO_H HAVE_FCNTL_H HAVE_FLOAT_H HAVE_FNMATCH_H HAVE_GLOB_H HAVE_GRP_H HAVE_GSSAPI_GSSAPI_GENERIC_H HAVE_GSSAPI_GSSAPI_H HAVE_GSSAPI_H HAVE_IFADDRS_H HAVE_KEYUTILS_H HAVE_KRB5_H HAVE_KRB5_LOCATE_PLUGIN_H HAVE_LANGINFO_H HAVE_LASTLOG_H HAVE_LBER_H HAVE_LDAP_H HAVE_LIMITS_H HAVE_LINUX_DQBLK_XFS_H HAVE_LINUX_INOTIFY_H HAVE_LOCALE_H HAVE_MEMORY_H HAVE_MNTENT_H HAVE_NETDB_H HAVE_NETINET_IN_H HAVE_NETINET_IN_SYSTM_H HAVE_NETINET_IP_H HAVE_NETINET_TCP_H HAVE_NET_IF_H HAVE_NSS_H HAVE_PTHREAD_H HAVE_PWD_H HAVE_READLINE_HISTORY_H HAVE_READLINE_READLINE_H HAVE_RPCSVC_NIS_H HAVE_RPCSVC_YPCLNT_H HAVE_RPCSVC_YP_PROT_H HAVE_RPC_RPC_H HAVE_SECURITY_PAM_APPL_H HAVE_SECURITY_PAM_EXT_H HAVE_SECURITY_PAM_MODULES_H HAVE_SECURITY__PAM_MACROS_H HAVE_SETJMP_H HAVE_SHADOW_H HAVE_STDARG_H HAVE_STDBOOL_H HAVE_STDINT_H HAVE_STDIO_H HAVE_STDLIB_H HAVE_STRINGS_H HAVE_STRING_H HAVE_STROPTS_H HAVE_SYSCALL_H HAVE_SYSLOG_H HAVE_TERMIOS_H HAVE_TERMIO_H HAVE_TIME_H HAVE_UNISTD_H HAVE_UTIME_H HAVE_UUID_UUID_H UTMP Options: HAVE_GETUTMPX HAVE_UTMPX_H HAVE_UTMP_H HAVE_UT_UT_ADDR HAVE_UT_UT_ADDR_V6 HAVE_UT_UT_EXIT HAVE_UT_UT_HOST HAVE_UT_UT_ID HAVE_UT_UT_NAME HAVE_UT_UT_PID HAVE_UT_UT_TIME HAVE_UT_UT_TV HAVE_UT_UT_TYPE HAVE_UT_UT_USER PUTUTLINE_RETURNS_UTMP WITH_UTMP HAVE_* Defines: HAVE_ADDRTYPE_IN_KRB5_ADDRESS HAVE_AP_OPTS_USE_SUBKEY HAVE_ASPRINTF HAVE_ATEXIT HAVE_BACKTRACE_SYMBOLS HAVE_BER_SCANF HAVE_BER_SOCKBUF_ADD_IO HAVE_BOOL HAVE_BZERO HAVE_C99_VSNPRINTF HAVE_CHMOD HAVE_CHOWN HAVE_CHROOT HAVE_COMPARISON_FN_T HAVE_COMPILER_WILL_OPTIMIZE_OUT_FNS HAVE_CONNECT HAVE_CREAT64 HAVE_CRYPT HAVE_CUPS HAVE_DECL_ASPRINTF HAVE_DECL_RL_EVENT_HOOK HAVE_DECL_SNPRINTF HAVE_DECL_VASPRINTF HAVE_DECL_VSNPRINTF HAVE_DEVICE_MAJOR_FN HAVE_DEVICE_MINOR_FN HAVE_DIRENT_D_OFF HAVE_DIRFD HAVE_DLCLOSE HAVE_DLERROR HAVE_DLOPEN HAVE_DLSYM HAVE_DUP2 HAVE_ENDMNTENT HAVE_ENDNETGRENT HAVE_ERRNO_DECL HAVE_EXECL HAVE_EXPLICIT_LARGEFILE_SUPPORT HAVE_FCHMOD HAVE_FCHOWN HAVE_FCNTL_LOCK HAVE_FCVT HAVE_FDATASYNC HAVE_FGETXATTR HAVE_FLISTXATTR HAVE_FOPEN64 HAVE_FREEADDRINFO HAVE_FREEIFADDRS HAVE_FREMOVEXATTR HAVE_FSEEKO64 HAVE_FSETXATTR HAVE_FSID_INT HAVE_FSTAT HAVE_FSTAT64 HAVE_FSYNC HAVE_FTELLO64 HAVE_FTRUNCATE HAVE_FTRUNCATE64 HAVE_FTRUNCATE_EXTEND HAVE_FUNCTION_MACRO HAVE_GAI_STRERROR HAVE_GETADDRINFO HAVE_GETCWD HAVE_GETDIRENTRIES HAVE_GETGRENT HAVE_GETGRENT_R HAVE_GETGRENT_R_DECL HAVE_GETGRGID_R HAVE_GETGRNAM HAVE_GETGRNAM_R HAVE_GETGROUPLIST HAVE_GETHOSTBYNAME HAVE_GETIFADDRS HAVE_GETMNTENT HAVE_GETNAMEINFO HAVE_GETNETGRENT HAVE_GETPAGESIZE HAVE_GETPGRP HAVE_GETPWENT_R HAVE_GETPWENT_R_DECL HAVE_GETPWNAM_R HAVE_GETPWUID_R HAVE_GETRLIMIT HAVE_GETSPNAM HAVE_GETTIMEOFDAY_TZ HAVE_GETXATTR HAVE_GLOB HAVE_GRANTPT HAVE_GSSAPI HAVE_GSS_DISPLAY_STATUS HAVE_HISTORY_LIST HAVE_HSTRERROR HAVE_ICONV HAVE_IFACE_GETIFADDRS HAVE_IF_NAMETOINDEX HAVE_IMMEDIATE_STRUCTURES HAVE_INET_ATON HAVE_INET_NTOA HAVE_INET_NTOP HAVE_INET_PTON HAVE_INITGROUPS HAVE_INITIALIZE_KRB5_ERROR_TABLE HAVE_INNETGR HAVE_INOTIFY HAVE_INOTIFY_INIT HAVE_IPRINT HAVE_IPV6 HAVE_ISATTY HAVE_KERNEL_CHANGE_NOTIFY HAVE_KERNEL_OPLOCKS_LINUX HAVE_KERNEL_SHARE_MODES HAVE_KRB5 HAVE_KRB5_AUTH_CON_SETUSERUSERKEY HAVE_KRB5_C_ENCTYPE_COMPARE HAVE_KRB5_C_VERIFY_CHECKSUM HAVE_KRB5_ENCRYPT_BLOCK HAVE_KRB5_ENCRYPT_DATA HAVE_KRB5_ENCTYPE_TO_STRING HAVE_KRB5_ENCTYPE_TO_STRING_WITH_SIZE_T_ARG HAVE_KRB5_FREE_DATA_CONTENTS HAVE_KRB5_FREE_KEYTAB_ENTRY_CONTENTS HAVE_KRB5_FREE_UNPARSED_NAME HAVE_KRB5_GET_INIT_CREDS_OPT_ALLOC HAVE_KRB5_GET_INIT_CREDS_OPT_FREE HAVE_KRB5_GET_PERMITTED_ENCTYPES HAVE_KRB5_GET_RENEWED_CREDS HAVE_KRB5_KEYBLOCK_IN_CREDS HAVE_KRB5_KEYTAB_ENTRY_KEY HAVE_KRB5_KEYUSAGE_APP_DATA_CKSUM HAVE_KRB5_KT_FREE_ENTRY HAVE_KRB5_LOCATE_KDC HAVE_KRB5_MK_REQ_EXTENDED HAVE_KRB5_PRINCIPAL2SALT HAVE_KRB5_PRINC_COMPONENT HAVE_KRB5_PRINC_REALM HAVE_KRB5_SET_DEFAULT_TGS_ENCTYPES HAVE_KRB5_SET_DEFAULT_TGS_KTYPES HAVE_KRB5_SET_REAL_TIME HAVE_KRB5_STRING_TO_KEY HAVE_KRB5_TKT_ENC_PART2 HAVE_KRB5_USE_ENCTYPE HAVE_KRB5_VERIFY_CHECKSUM HAVE_KV5M_KEYTAB HAVE_LBER_LOG_PRINT_FN HAVE_LCHOWN HAVE_LDAP HAVE_LDAP_ADD_RESULT_ENTRY HAVE_LDAP_INIT HAVE_LDAP_INITIALIZE HAVE_LDAP_SASL_WRAPPING HAVE_LDAP_SET_REBIND_PROC HAVE_LGETXATTR HAVE_LIBCOM_ERR HAVE_LIBGSSAPI_KRB5 HAVE_LIBK5CRYPTO HAVE_LIBKRB5 HAVE_LIBLBER HAVE_LIBLDAP HAVE_LIBNSCD HAVE_LIBPAM HAVE_LIBREADLINE HAVE_LIBRESOLV HAVE_LINK HAVE_LINUX_READAHEAD HAVE_LINUX_SPLICE HAVE_LINUX_XFS_QUOTAS HAVE_LISTXATTR HAVE_LLISTXATTR HAVE_LLSEEK HAVE_LONGLONG HAVE_LONG_LONG HAVE_LREMOVEXATTR HAVE_LSEEK64 HAVE_LSETXATTR HAVE_LSTAT HAVE_LSTAT64 HAVE_MAGIC_IN_KRB5_ADDRESS HAVE_MAKEDEV HAVE_MEMALIGN HAVE_MEMCPY HAVE_MEMMOVE HAVE_MEMSET HAVE_MKDIR_MODE HAVE_MKDTEMP HAVE_MKNOD HAVE_MKTIME HAVE_MLOCK HAVE_MLOCKALL HAVE_MMAP HAVE_MSGHDR_MSG_CONTROL HAVE_MUNLOCK HAVE_MUNLOCKALL HAVE_NANOSLEEP HAVE_NATIVE_ICONV HAVE_NEW_LIBREADLINE HAVE_NL_LANGINFO HAVE_NO_AIO HAVE_NSCD_FLUSH_CACHE HAVE_OPEN64 HAVE_PAM_GET_DATA HAVE_PAM_VSYSLOG HAVE_PATHCONF HAVE_PEERCRED HAVE_PIPE HAVE_POLL HAVE_POSIX_ACLS HAVE_POSIX_FADVISE HAVE_POSIX_MEMALIGN HAVE_PRCTL HAVE_PREAD HAVE_PREAD64 HAVE_PRINTF HAVE_PTHREAD HAVE_PUTUTLINE HAVE_PUTUTXLINE HAVE_PWRITE HAVE_PWRITE64 HAVE_QUOTACTL_LINUX HAVE_RAND HAVE_RANDOM HAVE_READAHEAD_DECL HAVE_READDIR64 HAVE_READLINK HAVE_REALPATH HAVE_REMOVEXATTR HAVE_RENAME HAVE_SA_FAMILY_T HAVE_SECURE_MKSTEMP HAVE_SELECT HAVE_SENDFILE64 HAVE_SETBUFFER HAVE_SETEGID HAVE_SETENV HAVE_SETENV_DECL HAVE_SETEUID HAVE_SETGROUPS HAVE_SETLINEBUF HAVE_SETLOCALE HAVE_SETMNTENT HAVE_SETNETGRENT HAVE_SETPGID HAVE_SETRESGID HAVE_SETRESGID_DECL HAVE_SETRESUID HAVE_SETRESUID_DECL HAVE_SETSID HAVE_SETXATTR HAVE_SHMGET HAVE_SHORT_KRB5_MK_ERROR_INTERFACE HAVE_SIGACTION HAVE_SIGBLOCK HAVE_SIGPROCMASK HAVE_SIGSET HAVE_SIG_ATOMIC_T_TYPE HAVE_SNPRINTF HAVE_SOCKETPAIR HAVE_SOCKLEN_T HAVE_SPLICE_DECL HAVE_SRAND HAVE_SRANDOM HAVE_SS_FAMILY HAVE_STAT64 HAVE_STAT_HIRES_TIMESTAMPS HAVE_STAT_ST_ATIM HAVE_STAT_ST_BLKSIZE HAVE_STAT_ST_BLOCKS HAVE_STAT_ST_CTIM HAVE_STAT_ST_MTIM HAVE_STRCASECMP HAVE_STRCASESTR HAVE_STRCHR HAVE_STRDUP HAVE_STRERROR HAVE_STRFTIME HAVE_STRNDUP HAVE_STRNLEN HAVE_STRPBRK HAVE_STRSIGNAL HAVE_STRTOK_R HAVE_STRTOL HAVE_STRTOLL HAVE_STRTOQ HAVE_STRTOUL HAVE_STRTOULL HAVE_STRTOUQ HAVE_STRUCT_ADDRINFO HAVE_STRUCT_DIRENT64 HAVE_STRUCT_FLOCK64 HAVE_STRUCT_IFADDRS HAVE_STRUCT_SOCKADDR HAVE_STRUCT_SOCKADDR_IN6 HAVE_STRUCT_SOCKADDR_STORAGE HAVE_STRUCT_STAT_ST_RDEV HAVE_STRUCT_TIMESPEC HAVE_ST_RDEV HAVE_SYMLINK HAVE_SYSCONF HAVE_SYSLOG HAVE_SYS_QUOTAS HAVE_TICKET_POINTER_IN_KRB5_AP_REQ HAVE_TIMEGM HAVE_UNIXSOCKET HAVE_UNSETENV HAVE_UPDWTMP HAVE_UPDWTMPX HAVE_USLEEP HAVE_UTIMBUF HAVE_UTIME HAVE_UTIMES HAVE_VASPRINTF HAVE_VA_COPY HAVE_VOLATILE HAVE_VSNPRINTF HAVE_VSYSLOG HAVE_WAITPID HAVE_WRFILE_KEYTAB HAVE_XFS_QUOTAS HAVE_YP_GET_DEFAULT_DOMAIN HAVE__Bool HAVE__ET_LIST HAVE__VA_ARGS__MACRO HAVE___CLOSE HAVE___DUP2 HAVE___FCNTL HAVE___FORK HAVE___FSTAT HAVE___FXSTAT HAVE___LSEEK HAVE___LSTAT HAVE___LXSTAT HAVE___NR_INOTIFY_INIT_DECL HAVE___OPEN HAVE___OPEN64 HAVE___PREAD64 HAVE___PWRITE64 HAVE___READ HAVE___STAT HAVE___WRITE HAVE___XSTAT --with Options: WITH_ADS WITH_AUTOMOUNT WITH_CIFSMOUNT WITH_DNS_UPDATES WITH_PAM WITH_PAM_MODULES WITH_QUOTAS WITH_SENDFILE WITH_SYSLOG WITH_UTMP WITH_WINBIND Build Options: COMPILER_SUPPORTS_LL CONFIG_H_IS_FROM_SAMBA DEFAULT_DISPLAY_CHARSET DEFAULT_DOS_CHARSET DEFAULT_UNIX_CHARSET KRB5_CREDS_OPT_FREE_REQUIRES_CONTEXT KRB5_TICKET_HAS_KEYINFO KRB5_VERIFY_CHECKSUM_ARGS LDAP_SET_REBIND_PROC_ARGS LIBREPLACE_NETWORK_CHECKS LINUX LINUX_SENDFILE_API PACKAGE_BUGREPORT PACKAGE_NAME PACKAGE_STRING PACKAGE_TARNAME PACKAGE_VERSION REALPATH_TAKES_NULL REPLACE_GETPASS RETSIGTYPE SEEKDIR_RETURNS_VOID SHLIBEXT SIZEOF_CHAR SIZEOF_DEV_T SIZEOF_INO_T SIZEOF_INT SIZEOF_LONG_LONG SIZEOF_OFF_T SIZEOF_SHORT SIZEOF_SIZE_T SIZEOF_SSIZE_T SIZEOF_VOID_P STAT_STATVFS64 STAT_ST_BLOCKSIZE STDC_HEADERS STRING_STATIC_MODULES SYSCONF_SC_NGROUPS_MAX SYSCONF_SC_NPROCESSORS_ONLN SYSCONF_SC_PAGESIZE TIME_WITH_SYS_TIME USE_SETRESUID WITH_ADS WITH_AUTOMOUNT WITH_CIFSMOUNT WITH_DNS_UPDATES WITH_PAM WITH_PAM_MODULES WITH_QUOTAS WITH_SENDFILE WITH_SYSLOG WITH_WINBIND _FILE_OFFSET_BITS _GNU_SOURCE _LARGEFILE64_SOURCE _POSIX_C_SOURCE _POSIX_SOURCE auth_script_init charset_CP437_init charset_CP850_init idmap_ad_init idmap_ldap_init idmap_rid_init offset_t static_decl_auth static_decl_charset static_decl_idmap static_decl_nss_info static_decl_pdb static_decl_rpc static_decl_vfs static_init_auth static_init_charset static_init_idmap static_init_nss_info static_init_pdb static_init_rpc static_init_vfs uint_t vfs_audit_init vfs_cacheprime_init vfs_cap_init vfs_default_quota_init vfs_expand_msdfs_init vfs_extd_audit_init vfs_fake_perms_init vfs_fileid_init vfs_full_audit_init vfs_netatalk_init vfs_readahead_init vfs_readonly_init vfs_recycle_init vfs_shadow_copy2_init vfs_shadow_copy_init vfs_streams_xattr_init vfs_syncops_init vfs_xattr_tdb_init Type sizes: sizeof(char): 1 sizeof(int): 4 sizeof(long): 4 sizeof(long long): 8 sizeof(uint8): 1 sizeof(uint16): 2 sizeof(uint32): 4 sizeof(short): 2 sizeof(void*): 4 sizeof(size_t): 4 sizeof(off_t): 8 sizeof(ino_t): 8 sizeof(dev_t): 8 Builtin modules: pdb_ldap pdb_smbpasswd pdb_tdbsam rpc_lsarpc rpc_winreg rpc_initshutdown rpc_dssetup rpc_wkssvc rpc_svcctl2 rpc_ntsvcs2 rpc_netlogon rpc_netdfs rpc_srvsvc rpc_spoolss rpc_eventlog2 rpc_samr idmap_tdb idmap_passdb idmap_nss nss_info_template auth_sam auth_unix auth_winbind auth_server auth_domain auth_builtin vfs_default vfs_posixacl lp_load_ex: refreshing parameters Initialising global parameters params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" Processing section "[global]" doing parameter security = SHARE doing parameter map to guest = Bad User doing parameter printcap name = cups doing parameter add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$ doing parameter logon path = \\%L\profiles\.msprofile doing parameter logon drive = P: doing parameter logon home = \\%L\%U\.9xprofile doing parameter domain master = No doing parameter usershare allow guests = Yes doing parameter cups options = raw doing parameter include = /etc/samba/dhcp.conf params.c:pm_process() - Processing configuration file "/etc/samba/dhcp.conf" doing parameter passdb backend = smbpasswd doing parameter workgroup = Workgroup pm_process() returned Yes lp_servicenumber: couldn't find homes set_server_role: role = ROLE_STANDALONE Attempting to register new charset UCS-2LE Registered charset UCS-2LE Attempting to register new charset UTF-16LE Registered charset UTF-16LE Attempting to register new charset UCS-2BE Registered charset UCS-2BE Attempting to register new charset UTF-16BE Registered charset UTF-16BE Attempting to register new charset UTF8 Registered charset UTF8 Attempting to register new charset UTF-8 Registered charset UTF-8 Attempting to register new charset ASCII Registered charset ASCII Attempting to register new charset 646 Registered charset 646 Attempting to register new charset ISO-8859-1 Registered charset ISO-8859-1 Attempting to register new charset UCS2-HEX Registered charset UCS2-HEX Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Registered MSG_REQ_POOL_USAGE Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED lp_load_ex: refreshing parameters Initialising global parameters params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" Processing section "[global]" doing parameter security = SHARE doing parameter map to guest = Bad User doing parameter printcap name = cups doing parameter add machine script = /usr/sbin/useradd -c Machine -d /var/lib/nobody -s /bin/false %m$ doing parameter logon path = \\%L\profiles\.msprofile doing parameter logon drive = P: doing parameter logon home = \\%L\%U\.9xprofile doing parameter domain master = No doing parameter usershare allow guests = Yes doing parameter cups options = raw doing parameter include = /etc/samba/dhcp.conf params.c:pm_process() - Processing configuration file "/etc/samba/dhcp.conf" doing parameter passdb backend = smbpasswd doing parameter workgroup = Workgroup Processing section "[homes]" add_a_service: Creating snum = 0 for homes hash_a_service: creating servicehash hash_a_service: hashing index 0 for service name homes doing parameter comment = Home Directories doing parameter valid users = %S, %D%w%S doing parameter read only = No doing parameter inherit acls = Yes doing parameter browseable = No Processing section "[profiles]" add_a_service: Creating snum = 1 for profiles hash_a_service: hashing index 1 for service name profiles doing parameter comment = Network Profiles Service doing parameter path = %H doing parameter read only = No doing parameter create mask = 0600 doing parameter directory mask = 0700 doing parameter store dos attributes = Yes Processing section "[users]" add_a_service: Creating snum = 2 for users hash_a_service: hashing index 2 for service name users doing parameter comment = All users doing parameter path = /home doing parameter read only = No doing parameter inherit acls = Yes doing parameter veto files = /aquota.user/groups/shares/ Processing section "[groups]" add_a_service: Creating snum = 3 for groups hash_a_service: hashing index 3 for service name groups doing parameter comment = All groups doing parameter path = /home/groups doing parameter read only = No doing parameter inherit acls = Yes Processing section "[printers]" add_a_service: Creating snum = 4 for printers hash_a_service: hashing index 4 for service name printers doing parameter comment = All Printers doing parameter path = /var/tmp doing parameter create mask = 0600 doing parameter printable = Yes doing parameter browseable = No Processing section "[print$]" add_a_service: Creating snum = 5 for print$ hash_a_service: hashing index 5 for service name print$ doing parameter comment = Printer Drivers doing parameter path = /var/lib/samba/drivers doing parameter write list = @ntadmin, root doing parameter force group = ntadmin doing parameter create mask = 0664 doing parameter directory mask = 0775 Processing section "[dist]" add_a_service: Creating snum = 6 for dist hash_a_service: hashing index 6 for service name dist doing parameter comment = Netweaver support doing parameter path = /home/dist doing parameter read only = No doing parameter inherit acls = Yes doing parameter guest ok = Yes Processing section "[darnit]" add_a_service: Creating snum = 7 for darnit hash_a_service: hashing index 7 for service name darnit doing parameter read only = No doing parameter guest ok = Yes doing parameter path = /home/wegscd doing parameter guest account = wegscd Global parameter guest account found in service section! doing parameter browseable = No pm_process() returned Yes add_a_service: Creating snum = 8 for IPC$ hash_a_service: hashing index 8 for service name IPC$ adding IPC service set_server_role: role = ROLE_STANDALONE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE reloading printcap cache reloading cups printcap cache connecting to cups server /var/run/cups/cups.sock:631 reload status: ok reloading printcap cache reloading cups printcap cache connecting to cups server /var/run/cups/cups.sock:631 reload status: ok lp_file_list_changed() file /etc/samba/dhcp.conf -> /etc/samba/dhcp.conf last mod_time: Wed Jul 30 10:23:52 2008 file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Mon Aug 18 09:50:30 2008 added interface eth0 ip=10.19.11.8 bcast=10.19.11.255 netmask=255.255.255.0 Netbios name list:- my_netbios_names[0]="UNLADEN-SWALLOW" loaded services fcntl_lock fd=6 op=13 offset=0 count=1 type=1 fcntl_lock: Lock call successful Attempting to register passdb backend ldapsam Successfully added passdb backend 'ldapsam' Attempting to register passdb backend ldapsam_compat Successfully added passdb backend 'ldapsam_compat' Attempting to register passdb backend NDS_ldapsam Successfully added passdb backend 'NDS_ldapsam' Attempting to register passdb backend NDS_ldapsam_compat Successfully added passdb backend 'NDS_ldapsam_compat' Attempting to register passdb backend smbpasswd Successfully added passdb backend 'smbpasswd' Attempting to register passdb backend tdbsam Successfully added passdb backend 'tdbsam' Attempting to find an passdb backend to match smbpasswd (smbpasswd) Found pdb backend smbpasswd pdb backend smbpasswd has a valid init Opening cache file at /var/lib/samba/gencache.tdb namecache_enable: enabling netbios namecache, timeout 660 seconds reghook_cache_init: new tree with default ops 0xb802aaa0 for key [] init_registry_key: Adding [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers] init_registry_key: Storing key [HKLM] with subkey [SOFTWARE] init_registry_key: Storing key [HKLM\SOFTWARE] with subkey [Microsoft] init_registry_key: Storing key [HKLM\SOFTWARE\Microsoft] with subkey [Windows NT] init_registry_key: Storing key [HKLM\SOFTWARE\Microsoft\Windows NT] with subkey [CurrentVersion] init_registry_key: Storing key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion] with subkey [Print] init_registry_key: Storing key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print] with subkey [Printers] init_registry_key: Storing key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers] with subkey [NULL] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 Locking key 484B4C4D2F534F465457 Allocated locked data 0x0xb8096910 Unlocking key 484B4C4D2F534F465457 Locking key 484B4C4D2F534F465457 Allocated locked data 0x0xb80968a8 Unlocking key 484B4C4D2F534F465457 init_registry_key: Adding [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports] init_registry_key: Storing key [HKLM] with subkey [SOFTWARE] init_registry_key: Storing key [HKLM\SOFTWARE] with subkey [Microsoft] init_registry_key: Storing key [HKLM\SOFTWARE\Microsoft] with subkey [Windows NT] init_registry_key: Storing key [HKLM\SOFTWARE\Microsoft\Windows NT] with subkey [CurrentVersion] init_registry_key: Storing key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion] with subkey [Ports] init_registry_key: Storing key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports] with subkey [NULL] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 Locking key 484B4C4D2F534F465457 Allocated locked data 0x0xb8094560 Unlocking key 484B4C4D2F534F465457 Locking key 484B4C4D2F534F465457 Allocated locked data 0x0xb8095258 Unlocking key 484B4C4D2F534F465457 init_registry_key: Adding [HKLM\SYSTEM\CurrentControlSet\Control\Print] init_registry_key: Storing key [HKLM] with subkey [SYSTEM] init_registry_key: Storing key [HKLM\SYSTEM] with subkey [CurrentControlSet] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet] with subkey [Control] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet\Control] with subkey [Print] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet\Control\Print] with subkey [NULL] init_registry_key: Adding [HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares] init_registry_key: Storing key [HKLM] with subkey [SYSTEM] init_registry_key: Storing key [HKLM\SYSTEM] with subkey [CurrentControlSet] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet] with subkey [Services] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet\Services] with subkey [LanmanServer] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer] with subkey [Shares] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares] with subkey [NULL] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 Locking key 484B4C4D2F5359535445 Allocated locked data 0x0xb8096410 Unlocking key 484B4C4D2F5359535445 Locking key 484B4C4D2F5359535445 Allocated locked data 0x0xb8095978 Unlocking key 484B4C4D2F5359535445 init_registry_key: Adding [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] init_registry_key: Storing key [HKLM] with subkey [SYSTEM] init_registry_key: Storing key [HKLM\SYSTEM] with subkey [CurrentControlSet] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet] with subkey [Services] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet\Services] with subkey [Eventlog] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] with subkey [NULL] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 Locking key 484B4C4D2F5359535445 Allocated locked data 0x0xb8095260 Unlocking key 484B4C4D2F5359535445 Locking key 484B4C4D2F5359535445 Allocated locked data 0x0xb8095260 Unlocking key 484B4C4D2F5359535445 init_registry_key: Adding [HKLM\SOFTWARE\Samba\smbconf] init_registry_key: Storing key [HKLM] with subkey [SOFTWARE] init_registry_key: Storing key [HKLM\SOFTWARE] with subkey [Samba] init_registry_key: Storing key [HKLM\SOFTWARE\Samba] with subkey [smbconf] init_registry_key: Storing key [HKLM\SOFTWARE\Samba\smbconf] with subkey [NULL] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 Locking key 484B4C4D2F534F465457 Allocated locked data 0x0xb8095c20 Unlocking key 484B4C4D2F534F465457 Locking key 484B4C4D2F534F465457 Allocated locked data 0x0xb8094560 Unlocking key 484B4C4D2F534F465457 init_registry_key: Adding [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib] init_registry_key: Storing key [HKLM] with subkey [SOFTWARE] init_registry_key: Storing key [HKLM\SOFTWARE] with subkey [Microsoft] init_registry_key: Storing key [HKLM\SOFTWARE\Microsoft] with subkey [Windows NT] init_registry_key: Storing key [HKLM\SOFTWARE\Microsoft\Windows NT] with subkey [CurrentVersion] init_registry_key: Storing key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion] with subkey [Perflib] init_registry_key: Storing key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib] with subkey [NULL] init_registry_key: Adding [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009] init_registry_key: Storing key [HKLM] with subkey [SOFTWARE] init_registry_key: Storing key [HKLM\SOFTWARE] with subkey [Microsoft] init_registry_key: Storing key [HKLM\SOFTWARE\Microsoft] with subkey [Windows NT] init_registry_key: Storing key [HKLM\SOFTWARE\Microsoft\Windows NT] with subkey [CurrentVersion] init_registry_key: Storing key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion] with subkey [Perflib] init_registry_key: Storing key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib] with subkey [009] init_registry_key: Storing key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009] with subkey [NULL] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 Locking key 484B4C4D2F534F465457 Allocated locked data 0x0xb8096548 Unlocking key 484B4C4D2F534F465457 Locking key 484B4C4D2F534F465457 Allocated locked data 0x0xb80963b8 Unlocking key 484B4C4D2F534F465457 init_registry_key: Adding [HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors] init_registry_key: Storing key [HKLM] with subkey [SYSTEM] init_registry_key: Storing key [HKLM\SYSTEM] with subkey [CurrentControlSet] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet] with subkey [Control] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet\Control] with subkey [Print] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet\Control\Print] with subkey [Monitors] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors] with subkey [NULL] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 Locking key 484B4C4D2F5359535445 Allocated locked data 0x0xb8094560 Unlocking key 484B4C4D2F5359535445 Locking key 484B4C4D2F5359535445 Allocated locked data 0x0xb8094560 Unlocking key 484B4C4D2F5359535445 init_registry_key: Adding [HKLM\SYSTEM\CurrentControlSet\Control\ProductOptions] init_registry_key: Storing key [HKLM] with subkey [SYSTEM] init_registry_key: Storing key [HKLM\SYSTEM] with subkey [CurrentControlSet] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet] with subkey [Control] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet\Control] with subkey [ProductOptions] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet\Control\ProductOptions] with subkey [NULL] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 Locking key 484B4C4D2F5359535445 Allocated locked data 0x0xb8096808 Unlocking key 484B4C4D2F5359535445 Locking key 484B4C4D2F5359535445 Allocated locked data 0x0xb80958c8 Unlocking key 484B4C4D2F5359535445 init_registry_key: Adding [HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration] init_registry_key: Storing key [HKLM] with subkey [SYSTEM] init_registry_key: Storing key [HKLM\SYSTEM] with subkey [CurrentControlSet] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet] with subkey [Control] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet\Control] with subkey [Terminal Server] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server] with subkey [DefaultUserConfiguration] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration] with subkey [NULL] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 Locking key 484B4C4D2F5359535445 Allocated locked data 0x0xb8095268 Unlocking key 484B4C4D2F5359535445 Locking key 484B4C4D2F5359535445 Allocated locked data 0x0xb80952f0 Unlocking key 484B4C4D2F5359535445 init_registry_key: Adding [HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] init_registry_key: Storing key [HKLM] with subkey [SYSTEM] init_registry_key: Storing key [HKLM\SYSTEM] with subkey [CurrentControlSet] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet] with subkey [Services] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet\Services] with subkey [Tcpip] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet\Services\Tcpip] with subkey [Parameters] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] with subkey [NULL] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 Locking key 484B4C4D2F5359535445 Allocated locked data 0x0xb8095cf0 Unlocking key 484B4C4D2F5359535445 Locking key 484B4C4D2F5359535445 Allocated locked data 0x0xb8095cf0 Unlocking key 484B4C4D2F5359535445 init_registry_key: Adding [HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] init_registry_key: Storing key [HKLM] with subkey [SYSTEM] init_registry_key: Storing key [HKLM\SYSTEM] with subkey [CurrentControlSet] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet] with subkey [Services] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet\Services] with subkey [Netlogon] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet\Services\Netlogon] with subkey [Parameters] init_registry_key: Storing key [HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] with subkey [NULL] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 Locking key 484B4C4D2F5359535445 Allocated locked data 0x0xb8095938 Unlocking key 484B4C4D2F5359535445 Locking key 484B4C4D2F5359535445 Allocated locked data 0x0xb8095820 Unlocking key 484B4C4D2F5359535445 init_registry_key: Adding [HKU] init_registry_key: Storing key [HKU] with subkey [NULL] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 Locking key 484B5500 Allocated locked data 0x0xb8094ae8 Unlocking key 484B5500 Locking key 484B5500 Allocated locked data 0x0xb8094ae8 Unlocking key 484B5500 init_registry_key: Adding [HKCR] init_registry_key: Storing key [HKCR] with subkey [NULL] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 Locking key 484B435200 Allocated locked data 0x0xb8094ae8 Unlocking key 484B435200 Locking key 484B435200 Allocated locked data 0x0xb8094ae8 Unlocking key 484B435200 init_registry_key: Adding [HKPD] init_registry_key: Storing key [HKPD] with subkey [NULL] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 Locking key 484B504400 Allocated locked data 0x0xb8094dd0 Unlocking key 484B504400 Locking key 484B504400 Allocated locked data 0x0xb8094dd0 Unlocking key 484B504400 init_registry_key: Adding [HKPT] init_registry_key: Storing key [HKPT] with subkey [NULL] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 Locking key 484B505400 Allocated locked data 0x0xb8094560 Unlocking key 484B505400 Locking key 484B505400 Allocated locked data 0x0xb8094560 Unlocking key 484B505400 regdb_fetch_values: Looking for value of key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports] specific: [Samba Printer Port], len: 2 regdb_fetch_values: Looking for value of key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers] specific: [DefaultSpoolDirectory], len: 70 regdb_fetch_values: Looking for value of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] specific: [DisplayName], len: 20 specific: [ErrorControl], len: 4 regdb_fetch_values: Looking for value of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] specific: [DisplayName], len: 20 specific: [ErrorControl], len: 4 reghook_cache_add: Adding ops 0xb802ac20 for key [/HKLM/SYSTEM/CurrentControlSet/Control/Print] pathtree_add: Enter pathtree_add: Successfully added node [HKLM/SYSTEM/CurrentControlSet/Control/Print] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0xb802ac20 for key [/HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Print/Printers] pathtree_add: Enter pathtree_add: Successfully added node [HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Print/Printers] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0xb802ac20 for key [/HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Ports] pathtree_add: Enter pathtree_add: Successfully added node [HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Ports] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0xb802ac60 for key [/HKLM/SYSTEM/CurrentControlSet/Services/LanmanServer/Shares] pathtree_add: Enter pathtree_add: Successfully added node [HKLM/SYSTEM/CurrentControlSet/Services/LanmanServer/Shares] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0xb802ab40 for key [/HKLM/SOFTWARE/Samba/smbconf] pathtree_add: Enter pathtree_add: Successfully added node [HKLM/SOFTWARE/Samba/smbconf] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0xb802aca0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/Netlogon/Parameters] pathtree_add: Enter pathtree_add: Successfully added node [HKLM/SYSTEM/CurrentControlSet/Services/Netlogon/Parameters] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0xb802ace0 for key [/HKLM/SYSTEM/CurrentControlSet/Control/ProductOptions] pathtree_add: Enter pathtree_add: Successfully added node [HKLM/SYSTEM/CurrentControlSet/Control/ProductOptions] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0xb802ad20 for key [/HKLM/SYSTEM/CurrentControlSet/Services/Tcpip/Parameters] pathtree_add: Enter pathtree_add: Successfully added node [HKLM/SYSTEM/CurrentControlSet/Services/Tcpip/Parameters] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0xb802ad60 for key [/HKPT] pathtree_add: Enter pathtree_add: Successfully added node [HKPT] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0xb802ada0 for key [/HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion] pathtree_add: Enter pathtree_add: Successfully added node [HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0xb802ade0 for key [/HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Perflib] pathtree_add: Enter pathtree_add: Successfully added node [HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Perflib] to tree pathtree_add: Exit push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 push_conn_ctx(0) : conn_ctx_stack_ndx = 1 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups getsampwnam (smbpasswd): search by name: root startsmbfilepwent_internal: opening file /etc/samba/smbpasswd getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: LM password for user fiferl invalidated getsmbfilepwent: returning passwd entry for user fiferl, uid 1001 getsmbfilepwent: LM password for user wegscd invalidated getsmbfilepwent: returning passwd entry for user wegscd, uid 1000 getsmbfilepwent: LM password for user rockhtm invalidated getsmbfilepwent: returning passwd entry for user rockhtm, uid 1002 getsmbfilepwent: end of file reached. endsmbfilepwent_internal: closed password file. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 pdb_default_uid_to_rid: Did not find user root (0) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: uid 0 -> sid S-1-22-1-0 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: gid 0 -> sid S-1-22-2-0 Create local NT token for S-1-22-1-0 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-32-544 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-32-545 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 get_privileges: No privileges assigned to SID [S-1-22-1-0] get_privileges_for_sids: sid = S-1-5-32-544 Privilege set: SE_PRIV 0xff0 0x0 0x0 0x0 get_privileges_for_sids: sid = S-1-1-0 Privilege set: SE_PRIV 0x0 0x0 0x0 0x0 get_privileges: No privileges assigned to SID [S-1-5-2] get_privileges: No privileges assigned to SID [S-1-5-11] regkey_open_onelevel: name = [HKLM] regdb_open: incrementing refcount (1) reghook_cache_find: Searching for keyname [/HKLM] pathtree_find: Enter [/HKLM] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM] regdb_get_secdesc: Getting secdesc of key [HKLM] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (2) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM] pathtree_find: Enter [/HKLM/SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (3) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regdb_close: decrementing refcount (3) regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (3) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet/Services] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services] se_access_check: requested access 0x000f003f, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 9003f se_access_check: ACE 1: type 0, flags = 0x00, SID = S-1-5-32-544 mask = f003f, current desired = 90026 se_access_check: access (f003f) granted. regdb_close: decrementing refcount (3) regdb_close: decrementing refcount (2) regkey_open_onelevel: name = [HKLM] regdb_open: incrementing refcount (2) reghook_cache_find: Searching for keyname [/HKLM] pathtree_find: Enter [/HKLM] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM] regdb_get_secdesc: Getting secdesc of key [HKLM] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM] pathtree_find: Enter [/HKLM/SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet/Services] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Spooler] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/Spooler] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/Spooler] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/Spooler] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler] se_access_check: requested access 0x000f003f, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 9003f se_access_check: ACE 1: type 0, flags = 0x00, SID = S-1-5-32-544 mask = f003f, current desired = 90026 se_access_check: access (f003f) granted. regdb_close: decrementing refcount (4) regdb_close: decrementing refcount (3) regdb_store_values: Looking for value of key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler] regdb_close: decrementing refcount (2) regkey_open_onelevel: name = [HKLM] regdb_open: incrementing refcount (2) reghook_cache_find: Searching for keyname [/HKLM] pathtree_find: Enter [/HKLM] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM] regdb_get_secdesc: Getting secdesc of key [HKLM] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM] pathtree_find: Enter [/HKLM/SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet/Services] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Spooler] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/Spooler] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/Spooler] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/Spooler] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Security] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/Spooler/Security] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/Spooler/Security] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/Spooler/Security] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security] se_access_check: requested access 0x000f003f, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 9003f se_access_check: ACE 1: type 0, flags = 0x00, SID = S-1-5-32-544 mask = f003f, current desired = 90026 se_access_check: access (f003f) granted. regdb_close: decrementing refcount (4) regdb_close: decrementing refcount (3) regdb_store_values: Looking for value of key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security] regdb_close: decrementing refcount (2) regkey_open_onelevel: name = [HKLM] regdb_open: incrementing refcount (2) reghook_cache_find: Searching for keyname [/HKLM] pathtree_find: Enter [/HKLM] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM] regdb_get_secdesc: Getting secdesc of key [HKLM] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM] pathtree_find: Enter [/HKLM/SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet/Services] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [NETLOGON] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/NETLOGON] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/NETLOGON] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/NETLOGON] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] se_access_check: requested access 0x000f003f, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 9003f se_access_check: ACE 1: type 0, flags = 0x00, SID = S-1-5-32-544 mask = f003f, current desired = 90026 se_access_check: access (f003f) granted. regdb_close: decrementing refcount (4) regdb_close: decrementing refcount (3) regdb_store_values: Looking for value of key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] regdb_close: decrementing refcount (2) regkey_open_onelevel: name = [HKLM] regdb_open: incrementing refcount (2) reghook_cache_find: Searching for keyname [/HKLM] pathtree_find: Enter [/HKLM] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM] regdb_get_secdesc: Getting secdesc of key [HKLM] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM] pathtree_find: Enter [/HKLM/SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet/Services] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [NETLOGON] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/NETLOGON] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/NETLOGON] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/NETLOGON] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Security] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/NETLOGON/Security] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/NETLOGON/Security] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/NETLOGON/Security] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security] se_access_check: requested access 0x000f003f, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 9003f se_access_check: ACE 1: type 0, flags = 0x00, SID = S-1-5-32-544 mask = f003f, current desired = 90026 se_access_check: access (f003f) granted. regdb_close: decrementing refcount (4) regdb_close: decrementing refcount (3) regdb_store_values: Looking for value of key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security] regdb_close: decrementing refcount (2) regkey_open_onelevel: name = [HKLM] regdb_open: incrementing refcount (2) reghook_cache_find: Searching for keyname [/HKLM] pathtree_find: Enter [/HKLM] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM] regdb_get_secdesc: Getting secdesc of key [HKLM] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM] pathtree_find: Enter [/HKLM/SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet/Services] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [RemoteRegistry] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/RemoteRegistry] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/RemoteRegistry] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/RemoteRegistry] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] se_access_check: requested access 0x000f003f, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 9003f se_access_check: ACE 1: type 0, flags = 0x00, SID = S-1-5-32-544 mask = f003f, current desired = 90026 se_access_check: access (f003f) granted. regdb_close: decrementing refcount (4) regdb_close: decrementing refcount (3) regdb_store_values: Looking for value of key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] regdb_close: decrementing refcount (2) regkey_open_onelevel: name = [HKLM] regdb_open: incrementing refcount (2) reghook_cache_find: Searching for keyname [/HKLM] pathtree_find: Enter [/HKLM] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM] regdb_get_secdesc: Getting secdesc of key [HKLM] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM] pathtree_find: Enter [/HKLM/SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet/Services] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [RemoteRegistry] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/RemoteRegistry] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/RemoteRegistry] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/RemoteRegistry] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Security] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/RemoteRegistry/Security] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/RemoteRegistry/Security] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/RemoteRegistry/Security] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security] se_access_check: requested access 0x000f003f, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 9003f se_access_check: ACE 1: type 0, flags = 0x00, SID = S-1-5-32-544 mask = f003f, current desired = 90026 se_access_check: access (f003f) granted. regdb_close: decrementing refcount (4) regdb_close: decrementing refcount (3) regdb_store_values: Looking for value of key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security] regdb_close: decrementing refcount (2) regkey_open_onelevel: name = [HKLM] regdb_open: incrementing refcount (2) reghook_cache_find: Searching for keyname [/HKLM] pathtree_find: Enter [/HKLM] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM] regdb_get_secdesc: Getting secdesc of key [HKLM] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM] pathtree_find: Enter [/HKLM/SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet/Services] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [WINS] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/WINS] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/WINS] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/WINS] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\WINS] se_access_check: requested access 0x000f003f, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 9003f se_access_check: ACE 1: type 0, flags = 0x00, SID = S-1-5-32-544 mask = f003f, current desired = 90026 se_access_check: access (f003f) granted. regdb_close: decrementing refcount (4) regdb_close: decrementing refcount (3) regdb_store_values: Looking for value of key [HKLM\SYSTEM\CurrentControlSet\Services\WINS] regdb_close: decrementing refcount (2) regkey_open_onelevel: name = [HKLM] regdb_open: incrementing refcount (2) reghook_cache_find: Searching for keyname [/HKLM] pathtree_find: Enter [/HKLM] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM] regdb_get_secdesc: Getting secdesc of key [HKLM] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM] pathtree_find: Enter [/HKLM/SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet/Services] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [WINS] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/WINS] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/WINS] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/WINS] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\WINS] se_access_check: requested access 0x00000008, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 8 se_access_check: access (8) granted. regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Security] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/WINS/Security] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/WINS/Security] pathtree_find: Exit reghook_cache_find: found ops 0xb802aaa0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/WINS/Security] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security] se_access_check: requested access 0x000f003f, for NT token with 5 entries and first sid S-1-22-1-0. se_access_check: user sid is S-1-22-1-0 se_access_check: also S-1-5-32-544 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-11 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 20019, current desired = 9003f se_access_check: ACE 1: type 0, flags = 0x00, SID = S-1-5-32-544 mask = f003f, current desired = 90026 se_access_check: access (f003f) granted. regdb_close: decrementing refcount (4) regdb_close: decrementing refcount (3) regdb_store_values: Looking for value of key [HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security] regdb_close: decrementing refcount (2) regdb_close: decrementing refcount (1) regdb_close: decrementing refcount (0) update_c_setprinter: c_setprinter = 0 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pdb_getsampwsid: Building guest account pdb_set_username: setting username nobody, was pdb_set_full_name: setting full name nobody, was pdb_set_domain: setting domain UNLADEN-SWALLOW, was pdb_set_user_sid: setting user sid S-1-5-21-3230811644-3697677438-2698030698-501 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3230811644-3697677438-2698030698-501 from rid 501 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 sys_getgrouplist: user [nobody] push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: gid 65533 -> sid S-1-22-2-65533 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: gid 65534 -> sid S-1-22-2-65534 make_server_info_sam: made server info for user nobody -> nobody Create local NT token for S-1-5-21-3230811644-3697677438-2698030698-501 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-32-544 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-32-545 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 get_privileges: No privileges assigned to SID [S-1-5-21-3230811644-3697677438-2698030698-501] get_privileges: No privileges assigned to SID [S-1-22-2-65533] get_privileges_for_sids: sid = S-1-1-0 Privilege set: SE_PRIV 0x0 0x0 0x0 0x0 get_privileges: No privileges assigned to SID [S-1-5-2] get_privileges: No privileges assigned to SID [S-1-5-32-546] get_privileges: No privileges assigned to SID [S-1-22-2-65534] sid S-1-22-2-65533 -> gid 65533 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-1-0 Could not convert SID S-1-1-0 to gid, ignoring it push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-2 Could not convert SID S-1-5-2 to gid, ignoring it push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-32-546 Could not convert SID S-1-5-32-546 to gid, ignoring it sid S-1-22-2-65534 -> gid 65534 NT user token of user S-1-5-21-3230811644-3697677438-2698030698-501 contains 6 SIDs SID[ 0]: S-1-5-21-3230811644-3697677438-2698030698-501 SID[ 1]: S-1-22-2-65533 SID[ 2]: S-1-1-0 SID[ 3]: S-1-5-2 SID[ 4]: S-1-5-32-546 SID[ 5]: S-1-22-2-65534 SE_PRIV 0x0 0x0 0x0 0x0 interpret_string_addr_internal: getaddrinfo failed for name :: [Address family for hostname not supported] interpret_string_addr_internal: getaddrinfo failed for name :: [Address family for hostname not supported] bind succeeded on port 445 socket option SO_KEEPALIVE = 1 socket option SO_REUSEADDR = 1 socket option SO_BROADCAST = 0 socket option TCP_NODELAY = 0 socket option TCP_KEEPCNT = 9 socket option TCP_KEEPIDLE = 7200 socket option TCP_KEEPINTVL = 75 socket option IPTOS_LOWDELAY = 0 socket option IPTOS_THROUGHPUT = 0 socket option SO_SNDBUF = 16384 socket option SO_RCVBUF = 87380 socket option SO_SNDLOWAT = 1 socket option SO_RCVLOWAT = 1 socket option SO_SNDTIMEO = 0 socket option SO_RCVTIMEO = 0 socket option SO_KEEPALIVE = 1 socket option SO_REUSEADDR = 1 socket option SO_BROADCAST = 0 socket option TCP_NODELAY = 1 socket option TCP_KEEPCNT = 9 socket option TCP_KEEPIDLE = 7200 socket option TCP_KEEPINTVL = 75 socket option IPTOS_LOWDELAY = 0 socket option IPTOS_THROUGHPUT = 0 socket option SO_SNDBUF = 16384 socket option SO_RCVBUF = 87380 socket option SO_SNDLOWAT = 1 socket option SO_RCVLOWAT = 1 socket option SO_SNDTIMEO = 0 socket option SO_RCVTIMEO = 0 bind succeeded on port 139 socket option SO_KEEPALIVE = 1 socket option SO_REUSEADDR = 1 socket option SO_BROADCAST = 0 socket option TCP_NODELAY = 0 socket option TCP_KEEPCNT = 9 socket option TCP_KEEPIDLE = 7200 socket option TCP_KEEPINTVL = 75 socket option IPTOS_LOWDELAY = 0 socket option IPTOS_THROUGHPUT = 0 socket option SO_SNDBUF = 16384 socket option SO_RCVBUF = 87380 socket option SO_SNDLOWAT = 1 socket option SO_RCVLOWAT = 1 socket option SO_SNDTIMEO = 0 socket option SO_RCVTIMEO = 0 socket option SO_KEEPALIVE = 1 socket option SO_REUSEADDR = 1 socket option SO_BROADCAST = 0 socket option TCP_NODELAY = 1 socket option TCP_KEEPCNT = 9 socket option TCP_KEEPIDLE = 7200 socket option TCP_KEEPINTVL = 75 socket option IPTOS_LOWDELAY = 0 socket option IPTOS_THROUGHPUT = 0 socket option SO_SNDBUF = 16384 socket option SO_RCVBUF = 87380 socket option SO_SNDLOWAT = 1 socket option SO_RCVLOWAT = 1 socket option SO_SNDTIMEO = 0 socket option SO_RCVTIMEO = 0 claiming [] Locking key D6100000FFFFFFFF0000 Allocated locked data 0x0xb809b068 Unlocking key D6100000FFFFFFFF0000 waiting for a connection lp_file_list_changed() file /etc/samba/dhcp.conf -> /etc/samba/dhcp.conf last mod_time: Wed Jul 30 10:23:52 2008 file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Mon Aug 18 09:50:30 2008 init_oplocks: initializing messages. Linux kernel oplocks enabled Added timed event "idle_evt(keepalive)": b809b900 Added timed event "idle_evt(deadtime)": b809bb20 got smb length of 133 got message type 0x0 of len 0x85 Transaction 0 of length 137 (0 toread) size=133 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51283 smb_tid=0 smb_pid=65279 smb_uid=0 smb_mid=0 smt_wct=0 smb_bcc=98 [000] 02 50 43 20 4E 45 54 57 4F 52 4B 20 50 52 4F 47 .PC NETW ORK PROG [010] 52 41 4D 20 31 2E 30 00 02 4C 41 4E 4D 41 4E 31 RAM 1.0. .LANMAN1 [020] 2E 30 00 02 57 69 6E 64 6F 77 73 20 66 6F 72 20 .0..Wind ows for [030] 57 6F 72 6B 67 72 6F 75 70 73 20 33 2E 31 61 00 Workgrou ps 3.1a. [040] 02 4C 4D 31 2E 32 58 30 30 32 00 02 4C 41 4E 4D .LM1.2X0 02..LANM [050] 41 4E 32 2E 31 00 02 4E 54 20 4C 4D 20 30 2E 31 AN2.1..N T LM 0.1 [060] 32 00 2. switch message SMBnegprot (pid 4310) conn 0x0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups change_to_root_user: now uid=(0,0) gid=(0,0) Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Substituting charset 'UTF-8' for LOCALE Requested protocol [PC NETWORK PROGRAM 1.0] Requested protocol [LANMAN1.0] Requested protocol [Windows for Workgroups 3.1a] Requested protocol [LM1.2X002] Requested protocol [LANMAN2.1] Requested protocol [NT LM 0.12] set_remote_arch: Client arch is 'Win2K' lp_file_list_changed() file /etc/samba/dhcp.conf -> /etc/samba/dhcp.conf last mod_time: Wed Jul 30 10:23:52 2008 file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Mon Aug 18 09:50:30 2008 claiming [] Locking key D6100000FFFFFFFF0000 Allocated locked data 0x0xb809d158 Unlocking key D6100000FFFFFFFF0000 lp_file_list_changed() file /etc/samba/dhcp.conf -> /etc/samba/dhcp.conf last mod_time: Wed Jul 30 10:23:52 2008 file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Mon Aug 18 09:50:30 2008 get challenge: creating negprot_global_auth_context Making default auth method list for security=share, encrypt passwords = yes Attempting to register auth backend sam Successfully added auth method 'sam' Attempting to register auth backend sam_ignoredomain Successfully added auth method 'sam_ignoredomain' Attempting to register auth backend unix Successfully added auth method 'unix' Attempting to register auth backend winbind Successfully added auth method 'winbind' Attempting to register auth backend smbserver Successfully added auth method 'smbserver' Attempting to register auth backend trustdomain Successfully added auth method 'trustdomain' Attempting to register auth backend ntdomain Successfully added auth method 'ntdomain' Attempting to register auth backend guest Successfully added auth method 'guest' load_auth_module: Attempting to find an auth method to match guest load_auth_module: auth method guest has a valid init load_auth_module: Attempting to find an auth method to match sam load_auth_module: auth method sam has a valid init get challenge: getting challenge auth_get_challenge: module guest did not want to specify a challenge auth_get_challenge: module sam did not want to specify a challenge auth_context challenge created by random challenge is: [000] DA 26 58 E3 ED A9 B0 A6 .&X..... not using SPNEGO Selected protocol NT LM 0.12 negprot index=5 size=97 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=49153 smb_tid=0 smb_pid=65279 smb_uid=0 smb_mid=0 smt_wct=17 smb_vwv[ 0]= 5 (0x5) smb_vwv[ 1]=12802 (0x3202) smb_vwv[ 2]= 256 (0x100) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 65 (0x41) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 256 (0x100) smb_vwv[ 7]=54784 (0xD600) smb_vwv[ 8]= 16 (0x10) smb_vwv[ 9]=64768 (0xFD00) smb_vwv[10]=33011 (0x80F3) smb_vwv[11]= 0 (0x0) smb_vwv[12]=61800 (0xF168) smb_vwv[13]=14827 (0x39EB) smb_vwv[14]=51457 (0xC901) smb_vwv[15]=61441 (0xF001) smb_vwv[16]= 2048 (0x800) smb_bcc=8 [000] DA 26 58 E3 ED A9 B0 A6 .&X..... got smb length of 302 got message type 0x0 of len 0x12e Transaction 1 of length 306 (0 toread) size=302 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=0 smb_pid=65279 smb_uid=0 smb_mid=2368 smt_wct=13 smb_vwv[ 0]= 117 (0x75) smb_vwv[ 1]= 186 (0xBA) smb_vwv[ 2]=16644 (0x4104) smb_vwv[ 3]= 50 (0x32) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 4310 (0x10D6) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 1 (0x1) smb_vwv[ 8]= 1 (0x1) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 212 (0xD4) smb_vwv[12]= 0 (0x0) smb_bcc=125 [000] 00 00 00 57 00 45 00 47 00 53 00 43 00 44 00 00 ...W.E.G .S.C.D.. [010] 00 4E 00 41 00 00 00 57 00 69 00 6E 00 64 00 6F .N.A...W .i.n.d.o [020] 00 77 00 73 00 20 00 32 00 30 00 30 00 32 00 20 .w.s. .2 .0.0.2. [030] 00 53 00 65 00 72 00 76 00 69 00 63 00 65 00 20 .S.e.r.v .i.c.e. [040] 00 50 00 61 00 63 00 6B 00 20 00 32 00 20 00 32 .P.a.c.k . .2. .2 [050] 00 36 00 30 00 30 00 00 00 57 00 69 00 6E 00 64 .6.0.0.. .W.i.n.d [060] 00 6F 00 77 00 73 00 20 00 32 00 30 00 30 00 32 .o.w.s. .2.0.0.2 [070] 00 20 00 35 00 2E 00 31 00 00 00 00 00 . .5...1 ..... switch message SMBsesssetupX (pid 4310) conn 0x0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups change_to_root_user: now uid=(0,0) gid=(0,0) wct=13 flg2=0xc807 Domain=[NA] NativeOS=[Windows 2002 Service Pack 2 2600] NativeLanMan=[Windows 2002 5.1] PrimaryDomain=[] set_remote_arch: Client arch is 'WinXP' setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. sesssetupX:name=[NA]\[WEGSCD]@[smbd] lp_file_list_changed() file /etc/samba/dhcp.conf -> /etc/samba/dhcp.conf last mod_time: Wed Jul 30 10:23:52 2008 file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Mon Aug 18 09:50:30 2008 Finding user WEGSCD Trying _Get_Pwnam(), username as lowercase is wegscd Get_Pwnam_internals did find user [WEGSCD]! Got anonymous request Making default auth method list for security=share, encrypt passwords = yes load_auth_module: Attempting to find an auth method to match guest load_auth_module: auth method guest has a valid init load_auth_module: Attempting to find an auth method to match sam load_auth_module: auth method sam has a valid init attempting to make a user_info for () making strings for 's user_info struct making blobs for 's user_info struct made an encrypted user_info for () check_ntlm_password: Checking password for unmapped user []\[]@[] with the new password interface check_ntlm_password: mapped user is: []\[]@[] check_ntlm_password: auth_context challenge created by fixed challenge is: [000] 00 00 00 00 00 00 00 00 ........ push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups account_policy_get: name: password history, val: 0 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 pdb_set_username: setting username nobody, was pdb_set_domain: setting domain UNLADEN-SWALLOW, was pdb_set_nt_username: setting nt username , was pdb_set_full_name: setting full name nobody, was pdb_set_homedir: setting home dir \\unladen-swallow\nobody\.9xprofile, was pdb_set_dir_drive: setting dir drive P:, was NULL pdb_set_logon_script: setting logon script , was pdb_set_profile_path: setting profile path \\unladen-swallow\profiles\.msprofile, was pdb_set_workstations: setting workstations , was push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups account_policy_get: name: password history, val: 0 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 pdb_set_user_sid: setting user sid S-1-5-21-3230811644-3697677438-2698030698-501 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3230811644-3697677438-2698030698-501 from rid 501 check_ntlm_password: guest authentication for user [] succeeded check_ntlm_password: guest authentication for user [] -> [] -> [nobody] succeeded attempting to free (and zero) a user_info structure structure was created for attempting to free (and zero) a user_info structure Create local NT token for S-1-5-21-3230811644-3697677438-2698030698-501 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-32-544 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-32-545 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 get_privileges: No privileges assigned to SID [S-1-5-21-3230811644-3697677438-2698030698-501] get_privileges_for_sids: sid = S-1-1-0 Privilege set: SE_PRIV 0x0 0x0 0x0 0x0 get_privileges: No privileges assigned to SID [S-1-5-2] get_privileges: No privileges assigned to SID [S-1-5-32-546] push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-1-0 Could not convert SID S-1-1-0 to gid, ignoring it push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-2 Could not convert SID S-1-5-2 to gid, ignoring it push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-32-546 Could not convert SID S-1-5-32-546 to gid, ignoring it NT user token of user S-1-5-21-3230811644-3697677438-2698030698-501 contains 4 SIDs SID[ 0]: S-1-5-21-3230811644-3697677438-2698030698-501 SID[ 1]: S-1-1-0 SID[ 2]: S-1-5-2 SID[ 3]: S-1-5-32-546 SE_PRIV 0x0 0x0 0x0 0x0 Chained message size=148 smb_com=0x75 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=0 smb_pid=65279 smb_uid=0 smb_mid=2368 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 302 (0x12E) smb_vwv[ 2]= 8 (0x8) smb_vwv[ 3]= 24 (0x18) smb_bcc=105 [000] 6F BD BB 48 EA 98 7D 4D 38 56 B3 6B F6 DE 3E 39 o..H..}M 8V.k..>9 [010] 1B 90 A1 7C 9B 0B AB B1 00 5C 00 5C 00 55 00 4E ...|.... .\.\.U.N [020] 00 4C 00 41 00 44 00 45 00 4E 00 2D 00 53 00 57 .L.A.D.E .N.-.S.W [030] 00 41 00 4C 00 4C 00 4F 00 57 00 2E 00 57 00 48 .A.L.L.O .W...W.H [040] 00 49 00 52 00 4C 00 50 00 4F 00 4F 00 4C 00 2E .I.R.L.P .O.O.L.. [050] 00 43 00 4F 00 4D 00 5C 00 44 00 49 00 53 00 54 .C.O.M.\ .D.I.S.T [060] 00 00 00 3F 3F 3F 3F 3F 00 ...????? . switch message SMBtconX (pid 4310) conn 0x0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups change_to_root_user: now uid=(0,0) gid=(0,0) Client requested device type [?????] for share [DIST] making a connection to 'normal' service dist Finding user dist Trying _Get_Pwnam(), username as lowercase is dist Trying _Get_Pwnam(), username as uppercase is DIST Checking combinations of 0 uppercase letters in dist Get_Pwnam_internals didn't find user [dist]! make_user_info_map: Mapping user [NA]\[wegscd] from workstation [smbd] attempting to make a user_info for wegscd (wegscd) making strings for wegscd's user_info struct making blobs for wegscd's user_info struct made an encrypted user_info for wegscd (wegscd) check_ntlm_password: Checking password for unmapped user [NA]\[wegscd]@[smbd] with the new password interface check_ntlm_password: mapped user is: [UNLADEN-SWALLOW]\[wegscd]@[smbd] check_ntlm_password: auth_context challenge created by random challenge is: [000] DA 26 58 E3 ED A9 B0 A6 .&X..... check_ntlm_password: guest had nothing to say is_myname("UNLADEN-SWALLOW") returns 1 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups getsampwnam (smbpasswd): search by name: wegscd startsmbfilepwent_internal: opening file /etc/samba/smbpasswd getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: LM password for user fiferl invalidated getsmbfilepwent: returning passwd entry for user fiferl, uid 1001 getsmbfilepwent: LM password for user wegscd invalidated getsmbfilepwent: returning passwd entry for user wegscd, uid 1000 endsmbfilepwent_internal: closed password file. getsampwnam (smbpasswd): found by name: wegscd Finding user wegscd Trying _Get_Pwnam(), username as lowercase is wegscd Get_Pwnam_internals did find user [wegscd]! pdb_set_username: setting username wegscd, was pdb_set_full_name: setting full name Doug Wegscheid, was pdb_set_domain: setting domain UNLADEN-SWALLOW, was pdb_set_profile_path: setting profile path \\unladen-swallow\profiles\.msprofile, was pdb_set_homedir: setting home dir \\unladen-swallow\wegscd\.9xprofile, was pdb_set_dir_drive: setting dir drive P:, was NULL pdb_set_logon_script: setting logon script , was pdb_set_user_sid: setting user sid S-1-5-21-3230811644-3697677438-2698030698-3000 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3230811644-3697677438-2698030698-3000 from rid 3000 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 push_conn_ctx(0) : conn_ctx_stack_ndx = 1 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups account_policy_get: name: maximum password age, val: -1 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 push_conn_ctx(0) : conn_ctx_stack_ndx = 1 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups account_policy_get: name: password history, val: 0 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 pdb_set_username: setting username wegscd, was pdb_set_domain: setting domain UNLADEN-SWALLOW, was pdb_set_nt_username: setting nt username , was pdb_set_full_name: setting full name Doug Wegscheid, was pdb_set_homedir: setting home dir \\unladen-swallow\wegscd\.9xprofile, was pdb_set_dir_drive: setting dir drive P:, was NULL pdb_set_logon_script: setting logon script , was pdb_set_profile_path: setting profile path \\unladen-swallow\profiles\.msprofile, was pdb_set_workstations: setting workstations , was push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 push_conn_ctx(0) : conn_ctx_stack_ndx = 1 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups account_policy_get: name: password history, val: 0 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 pdb_set_user_sid: setting user sid S-1-5-21-3230811644-3697677438-2698030698-3000 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3230811644-3697677438-2698030698-3000 from rid 3000 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 pdb_update_autolock_flag: Account wegscd not autolocked, no check needed ntlm_password_check: Checking NT MD4 password ntlm_password_check: NT MD4 password check failed for user wegscd No bad password attempts. check_ntlm_password: sam authentication for user [wegscd] FAILED with error NT_STATUS_WRONG_PASSWORD check_ntlm_password: Authentication for user [wegscd] -> [wegscd] FAILED with error NT_STATUS_WRONG_PASSWORD attempting to free (and zero) a user_info structure structure was created for wegscd make_user_info_map: Mapping user [NA]\[wegscd] from workstation [smbd] attempting to make a user_info for wegscd (wegscd) making strings for wegscd's user_info struct making blobs for wegscd's user_info struct made an encrypted user_info for wegscd (wegscd) check_ntlm_password: Checking password for unmapped user [NA]\[wegscd]@[smbd] with the new password interface check_ntlm_password: mapped user is: [UNLADEN-SWALLOW]\[wegscd]@[smbd] check_ntlm_password: auth_context challenge created by random challenge is: [000] DA 26 58 E3 ED A9 B0 A6 .&X..... check_ntlm_password: guest had nothing to say is_myname("UNLADEN-SWALLOW") returns 1 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups getsampwnam (smbpasswd): search by name: wegscd startsmbfilepwent_internal: opening file /etc/samba/smbpasswd getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: LM password for user fiferl invalidated getsmbfilepwent: returning passwd entry for user fiferl, uid 1001 getsmbfilepwent: LM password for user wegscd invalidated getsmbfilepwent: returning passwd entry for user wegscd, uid 1000 endsmbfilepwent_internal: closed password file. getsampwnam (smbpasswd): found by name: wegscd Finding user wegscd Trying _Get_Pwnam(), username as lowercase is wegscd Get_Pwnam_internals did find user [wegscd]! pdb_set_username: setting username wegscd, was pdb_set_full_name: setting full name Doug Wegscheid, was pdb_set_domain: setting domain UNLADEN-SWALLOW, was pdb_set_profile_path: setting profile path \\unladen-swallow\profiles\.msprofile, was pdb_set_homedir: setting home dir \\unladen-swallow\wegscd\.9xprofile, was pdb_set_dir_drive: setting dir drive P:, was NULL pdb_set_logon_script: setting logon script , was pdb_set_user_sid: setting user sid S-1-5-21-3230811644-3697677438-2698030698-3000 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3230811644-3697677438-2698030698-3000 from rid 3000 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 push_conn_ctx(0) : conn_ctx_stack_ndx = 1 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups account_policy_get: name: maximum password age, val: -1 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 push_conn_ctx(0) : conn_ctx_stack_ndx = 1 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups account_policy_get: name: password history, val: 0 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 pdb_set_username: setting username wegscd, was pdb_set_domain: setting domain UNLADEN-SWALLOW, was pdb_set_nt_username: setting nt username , was pdb_set_full_name: setting full name Doug Wegscheid, was pdb_set_homedir: setting home dir \\unladen-swallow\wegscd\.9xprofile, was pdb_set_dir_drive: setting dir drive P:, was NULL pdb_set_logon_script: setting logon script , was pdb_set_profile_path: setting profile path \\unladen-swallow\profiles\.msprofile, was pdb_set_workstations: setting workstations , was push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 push_conn_ctx(0) : conn_ctx_stack_ndx = 1 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups account_policy_get: name: password history, val: 0 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 pdb_set_user_sid: setting user sid S-1-5-21-3230811644-3697677438-2698030698-3000 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3230811644-3697677438-2698030698-3000 from rid 3000 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 pdb_update_autolock_flag: Account wegscd not autolocked, no check needed ntlm_password_check: Lanman passwords NOT PERMITTED for user wegscd ntlm_password_check: Checking LMv2 password with domain NA ntlm_password_check: Checking LMv2 password with upper-cased version of domain NA ntlm_password_check: Checking LMv2 password without a domain ntlm_password_check: Checking NT MD4 password in LM field ntlm_password_check: LM password, NT MD4 password in LM field and LMv2 failed for user wegscd No bad password attempts. check_ntlm_password: sam authentication for user [wegscd] FAILED with error NT_STATUS_WRONG_PASSWORD check_ntlm_password: Authentication for user [wegscd] -> [wegscd] FAILED with error NT_STATUS_WRONG_PASSWORD attempting to free (and zero) a user_info structure structure was created for wegscd make_user_info_map: Mapping user [WORKGROUP]\[wegscd] from workstation [smbd] attempting to make a user_info for wegscd (wegscd) making strings for wegscd's user_info struct making blobs for wegscd's user_info struct made an encrypted user_info for wegscd (wegscd) check_ntlm_password: Checking password for unmapped user [WORKGROUP]\[wegscd]@[smbd] with the new password interface check_ntlm_password: mapped user is: [UNLADEN-SWALLOW]\[wegscd]@[smbd] check_ntlm_password: auth_context challenge created by random challenge is: [000] DA 26 58 E3 ED A9 B0 A6 .&X..... check_ntlm_password: guest had nothing to say is_myname("UNLADEN-SWALLOW") returns 1 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups getsampwnam (smbpasswd): search by name: wegscd startsmbfilepwent_internal: opening file /etc/samba/smbpasswd getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: LM password for user fiferl invalidated getsmbfilepwent: returning passwd entry for user fiferl, uid 1001 getsmbfilepwent: LM password for user wegscd invalidated getsmbfilepwent: returning passwd entry for user wegscd, uid 1000 endsmbfilepwent_internal: closed password file. getsampwnam (smbpasswd): found by name: wegscd Finding user wegscd Trying _Get_Pwnam(), username as lowercase is wegscd Get_Pwnam_internals did find user [wegscd]! pdb_set_username: setting username wegscd, was pdb_set_full_name: setting full name Doug Wegscheid, was pdb_set_domain: setting domain UNLADEN-SWALLOW, was pdb_set_profile_path: setting profile path \\unladen-swallow\profiles\.msprofile, was pdb_set_homedir: setting home dir \\unladen-swallow\wegscd\.9xprofile, was pdb_set_dir_drive: setting dir drive P:, was NULL pdb_set_logon_script: setting logon script , was pdb_set_user_sid: setting user sid S-1-5-21-3230811644-3697677438-2698030698-3000 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3230811644-3697677438-2698030698-3000 from rid 3000 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 push_conn_ctx(0) : conn_ctx_stack_ndx = 1 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups account_policy_get: name: maximum password age, val: -1 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 push_conn_ctx(0) : conn_ctx_stack_ndx = 1 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups account_policy_get: name: password history, val: 0 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 pdb_set_username: setting username wegscd, was pdb_set_domain: setting domain UNLADEN-SWALLOW, was pdb_set_nt_username: setting nt username , was pdb_set_full_name: setting full name Doug Wegscheid, was pdb_set_homedir: setting home dir \\unladen-swallow\wegscd\.9xprofile, was pdb_set_dir_drive: setting dir drive P:, was NULL pdb_set_logon_script: setting logon script , was pdb_set_profile_path: setting profile path \\unladen-swallow\profiles\.msprofile, was pdb_set_workstations: setting workstations , was push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 push_conn_ctx(0) : conn_ctx_stack_ndx = 1 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups account_policy_get: name: password history, val: 0 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 pdb_set_user_sid: setting user sid S-1-5-21-3230811644-3697677438-2698030698-3000 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3230811644-3697677438-2698030698-3000 from rid 3000 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 pdb_update_autolock_flag: Account wegscd not autolocked, no check needed ntlm_password_check: Checking NT MD4 password ntlm_password_check: NT MD4 password check failed for user wegscd No bad password attempts. check_ntlm_password: sam authentication for user [wegscd] FAILED with error NT_STATUS_WRONG_PASSWORD check_ntlm_password: Authentication for user [wegscd] -> [wegscd] FAILED with error NT_STATUS_WRONG_PASSWORD attempting to free (and zero) a user_info structure structure was created for wegscd make_user_info_map: Mapping user [WORKGROUP]\[wegscd] from workstation [smbd] attempting to make a user_info for wegscd (wegscd) making strings for wegscd's user_info struct making blobs for wegscd's user_info struct made an encrypted user_info for wegscd (wegscd) check_ntlm_password: Checking password for unmapped user [WORKGROUP]\[wegscd]@[smbd] with the new password interface check_ntlm_password: mapped user is: [UNLADEN-SWALLOW]\[wegscd]@[smbd] check_ntlm_password: auth_context challenge created by random challenge is: [000] DA 26 58 E3 ED A9 B0 A6 .&X..... check_ntlm_password: guest had nothing to say is_myname("UNLADEN-SWALLOW") returns 1 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups getsampwnam (smbpasswd): search by name: wegscd startsmbfilepwent_internal: opening file /etc/samba/smbpasswd getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: LM password for user fiferl invalidated getsmbfilepwent: returning passwd entry for user fiferl, uid 1001 getsmbfilepwent: LM password for user wegscd invalidated getsmbfilepwent: returning passwd entry for user wegscd, uid 1000 endsmbfilepwent_internal: closed password file. getsampwnam (smbpasswd): found by name: wegscd Finding user wegscd Trying _Get_Pwnam(), username as lowercase is wegscd Get_Pwnam_internals did find user [wegscd]! pdb_set_username: setting username wegscd, was pdb_set_full_name: setting full name Doug Wegscheid, was pdb_set_domain: setting domain UNLADEN-SWALLOW, was pdb_set_profile_path: setting profile path \\unladen-swallow\profiles\.msprofile, was pdb_set_homedir: setting home dir \\unladen-swallow\wegscd\.9xprofile, was pdb_set_dir_drive: setting dir drive P:, was NULL pdb_set_logon_script: setting logon script , was pdb_set_user_sid: setting user sid S-1-5-21-3230811644-3697677438-2698030698-3000 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3230811644-3697677438-2698030698-3000 from rid 3000 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 push_conn_ctx(0) : conn_ctx_stack_ndx = 1 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups account_policy_get: name: maximum password age, val: -1 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 push_conn_ctx(0) : conn_ctx_stack_ndx = 1 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups account_policy_get: name: password history, val: 0 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 pdb_set_username: setting username wegscd, was pdb_set_domain: setting domain UNLADEN-SWALLOW, was pdb_set_nt_username: setting nt username , was pdb_set_full_name: setting full name Doug Wegscheid, was pdb_set_homedir: setting home dir \\unladen-swallow\wegscd\.9xprofile, was pdb_set_dir_drive: setting dir drive P:, was NULL pdb_set_logon_script: setting logon script , was pdb_set_profile_path: setting profile path \\unladen-swallow\profiles\.msprofile, was pdb_set_workstations: setting workstations , was push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 push_conn_ctx(0) : conn_ctx_stack_ndx = 1 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups account_policy_get: name: password history, val: 0 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 pdb_set_user_sid: setting user sid S-1-5-21-3230811644-3697677438-2698030698-3000 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3230811644-3697677438-2698030698-3000 from rid 3000 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 pdb_update_autolock_flag: Account wegscd not autolocked, no check needed ntlm_password_check: Lanman passwords NOT PERMITTED for user wegscd ntlm_password_check: Checking LMv2 password with domain WORKGROUP ntlm_password_check: Checking LMv2 password with upper-cased version of domain WORKGROUP ntlm_password_check: Checking LMv2 password without a domain ntlm_password_check: Checking NT MD4 password in LM field ntlm_password_check: LM password, NT MD4 password in LM field and LMv2 failed for user wegscd No bad password attempts. check_ntlm_password: sam authentication for user [wegscd] FAILED with error NT_STATUS_WRONG_PASSWORD check_ntlm_password: Authentication for user [wegscd] -> [wegscd] FAILED with error NT_STATUS_WRONG_PASSWORD attempting to free (and zero) a user_info structure structure was created for wegscd Finding user nobody Trying _Get_Pwnam(), username as lowercase is nobody Get_Pwnam_internals did find user [nobody]! authorise_login: ACCEPTED: guest account and guest ok (nobody) Finding user nobody Trying _Get_Pwnam(), username as lowercase is nobody Get_Pwnam_internals did find user [nobody]! lookup_name: UNLADEN-SWALLOW\nobody => UNLADEN-SWALLOW (domain), nobody (name) lookup_name: flags = 0x073 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups getsampwnam (smbpasswd): search by name: nobody startsmbfilepwent_internal: opening file /etc/samba/smbpasswd getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: skipping comment or blank line getsmbfilepwent: LM password for user fiferl invalidated getsmbfilepwent: returning passwd entry for user fiferl, uid 1001 getsmbfilepwent: LM password for user wegscd invalidated getsmbfilepwent: returning passwd entry for user wegscd, uid 1000 getsmbfilepwent: LM password for user rockhtm invalidated getsmbfilepwent: returning passwd entry for user rockhtm, uid 1002 getsmbfilepwent: end of file reached. endsmbfilepwent_internal: closed password file. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 lookup_name: Unix User\nobody => Unix User (domain), nobody (name) lookup_name: flags = 0x073 sid S-1-22-1-65534 -> uid 65534 sys_getgrouplist: user [nobody] Create local NT token for S-1-22-1-65534 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-32-544 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-32-545 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 get_privileges: No privileges assigned to SID [S-1-22-1-65534] get_privileges: No privileges assigned to SID [S-1-22-2-65533] get_privileges_for_sids: sid = S-1-1-0 Privilege set: SE_PRIV 0x0 0x0 0x0 0x0 get_privileges: No privileges assigned to SID [S-1-5-2] get_privileges: No privileges assigned to SID [S-1-5-32-546] get_privileges: No privileges assigned to SID [S-1-22-2-65534] Finding user nobody Trying _Get_Pwnam(), username as lowercase is nobody Get_Pwnam_internals did find user [nobody]! LEGACY: mapping failed for sid S-1-22-1-65534 Could not convert SID S-1-22-1-65534 to gid, ignoring it sid S-1-22-2-65533 -> gid 65533 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-1-0 Could not convert SID S-1-1-0 to gid, ignoring it push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-2 Could not convert SID S-1-5-2 to gid, ignoring it push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-32-546 Could not convert SID S-1-5-32-546 to gid, ignoring it sid S-1-22-2-65534 -> gid 65534 set_conn_connectpath: service dist, connectpath = /home/dist Connect path is '/home/dist' for service [dist] se_map_generic(): mapped mask 0x10000000 to 0x001f01ff se_access_check: requested access 0x00000002, for NT token with 6 entries and first sid S-1-22-1-65534. se_access_check: user sid is S-1-22-1-65534 se_access_check: also S-1-22-2-65533 se_access_check: also S-1-1-0 se_access_check: also S-1-5-2 se_access_check: also S-1-5-32-546 se_access_check: also S-1-22-2-65534 se_access_check: ACE 0: type 0, flags = 0x00, SID = S-1-1-0 mask = 101f01ff, current desired = 2 se_access_check: access (2) granted. Initialising default vfs hooks vfs_find_backend_entry called for /[Default VFS]/ Successfully added vfs backend '/[Default VFS]/' vfs_find_backend_entry called for posixacl Successfully added vfs backend 'posixacl' Initialising custom vfs hooks from [/[Default VFS]/] vfs_find_backend_entry called for /[Default VFS]/ Successfully loaded vfs module [/[Default VFS]/] with the new modules system Checking operation #0 (type 0, layer 0) Making operation type 0 opaque [module /[Default VFS]/] Accepting operation type 0 from module /[Default VFS]/ Checking operation #1 (type 1, layer 0) Making operation type 1 opaque [module /[Default VFS]/] Accepting operation type 1 from module /[Default VFS]/ Checking operation #2 (type 2, layer 0) Making operation type 2 opaque [module /[Default VFS]/] Accepting operation type 2 from module /[Default VFS]/ Checking operation #3 (type 3, layer 0) Making operation type 3 opaque [module /[Default VFS]/] Accepting operation type 3 from module /[Default VFS]/ Checking operation #4 (type 4, layer 0) Making operation type 4 opaque [module /[Default VFS]/] Accepting operation type 4 from module /[Default VFS]/ Checking operation #5 (type 5, layer 0) Making operation type 5 opaque [module /[Default VFS]/] Accepting operation type 5 from module /[Default VFS]/ Checking operation #6 (type 6, layer 0) Making operation type 6 opaque [module /[Default VFS]/] Accepting operation type 6 from module /[Default VFS]/ Checking operation #7 (type 7, layer 0) Making operation type 7 opaque [module /[Default VFS]/] Accepting operation type 7 from module /[Default VFS]/ Checking operation #8 (type 8, layer 0) Making operation type 8 opaque [module /[Default VFS]/] Accepting operation type 8 from module /[Default VFS]/ Checking operation #9 (type 9, layer 0) Making operation type 9 opaque [module /[Default VFS]/] Accepting operation type 9 from module /[Default VFS]/ Checking operation #10 (type 10, layer 0) Making operation type 10 opaque [module /[Default VFS]/] Accepting operation type 10 from module /[Default VFS]/ Checking operation #11 (type 11, layer 0) Making operation type 11 opaque [module /[Default VFS]/] Accepting operation type 11 from module /[Default VFS]/ Checking operation #12 (type 12, layer 0) Making operation type 12 opaque [module /[Default VFS]/] Accepting operation type 12 from module /[Default VFS]/ Checking operation #13 (type 13, layer 0) Making operation type 13 opaque [module /[Default VFS]/] Accepting operation type 13 from module /[Default VFS]/ Checking operation #14 (type 14, layer 0) Making operation type 14 opaque [module /[Default VFS]/] Accepting operation type 14 from module /[Default VFS]/ Checking operation #15 (type 15, layer 0) Making operation type 15 opaque [module /[Default VFS]/] Accepting operation type 15 from module /[Default VFS]/ Checking operation #16 (type 16, layer 0) Making operation type 16 opaque [module /[Default VFS]/] Accepting operation type 16 from module /[Default VFS]/ Checking operation #17 (type 17, layer 0) Making operation type 17 opaque [module /[Default VFS]/] Accepting operation type 17 from module /[Default VFS]/ Checking operation #18 (type 18, layer 0) Making operation type 18 opaque [module /[Default VFS]/] Accepting operation type 18 from module /[Default VFS]/ Checking operation #19 (type 19, layer 0) Making operation type 19 opaque [module /[Default VFS]/] Accepting operation type 19 from module /[Default VFS]/ Checking operation #20 (type 20, layer 0) Making operation type 20 opaque [module /[Default VFS]/] Accepting operation type 20 from module /[Default VFS]/ Checking operation #21 (type 21, layer 0) Making operation type 21 opaque [module /[Default VFS]/] Accepting operation type 21 from module /[Default VFS]/ Checking operation #22 (type 22, layer 0) Making operation type 22 opaque [module /[Default VFS]/] Accepting operation type 22 from module /[Default VFS]/ Checking operation #23 (type 23, layer 0) Making operation type 23 opaque [module /[Default VFS]/] Accepting operation type 23 from module /[Default VFS]/ Checking operation #24 (type 24, layer 0) Making operation type 24 opaque [module /[Default VFS]/] Accepting operation type 24 from module /[Default VFS]/ Checking operation #25 (type 25, layer 0) Making operation type 25 opaque [module /[Default VFS]/] Accepting operation type 25 from module /[Default VFS]/ Checking operation #26 (type 26, layer 0) Making operation type 26 opaque [module /[Default VFS]/] Accepting operation type 26 from module /[Default VFS]/ Checking operation #27 (type 27, layer 0) Making operation type 27 opaque [module /[Default VFS]/] Accepting operation type 27 from module /[Default VFS]/ Checking operation #28 (type 28, layer 0) Making operation type 28 opaque [module /[Default VFS]/] Accepting operation type 28 from module /[Default VFS]/ Checking operation #29 (type 29, layer 0) Making operation type 29 opaque [module /[Default VFS]/] Accepting operation type 29 from module /[Default VFS]/ Checking operation #30 (type 30, layer 0) Making operation type 30 opaque [module /[Default VFS]/] Accepting operation type 30 from module /[Default VFS]/ Checking operation #31 (type 31, layer 0) Making operation type 31 opaque [module /[Default VFS]/] Accepting operation type 31 from module /[Default VFS]/ Checking operation #32 (type 32, layer 0) Making operation type 32 opaque [module /[Default VFS]/] Accepting operation type 32 from module /[Default VFS]/ Checking operation #33 (type 33, layer 0) Making operation type 33 opaque [module /[Default VFS]/] Accepting operation type 33 from module /[Default VFS]/ Checking operation #34 (type 34, layer 0) Making operation type 34 opaque [module /[Default VFS]/] Accepting operation type 34 from module /[Default VFS]/ Checking operation #35 (type 35, layer 0) Making operation type 35 opaque [module /[Default VFS]/] Accepting operation type 35 from module /[Default VFS]/ Checking operation #36 (type 36, layer 0) Making operation type 36 opaque [module /[Default VFS]/] Accepting operation type 36 from module /[Default VFS]/ Checking operation #37 (type 37, layer 0) Making operation type 37 opaque [module /[Default VFS]/] Accepting operation type 37 from module /[Default VFS]/ Checking operation #38 (type 38, layer 0) Making operation type 38 opaque [module /[Default VFS]/] Accepting operation type 38 from module /[Default VFS]/ Checking operation #39 (type 39, layer 0) Making operation type 39 opaque [module /[Default VFS]/] Accepting operation type 39 from module /[Default VFS]/ Checking operation #40 (type 40, layer 0) Making operation type 40 opaque [module /[Default VFS]/] Accepting operation type 40 from module /[Default VFS]/ Checking operation #41 (type 41, layer 0) Making operation type 41 opaque [module /[Default VFS]/] Accepting operation type 41 from module /[Default VFS]/ Checking operation #42 (type 42, layer 0) Making operation type 42 opaque [module /[Default VFS]/] Accepting operation type 42 from module /[Default VFS]/ Checking operation #43 (type 43, layer 0) Making operation type 43 opaque [module /[Default VFS]/] Accepting operation type 43 from module /[Default VFS]/ Checking operation #44 (type 44, layer 0) Making operation type 44 opaque [module /[Default VFS]/] Accepting operation type 44 from module /[Default VFS]/ Checking operation #45 (type 45, layer 0) Making operation type 45 opaque [module /[Default VFS]/] Accepting operation type 45 from module /[Default VFS]/ Checking operation #46 (type 46, layer 0) Making operation type 46 opaque [module /[Default VFS]/] Accepting operation type 46 from module /[Default VFS]/ Checking operation #47 (type 47, layer 0) Making operation type 47 opaque [module /[Default VFS]/] Accepting operation type 47 from module /[Default VFS]/ Checking operation #48 (type 48, layer 0) Making operation type 48 opaque [module /[Default VFS]/] Accepting operation type 48 from module /[Default VFS]/ Checking operation #49 (type 49, layer 0) Making operation type 49 opaque [module /[Default VFS]/] Accepting operation type 49 from module /[Default VFS]/ Checking operation #50 (type 50, layer 0) Making operation type 50 opaque [module /[Default VFS]/] Accepting operation type 50 from module /[Default VFS]/ Checking operation #51 (type 51, layer 0) Making operation type 51 opaque [module /[Default VFS]/] Accepting operation type 51 from module /[Default VFS]/ Checking operation #52 (type 52, layer 0) Making operation type 52 opaque [module /[Default VFS]/] Accepting operation type 52 from module /[Default VFS]/ Checking operation #53 (type 53, layer 0) Making operation type 53 opaque [module /[Default VFS]/] Accepting operation type 53 from module /[Default VFS]/ Checking operation #54 (type 54, layer 0) Making operation type 54 opaque [module /[Default VFS]/] Accepting operation type 54 from module /[Default VFS]/ Checking operation #55 (type 55, layer 0) Making operation type 55 opaque [module /[Default VFS]/] Accepting operation type 55 from module /[Default VFS]/ Checking operation #56 (type 56, layer 0) Making operation type 56 opaque [module /[Default VFS]/] Accepting operation type 56 from module /[Default VFS]/ Checking operation #57 (type 57, layer 0) Making operation type 57 opaque [module /[Default VFS]/] Accepting operation type 57 from module /[Default VFS]/ Checking operation #58 (type 58, layer 0) Making operation type 58 opaque [module /[Default VFS]/] Accepting operation type 58 from module /[Default VFS]/ Checking operation #59 (type 59, layer 0) Making operation type 59 opaque [module /[Default VFS]/] Accepting operation type 59 from module /[Default VFS]/ Checking operation #60 (type 60, layer 0) Making operation type 60 opaque [module /[Default VFS]/] Accepting operation type 60 from module /[Default VFS]/ Checking operation #61 (type 61, layer 0) Making operation type 61 opaque [module /[Default VFS]/] Accepting operation type 61 from module /[Default VFS]/ Checking operation #62 (type 62, layer 0) Making operation type 62 opaque [module /[Default VFS]/] Accepting operation type 62 from module /[Default VFS]/ Checking operation #63 (type 63, layer 0) Making operation type 63 opaque [module /[Default VFS]/] Accepting operation type 63 from module /[Default VFS]/ Checking operation #64 (type 64, layer 0) Making operation type 64 opaque [module /[Default VFS]/] Accepting operation type 64 from module /[Default VFS]/ Checking operation #65 (type 65, layer 0) Making operation type 65 opaque [module /[Default VFS]/] Accepting operation type 65 from module /[Default VFS]/ Checking operation #66 (type 66, layer 0) Making operation type 66 opaque [module /[Default VFS]/] Accepting operation type 66 from module /[Default VFS]/ Checking operation #67 (type 67, layer 0) Making operation type 67 opaque [module /[Default VFS]/] Accepting operation type 67 from module /[Default VFS]/ Checking operation #68 (type 68, layer 0) Making operation type 68 opaque [module /[Default VFS]/] Accepting operation type 68 from module /[Default VFS]/ Checking operation #69 (type 69, layer 0) Making operation type 69 opaque [module /[Default VFS]/] Accepting operation type 69 from module /[Default VFS]/ Checking operation #70 (type 70, layer 0) Making operation type 70 opaque [module /[Default VFS]/] Accepting operation type 70 from module /[Default VFS]/ Checking operation #71 (type 71, layer 0) Making operation type 71 opaque [module /[Default VFS]/] Accepting operation type 71 from module /[Default VFS]/ Checking operation #72 (type 72, layer 0) Making operation type 72 opaque [module /[Default VFS]/] Accepting operation type 72 from module /[Default VFS]/ Checking operation #73 (type 73, layer 0) Making operation type 73 opaque [module /[Default VFS]/] Accepting operation type 73 from module /[Default VFS]/ Checking operation #74 (type 74, layer 0) Making operation type 74 opaque [module /[Default VFS]/] Accepting operation type 74 from module /[Default VFS]/ Checking operation #75 (type 75, layer 0) Making operation type 75 opaque [module /[Default VFS]/] Accepting operation type 75 from module /[Default VFS]/ Checking operation #76 (type 76, layer 0) Making operation type 76 opaque [module /[Default VFS]/] Accepting operation type 76 from module /[Default VFS]/ Checking operation #77 (type 77, layer 0) Making operation type 77 opaque [module /[Default VFS]/] Accepting operation type 77 from module /[Default VFS]/ Checking operation #78 (type 78, layer 0) Making operation type 78 opaque [module /[Default VFS]/] Accepting operation type 78 from module /[Default VFS]/ Checking operation #79 (type 79, layer 0) Making operation type 79 opaque [module /[Default VFS]/] Accepting operation type 79 from module /[Default VFS]/ Checking operation #80 (type 80, layer 0) Making operation type 80 opaque [module /[Default VFS]/] Accepting operation type 80 from module /[Default VFS]/ Checking operation #81 (type 81, layer 0) Making operation type 81 opaque [module /[Default VFS]/] Accepting operation type 81 from module /[Default VFS]/ Checking operation #82 (type 82, layer 0) Making operation type 82 opaque [module /[Default VFS]/] Accepting operation type 82 from module /[Default VFS]/ Checking operation #83 (type 83, layer 0) Making operation type 83 opaque [module /[Default VFS]/] Accepting operation type 83 from module /[Default VFS]/ Checking operation #84 (type 84, layer 0) Making operation type 84 opaque [module /[Default VFS]/] Accepting operation type 84 from module /[Default VFS]/ Checking operation #85 (type 85, layer 0) Making operation type 85 opaque [module /[Default VFS]/] Accepting operation type 85 from module /[Default VFS]/ Checking operation #86 (type 86, layer 0) Making operation type 86 opaque [module /[Default VFS]/] Accepting operation type 86 from module /[Default VFS]/ Checking operation #87 (type 87, layer 0) Making operation type 87 opaque [module /[Default VFS]/] Accepting operation type 87 from module /[Default VFS]/ Checking operation #88 (type 88, layer 0) Making operation type 88 opaque [module /[Default VFS]/] Accepting operation type 88 from module /[Default VFS]/ Checking operation #89 (type 89, layer 0) Making operation type 89 opaque [module /[Default VFS]/] Accepting operation type 89 from module /[Default VFS]/ Checking operation #90 (type 90, layer 0) Making operation type 90 opaque [module /[Default VFS]/] Accepting operation type 90 from module /[Default VFS]/ Checking operation #91 (type 91, layer 0) Making operation type 91 opaque [module /[Default VFS]/] Accepting operation type 91 from module /[Default VFS]/ Checking operation #92 (type 92, layer 0) Making operation type 92 opaque [module /[Default VFS]/] Accepting operation type 92 from module /[Default VFS]/ Checking operation #93 (type 93, layer 0) Making operation type 93 opaque [module /[Default VFS]/] Accepting operation type 93 from module /[Default VFS]/ Checking operation #94 (type 94, layer 0) Making operation type 94 opaque [module /[Default VFS]/] Accepting operation type 94 from module /[Default VFS]/ Checking operation #95 (type 95, layer 0) Making operation type 95 opaque [module /[Default VFS]/] Accepting operation type 95 from module /[Default VFS]/ Checking operation #96 (type 96, layer 0) Making operation type 96 opaque [module /[Default VFS]/] Accepting operation type 96 from module /[Default VFS]/ Checking operation #97 (type 97, layer 0) Making operation type 97 opaque [module /[Default VFS]/] Accepting operation type 97 from module /[Default VFS]/ Checking operation #98 (type 98, layer 0) Making operation type 98 opaque [module /[Default VFS]/] Accepting operation type 98 from module /[Default VFS]/ Checking operation #99 (type 99, layer 0) Making operation type 99 opaque [module /[Default VFS]/] Accepting operation type 99 from module /[Default VFS]/ Checking operation #100 (type 100, layer 0) Making operation type 100 opaque [module /[Default VFS]/] Accepting operation type 100 from module /[Default VFS]/ Checking operation #101 (type 101, layer 0) Making operation type 101 opaque [module /[Default VFS]/] Accepting operation type 101 from module /[Default VFS]/ Checking operation #102 (type 102, layer 0) Making operation type 102 opaque [module /[Default VFS]/] Accepting operation type 102 from module /[Default VFS]/ claiming [dist] Locking key D6100000010000006469 Allocated locked data 0x0xb809ec68 Unlocking key D6100000010000006469 setting sec ctx (65534, 65533) - sec_ctx_stack_ndx = 0 NT user token of user S-1-22-1-65534 contains 6 SIDs SID[ 0]: S-1-22-1-65534 SID[ 1]: S-1-22-2-65533 SID[ 2]: S-1-1-0 SID[ 3]: S-1-5-2 SID[ 4]: S-1-5-32-546 SID[ 5]: S-1-22-2-65534 SE_PRIV 0x0 0x0 0x0 0x0 UNIX token of user 65534 Primary group is 65533 and contains 2 supplementary groups Group[ 0]: 65533 Group[ 1]: 65534 change_to_user uid=(65534,65534) gid=(0,65533) smbd (10.18.247.81) connect to service dist initially as user nobody (uid=65534, gid=65533) (pid 4310) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups change_to_root_user: now uid=(0,0) gid=(0,0) tconX service=DIST size=178 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=49153 smb_tid=1 smb_pid=65279 smb_uid=0 smb_mid=2368 smt_wct=3 smb_vwv[ 0]= 117 (0x75) smb_vwv[ 1]= 148 (0x94) smb_vwv[ 2]= 1 (0x1) smb_bcc=105 [000] 00 55 00 6E 00 69 00 78 00 00 00 53 00 61 00 6D .U.n.i.x ...S.a.m [010] 00 62 00 61 00 20 00 33 00 2E 00 32 00 2E 00 31 .b.a. .3 ...2...1 [020] 00 2D 00 30 00 2E 00 31 00 2E 00 31 00 32 00 36 .-.0...1 ...1.2.6 [030] 00 2D 00 31 00 38 00 36 00 37 00 2D 00 53 00 55 .-.1.8.6 .7.-.S.U [040] 00 53 00 45 00 2D 00 53 00 4C 00 31 00 31 00 2E .S.E.-.S .L.1.1.. [050] 00 30 00 00 00 57 00 4F 00 52 00 4B 00 47 00 52 .0...W.O .R.K.G.R [060] 00 4F 00 55 00 50 00 00 00 .O.U.P.. . got smb length of 76 got message type 0x0 of len 0x4c Transaction 2 of length 80 (0 toread) size=76 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=2924 smb_uid=0 smb_mid=2432 smt_wct=15 smb_vwv[ 0]= 8 (0x8) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 2 (0x2) smb_vwv[ 3]= 40 (0x28) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 8 (0x8) smb_vwv[10]= 68 (0x44) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 5 (0x5) smb_bcc=11 [000] 00 00 00 EC 03 00 00 00 00 00 00 ........ ... switch message SMBtrans2 (pid 4310) conn 0xb809dbc0 setting sec ctx (65534, 65533) - sec_ctx_stack_ndx = 0 NT user token of user S-1-22-1-65534 contains 6 SIDs SID[ 0]: S-1-22-1-65534 SID[ 1]: S-1-22-2-65533 SID[ 2]: S-1-1-0 SID[ 3]: S-1-5-2 SID[ 4]: S-1-5-32-546 SID[ 5]: S-1-22-2-65534 SE_PRIV 0x0 0x0 0x0 0x0 UNIX token of user 65534 Primary group is 65533 and contains 2 supplementary groups Group[ 0]: 65533 Group[ 1]: 65534 change_to_user uid=(65534,65534) gid=(0,65533) vfs_ChDir to /home/dist call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 1004 unix_convert called on file "" conversion finished "" -> . fill_share_mode_lock failed call_trans2qfilepathinfo . (fnum = -1) level=1004 call=5 total_data=0 dos_mode: . dos_mode_from_sbuf returning d dos_mode returning d call_trans2qfilepathinfo: SMB_FILE_BASIC_INFORMATION SMB_QFBI - create: Fri Aug 15 07:34:19 2008 access: Mon Aug 18 08:55:26 2008 write: Fri Aug 15 07:34:19 2008 change: Fri Aug 15 07:34:19 2008 mode: 10 t2_rep: params_sent_thistime = 2, data_sent_thistime = 40, useable_space = 16582 t2_rep: params_to_send = 2, data_to_send = 40, paramsize = 2, datasize = 40 size=100 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=49153 smb_tid=1 smb_pid=2924 smb_uid=0 smb_mid=2432 smt_wct=10 smb_vwv[ 0]= 2 (0x2) smb_vwv[ 1]= 40 (0x28) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 2 (0x2) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 40 (0x28) smb_vwv[ 7]= 60 (0x3C) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=45 [000] 00 00 00 00 00 80 EF EE DA CA FE C8 01 00 73 21 ........ ......s! [010] AF 31 01 C9 01 80 EF EE DA CA FE C8 01 80 EF EE .1...... ........ [020] DA CA FE C8 01 10 00 00 00 00 00 00 00 ........ ..... got smb length of 86 got message type 0x0 of len 0x56 Transaction 3 of length 90 (0 toread) size=86 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=2924 smb_uid=0 smb_mid=2496 smt_wct=15 smb_vwv[ 0]= 18 (0x12) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 10 (0xA) smb_vwv[ 3]=16384 (0x4000) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 18 (0x12) smb_vwv[10]= 68 (0x44) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 1 (0x1) smb_bcc=21 [000] 00 00 00 16 00 56 05 06 00 04 01 00 00 00 00 5C .....V.. .......\ [010] 00 2A 00 00 00 .*... switch message SMBtrans2 (pid 4310) conn 0xb809dbc0 change_to_user: Skipping user change - already user call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=0, close_if_end = 1 requires_resume_key = 1 level = 0x104, max_data_bytes = 16384 unix_convert called on file "*" stat_cache_lookup: lookup failed for name [*] unix_convert begin: name = *, dirpath = , start = * is_mangled * ? is_mangled_component * (len 1) ? dirpath = [] start = [*] dir=./, mask = * dptr_create dir=./ creating new dirptr 256 for path ./, expect_close = 1 dptr_num is 256, wcard = *, attr = 22 dirpath=<./> dontdescend=<> get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 0 dos_mode: ./. dos_mode_from_sbuf returning d dos_mode returning d fill_share_mode_lock failed get_lanman2_dir_entry: found ./. fname=. get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset -2147483648 dos_mode: ./.. dos_mode_from_sbuf returning d dos_mode returning d fill_share_mode_lock failed get_lanman2_dir_entry: found ./.. fname=.. get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 83101970 dos_mode: ./How to add the WebsealProtectorLoginModule.doc dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./How to add the WebsealProtectorLoginModule.doc fname=How to add the WebsealProtectorLoginModule.doc get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: How to add the WebsealProtectorLoginModule.doc -> 089C2764 -> H2E03F~O.DOC (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 113064623 dos_mode: ./SAPCAR_0-10003694.exe dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./SAPCAR_0-10003694.exe fname=SAPCAR_0-10003694.exe get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: SAPCAR_0-10003694.exe -> 5E20C058 -> SQ47U5~4.EXE (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 117870434 dos_mode: ./SSO.war dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./SSO.war fname=SSO.war get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 141048564 dos_mode: ./HackLicense.txt dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./HackLicense.txt fname=HackLicense.txt get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: HackLicense.txt -> 2CC47F1F -> HCF659~B.TXT (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 178495792 dos_mode: ./com.sap.netweaver.bc.rf.explorer.par dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./com.sap.netweaver.bc.rf.explorer.par fname=com.sap.netweaver.bc.rf.explorer.par get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: com.sap.netweaver.bc.rf.explorer.par -> 18213281 -> C6P0VW~H.PAR (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 180947167 dos_mode: ./drop dos_mode_from_sbuf returning d dos_mode returning d fill_share_mode_lock failed get_lanman2_dir_entry: found ./drop fname=drop get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 202766282 dos_mode: ./gsu_location.xml dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./gsu_location.xml fname=gsu_location.xml get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: gsu_location.xml -> 5CDA8266 -> GPRHKR~Q.XML (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 224424166 dos_mode: ./docroot dos_mode_from_sbuf returning d dos_mode returning d fill_share_mode_lock failed get_lanman2_dir_entry: found ./docroot fname=docroot get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 387261240 dos_mode: ./com.sap.netweaver.kmc_servlet.zip dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./com.sap.netweaver.kmc_servlet.zip fname=com.sap.netweaver.kmc_servlet.zip get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: com.sap.netweaver.kmc_servlet.zip -> 508F1A8E -> CMCOJ2~M.ZIP (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 440672975 dos_mode: ./gsu_session.sql dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./gsu_session.sql fname=gsu_session.sql get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: gsu_session.sql -> 3E6E1CA9 -> GHBLHU~X.SQL (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 465021492 dos_mode: ./gsu_session.xml dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./gsu_session.xml fname=gsu_session.xml get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: gsu_session.xml -> 3E6E1CA9 -> GHBLHU~X.XML (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 505272007 dos_mode: ./gsu_registration.sql dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./gsu_registration.sql fname=gsu_registration.sql get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: gsu_registration.sql -> 2B27AA84 -> GBZ29A~C.SQL (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 521256256 dos_mode: ./SAPCAR_4-20000899.EXE dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./SAPCAR_4-20000899.EXE fname=SAPCAR_4-20000899.EXE get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: SAPCAR_4-20000899.EXE -> 4032B7CB -> SHT996~Z.EXE (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 622548973 dos_mode: ./dataSourceConfiguration_IBM-Tivoli-WhrGroups.xml dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./dataSourceConfiguration_IBM-Tivoli-WhrGroups.xml fname=dataSourceConfiguration_IBM-Tivoli-WhrGroups.xml get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: dataSourceConfiguration_IBM-Tivoli-WhrGroups.xml -> 53EBDA87 -> DNA9LD~Z.XML (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 727938718 dos_mode: ./SAPCAR_0-10003688.exe dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./SAPCAR_0-10003688.exe fname=SAPCAR_0-10003688.exe get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: SAPCAR_0-10003688.exe -> 5F20C1C7 -> SQE7FT~3.EXE (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 742407362 dos_mode: ./dataSourceConfiguration_IBM-Tivoli-WhrGroups_old.xml dos_mode_from_sbuf returning dos_mode returning fill_share_mode_lock failed get_lanman2_dir_entry: found ./dataSourceConfiguration_IBM-Tivoli-WhrGroups_old.xml fname=dataSourceConfiguration_IBM-Tivoli-WhrGroups_old.xml get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: dataSourceConfiguration_IBM-Tivoli-WhrGroups_old.xml -> 1DBD1E29 -> D891VE~1.XML (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 797876619 dos_mode: ./gsu_location.sql dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./gsu_location.sql fname=gsu_location.sql get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: gsu_location.sql -> 5CDA8266 -> GPRHKR~Q.SQL (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 900068624 dos_mode: ./dataSourceConfiguration_IBM-Tivoli-WhrGroups-GZ.xml dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./dataSourceConfiguration_IBM-Tivoli-WhrGroups-GZ.xml fname=dataSourceConfiguration_IBM-Tivoli-WhrGroups-GZ.xml get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: dataSourceConfiguration_IBM-Tivoli-WhrGroups-GZ.xml -> 0085CD77 -> D057Y4~7.XML (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 930919557 dos_mode: ./eclipse-SDK-3.2-win32.zip dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./eclipse-SDK-3.2-win32.zip fname=eclipse-SDK-3.2-win32.zip get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: eclipse-SDK-3.2-win32.zip -> 4C5B35F5 -> EL6P9F~9.ZIP (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 986902556 dos_mode: ./com.sap.netweaver.kmc.globalservice.zip dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./com.sap.netweaver.kmc.globalservice.zip fname=com.sap.netweaver.kmc.globalservice.zip get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: com.sap.netweaver.kmc.globalservice.zip -> 4CA1C788 -> CL9GDX~K.ZIP (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1019734524 dos_mode: ./How to add the WebsealProtectorLoginModule (new).doc dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./How to add the WebsealProtectorLoginModule (new).doc fname=How to add the WebsealProtectorLoginModule (new).doc get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: How to add the WebsealProtectorLoginModule (new).doc -> 585B328B -> HOIKDC~B.DOC (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1040517208 dos_mode: ./sapjco3-ntintel-3.0.0.zip dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./sapjco3-ntintel-3.0.0.zip fname=sapjco3-ntintel-3.0.0.zip get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: sapjco3-ntintel-3.0.0.zip -> 6AC96CC9 -> STMNW7~D.ZIP (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1058409449 dos_mode: ./How to Update the UME Configuration for Netweaver 2004s.doc dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./How to Update the UME Configuration for Netweaver 2004s.doc fname=How to Update the UME Configuration for Netweaver 2004s.doc get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: How to Update the UME Configuration for Netweaver 2004s.doc -> 6D03F5C2 -> HU8XAY~Q.DOC (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1064973292 dos_mode: ./SAPCAR_4-20000900.EXE dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./SAPCAR_4-20000900.EXE fname=SAPCAR_4-20000900.EXE get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: SAPCAR_4-20000900.EXE -> 43307E24 -> SIN4WT~G.EXE (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1182036275 dos_mode: ./sapjco-ntintel-2.1.8.zip dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./sapjco-ntintel-2.1.8.zip fname=sapjco-ntintel-2.1.8.zip get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: sapjco-ntintel-2.1.8.zip -> 64DE9FD4 -> SRZK3X~0.ZIP (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1306894083 dos_mode: ./gsu_registration.xml dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./gsu_registration.xml fname=gsu_registration.xml get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: gsu_registration.xml -> 2B27AA84 -> GBZ29A~C.XML (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1307388998 dos_mode: ./SSOfromJ2EEorEP60_source.zip dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./SSOfromJ2EEorEP60_source.zip fname=SSOfromJ2EEorEP60_source.zip get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: SSOfromJ2EEorEP60_source.zip -> 158873AE -> S5Z354~E.ZIP (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1399439171 dos_mode: ./com.sap.portal.support.browse.zip dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./com.sap.portal.support.browse.zip fname=com.sap.portal.support.browse.zip get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: com.sap.portal.support.browse.zip -> 464F8DD3 -> CJIBBO~3.ZIP (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1420409806 dos_mode: ./How to create a new system for a sandbox WAS in Solution Manager.doc dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./How to create a new system for a sandbox WAS in Solution Manager.doc fname=How to create a new system for a sandbox WAS in Solution Manager.doc get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: How to create a new system for a sandbox WAS in Solution Manager.doc -> 1962D5C7 -> H71KOG~7.DOC (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1433284395 dos_mode: ./SAPSSO dos_mode_from_sbuf returning d dos_mode returning d fill_share_mode_lock failed get_lanman2_dir_entry: found ./SAPSSO fname=SAPSSO get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1435283156 dos_mode: ./fiferl dos_mode_from_sbuf returning d dos_mode returning d fill_share_mode_lock failed get_lanman2_dir_entry: found ./fiferl fname=fiferl get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1439929017 dos_mode: ./FallonsBabyShower dos_mode_from_sbuf returning d dos_mode returning d fill_share_mode_lock failed get_lanman2_dir_entry: found ./FallonsBabyShower fname=FallonsBabyShower get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: FallonsBabyShower -> 54A033A6 -> FNHAX7~Q (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1454259191 dos_mode: ./djdec355_is_free.later_versions_are_shareware dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./djdec355_is_free.later_versions_are_shareware fname=djdec355_is_free.later_versions_are_shareware get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: djdec355_is_free.later_versions_are_shareware -> 472005F2 -> DJQG5I~Q (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1497702961 dos_mode: ./GSU.zip dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./GSU.zip fname=GSU.zip get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1509352171 dos_mode: ./How to Update the UME Configuration for Netweaver 2004s.pdf dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./How to Update the UME Configuration for Netweaver 2004s.pdf fname=How to Update the UME Configuration for Netweaver 2004s.pdf get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: How to Update the UME Configuration for Netweaver 2004s.pdf -> 6D03F5C2 -> HU8XAY~Q.PDF (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1548638463 dos_mode: ./gsu_domain.sql dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./gsu_domain.sql fname=gsu_domain.sql get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: gsu_domain.sql -> 39BAC2C7 -> GG0N6X~3.SQL (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1554685818 dos_mode: ./How to add the BillerDirectLoginModule.pdf dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./How to add the BillerDirectLoginModule.pdf fname=How to add the BillerDirectLoginModule.pdf get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: How to add the BillerDirectLoginModule.pdf -> 5237E9C4 -> HMT98S~K.PDF (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1612549960 dos_mode: ./NWDS_Libs dos_mode_from_sbuf returning d dos_mode returning d fill_share_mode_lock failed get_lanman2_dir_entry: found ./NWDS_Libs fname=NWDS_Libs get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: NWDS_Libs -> 2505E74A -> NA9T9O~Q (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1625121355 dos_mode: ./FP14_WR21354_rtclnt.zip dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./FP14_WR21354_rtclnt.zip fname=FP14_WR21354_rtclnt.zip get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: FP14_WR21354_rtclnt.zip -> 06133905 -> F1OOKC~L.ZIP (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1666554848 dos_mode: ./rockhtm dos_mode_from_sbuf returning d dos_mode returning d fill_share_mode_lock failed get_lanman2_dir_entry: found ./rockhtm fname=rockhtm get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1706122949 dos_mode: ./workplacesinglesignon.ppt dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./workplacesinglesignon.ppt fname=workplacesinglesignon.ppt get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: workplacesinglesignon.ppt -> 2649A03B -> WAMFZN~F.PPT (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1714752204 dos_mode: ./am51_webseal_guide.pdf dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./am51_webseal_guide.pdf fname=am51_webseal_guide.pdf get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: am51_webseal_guide.pdf -> 4601E398 -> AJFA8B~C.PDF (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1733348510 dos_mode: ./How to add the BillerDirectLoginModule.doc dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./How to add the BillerDirectLoginModule.doc fname=How to add the BillerDirectLoginModule.doc get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: How to add the BillerDirectLoginModule.doc -> 5237E9C4 -> HMT98S~K.DOC (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1766444859 dos_mode: ./djdec355.zip dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./djdec355.zip fname=djdec355.zip get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1770304523 dos_mode: ./com.sap.km.ui.renderer.SimpleResourceRendererWithReadyMades.zip dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./com.sap.km.ui.renderer.SimpleResourceRendererWithReadyMades.zip fname=com.sap.km.ui.renderer.SimpleResourceRendererWithReadyMades.zip get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: com.sap.km.ui.renderer.SimpleResourceRendererWithReadyMades.zip -> 5C860165 -> CPO6VL~1.ZIP (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1884871340 dos_mode: ./Will_1800.zip dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./Will_1800.zip fname=Will_1800.zip get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: Will_1800.zip -> 3C7FC80F -> WGSB4L~R.ZIP (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 1949965962 dos_mode: ./NWDS70SP14 dos_mode_from_sbuf returning d dos_mode returning d fill_share_mode_lock failed get_lanman2_dir_entry: found ./NWDS70SP14 fname=NWDS70SP14 get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: NWDS70SP14 -> 6374AB40 -> NRLFOL~C (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 2015447994 dos_mode: ./MySapSsoSupport-0.5.tar.gz dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./MySapSsoSupport-0.5.tar.gz fname=MySapSsoSupport-0.5.tar.gz get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: MySapSsoSupport-0.5.tar.gz -> 47E0D024 -> MJXYYH~W.GZ (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 2103772880 dos_mode: ./gsu_domain.xml dos_mode_from_sbuf returning a dos_mode returning a fill_share_mode_lock failed get_lanman2_dir_entry: found ./gsu_domain.xml fname=gsu_domain.xml get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO hash2_name_to_8_3: gsu_domain.xml -> 39BAC2C7 -> GG0N6X~3.XML (cache=1) get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset 2147483647 dos_mode: ./pics dos_mode_from_sbuf returning d dos_mode returning d fill_share_mode_lock failed get_lanman2_dir_entry: found ./pics fname=pics get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO get_lanman2_dir_entry:readdir on dirptr 0xb8099148 now at offset -1 call_trans2findfirst - (2) closing dptr_num 256 closing dptr key 256 t2_rep: params_sent_thistime = 10, data_sent_thistime = 7552, useable_space = 16582 t2_rep: params_to_send = 10, data_to_send = 7552, paramsize = 10, datasize = 7552 size=7620 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=49153 smb_tid=1 smb_pid=2924 smb_uid=0 smb_mid=2496 smt_wct=10 smb_vwv[ 0]= 10 (0xA) smb_vwv[ 1]= 7552 (0x1D80) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 10 (0xA) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 7552 (0x1D80) smb_vwv[ 7]= 68 (0x44) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=7565 [000] 00 FD FF 34 00 01 00 00 00 18 1D 00 00 60 00 00 ...4.... .....`.. [010] 00 00 00 00 00 80 EF EE DA CA FE C8 01 00 73 21 ........ ......s! [020] AF 31 01 C9 01 80 EF EE DA CA FE C8 01 80 EF EE .1...... ........ [030] DA CA FE C8 01 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [040] 00 00 00 00 00 10 00 00 00 02 00 00 00 00 00 00 ........ ........ [050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [060] 00 00 00 00 00 00 00 00 00 00 00 2E 00 64 00 00 ........ .....d.. [070] 00 00 00 00 00 80 28 DB 15 DF F3 C8 01 80 AC 89 ......(. ........ [080] 2C 7A 00 C9 01 80 28 DB 15 DF F3 C8 01 80 28 DB ,z....(. ......(. [090] 15 DF F3 C8 01 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0A0] 00 00 00 00 00 10 00 00 00 04 00 00 00 00 00 00 ........ ........ [0B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0C0] 00 00 00 00 00 00 00 00 00 00 00 2E 00 2E 00 00 ........ ........ [0D0] 00 BC 00 00 00 00 00 00 00 80 C4 5E 3F ED 8D C8 ........ ...^?... [0E0] 01 80 7C D0 AB FA F3 C8 01 80 C4 5E 3F ED 8D C8 ..|..... ...^?... [0F0] 01 80 C4 5E 3F ED 8D C8 01 00 0A 0C 00 00 00 00 ...^?... ........ [100] 00 00 00 10 00 00 00 00 00 20 00 00 00 5C 00 00 ........ . ...\.. [110] 00 00 00 00 00 18 00 48 00 32 00 45 00 30 00 33 .......H .2.E.0.3 [120] 00 46 00 7E 00 4F 00 2E 00 44 00 4F 00 43 00 48 .F.~.O.. .D.O.C.H [130] 00 6F 00 77 00 20 00 74 00 6F 00 20 00 61 00 64 .o.w. .t .o. .a.d [140] 00 64 00 20 00 74 00 68 00 65 00 20 00 57 00 65 .d. .t.h .e. .W.e [150] 00 62 00 73 00 65 00 61 00 6C 00 50 00 72 00 6F .b.s.e.a .l.P.r.o [160] 00 74 00 65 00 63 00 74 00 6F 00 72 00 4C 00 6F .t.e.c.t .o.r.L.o [170] 00 67 00 69 00 6E 00 4D 00 6F 00 64 00 75 00 6C .g.i.n.M .o.d.u.l [180] 00 65 00 2E 00 64 00 6F 00 63 00 00 00 88 00 00 .e...d.o .c...... [190] 00 00 00 00 00 00 09 38 52 17 B4 C7 01 00 08 DC .......8 R....... [1A0] B9 31 01 C9 01 00 09 38 52 17 B4 C7 01 00 09 38 .1.....8 R......8 [1B0] 52 17 B4 C7 01 00 C0 29 00 00 00 00 00 00 00 30 R......) .......0 [1C0] 00 00 00 00 00 20 00 00 00 2A 00 00 00 00 00 00 ..... .. .*...... [1D0] 00 18 00 53 00 51 00 34 00 37 00 55 00 35 00 7E ...S.Q.4 .7.U.5.~ [1E0] 00 34 00 2E 00 45 00 58 00 45 00 53 00 41 00 50 .4...E.X .E.S.A.P [1F0] 00 43 00 41 00 52 00 5F 00 30 00 2D 00 31 00 30 .C.A.R._ .0.-.1.0 SMBtrans2 mask=* directory=./ dirtype=22 numentries=52 got smb length of 70 got message type 0x0 of len 0x46 Transaction 4 of length 74 (0 toread) size=70 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=2924 smb_uid=0 smb_mid=2560 smt_wct=15 smb_vwv[ 0]= 2 (0x2) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 560 (0x230) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 2 (0x2) smb_vwv[10]= 68 (0x44) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 3 (0x3) smb_bcc=5 [000] 00 00 00 02 01 ..... switch message SMBtrans2 (pid 4310) conn 0xb809dbc0 change_to_user: Skipping user change - already user call_trans2qfsinfo: level = 258 call_trans2qfsinfo : SMB_QUERY_FS_VOLUME_INFO namelen = 4, vol=dist serv=dist t2_rep: params_sent_thistime = 0, data_sent_thistime = 26, useable_space = 16584 t2_rep: params_to_send = 0, data_to_send = 26, paramsize = 0, datasize = 26 size=82 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=49153 smb_tid=1 smb_pid=2924 smb_uid=0 smb_mid=2560 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 26 (0x1A) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 26 (0x1A) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=27 [000] 00 00 00 00 00 00 00 00 00 DA 02 D8 9C 08 00 00 ........ ........ [010] 00 00 00 64 00 69 00 73 00 74 00 ...d.i.s .t. SMBtrans2 info_level = 258 got smb length of 70 got message type 0x0 of len 0x46 Transaction 5 of length 74 (0 toread) size=70 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=2924 smb_uid=0 smb_mid=2624 smt_wct=15 smb_vwv[ 0]= 2 (0x2) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 560 (0x230) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 2 (0x2) smb_vwv[10]= 68 (0x44) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 3 (0x3) smb_bcc=5 [000] 00 00 00 05 01 ..... switch message SMBtrans2 (pid 4310) conn 0xb809dbc0 change_to_user: Skipping user change - already user call_trans2qfsinfo: level = 261 t2_rep: params_sent_thistime = 0, data_sent_thistime = 20, useable_space = 16584 t2_rep: params_to_send = 0, data_to_send = 20, paramsize = 0, datasize = 20 size=76 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=49153 smb_tid=1 smb_pid=2924 smb_uid=0 smb_mid=2624 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 20 (0x14) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 20 (0x14) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=21 [000] 00 2F 00 01 00 FF 00 00 00 08 00 00 00 4E 00 54 ./...... .....N.T [010] 00 46 00 53 00 .F.S. SMBtrans2 info_level = 261 got smb length of 70 got message type 0x0 of len 0x46 Transaction 6 of length 74 (0 toread) size=70 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=2924 smb_uid=0 smb_mid=2688 smt_wct=15 smb_vwv[ 0]= 2 (0x2) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 560 (0x230) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 2 (0x2) smb_vwv[10]= 68 (0x44) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 3 (0x3) smb_bcc=5 [000] 00 00 00 05 01 ..... switch message SMBtrans2 (pid 4310) conn 0xb809dbc0 change_to_user: Skipping user change - already user call_trans2qfsinfo: level = 261 t2_rep: params_sent_thistime = 0, data_sent_thistime = 20, useable_space = 16584 t2_rep: params_to_send = 0, data_to_send = 20, paramsize = 0, datasize = 20 size=76 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=49153 smb_tid=1 smb_pid=2924 smb_uid=0 smb_mid=2688 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 20 (0x14) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 20 (0x14) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=21 [000] 00 2F 00 01 00 FF 00 00 00 08 00 00 00 4E 00 54 ./...... .....N.T [010] 00 46 00 53 00 .F.S. SMBtrans2 info_level = 261 got smb length of 306 got message type 0x0 of len 0x132 Transaction 7 of length 310 (0 toread) size=306 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=0 smb_pid=65279 smb_uid=0 smb_mid=2752 smt_wct=13 smb_vwv[ 0]= 117 (0x75) smb_vwv[ 1]= 186 (0xBA) smb_vwv[ 2]=16644 (0x4104) smb_vwv[ 3]= 50 (0x32) smb_vwv[ 4]= 1 (0x1) smb_vwv[ 5]= 4310 (0x10D6) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 1 (0x1) smb_vwv[ 8]= 1 (0x1) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 212 (0xD4) smb_vwv[12]= 0 (0x0) smb_bcc=125 [000] 00 00 00 57 00 45 00 47 00 53 00 43 00 44 00 00 ...W.E.G .S.C.D.. [010] 00 4E 00 41 00 00 00 57 00 69 00 6E 00 64 00 6F .N.A...W .i.n.d.o [020] 00 77 00 73 00 20 00 32 00 30 00 30 00 32 00 20 .w.s. .2 .0.0.2. [030] 00 53 00 65 00 72 00 76 00 69 00 63 00 65 00 20 .S.e.r.v .i.c.e. [040] 00 50 00 61 00 63 00 6B 00 20 00 32 00 20 00 32 .P.a.c.k . .2. .2 [050] 00 36 00 30 00 30 00 00 00 57 00 69 00 6E 00 64 .6.0.0.. .W.i.n.d [060] 00 6F 00 77 00 73 00 20 00 32 00 30 00 30 00 32 .o.w.s. .2.0.0.2 [070] 00 20 00 35 00 2E 00 31 00 00 00 00 00 . .5...1 ..... switch message SMBsesssetupX (pid 4310) conn 0x0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups change_to_root_user: now uid=(0,0) gid=(0,0) wct=13 flg2=0xc807 Domain=[NA] NativeOS=[Windows 2002 Service Pack 2 2600] NativeLanMan=[Windows 2002 5.1] PrimaryDomain=[] sesssetupX:name=[NA]\[WEGSCD]@[smbd] lp_file_list_changed() file /etc/samba/dhcp.conf -> /etc/samba/dhcp.conf last mod_time: Wed Jul 30 10:23:52 2008 file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Mon Aug 18 09:50:30 2008 Finding user WEGSCD Trying _Get_Pwnam(), username as lowercase is wegscd Get_Pwnam_internals did find user [WEGSCD]! Got anonymous request Making default auth method list for security=share, encrypt passwords = yes load_auth_module: Attempting to find an auth method to match guest load_auth_module: auth method guest has a valid init load_auth_module: Attempting to find an auth method to match sam load_auth_module: auth method sam has a valid init attempting to make a user_info for () making strings for 's user_info struct making blobs for 's user_info struct made an encrypted user_info for () check_ntlm_password: Checking password for unmapped user []\[]@[] with the new password interface check_ntlm_password: mapped user is: []\[]@[] check_ntlm_password: auth_context challenge created by fixed challenge is: [000] 00 00 00 00 00 00 00 00 ........ push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups account_policy_get: name: password history, val: 0 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 pdb_set_username: setting username nobody, was pdb_set_domain: setting domain UNLADEN-SWALLOW, was pdb_set_nt_username: setting nt username , was pdb_set_full_name: setting full name nobody, was pdb_set_homedir: setting home dir \\unladen-swallow\nobody\.9xprofile, was pdb_set_dir_drive: setting dir drive P:, was NULL pdb_set_logon_script: setting logon script , was pdb_set_profile_path: setting profile path \\unladen-swallow\profiles\.msprofile, was pdb_set_workstations: setting workstations , was push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups account_policy_get: name: password history, val: 0 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 pdb_set_user_sid: setting user sid S-1-5-21-3230811644-3697677438-2698030698-501 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3230811644-3697677438-2698030698-501 from rid 501 check_ntlm_password: guest authentication for user [] succeeded check_ntlm_password: guest authentication for user [] -> [] -> [nobody] succeeded attempting to free (and zero) a user_info structure structure was created for attempting to free (and zero) a user_info structure Create local NT token for S-1-5-21-3230811644-3697677438-2698030698-501 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-32-544 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-32-545 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 get_privileges: No privileges assigned to SID [S-1-5-21-3230811644-3697677438-2698030698-501] get_privileges_for_sids: sid = S-1-1-0 Privilege set: SE_PRIV 0x0 0x0 0x0 0x0 get_privileges: No privileges assigned to SID [S-1-5-2] get_privileges: No privileges assigned to SID [S-1-5-32-546] push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-1-0 Could not convert SID S-1-1-0 to gid, ignoring it push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-2 Could not convert SID S-1-5-2 to gid, ignoring it push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-32-546 Could not convert SID S-1-5-32-546 to gid, ignoring it NT user token of user S-1-5-21-3230811644-3697677438-2698030698-501 contains 4 SIDs SID[ 0]: S-1-5-21-3230811644-3697677438-2698030698-501 SID[ 1]: S-1-1-0 SID[ 2]: S-1-5-2 SID[ 3]: S-1-5-32-546 SE_PRIV 0x0 0x0 0x0 0x0 Chained message size=152 smb_com=0x75 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=0 smb_pid=65279 smb_uid=0 smb_mid=2752 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 306 (0x132) smb_vwv[ 2]= 8 (0x8) smb_vwv[ 3]= 24 (0x18) smb_bcc=109 [000] F8 C8 E1 AA E9 06 E8 C1 6E 47 DA C3 8E FA 48 94 ........ nG....H. [010] BE 2F B5 2E 5B 45 E0 9B 00 5C 00 5C 00 55 00 4E ./..[E.. .\.\.U.N [020] 00 4C 00 41 00 44 00 45 00 4E 00 2D 00 53 00 57 .L.A.D.E .N.-.S.W [030] 00 41 00 4C 00 4C 00 4F 00 57 00 2E 00 57 00 48 .A.L.L.O .W...W.H [040] 00 49 00 52 00 4C 00 50 00 4F 00 4F 00 4C 00 2E .I.R.L.P .O.O.L.. [050] 00 43 00 4F 00 4D 00 5C 00 57 00 45 00 47 00 53 .C.O.M.\ .W.E.G.S [060] 00 43 00 44 00 00 00 3F 3F 3F 3F 3F 00 .C.D...? ????. switch message SMBtconX (pid 4310) conn 0x0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups change_to_root_user: now uid=(0,0) gid=(0,0) Client requested device type [?????] for share [WEGSCD] lp_servicenumber: couldn't find wegscd Finding user wegscd Trying _Get_Pwnam(), username as lowercase is wegscd Get_Pwnam_internals did find user [wegscd]! checking for home directory wegscd gave /home/wegscd add_a_service: Creating snum = 9 for wegscd hash_a_service: hashing index 9 for service name wegscd adding home's share [wegscd] for user 'wegscd' at '/home/wegscd' making a connection to 'normal' service wegscd Finding user wegscd Trying _Get_Pwnam(), username as lowercase is wegscd Get_Pwnam_internals did find user [wegscd]! =============================================================== INTERNAL ERROR: Signal 11 in pid 4310 (3.2.1-0.1.126-1867-SUSE-SL11.0) Please read the Trouble-Shooting section of the Samba3-HOWTO From: http://www.samba.org/samba/docs/Samba3-HOWTO.pdf =============================================================== PANIC (pid 4310): internal error BACKTRACE: 18 stack frames: #0 smbd(log_stack_trace+0x2d) [0xb7d1cf3d] #1 smbd(smb_panic+0x2d) [0xb7d1d03d] #2 smbd [0xb7d05c86] #3 [0xffffe400] #4 smbd(str_list_substitute+0x13c) [0xb7d12c8c] #5 smbd [0xb7b0c8d6] #6 smbd(authorise_login+0xca) [0xb7b0caaa] #7 smbd [0xb7b78d6b] #8 smbd(make_connection+0x26c) [0xb7b79d2c] #9 smbd(reply_tcon_and_X+0x21b) [0xb7b3051b] #10 smbd [0xb7b73137] #11 smbd(chain_reply+0x226) [0xb7b75d76] #12 smbd(reply_sesssetup_and_X+0xcef) [0xb7b3c8df] #13 smbd [0xb7b73137] #14 smbd(smbd_process+0x2b2) [0xb7b75722] #15 smbd(main+0x1052) [0xb7f5db62] #16 /lib/libc.so.6(__libc_start_main+0xe5) [0xb752c5f5] #17 smbd [0xb7af0dd1] dumping core in /var/log/samba/cores/smbd