ist-dc1:~# smbd -i -d 10 Maximum core file size limits now 16777216(soft) -1(hard) get_current_groups: user is in 3 groups: 0, 10001, 20007 smbd version 3.3.4 started. Copyright Andrew Tridgell and the Samba Team 1992-2009 uid=0 gid=0 euid=0 egid=0 Build environment: Built by: root@ist-dc1 Built on: Tue May 12 09:25:46 NZST 2009 Built using: gcc Build host: Linux ist-dc1 2.6.18-5-686 #1 SMP Tue Dec 18 21:24:20 UTC 2007 i686 GNU/Linux SRCDIR: /root/samba-3.3.4/source BUILDDIR: /root/samba-3.3.4/source Paths: SBINDIR: /usr/local/samba/sbin BINDIR: /usr/local/samba/bin SWATDIR: /usr/local/samba/swat CONFIGFILE: /usr/local/samba/lib/smb.conf LOGFILEBASE: /usr/local/samba/var LMHOSTSFILE: /usr/local/samba/lib/lmhosts LIBDIR: /usr/local/samba/lib MODULESDIR: /usr/local/samba/lib SHLIBEXT: so LOCKDIR: /usr/local/samba/var/locks PIDDIR: /usr/local/samba/var/locks SMB_PASSWD_FILE: /usr/local/samba/private/smbpasswd PRIVATE_DIR: /usr/local/samba/private System Headers: HAVE_SYS_CDEFS_H HAVE_SYS_FCNTL_H HAVE_SYS_IOCTL_H HAVE_SYS_IPC_H HAVE_SYS_MMAN_H HAVE_SYS_MOUNT_H HAVE_SYS_PARAM_H HAVE_SYS_PRCTL_H HAVE_SYS_QUOTA_H HAVE_SYS_RESOURCE_H HAVE_SYS_SELECT_H HAVE_SYS_SHM_H HAVE_SYS_SOCKET_H HAVE_SYS_STATFS_H HAVE_SYS_STATVFS_H HAVE_SYS_STAT_H HAVE_SYS_SYSCALL_H HAVE_SYS_SYSLOG_H HAVE_SYS_SYSMACROS_H HAVE_SYS_TIME_H HAVE_SYS_TYPES_H HAVE_SYS_UIO_H HAVE_SYS_UNISTD_H HAVE_SYS_UN_H HAVE_SYS_VFS_H HAVE_SYS_WAIT_H HAVE_SYS_XATTR_H Headers: HAVE_AIO_H HAVE_ALLOCA_H HAVE_ARPA_INET_H HAVE_ASM_TYPES_H HAVE_ASM_UNISTD_H HAVE_CTYPE_H HAVE_CUPS_CUPS_H HAVE_CUPS_LANGUAGE_H HAVE_DIRENT_H HAVE_DLFCN_H HAVE_EXECINFO_H HAVE_FCNTL_H HAVE_FLOAT_H HAVE_FNMATCH_H HAVE_GLOB_H HAVE_GRP_H HAVE_IFADDRS_H HAVE_LANGINFO_H HAVE_LASTLOG_H HAVE_LBER_H HAVE_LDAP_H HAVE_LIBINTL_H HAVE_LIMITS_H HAVE_LINUX_DQBLK_XFS_H HAVE_LINUX_INOTIFY_H HAVE_LOCALE_H HAVE_MEMORY_H HAVE_MNTENT_H HAVE_NETDB_H HAVE_NETINET_IN_H HAVE_NETINET_IN_SYSTM_H HAVE_NETINET_IP_H HAVE_NETINET_TCP_H HAVE_NET_IF_H HAVE_NSS_H HAVE_PTHREAD_H HAVE_PWD_H HAVE_RPCSVC_NIS_H HAVE_RPCSVC_YPCLNT_H HAVE_RPCSVC_YP_PROT_H HAVE_RPC_RPC_H HAVE_SECURITY_PAM_APPL_H HAVE_SECURITY_PAM_MODULES_H HAVE_SECURITY__PAM_MACROS_H HAVE_SETJMP_H HAVE_SHADOW_H HAVE_STDARG_H HAVE_STDBOOL_H HAVE_STDINT_H HAVE_STDIO_H HAVE_STDLIB_H HAVE_STRINGS_H HAVE_STRING_H HAVE_STROPTS_H HAVE_SYSCALL_H HAVE_SYSLOG_H HAVE_TERMIOS_H HAVE_TERMIO_H HAVE_TIME_H HAVE_UNISTD_H HAVE_UTIME_H HAVE_VALGRIND_MEMCHECK_H HAVE_VALGRIND_VALGRIND_H UTMP Options: HAVE_GETUTMPX HAVE_UTMPX_H HAVE_UTMP_H HAVE_UT_UT_ADDR HAVE_UT_UT_ADDR_V6 HAVE_UT_UT_EXIT HAVE_UT_UT_HOST HAVE_UT_UT_ID HAVE_UT_UT_NAME HAVE_UT_UT_PID HAVE_UT_UT_TIME HAVE_UT_UT_TV HAVE_UT_UT_TYPE HAVE_UT_UT_USER PUTUTLINE_RETURNS_UTMP WITH_UTMP HAVE_* Defines: HAVE_ASPRINTF HAVE_ATEXIT HAVE_BACKTRACE_SYMBOLS HAVE_BER_SCANF HAVE_BER_SOCKBUF_ADD_IO HAVE_BOOL HAVE_BZERO HAVE_C99_VSNPRINTF HAVE_CHMOD HAVE_CHOWN HAVE_CHROOT HAVE_COMPARISON_FN_T HAVE_COMPILER_WILL_OPTIMIZE_OUT_FNS HAVE_CONNECT HAVE_CREAT64 HAVE_CRYPT HAVE_CUPS HAVE_DECL_ASPRINTF HAVE_DECL_RL_EVENT_HOOK HAVE_DECL_SNPRINTF HAVE_DECL_VASPRINTF HAVE_DECL_VSNPRINTF HAVE_DEVICE_MAJOR_FN HAVE_DEVICE_MINOR_FN HAVE_DGETTEXT HAVE_DIRENT_D_OFF HAVE_DIRFD HAVE_DLCLOSE HAVE_DLERROR HAVE_DLOPEN HAVE_DLSYM HAVE_DUP2 HAVE_ENDMNTENT HAVE_ENDNETGRENT HAVE_ERRNO_DECL HAVE_EXECL HAVE_EXPLICIT_LARGEFILE_SUPPORT HAVE_FCHMOD HAVE_FCHOWN HAVE_FCNTL_LOCK HAVE_FCVT HAVE_FDATASYNC HAVE_FGETXATTR HAVE_FLISTXATTR HAVE_FOPEN64 HAVE_FREEADDRINFO HAVE_FREEIFADDRS HAVE_FREMOVEXATTR HAVE_FRSIZE HAVE_FSEEKO64 HAVE_FSETXATTR HAVE_FSID_INT HAVE_FSTAT HAVE_FSTAT64 HAVE_FSYNC HAVE_FTELLO64 HAVE_FTRUNCATE HAVE_FTRUNCATE64 HAVE_FTRUNCATE_EXTEND HAVE_FUNCTION_MACRO HAVE_GAI_STRERROR HAVE_GETADDRINFO HAVE_GETCWD HAVE_GETDIRENTRIES HAVE_GETGRENT HAVE_GETGRENT_R HAVE_GETGRENT_R_DECL HAVE_GETGRGID_R HAVE_GETGRNAM HAVE_GETGRNAM_R HAVE_GETHOSTBYNAME HAVE_GETIFADDRS HAVE_GETMNTENT HAVE_GETNAMEINFO HAVE_GETNETGRENT HAVE_GETPAGESIZE HAVE_GETPGRP HAVE_GETPWENT_R HAVE_GETPWENT_R_DECL HAVE_GETPWNAM_R HAVE_GETPWUID_R HAVE_GETRLIMIT HAVE_GETSPNAM HAVE_GETTEXT HAVE_GETTIMEOFDAY_TZ HAVE_GETXATTR HAVE_GLOB HAVE_GRANTPT HAVE_HSTRERROR HAVE_ICONV HAVE_IFACE_GETIFADDRS HAVE_IF_NAMETOINDEX HAVE_IMMEDIATE_STRUCTURES HAVE_INET_ATON HAVE_INET_NTOA HAVE_INET_NTOP HAVE_INET_PTON HAVE_INITGROUPS HAVE_INNETGR HAVE_IPRINT HAVE_IPV6 HAVE_ISATTY HAVE_KERNEL_CHANGE_NOTIFY HAVE_KERNEL_OPLOCKS_LINUX HAVE_KERNEL_SHARE_MODES HAVE_LBER_LOG_PRINT_FN HAVE_LCHOWN HAVE_LDAP HAVE_LDAP_ADD_RESULT_ENTRY HAVE_LDAP_INIT HAVE_LDAP_INITIALIZE HAVE_LDAP_SET_REBIND_PROC HAVE_LGETXATTR HAVE_LIBLBER HAVE_LIBLDAP HAVE_LIBPAM HAVE_LIBRESOLV HAVE_LINK HAVE_LINUX_READAHEAD HAVE_LINUX_XFS_QUOTAS HAVE_LISTXATTR HAVE_LLISTXATTR HAVE_LLSEEK HAVE_LONGLONG HAVE_LONG_LONG HAVE_LREMOVEXATTR HAVE_LSEEK64 HAVE_LSETXATTR HAVE_LSTAT HAVE_LSTAT64 HAVE_MAKEDEV HAVE_MEMALIGN HAVE_MEMCPY HAVE_MEMMOVE HAVE_MEMSET HAVE_MKDIR_MODE HAVE_MKDTEMP HAVE_MKNOD HAVE_MKTIME HAVE_MLOCK HAVE_MLOCKALL HAVE_MMAP HAVE_MSGHDR_MSG_CONTROL HAVE_MUNLOCK HAVE_MUNLOCKALL HAVE_NANOSLEEP HAVE_NATIVE_ICONV HAVE_NL_LANGINFO HAVE_NO_ACLS HAVE_NO_AIO HAVE_OPEN64 HAVE_PAM_GET_DATA HAVE_PATHCONF HAVE_PEERCRED HAVE_PIPE HAVE_POLL HAVE_POSIX_FADVISE HAVE_POSIX_MEMALIGN HAVE_PRCTL HAVE_PREAD HAVE_PREAD64 HAVE_PRINTF HAVE_PTHREAD HAVE_PUTUTLINE HAVE_PUTUTXLINE HAVE_PWRITE HAVE_PWRITE64 HAVE_QUOTACTL_LINUX HAVE_RAND HAVE_RANDOM HAVE_READAHEAD_DECL HAVE_READDIR64 HAVE_READLINK HAVE_REALPATH HAVE_REMOVEXATTR HAVE_RENAME HAVE_SA_FAMILY_T HAVE_SECURE_MKSTEMP HAVE_SELECT HAVE_SENDFILE64 HAVE_SETBUFFER HAVE_SETEGID HAVE_SETENV HAVE_SETENV_DECL HAVE_SETEUID HAVE_SETGROUPS HAVE_SETLINEBUF HAVE_SETLOCALE HAVE_SETMNTENT HAVE_SETNETGRENT HAVE_SETPGID HAVE_SETRESGID HAVE_SETRESGID_DECL HAVE_SETRESUID HAVE_SETRESUID_DECL HAVE_SETSID HAVE_SETXATTR HAVE_SHMGET HAVE_SIGACTION HAVE_SIGBLOCK HAVE_SIGPROCMASK HAVE_SIGSET HAVE_SIG_ATOMIC_T_TYPE HAVE_SNPRINTF HAVE_SOCKETPAIR HAVE_SOCKLEN_T HAVE_SRAND HAVE_SRANDOM HAVE_SS_FAMILY HAVE_STAT64 HAVE_STATVFS_F_FLAG HAVE_STAT_HIRES_TIMESTAMPS HAVE_STAT_ST_ATIM HAVE_STAT_ST_BLKSIZE HAVE_STAT_ST_BLOCKS HAVE_STAT_ST_CTIM HAVE_STAT_ST_MTIM HAVE_STRCASECMP HAVE_STRCASESTR HAVE_STRCHR HAVE_STRDUP HAVE_STRERROR HAVE_STRFTIME HAVE_STRNDUP HAVE_STRNLEN HAVE_STRPBRK HAVE_STRSIGNAL HAVE_STRTOK_R HAVE_STRTOL HAVE_STRTOLL HAVE_STRTOQ HAVE_STRTOUL HAVE_STRTOULL HAVE_STRTOUQ HAVE_STRUCT_ADDRINFO HAVE_STRUCT_DIRENT64 HAVE_STRUCT_FLOCK64 HAVE_STRUCT_IFADDRS HAVE_STRUCT_SIGEVENT HAVE_STRUCT_SIGEVENT_SIGEV_VALUE_SIVAL_PTR HAVE_STRUCT_SOCKADDR HAVE_STRUCT_SOCKADDR_IN6 HAVE_STRUCT_SOCKADDR_STORAGE HAVE_STRUCT_STAT_ST_RDEV HAVE_STRUCT_TIMESPEC HAVE_ST_RDEV HAVE_SYMLINK HAVE_SYSCONF HAVE_SYSLOG HAVE_SYS_QUOTAS HAVE_TIMEGM HAVE_UNIXSOCKET HAVE_UNSETENV HAVE_UPDWTMP HAVE_UPDWTMPX HAVE_USLEEP HAVE_UTIMBUF HAVE_UTIME HAVE_UTIMES HAVE_VASPRINTF HAVE_VA_COPY HAVE_VOLATILE HAVE_VSNPRINTF HAVE_VSYSLOG HAVE_WAITPID HAVE_XFS_QUOTAS HAVE_YP_GET_DEFAULT_DOMAIN HAVE__Bool HAVE__VA_ARGS__MACRO HAVE___CLOSE HAVE___DUP2 HAVE___FCNTL HAVE___FORK HAVE___FSTAT HAVE___FXSTAT HAVE___LSEEK HAVE___LSTAT HAVE___LXSTAT HAVE___NR_INOTIFY_INIT_DECL HAVE___OPEN HAVE___OPEN64 HAVE___PREAD64 HAVE___PWRITE64 HAVE___READ HAVE___STAT HAVE___WRITE HAVE___XSTAT --with Options: WITH_CIFSMOUNT WITH_PAM WITH_PAM_MODULES WITH_QUOTAS WITH_SENDFILE WITH_UTMP WITH_WINBIND Build Options: BROKEN_NISPLUS_INCLUDE_FILES COMPILER_SUPPORTS_LL CONFIG_H_IS_FROM_SAMBA DEFAULT_DISPLAY_CHARSET DEFAULT_DOS_CHARSET DEFAULT_UNIX_CHARSET LDAP_SET_REBIND_PROC_ARGS LIBREPLACE_NETWORK_CHECKS LINUX LINUX_SENDFILE_API PACKAGE_BUGREPORT PACKAGE_NAME PACKAGE_STRING PACKAGE_TARNAME PACKAGE_VERSION REALPATH_TAKES_NULL REPLACE_GETPASS RETSIGTYPE SEEKDIR_RETURNS_VOID SHLIBEXT SIZEOF_CHAR SIZEOF_DEV_T SIZEOF_INO_T SIZEOF_INT SIZEOF_LONG_LONG SIZEOF_OFF_T SIZEOF_SHORT SIZEOF_SIZE_T SIZEOF_SSIZE_T SIZEOF_VOID_P STAT_STATVFS64 STAT_ST_BLOCKSIZE STDC_HEADERS STRING_STATIC_MODULES SYSCONF_SC_NGROUPS_MAX SYSCONF_SC_NPROCESSORS_ONLN SYSCONF_SC_PAGESIZE SYSLOG_FACILITY TIME_WITH_SYS_TIME USE_SETREUID WITH_CIFSMOUNT WITH_PAM WITH_PAM_MODULES WITH_QUOTAS WITH_SENDFILE WITH_WINBIND _FILE_OFFSET_BITS _GNU_SOURCE _LARGEFILE64_SOURCE _POSIX_C_SOURCE _POSIX_SOURCE auth_script_init charset_CP437_init charset_CP850_init offset_t static_decl_auth static_decl_charset static_decl_gpext static_decl_idmap static_decl_nss_info static_decl_pdb static_decl_rpc static_decl_vfs static_init_auth static_init_charset static_init_gpext static_init_idmap static_init_nss_info static_init_pdb static_init_rpc static_init_vfs uint_t vfs_acl_tdb_init vfs_acl_xattr_init vfs_audit_init vfs_cap_init vfs_default_quota_init vfs_dirsort_init vfs_expand_msdfs_init vfs_extd_audit_init vfs_fake_perms_init vfs_fileid_init vfs_full_audit_init vfs_netatalk_init vfs_preopen_init vfs_readahead_init vfs_readonly_init vfs_recycle_init vfs_shadow_copy2_init vfs_shadow_copy_init vfs_smb_traffic_analyzer_init vfs_streams_depot_init vfs_streams_xattr_init vfs_syncops_init vfs_xattr_tdb_init Type sizes: sizeof(char): 1 sizeof(int): 4 sizeof(long): 4 sizeof(long long): 8 sizeof(uint8): 1 sizeof(uint16): 2 sizeof(uint32): 4 sizeof(short): 2 sizeof(void*): 4 sizeof(size_t): 4 sizeof(off_t): 8 sizeof(ino_t): 8 sizeof(dev_t): 8 Builtin modules: pdb_ldap pdb_smbpasswd pdb_tdbsam rpc_lsarpc rpc_winreg rpc_initshutdown rpc_dssetup rpc_wkssvc rpc_svcctl2 rpc_ntsvcs2 rpc_netlogon rpc_netdfs rpc_srvsvc rpc_spoolss rpc_eventlog2 rpc_samr idmap_ldap idmap_tdb idmap_passdb idmap_nss nss_info_template auth_sam auth_unix auth_winbind auth_server auth_domain auth_builtin vfs_default lp_load_ex: refreshing parameters Initialising global parameters params.c:pm_process() - Processing configuration file "/usr/local/samba/lib/smb.conf" Processing section "[global]" doing parameter workgroup = IST doing parameter server string = %h server (Samba %v) doing parameter wins support = no doing parameter wins server = 130.123.128.14 doing parameter name resolve order = wins host bcast lmhosts doing parameter log file = /var/log/samba/log.%m doing parameter syslog only = no doing parameter debug level = 0 doing parameter panic action = /usr/share/samba/panic-action %d doing parameter security = user doing parameter encrypt passwords = true doing parameter passdb backend = ldapsam:ldap://127.0.0.1 doing parameter ldap ssl = off doing parameter ldap suffix = dc=ist,dc=massey,dc=ac,dc=nz doing parameter ldap user suffix = ou=users doing parameter ldap group suffix = ou=groups doing parameter ldap machine suffix = ou=machines doing parameter ldap idmap suffix = ou=idmap doing parameter idmap backend = ldap:ldap://127.0.0.1 doing parameter ldap admin dn = cn=admin,dc=ist,dc=massey,dc=ac,dc=nz doing parameter ldap delete dn = no doing parameter ldap password sync = yes doing parameter smb ports = 139 doing parameter domain master = yes doing parameter domain logons = yes doing parameter enable privileges = yes doing parameter obey pam restrictions = yes doing parameter deadtime = 60 doing parameter lanman auth = no doing parameter client lanman auth = no doing parameter load printers = yes doing parameter printing = cups doing parameter printcap name = cups doing parameter oplocks = no doing parameter level2 oplocks = no doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 SO_BROADCAST doing parameter idmap uid = 10000-29000 doing parameter idmap gid = 10000-29000 doing parameter winbind enum users = no doing parameter winbind enum groups = no doing parameter logon path = doing parameter logon drive = doing parameter logon home = doing parameter logon script = netlogon.bat doing parameter add machine script = /usr/local/smbldaptools/smbldap-useradd -w "%u" doing parameter add group script = /usr/local/smbldaptools/smbldap-groupadd -p "%g" doing parameter add user script = /usr/local/smbldaptools/smbldap-useradd -m "%u" doing parameter delete user script = /usr/local/smbldaptools/smbldap-userdel "%u" doing parameter delete group script = /usr/local/smbldaptools/smbldap-groupdel "%g" doing parameter add user to group script = /usr/local/smbldaptools/smbldap-groupmod -m "%u" "%g" doing parameter delete user from group script = /usr/local/smbldaptools/smbldap-groupmod -x "%u" "%g" doing parameter set primary group script = /usr/local/smbldaptools/smbldap-usermod -g "%g" "%u" doing parameter msdfs root = No doing parameter host msdfs = No pm_process() returned Yes lp_servicenumber: couldn't find homes set_server_role: role = ROLE_DOMAIN_PDC Attempting to register new charset UCS-2LE Registered charset UCS-2LE Attempting to register new charset UTF-16LE Registered charset UTF-16LE Attempting to register new charset UCS-2BE Registered charset UCS-2BE Attempting to register new charset UTF-16BE Registered charset UTF-16BE Attempting to register new charset UTF8 Registered charset UTF8 Attempting to register new charset UTF-8 Registered charset UTF-8 Attempting to register new charset ASCII Registered charset ASCII Attempting to register new charset 646 Registered charset 646 Attempting to register new charset ISO-8859-1 Registered charset ISO-8859-1 Attempting to register new charset UCS2-HEX Registered charset UCS2-HEX Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Registered MSG_REQ_POOL_USAGE Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED lp_load_ex: refreshing parameters Initialising global parameters params.c:pm_process() - Processing configuration file "/usr/local/samba/lib/smb.conf" Processing section "[global]" doing parameter workgroup = IST doing parameter server string = %h server (Samba %v) doing parameter wins support = no doing parameter wins server = 130.123.128.14 doing parameter name resolve order = wins host bcast lmhosts doing parameter log file = /var/log/samba/log.%m doing parameter syslog only = no doing parameter debug level = 0 doing parameter panic action = /usr/share/samba/panic-action %d doing parameter security = user doing parameter encrypt passwords = true doing parameter passdb backend = ldapsam:ldap://127.0.0.1 doing parameter ldap ssl = off doing parameter ldap suffix = dc=ist,dc=massey,dc=ac,dc=nz doing parameter ldap user suffix = ou=users doing parameter ldap group suffix = ou=groups doing parameter ldap machine suffix = ou=machines doing parameter ldap idmap suffix = ou=idmap doing parameter idmap backend = ldap:ldap://127.0.0.1 doing parameter ldap admin dn = cn=admin,dc=ist,dc=massey,dc=ac,dc=nz doing parameter ldap delete dn = no doing parameter ldap password sync = yes doing parameter smb ports = 139 doing parameter domain master = yes doing parameter domain logons = yes doing parameter enable privileges = yes doing parameter obey pam restrictions = yes doing parameter deadtime = 60 doing parameter lanman auth = no doing parameter client lanman auth = no doing parameter load printers = yes doing parameter printing = cups doing parameter printcap name = cups doing parameter oplocks = no doing parameter level2 oplocks = no doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 SO_BROADCAST doing parameter idmap uid = 10000-29000 doing parameter idmap gid = 10000-29000 doing parameter winbind enum users = no doing parameter winbind enum groups = no doing parameter logon path = doing parameter logon drive = doing parameter logon home = doing parameter logon script = netlogon.bat doing parameter add machine script = /usr/local/smbldaptools/smbldap-useradd -w "%u" doing parameter add group script = /usr/local/smbldaptools/smbldap-groupadd -p "%g" doing parameter add user script = /usr/local/smbldaptools/smbldap-useradd -m "%u" doing parameter delete user script = /usr/local/smbldaptools/smbldap-userdel "%u" doing parameter delete group script = /usr/local/smbldaptools/smbldap-groupdel "%g" doing parameter add user to group script = /usr/local/smbldaptools/smbldap-groupmod -m "%u" "%g" doing parameter delete user from group script = /usr/local/smbldaptools/smbldap-groupmod -x "%u" "%g" doing parameter set primary group script = /usr/local/smbldaptools/smbldap-usermod -g "%g" "%u" doing parameter msdfs root = No doing parameter host msdfs = No Processing section "[netlogon]" add_a_service: Creating snum = 0 for netlogon hash_a_service: creating servicehash hash_a_service: hashing index 0 for service name netlogon doing parameter comment = Network Logon Service doing parameter browseable = no doing parameter path = /home/samba/netlogon doing parameter guest ok = no doing parameter create mode = 0775 doing parameter directory mask = 0775 doing parameter write list = administrator, MASSEY\kamercer, MASSEY\trodea, MASSEY\lmlightb, MASSEY\parobert, MASSEY\prynhart, MASSEY\cplaw doing parameter force user = root doing parameter force group = ist-support Processing section "[remoteInstall]" add_a_service: Creating snum = 1 for remoteInstall hash_a_service: hashing index 1 for service name remoteInstall doing parameter comment = Remote Install doing parameter browseable = no doing parameter path = /home/samba/remoteInstall doing parameter guest ok = no doing parameter write list = administrator, MASSEY\kamercer, MASSEY\trodea, MASSEY\lmlightb, MASSEY\parobert, MASSEY\prynhart, MASSEY\cplaw Processing section "[auditing]" add_a_service: Creating snum = 2 for auditing hash_a_service: hashing index 2 for service name auditing doing parameter comment = Network Logon Service doing parameter browseable = no doing parameter path = /home/samba/auditing doing parameter guest ok = no doing parameter write list = administrator, MASSEY\kamercer, MASSEY\trodea, MASSEY\lmlightb, MASSEY\parobert, MASSEY\prynhart, MASSEY\cplaw Processing section "[dev]" add_a_service: Creating snum = 3 for dev hash_a_service: hashing index 3 for service name dev doing parameter comment = dev doing parameter browseable = no doing parameter path = /tmp doing parameter guest ok = no doing parameter writable = yes Processing section "[drivers]" add_a_service: Creating snum = 4 for drivers hash_a_service: hashing index 4 for service name drivers doing parameter comment = Printer drivers doing parameter browseable = yes doing parameter path = /home/samba/drivers doing parameter guest ok = no doing parameter write list = administrator, MASSEY\kamercer, MASSEY\trodea, MASSEY\lmlightb, MASSEY\parobert, MASSEY\prynhart, MASSEY\cplaw Processing section "[printers]" add_a_service: Creating snum = 5 for printers hash_a_service: hashing index 5 for service name printers doing parameter comment = All Printers doing parameter browseable = no doing parameter path = /tmp doing parameter printable = yes doing parameter public = no doing parameter writable = no doing parameter create mode = 0500 Processing section "[print$]" add_a_service: Creating snum = 6 for print$ hash_a_service: hashing index 6 for service name print$ doing parameter comment = Printer Drivers doing parameter path = /var/lib/samba/printers doing parameter browseable = yes doing parameter writable = no doing parameter write list = administrator, MASSEY\kamercer, MASSEY\trodea, MASSEY\lmlightb, MASSEY\parobert, MASSEY\prynhart, MASSEY\cplaw doing parameter guest ok = no doing parameter public = no doing parameter write list = bca, @ntadmin pm_process() returned Yes lp_servicenumber: couldn't find homes add_a_service: Creating snum = 7 for IPC$ hash_a_service: hashing index 7 for service name IPC$ adding IPC service set_server_role: role = ROLE_DOMAIN_PDC Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE reloading printcap cache cups_pcap_load_async: asynchronously loading cups printers reloading cups printcap cache connecting to cups server localhost:631 cups_pcap_load_async: child pid = 17731 cups_cache_reload: sync read on fd 5 cups_async_callback: callback received for printer data. fd = 5 Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE reload status: ok lp_servicenumber: couldn't find it029227-ps add_a_service: Creating snum = 8 for it029227-ps hash_a_service: hashing index 8 for service name it029227-ps adding printer service it029227-ps lp_servicenumber: couldn't find it029227-pcl6 add_a_service: Creating snum = 9 for it029227-pcl6 hash_a_service: hashing index 9 for service name it029227-pcl6 adding printer service it029227-pcl6 lp_servicenumber: couldn't find it022106-ps add_a_service: Creating snum = 10 for it022106-ps hash_a_service: hashing index 10 for service name it022106-ps adding printer service it022106-ps lp_servicenumber: couldn't find it022106-pcl6 add_a_service: Creating snum = 11 for it022106-pcl6 hash_a_service: hashing index 11 for service name it022106-pcl6 adding printer service it022106-pcl6 lp_servicenumber: couldn't find it019896-ps add_a_service: Creating snum = 12 for it019896-ps hash_a_service: hashing index 12 for service name it019896-ps adding printer service it019896-ps lp_servicenumber: couldn't find it019896-pcl6 add_a_service: Creating snum = 13 for it019896-pcl6 hash_a_service: hashing index 13 for service name it019896-pcl6 adding printer service it019896-pcl6 lp_servicenumber: couldn't find it019895-ps add_a_service: Creating snum = 14 for it019895-ps hash_a_service: hashing index 14 for service name it019895-ps adding printer service it019895-ps lp_servicenumber: couldn't find it019774-ps add_a_service: Creating snum = 15 for it019774-ps hash_a_service: hashing index 15 for service name it019774-ps adding printer service it019774-ps lp_servicenumber: couldn't find it019774-pcl6 add_a_service: Creating snum = 16 for it019774-pcl6 hash_a_service: hashing index 16 for service name it019774-pcl6 adding printer service it019774-pcl6 lp_servicenumber: couldn't find it014621-ps add_a_service: Creating snum = 17 for it014621-ps hash_a_service: hashing index 17 for service name it014621-ps adding printer service it014621-ps lp_servicenumber: couldn't find it014621-pcl6 add_a_service: Creating snum = 18 for it014621-pcl6 hash_a_service: hashing index 18 for service name it014621-pcl6 adding printer service it014621-pcl6 lp_file_list_changed() file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf last mod_time: Tue May 12 09:31:56 2009 added interface eth0 ip=fe80::250:56ff:fe00:e2f9%eth0 bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff:: added interface eth0 ip=130.123.179.155 bcast=130.123.179.255 netmask=255.255.255.0 Netbios name list:- my_netbios_names[0]="IST-DC1" loaded services fcntl_lock fd=6 op=13 offset=0 count=1 type=1 fcntl_lock: Lock call successful Attempting to register passdb backend ldapsam Successfully added passdb backend 'ldapsam' Attempting to register passdb backend ldapsam_compat Successfully added passdb backend 'ldapsam_compat' Attempting to register passdb backend NDS_ldapsam Successfully added passdb backend 'NDS_ldapsam' Attempting to register passdb backend NDS_ldapsam_compat Successfully added passdb backend 'NDS_ldapsam_compat' Attempting to register passdb backend smbpasswd Successfully added passdb backend 'smbpasswd' Attempting to register passdb backend tdbsam Successfully added passdb backend 'tdbsam' Attempting to find a passdb backend to match ldapsam:ldap://127.0.0.1 (ldapsam) Found pdb backend ldapsam smbldap_search_domain_info: Searching for:[(&(objectClass=sambaDomain)(sambaDomainName=IST))] smbldap_search_ext: base => [dc=ist,dc=massey,dc=ac,dc=nz], filter => [(&(objectClass=sambaDomain)(sambaDomainName=IST))], scope => [2] Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE Substituting charset 'ISO-8859-1' for LOCALE The connection to the LDAP server was closed smb_ldap_setup_connection: ldap://127.0.0.1 smbldap_open_connection: connection opened ldap_connect_system: Binding to ldap server ldap://127.0.0.1 as "cn=admin,dc=ist,dc=massey,dc=ac,dc=nz" ldap_connect_system: successful connection to the LDAP server ldap_connect_system: LDAP server does support paged results Added timed event "smbldap_idle_fn": 806532b8 The LDAP server is successfully connected pdb backend ldapsam:ldap://127.0.0.1 has a valid init Opening cache file at /usr/local/samba/var/locks/gencache.tdb namecache_enable: enabling netbios namecache, timeout 660 seconds reghook_cache_init: new tree with default ops 0x805f18a0 for key [] regdb_fetch_values: Looking for value of key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports] specific: [Samba Printer Port], len: 2 regdb_fetch_values: Looking for value of key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers] specific: [DefaultSpoolDirectory], len: 70 regdb_fetch_values: Looking for value of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] specific: [DisplayName], len: 20 specific: [ErrorControl], len: 4 regdb_fetch_values: Looking for value of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] specific: [DisplayName], len: 20 specific: [ErrorControl], len: 4 reghook_cache_add: Adding ops 0x805f1a20 for key [/HKLM/SYSTEM/CurrentControlSet/Control/Print] pathtree_add: Enter pathtree_add: Successfully added node [HKLM/SYSTEM/CurrentControlSet/Control/Print] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0x805f1a20 for key [/HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Print/Printers] pathtree_add: Enter pathtree_add: Successfully added node [HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Print/Printers] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0x805f1a20 for key [/HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Ports] pathtree_add: Enter pathtree_add: Successfully added node [HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Ports] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0x805f1a60 for key [/HKLM/SYSTEM/CurrentControlSet/Services/LanmanServer/Shares] pathtree_add: Enter pathtree_add: Successfully added node [HKLM/SYSTEM/CurrentControlSet/Services/LanmanServer/Shares] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0x805f1940 for key [/HKLM/SOFTWARE/Samba/smbconf] pathtree_add: Enter pathtree_add: Successfully added node [HKLM/SOFTWARE/Samba/smbconf] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0x805f1aa0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/Netlogon/Parameters] pathtree_add: Enter pathtree_add: Successfully added node [HKLM/SYSTEM/CurrentControlSet/Services/Netlogon/Parameters] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0x805f1ae0 for key [/HKLM/SYSTEM/CurrentControlSet/Control/ProductOptions] pathtree_add: Enter pathtree_add: Successfully added node [HKLM/SYSTEM/CurrentControlSet/Control/ProductOptions] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0x805f1b20 for key [/HKLM/SYSTEM/CurrentControlSet/Services/Tcpip/Parameters] pathtree_add: Enter pathtree_add: Successfully added node [HKLM/SYSTEM/CurrentControlSet/Services/Tcpip/Parameters] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0x805f1b60 for key [/HKPT] pathtree_add: Enter pathtree_add: Successfully added node [HKPT] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0x805f1ba0 for key [/HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion] pathtree_add: Enter pathtree_add: Successfully added node [HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0x805f1be0 for key [/HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Perflib] pathtree_add: Enter pathtree_add: Successfully added node [HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Perflib] to tree pathtree_add: Exit Returning valid cache entry: key = IDMAP/UID2SID/0, value = -, timeout = Thu May 14 16:06:33 2009 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 push_conn_ctx(0) : conn_ctx_stack_ndx = 1 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups smbldap_search_ext: base => [dc=ist,dc=massey,dc=ac,dc=nz], filter => [(&(uid=root)(objectclass=sambaSamAccount))], scope => [2] init_sam_from_ldap: Entry found for user: root pdb_set_username: setting username root, was pdb_set_domain: setting domain IST, was pdb_set_nt_username: setting nt username root, was pdb_set_user_sid_from_string: setting user sid S-1-5-21-1975603481-473135534-3533444853-1000 pdb_set_user_sid: setting user sid S-1-5-21-1975603481-473135534-3533444853-1000 attribute sambaLogonTime does not exist attribute sambaLogoffTime does not exist attribute sambaKickoffTime does not exist pdb_set_full_name: setting full name root, was attribute sambaHomeDrive does not exist pdb_set_dir_drive: setting dir drive , was NULL attribute sambaHomePath does not exist pdb_set_homedir: setting home dir , was attribute sambaLogonScript does not exist pdb_set_logon_script: setting logon script IST\netlogon.bat, was attribute sambaProfilePath does not exist pdb_set_profile_path: setting profile path , was attribute description does not exist attribute sambaUserWorkstations does not exist attribute sambaMungedDial does not exist push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 push_conn_ctx(0) : conn_ctx_stack_ndx = 2 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Thu May 14 16:05:33 2009 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 attribute sambaBadPasswordCount does not exist attribute sambaBadPasswordTime does not exist attribute sambaLogonHours does not exist Opening cache file at /usr/local/samba/var/locks/login_cache.tdb Looking up login cache for user root No cache entry found No cache entry, bad count = 0, bad time = 0 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: uid 0 -> sid S-1-5-21-1975603481-473135534-3533444853-1000 Returning valid cache entry: key = IDMAP/GID2SID/0, value = -, timeout = Thu May 14 16:06:33 2009 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups smbldap_search_ext: base => [ou=groups,dc=ist,dc=massey,dc=ac,dc=nz], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=0))], scope => [2] ldapsam_getgroup: Did not find group, filter was (&(objectClass=sambaGroupMapping)(gidNumber=0)) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: gid 0 -> sid S-1-22-2-0 Create local NT token for S-1-5-21-1975603481-473135534-3533444853-1000 Returning valid cache entry: key = IDMAP/SID2GID/S-1-5-32-544, value = 20001, timeout = Tue May 19 09:30:56 2009 sid S-1-5-32-544 -> gid 20001 Returning valid cache entry: key = IDMAP/SID2GID/S-1-5-32-545, value = 10000, timeout = Tue May 19 09:35:33 2009 sid S-1-5-32-545 -> gid 10000 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups smbldap_search_ext: base => [ou=groups,dc=ist,dc=massey,dc=ac,dc=nz], filter => [(&(|(objectclass=sambaGroupMapping)(sambaGroupType=4))(|(sambaSIDList=S-1-5-21-1975603481-473135534-3533444853-1000)(sambaSIDList=S-1-5-32-544)(sambaSIDList=S-1-1-0)(sambaSIDList=S-1-5-2)(sambaSIDList=S-1-5-11)))], scope => [2] smbldap_search_ext: base => [ou=groups,dc=ist,dc=massey,dc=ac,dc=nz], filter => [(&(|(objectclass=sambaGroupMapping)(sambaGroupType=4))(|(sambaSIDList=S-1-5-21-1975603481-473135534-3533444853-1000)(sambaSIDList=S-1-5-32-544)(sambaSIDList=S-1-1-0)(sambaSIDList=S-1-5-2)(sambaSIDList=S-1-5-11)))], scope => [2] pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 get_privileges: No privileges assigned to SID [S-1-5-21-1975603481-473135534-3533444853-1000] get_privileges_for_sids: sid = S-1-5-32-544 Privilege set: SE_PRIV 0xff0 0x0 0x0 0x0 get_privileges_for_sids: sid = S-1-1-0 Privilege set: SE_PRIV 0x0 0x0 0x0 0x0 get_privileges: No privileges assigned to SID [S-1-5-2] get_privileges: No privileges assigned to SID [S-1-5-11] regkey_open_onelevel: name = [HKLM] regdb_open: incrementing refcount (1) reghook_cache_find: Searching for keyname [/HKLM] pathtree_find: Enter [/HKLM] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM] regdb_get_secdesc: Getting secdesc of key [HKLM] regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (2) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM] pathtree_find: Enter [/HKLM/SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM] regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (3) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet] regdb_close: decrementing refcount (3) regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (3) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet/Services] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services] regdb_close: decrementing refcount (3) regdb_close: decrementing refcount (2) regkey_open_onelevel: name = [HKLM] regdb_open: incrementing refcount (2) reghook_cache_find: Searching for keyname [/HKLM] pathtree_find: Enter [/HKLM] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM] regdb_get_secdesc: Getting secdesc of key [HKLM] regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM] pathtree_find: Enter [/HKLM/SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM] regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet] regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet/Services] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services] regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Spooler] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/Spooler] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/Spooler] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/Spooler] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler] regdb_close: decrementing refcount (4) regdb_close: decrementing refcount (3) regdb_store_values: Looking for value of key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler] regdb_close: decrementing refcount (2) regkey_open_onelevel: name = [HKLM] regdb_open: incrementing refcount (2) reghook_cache_find: Searching for keyname [/HKLM] pathtree_find: Enter [/HKLM] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM] regdb_get_secdesc: Getting secdesc of key [HKLM] regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM] pathtree_find: Enter [/HKLM/SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM] regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet] regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet/Services] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services] regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Spooler] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/Spooler] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/Spooler] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/Spooler] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler] regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Security] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/Spooler/Security] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/Spooler/Security] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/Spooler/Security] regdb_fetch_keys: no subkeys found for key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security] regdb_close: decrementing refcount (4) regdb_close: decrementing refcount (3) regdb_store_values: Looking for value of key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security] regdb_close: decrementing refcount (2) regkey_open_onelevel: name = [HKLM] regdb_open: incrementing refcount (2) reghook_cache_find: Searching for keyname [/HKLM] pathtree_find: Enter [/HKLM] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM] regdb_get_secdesc: Getting secdesc of key [HKLM] regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM] pathtree_find: Enter [/HKLM/SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM] regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet] regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet/Services] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services] regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [NETLOGON] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/NETLOGON] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/NETLOGON] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/NETLOGON] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] regdb_close: decrementing refcount (4) regdb_close: decrementing refcount (3) regdb_store_values: Looking for value of key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] regdb_close: decrementing refcount (2) regkey_open_onelevel: name = [HKLM] regdb_open: incrementing refcount (2) reghook_cache_find: Searching for keyname [/HKLM] pathtree_find: Enter [/HKLM] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM] regdb_get_secdesc: Getting secdesc of key [HKLM] regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM] pathtree_find: Enter [/HKLM/SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM] regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet] regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet/Services] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services] regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [NETLOGON] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/NETLOGON] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/NETLOGON] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/NETLOGON] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Security] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/NETLOGON/Security] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/NETLOGON/Security] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/NETLOGON/Security] regdb_fetch_keys: no subkeys found for key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security] regdb_close: decrementing refcount (4) regdb_close: decrementing refcount (3) regdb_store_values: Looking for value of key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security] regdb_close: decrementing refcount (2) regkey_open_onelevel: name = [HKLM] regdb_open: incrementing refcount (2) reghook_cache_find: Searching for keyname [/HKLM] pathtree_find: Enter [/HKLM] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM] regdb_get_secdesc: Getting secdesc of key [HKLM] regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM] pathtree_find: Enter [/HKLM/SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM] regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet] regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet/Services] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services] regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [RemoteRegistry] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/RemoteRegistry] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/RemoteRegistry] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/RemoteRegistry] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] regdb_close: decrementing refcount (4) regdb_close: decrementing refcount (3) regdb_store_values: Looking for value of key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] regdb_close: decrementing refcount (2) regkey_open_onelevel: name = [HKLM] regdb_open: incrementing refcount (2) reghook_cache_find: Searching for keyname [/HKLM] pathtree_find: Enter [/HKLM] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM] regdb_get_secdesc: Getting secdesc of key [HKLM] regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM] pathtree_find: Enter [/HKLM/SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM] regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet] regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet/Services] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services] regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [RemoteRegistry] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/RemoteRegistry] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/RemoteRegistry] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/RemoteRegistry] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Security] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/RemoteRegistry/Security] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/RemoteRegistry/Security] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/RemoteRegistry/Security] regdb_fetch_keys: no subkeys found for key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security] regdb_close: decrementing refcount (4) regdb_close: decrementing refcount (3) regdb_store_values: Looking for value of key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security] regdb_close: decrementing refcount (2) regkey_open_onelevel: name = [HKLM] regdb_open: incrementing refcount (2) reghook_cache_find: Searching for keyname [/HKLM] pathtree_find: Enter [/HKLM] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM] regdb_get_secdesc: Getting secdesc of key [HKLM] regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM] pathtree_find: Enter [/HKLM/SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM] regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet] regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet/Services] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services] regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [WINS] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/WINS] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/WINS] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/WINS] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\WINS] regdb_close: decrementing refcount (4) regdb_close: decrementing refcount (3) regdb_store_values: Looking for value of key [HKLM\SYSTEM\CurrentControlSet\Services\WINS] regdb_close: decrementing refcount (2) regkey_open_onelevel: name = [HKLM] regdb_open: incrementing refcount (2) reghook_cache_find: Searching for keyname [/HKLM] pathtree_find: Enter [/HKLM] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM] regdb_get_secdesc: Getting secdesc of key [HKLM] regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM] pathtree_find: Enter [/HKLM/SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM] regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet] regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet/Services] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services] regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [WINS] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/WINS] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/WINS] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/WINS] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\WINS] regdb_close: decrementing refcount (4) regkey_open_onelevel: name = [Security] regdb_open: incrementing refcount (4) reghook_cache_find: Searching for keyname [/HKLM/SYSTEM/CurrentControlSet/Services/WINS/Security] pathtree_find: Enter [/HKLM/SYSTEM/CurrentControlSet/Services/WINS/Security] pathtree_find: Exit reghook_cache_find: found ops 0x805f18a0 for key [/HKLM/SYSTEM/CurrentControlSet/Services/WINS/Security] regdb_fetch_keys: no subkeys found for key [HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security] regdb_close: decrementing refcount (4) regdb_close: decrementing refcount (3) regdb_store_values: Looking for value of key [HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security] regdb_close: decrementing refcount (2) regdb_close: decrementing refcount (1) regdb_close: decrementing refcount (0) update_c_setprinter: c_setprinter = 0 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pdb_getsampwsid: Building guest account pdb_set_username: setting username nobody, was pdb_set_full_name: setting full name nobody, was pdb_set_domain: setting domain IST, was pdb_set_user_sid: setting user sid S-1-5-21-1975603481-473135534-3533444853-501 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-1975603481-473135534-3533444853-501 from rid 501 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 sys_getgrouplist: user [nobody] push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 Returning valid cache entry: key = IDMAP/GID2SID/65534, value = -, timeout = Thu May 14 16:06:33 2009 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups smbldap_search_ext: base => [ou=groups,dc=ist,dc=massey,dc=ac,dc=nz], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=65534))], scope => [2] ldapsam_getgroup: Did not find group, filter was (&(objectClass=sambaGroupMapping)(gidNumber=65534)) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: gid 65534 -> sid S-1-22-2-65534 make_server_info_sam: made server info for user nobody -> nobody Create local NT token for S-1-5-21-1975603481-473135534-3533444853-501 Returning valid cache entry: key = IDMAP/SID2GID/S-1-5-32-544, value = 20001, timeout = Tue May 19 09:30:56 2009 sid S-1-5-32-544 -> gid 20001 Returning valid cache entry: key = IDMAP/SID2GID/S-1-5-32-545, value = 10000, timeout = Tue May 19 09:35:33 2009 sid S-1-5-32-545 -> gid 10000 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups smbldap_search_ext: base => [ou=groups,dc=ist,dc=massey,dc=ac,dc=nz], filter => [(&(|(objectclass=sambaGroupMapping)(sambaGroupType=4))(|(sambaSIDList=S-1-5-21-1975603481-473135534-3533444853-501)(sambaSIDList=S-1-22-2-65534)(sambaSIDList=S-1-1-0)(sambaSIDList=S-1-5-2)(sambaSIDList=S-1-5-32-546)))], scope => [2] smbldap_search_ext: base => [ou=groups,dc=ist,dc=massey,dc=ac,dc=nz], filter => [(&(|(objectclass=sambaGroupMapping)(sambaGroupType=4))(|(sambaSIDList=S-1-5-21-1975603481-473135534-3533444853-501)(sambaSIDList=S-1-22-2-65534)(sambaSIDList=S-1-1-0)(sambaSIDList=S-1-5-2)(sambaSIDList=S-1-5-32-546)))], scope => [2] pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 get_privileges: No privileges assigned to SID [S-1-5-21-1975603481-473135534-3533444853-501] get_privileges: No privileges assigned to SID [S-1-22-2-65534] get_privileges_for_sids: sid = S-1-1-0 Privilege set: SE_PRIV 0x0 0x0 0x0 0x0 get_privileges: No privileges assigned to SID [S-1-5-2] get_privileges: No privileges assigned to SID [S-1-5-32-546] sid S-1-22-2-65534 -> gid 65534 Returning valid cache entry: key = IDMAP/SID2GID/S-1-1-0, value = -1, timeout = Thu May 14 16:06:33 2009 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups smbldap_search_ext: base => [ou=groups,dc=ist,dc=massey,dc=ac,dc=nz], filter => [(&(objectClass=sambaGroupMapping)(sambaSID=S-1-1-0))], scope => [2] init_group_from_ldap: Entry found for group: 20003 attribute description does not exist pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: sid S-1-1-0 -> gid 20003 Returning valid cache entry: key = IDMAP/SID2GID/S-1-5-2, value = -1, timeout = Thu May 14 16:06:33 2009 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups smbldap_search_ext: base => [ou=groups,dc=ist,dc=massey,dc=ac,dc=nz], filter => [(&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-2))], scope => [2] ldapsam_getgroup: Did not find group, filter was (&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-2)) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-2 Could not convert SID S-1-5-2 to gid, ignoring it Returning valid cache entry: key = IDMAP/SID2GID/S-1-5-32-546, value = 20002, timeout = Tue May 19 09:31:13 2009 sid S-1-5-32-546 -> gid 20002 NT user token of user S-1-5-21-1975603481-473135534-3533444853-501 contains 8 SIDs SID[ 0]: S-1-5-21-1975603481-473135534-3533444853-501 SID[ 1]: S-1-22-2-65534 SID[ 2]: S-1-1-0 SID[ 3]: S-1-5-2 SID[ 4]: S-1-5-32-546 SID[ 5]: S-1-22-1-65534 SID[ 6]: S-1-22-2-20003 SID[ 7]: S-1-22-2-20002 SE_PRIV 0x0 0x0 0x0 0x0 UNIX token of user 65534 Primary group is 65534 and contains 3 supplementary groups Group[ 0]: 65534 Group[ 1]: 20003 Group[ 2]: 20002 bind succeeded on port 139 socket option SO_KEEPALIVE = 1 socket option SO_REUSEADDR = 1 socket option SO_BROADCAST = 0 socket option TCP_NODELAY = 0 socket option TCP_KEEPCNT = 9 socket option TCP_KEEPIDLE = 7200 socket option TCP_KEEPINTVL = 75 socket option IPTOS_LOWDELAY = 0 socket option IPTOS_THROUGHPUT = 0 socket option SO_SNDBUF = 16384 socket option SO_RCVBUF = 87380 socket option SO_SNDLOWAT = 1 socket option SO_RCVLOWAT = 1 socket option SO_SNDTIMEO = 0 socket option SO_RCVTIMEO = 0 socket option SO_KEEPALIVE = 1 socket option SO_REUSEADDR = 1 socket option SO_BROADCAST = 1 socket option TCP_NODELAY = 1 socket option TCP_KEEPCNT = 9 socket option TCP_KEEPIDLE = 7200 socket option TCP_KEEPINTVL = 75 socket option IPTOS_LOWDELAY = 0 socket option IPTOS_THROUGHPUT = 0 socket option SO_SNDBUF = 16384 socket option SO_RCVBUF = 16384 socket option SO_SNDLOWAT = 1 socket option SO_RCVLOWAT = 1 socket option SO_SNDTIMEO = 0 socket option SO_RCVTIMEO = 0 bind failed on port 139 socket_addr = 0.0.0.0. Error = Address already in use claiming [] Locking key 42450000FFFFFFFF0000 Allocated locked data 0x0x806611d8 Unlocking key 42450000FFFFFFFF0000 waiting for a connection lp_file_list_changed() file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf last mod_time: Tue May 12 09:31:56 2009 init_oplocks: initializing messages. Linux kernel oplocks enabled Added timed event "smbd_idle_event_handler": 80666130 event_add_idle: idle_evt(keepalive) 0x80666130 Added timed event "smbd_idle_event_handler": 80666270 event_add_idle: idle_evt(deadtime) 0x80666270 Added timed event "smbd_idle_event_handler": 80666368 event_add_idle: idle_evt(housekeeping) 0x80666368 got smb length of 68 got message type 0x81 of len 0x44 Transaction 0 of length 72 (0 toread) netbios connect: name1=IST-DC1 name2=WINDOWS7 netbios connect: local=ist-dc1 remote=windows7, name type = 0 lp_file_list_changed() file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf last mod_time: Tue May 12 09:31:56 2009 init msg_type=0x81 msg_flags=0x0 got smb length of 155 got message type 0x0 of len 0x9b Transaction 0 of length 159 (0 toread) size=155 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51283 smb_tid=65535 smb_pid=65279 smb_uid=0 smb_mid=0 smt_wct=0 smb_bcc=120 [000] 02 50 43 20 4E 45 54 57 4F 52 4B 20 50 52 4F 47 .PC NETW ORK PROG [010] 52 41 4D 20 31 2E 30 00 02 4C 41 4E 4D 41 4E 31 RAM 1.0. .LANMAN1 [020] 2E 30 00 02 57 69 6E 64 6F 77 73 20 66 6F 72 20 .0..Wind ows for [030] 57 6F 72 6B 67 72 6F 75 70 73 20 33 2E 31 61 00 Workgrou ps 3.1a. [040] 02 4C 4D 31 2E 32 58 30 30 32 00 02 4C 41 4E 4D .LM1.2X0 02..LANM [050] 41 4E 32 2E 31 00 02 4E 54 20 4C 4D 20 30 2E 31 AN2.1..N T LM 0.1 [060] 32 00 02 53 4D 42 20 32 2E 30 30 32 00 02 53 4D 2..SMB 2 .002..SM [070] 42 20 32 2E 3F 3F 3F 00 B 2.???. switch message SMBnegprot (pid 17730) conn 0x0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups change_to_root_user: now uid=(0,0) gid=(0,0) Requested protocol [PC NETWORK PROGRAM 1.0] Requested protocol [LANMAN1.0] Requested protocol [Windows for Workgroups 3.1a] Requested protocol [LM1.2X002] Requested protocol [LANMAN2.1] Requested protocol [NT LM 0.12] Requested protocol [SMB 2.002] Requested protocol [SMB 2.???] set_remote_arch: Client arch is 'Win2K' lp_file_list_changed() file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf last mod_time: Tue May 12 09:31:56 2009 claiming [] Locking key 42450000FFFFFFFF0000 Allocated locked data 0x0x80666b00 Unlocking key 42450000FFFFFFFF0000 lp_file_list_changed() file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf last mod_time: Tue May 12 09:31:56 2009 using SPNEGO Selected protocol NT LM 0.12 negprot index=5 size=127 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51283 smb_tid=65535 smb_pid=65279 smb_uid=0 smb_mid=0 smt_wct=17 smb_vwv[ 0]= 5 (0x5) smb_vwv[ 1]=12803 (0x3203) smb_vwv[ 2]= 256 (0x100) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 65 (0x41) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 256 (0x100) smb_vwv[ 7]=16896 (0x4200) smb_vwv[ 8]= 69 (0x45) smb_vwv[ 9]=64768 (0xFD00) smb_vwv[10]=32995 (0x80E3) smb_vwv[11]=32896 (0x8080) smb_vwv[12]=14754 (0x39A2) smb_vwv[13]=18734 (0x492E) smb_vwv[14]=51668 (0xC9D4) smb_vwv[15]=12289 (0x3001) smb_vwv[16]= 253 (0xFD) smb_bcc=58 [000] 69 73 74 2D 64 63 31 00 00 00 00 00 00 00 00 00 ist-dc1. ........ [010] 60 28 06 06 2B 06 01 05 05 02 A0 1E 30 1C A0 0E `(..+... .. .0. . [020] 30 0C 06 0A 2B 06 01 04 01 82 37 02 02 0A A3 0A 0...+... ..7...£. [030] 30 08 A0 06 1B 04 4E 4F 4E 45 0. ...NO NE got smb length of 138 got message type 0x0 of len 0x8a Transaction 1 of length 142 (0 toread) size=138 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=65535 smb_pid=65279 smb_uid=0 smb_mid=64 smt_wct=12 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]=16644 (0x4104) smb_vwv[ 3]= 50 (0x32) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 74 (0x4A) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 212 (0xD4) smb_vwv[11]=40960 (0xA000) smb_bcc=79 [000] 60 48 06 06 2B 06 01 05 05 02 A0 3E 30 3C A0 0E `H..+... .. >0< . [010] 30 0C 06 0A 2B 06 01 04 01 82 37 02 02 0A A2 2A 0...+... ..7...¢* [020] 04 28 4E 54 4C 4D 53 53 50 00 01 00 00 00 97 82 .(NTLMSS P....... [030] 08 E2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 .â...... ........ [040] 00 00 06 01 BC 1B 00 00 00 0F 00 00 00 00 00 ....¼... ....... switch message SMBsesssetupX (pid 17730) conn 0x0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups change_to_root_user: now uid=(0,0) gid=(0,0) wct=12 flg2=0xc807 setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. Doing spnego session setup NativeOS=[] NativeLanMan=[] PrimaryDomain=[] set_remote_arch: Client arch is 'Vista' register_initial_vuid: allocated vuid = 100 check_spnego_blob_complete: needed_len = 74, pblob->length = 74 parse_spnego_mechanisms: Got OID 1 3 6 1 4 1 311 2 2 10 reply_spnego_negotiate: Got secblob of size 40 Making default auth method list for DC, security=user, encrypt passwords = yes Attempting to register auth backend sam Successfully added auth method 'sam' Attempting to register auth backend sam_ignoredomain Successfully added auth method 'sam_ignoredomain' Attempting to register auth backend unix Successfully added auth method 'unix' Attempting to register auth backend winbind Successfully added auth method 'winbind' Attempting to register auth backend smbserver Successfully added auth method 'smbserver' Attempting to register auth backend trustdomain Successfully added auth method 'trustdomain' Attempting to register auth backend ntdomain Successfully added auth method 'ntdomain' Attempting to register auth backend guest Successfully added auth method 'guest' load_auth_module: Attempting to find an auth method to match guest load_auth_module: auth method guest has a valid init load_auth_module: Attempting to find an auth method to match sam load_auth_module: auth method sam has a valid init load_auth_module: Attempting to find an auth method to match winbind:trustdomain load_auth_module: Attempting to find an auth method to match trustdomain load_auth_module: auth method trustdomain has a valid init load_auth_module: auth method winbind has a valid init Got NTLMSSP neg_flags=0xe2088297 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_NEGOTIATE_OEM NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_LM_KEY NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_NEGOTIATE_VERSION NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH NTLMSSP_NEGOTIATE_56 auth_get_challenge: module guest did not want to specify a challenge auth_get_challenge: module sam did not want to specify a challenge auth_get_challenge: module winbind did not want to specify a challenge auth_context challenge created by random challenge is: [000] F2 06 56 4C 8D D7 D6 56 ò.VL.×ÖV size=274 smb_com=0x73 smb_rcls=22 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=51201 smb_tid=65535 smb_pid=65279 smb_uid=100 smb_mid=64 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 189 (0xBD) smb_bcc=231 [000] A1 81 BA 30 81 B7 A0 03 0A 01 01 A1 0C 06 0A 2B ¡.º0.· . ...¡...+ [010] 06 01 04 01 82 37 02 02 0A A2 81 A1 04 81 9E 4E .....7.. .¢.¡...N [020] 54 4C 4D 53 53 50 00 02 00 00 00 06 00 06 00 30 TLMSSP.. .......0 [030] 00 00 00 15 82 89 E2 F2 06 56 4C 8D D7 D6 56 00 ......âò .VL.×ÖV. [040] 00 00 00 00 00 00 00 68 00 68 00 36 00 00 00 49 .......h .h.6...I [050] 00 53 00 54 00 02 00 06 00 49 00 53 00 54 00 01 .S.T.... .I.S.T.. [060] 00 0E 00 49 00 53 00 54 00 2D 00 44 00 43 00 31 ...I.S.T .-.D.C.1 [070] 00 04 00 16 00 6C 00 6F 00 63 00 61 00 6C 00 64 .....l.o .c.a.l.d [080] 00 6F 00 6D 00 61 00 69 00 6E 00 03 00 2A 00 6C .o.m.a.i .n...*.l [090] 00 6F 00 63 00 61 00 6C 00 68 00 6F 00 73 00 74 .o.c.a.l .h.o.s.t [0A0] 00 2E 00 6C 00 6F 00 63 00 61 00 6C 00 64 00 6F ...l.o.c .a.l.d.o [0B0] 00 6D 00 61 00 69 00 6E 00 00 00 00 00 55 00 6E .m.a.i.n .....U.n [0C0] 00 69 00 78 00 00 00 53 00 61 00 6D 00 62 00 61 .i.x...S .a.m.b.a [0D0] 00 20 00 33 00 2E 00 33 00 2E 00 34 00 00 00 49 . .3...3 ...4...I [0E0] 00 53 00 54 00 00 00 .S.T... got smb length of 192 got message type 0x0 of len 0xc0 Transaction 2 of length 196 (0 toread) size=192 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=65535 smb_pid=65279 smb_uid=100 smb_mid=128 smt_wct=12 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]=16644 (0x4104) smb_vwv[ 3]= 50 (0x32) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 129 (0x81) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 212 (0xD4) smb_vwv[11]=40960 (0xA000) smb_bcc=133 [000] A1 7F 30 7D A2 7B 04 79 4E 54 4C 4D 53 53 50 00 ¡.0}¢{.y NTLMSSP. [010] 03 00 00 00 01 00 01 00 68 00 00 00 00 00 00 00 ........ h....... [020] 69 00 00 00 00 00 00 00 58 00 00 00 00 00 00 00 i....... X....... [030] 58 00 00 00 10 00 10 00 58 00 00 00 10 00 10 00 X....... X....... [040] 69 00 00 00 15 8A 88 E2 06 01 BC 1B 00 00 00 0F i......â ..¼..... [050] C2 7F 73 68 FD BA 79 A2 3E 3C 7D 50 6A CE B4 79 Â.shýºy¢ ><}Pjδy [060] 57 00 49 00 4E 00 44 00 4F 00 57 00 53 00 37 00 W.I.N.D. O.W.S.7. [070] 00 01 F4 A6 E8 DD 97 19 98 C1 64 BF 46 65 EA 7B ..ô¦èÝ.. .Ád¿Feê{ [080] 5A 00 00 00 00 Z.... switch message SMBsesssetupX (pid 17730) conn 0x0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups change_to_root_user: now uid=(0,0) gid=(0,0) wct=12 flg2=0xc807 setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. Doing spnego session setup NativeOS=[] NativeLanMan=[] PrimaryDomain=[] check_spnego_blob_complete: needed_len = 129, pblob->length = 129 Got user=[] domain=[] workstation=[WINDOWS7] len1=1 len2=0 lp_file_list_changed() file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf last mod_time: Tue May 12 09:31:56 2009 make_user_info_map: Mapping user []\[] from workstation [WINDOWS7] push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups is_trusted_domain: Checking for domain trust with [IST] ldapsam_get_trusteddom_pw called for domain IST smbldap_search_ext: base => [sambaDomainName=IST,sambaDomainName=IST,dc=ist,dc=massey,dc=ac,dc=nz], filter => [(&(objectClass=sambaTrustedDomainPassword)(sambaDomainName=IST))], scope => [2] Failed search for base: sambaDomainName=IST,sambaDomainName=IST,dc=ist,dc=massey,dc=ac,dc=nz, error: 32 (No such object) () pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 Cache entry with key = TDOM/IST couldn't be found no entry for trusted domain IST found. attempting to make a user_info for () making strings for 's user_info struct making blobs for 's user_info struct made an encrypted user_info for () check_ntlm_password: Checking password for unmapped user []\[]@[WINDOWS7] with the new password interface check_ntlm_password: mapped user is: [IST]\[]@[WINDOWS7] check_ntlm_password: auth_context challenge created by random challenge is: [000] F2 06 56 4C 8D D7 D6 56 ò.VL.×ÖV smbldap_search_ext: base => [ou=groups,dc=ist,dc=massey,dc=ac,dc=nz], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=65534))], scope => [2] ldapsam_getgroup: Did not find group, filter was (&(objectClass=sambaGroupMapping)(gidNumber=65534)) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Thu May 14 16:05:33 2009 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 pdb_set_username: setting username nobody, was pdb_set_domain: setting domain IST, was pdb_set_nt_username: setting nt username , was pdb_set_full_name: setting full name nobody, was pdb_set_homedir: setting home dir , was pdb_set_dir_drive: setting dir drive , was NULL pdb_set_logon_script: setting logon script IST\netlogon.bat, was pdb_set_profile_path: setting profile path , was pdb_set_workstations: setting workstations , was push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Thu May 14 16:05:33 2009 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 pdb_set_user_sid: setting user sid S-1-5-21-1975603481-473135534-3533444853-501 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-1975603481-473135534-3533444853-501 from rid 501 check_ntlm_password: guest authentication for user [] succeeded check_ntlm_password: guest authentication for user [] -> [] -> [nobody] succeeded attempting to free (and zero) a user_info structure structure was created for Create local NT token for S-1-5-21-1975603481-473135534-3533444853-501 Returning valid cache entry: key = IDMAP/SID2GID/S-1-5-32-544, value = 20001, timeout = Tue May 19 09:30:56 2009 sid S-1-5-32-544 -> gid 20001 Returning valid cache entry: key = IDMAP/SID2GID/S-1-5-32-545, value = 10000, timeout = Tue May 19 09:35:33 2009 sid S-1-5-32-545 -> gid 10000 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups smbldap_search_ext: base => [ou=groups,dc=ist,dc=massey,dc=ac,dc=nz], filter => [(&(|(objectclass=sambaGroupMapping)(sambaGroupType=4))(|(sambaSIDList=S-1-5-21-1975603481-473135534-3533444853-501)(sambaSIDList=S-1-1-0)(sambaSIDList=S-1-5-2)(sambaSIDList=S-1-5-32-546)))], scope => [2] smbldap_search_ext: base => [ou=groups,dc=ist,dc=massey,dc=ac,dc=nz], filter => [(&(|(objectclass=sambaGroupMapping)(sambaGroupType=4))(|(sambaSIDList=S-1-5-21-1975603481-473135534-3533444853-501)(sambaSIDList=S-1-1-0)(sambaSIDList=S-1-5-2)(sambaSIDList=S-1-5-32-546)))], scope => [2] pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 get_privileges: No privileges assigned to SID [S-1-5-21-1975603481-473135534-3533444853-501] get_privileges_for_sids: sid = S-1-1-0 Privilege set: SE_PRIV 0x0 0x0 0x0 0x0 get_privileges: No privileges assigned to SID [S-1-5-2] get_privileges: No privileges assigned to SID [S-1-5-32-546] Returning valid cache entry: key = IDMAP/SID2GID/S-1-1-0, value = -1, timeout = Thu May 14 16:06:33 2009 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups smbldap_search_ext: base => [ou=groups,dc=ist,dc=massey,dc=ac,dc=nz], filter => [(&(objectClass=sambaGroupMapping)(sambaSID=S-1-1-0))], scope => [2] init_group_from_ldap: Entry found for group: 20003 attribute description does not exist pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: sid S-1-1-0 -> gid 20003 Returning valid cache entry: key = IDMAP/SID2GID/S-1-5-2, value = -1, timeout = Thu May 14 16:06:33 2009 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups smbldap_search_ext: base => [ou=groups,dc=ist,dc=massey,dc=ac,dc=nz], filter => [(&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-2))], scope => [2] ldapsam_getgroup: Did not find group, filter was (&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-2)) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-2 Could not convert SID S-1-5-2 to gid, ignoring it Returning valid cache entry: key = IDMAP/SID2GID/S-1-5-32-546, value = 20002, timeout = Tue May 19 09:31:13 2009 sid S-1-5-32-546 -> gid 20002 NT user token of user S-1-5-21-1975603481-473135534-3533444853-501 contains 7 SIDs SID[ 0]: S-1-5-21-1975603481-473135534-3533444853-501 SID[ 1]: S-1-1-0 SID[ 2]: S-1-5-2 SID[ 3]: S-1-5-32-546 SID[ 4]: S-1-22-1-65534 SID[ 5]: S-1-22-2-20003 SID[ 6]: S-1-22-2-20002 SE_PRIV 0x0 0x0 0x0 0x0 UNIX token of user 65534 Primary group is 65534 and contains 2 supplementary groups Group[ 0]: 20003 Group[ 1]: 20002 Got NT session key of length 16 Got LM session key of length 16 ntlmssp_server_auth: Using unmodified nt session key. NTLMSSP Sign/Seal - Initialising with flags: Got NTLMSSP neg_flags=0xe2088215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_NEGOTIATE_VERSION NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH NTLMSSP_NEGOTIATE_56 register_existing_vuid: (65534,65534) nobody IST guest=1 register_existing_vuid: User name: nobody Real name: nobody register_existing_vuid: UNIX uid 65534 is UNIX user nobody, and will be vuid 100 lp_file_list_changed() file /usr/local/samba/lib/smb.conf -> /usr/local/samba/lib/smb.conf last mod_time: Tue May 12 09:31:56 2009 size=94 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=65535 smb_pid=65279 smb_uid=100 smb_mid=128 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 1 (0x1) smb_vwv[ 3]= 9 (0x9) smb_bcc=51 [000] A1 07 30 05 A0 03 0A 01 00 55 00 6E 00 69 00 78 ¡.0. ... .U.n.i.x [010] 00 00 00 53 00 61 00 6D 00 62 00 61 00 20 00 33 ...S.a.m .b.a. .3 [020] 00 2E 00 33 00 2E 00 34 00 00 00 49 00 53 00 54 ...3...4 ...I.S.T [030] 00 00 00 ... got smb length of 80 got message type 0x0 of len 0x50 Transaction 3 of length 84 (0 toread) size=80 smb_com=0x75 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=0 smb_pid=65279 smb_uid=100 smb_mid=192 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 80 (0x50) smb_vwv[ 2]= 8 (0x8) smb_vwv[ 3]= 1 (0x1) smb_bcc=37 [000] 00 5C 00 5C 00 49 00 53 00 54 00 2D 00 44 00 43 .\.\.I.S .T.-.D.C [010] 00 31 00 5C 00 49 00 50 00 43 00 24 00 00 00 3F .1.\.I.P .C.$...? [020] 3F 3F 3F 3F 00 ????. switch message SMBtconX (pid 17730) conn 0x0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups change_to_root_user: now uid=(0,0) gid=(0,0) Client requested device type [?????] for share [IPC$] making a connection to 'normal' service ipc$ smbldap_search_ext: base => [ou=groups,dc=ist,dc=massey,dc=ac,dc=nz], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=65534))], scope => [2] ldapsam_getgroup: Did not find group, filter was (&(objectClass=sambaGroupMapping)(gidNumber=65534)) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Thu May 14 16:05:33 2009 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 pdb_set_username: setting username nobody, was pdb_set_domain: setting domain IST, was pdb_set_nt_username: setting nt username , was pdb_set_full_name: setting full name nobody, was pdb_set_homedir: setting home dir , was pdb_set_dir_drive: setting dir drive , was NULL pdb_set_logon_script: setting logon script IST\netlogon.bat, was pdb_set_profile_path: setting profile path , was pdb_set_workstations: setting workstations , was push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Thu May 14 16:05:33 2009 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 pdb_set_user_sid: setting user sid S-1-5-21-1975603481-473135534-3533444853-501 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-1975603481-473135534-3533444853-501 from rid 501 Finding user nobody Trying _Get_Pwnam(), username as lowercase is nobody Get_Pwnam_internals did find user [nobody]! set_conn_connectpath: service IPC$, connectpath = /tmp Connect path is '/tmp' for service [IPC$] se_map_generic(): mapped mask 0x10000000 to 0x001f01ff Initialising default vfs hooks vfs_find_backend_entry called for /[Default VFS]/ Successfully added vfs backend '/[Default VFS]/' Initialising custom vfs hooks from [/[Default VFS]/] vfs_find_backend_entry called for /[Default VFS]/ Successfully loaded vfs module [/[Default VFS]/] with the new modules system Checking operation #0 (type 0, layer 0) Making operation type 0 opaque [module /[Default VFS]/] Accepting operation type 0 from module /[Default VFS]/ Checking operation #1 (type 1, layer 0) Making operation type 1 opaque [module /[Default VFS]/] Accepting operation type 1 from module /[Default VFS]/ Checking operation #2 (type 2, layer 0) Making operation type 2 opaque [module /[Default VFS]/] Accepting operation type 2 from module /[Default VFS]/ Checking operation #3 (type 3, layer 0) Making operation type 3 opaque [module /[Default VFS]/] Accepting operation type 3 from module /[Default VFS]/ Checking operation #4 (type 4, layer 0) Making operation type 4 opaque [module /[Default VFS]/] Accepting operation type 4 from module /[Default VFS]/ Checking operation #5 (type 5, layer 0) Making operation type 5 opaque [module /[Default VFS]/] Accepting operation type 5 from module /[Default VFS]/ Checking operation #6 (type 6, layer 0) Making operation type 6 opaque [module /[Default VFS]/] Accepting operation type 6 from module /[Default VFS]/ Checking operation #7 (type 7, layer 0) Making operation type 7 opaque [module /[Default VFS]/] Accepting operation type 7 from module /[Default VFS]/ Checking operation #8 (type 8, layer 0) Making operation type 8 opaque [module /[Default VFS]/] Accepting operation type 8 from module /[Default VFS]/ Checking operation #9 (type 9, layer 0) Making operation type 9 opaque [module /[Default VFS]/] Accepting operation type 9 from module /[Default VFS]/ Checking operation #10 (type 10, layer 0) Making operation type 10 opaque [module /[Default VFS]/] Accepting operation type 10 from module /[Default VFS]/ Checking operation #11 (type 11, layer 0) Making operation type 11 opaque [module /[Default VFS]/] Accepting operation type 11 from module /[Default VFS]/ Checking operation #12 (type 12, layer 0) Making operation type 12 opaque [module /[Default VFS]/] Accepting operation type 12 from module /[Default VFS]/ Checking operation #13 (type 13, layer 0) Making operation type 13 opaque [module /[Default VFS]/] Accepting operation type 13 from module /[Default VFS]/ Checking operation #14 (type 14, layer 0) Making operation type 14 opaque [module /[Default VFS]/] Accepting operation type 14 from module /[Default VFS]/ Checking operation #15 (type 15, layer 0) Making operation type 15 opaque [module /[Default VFS]/] Accepting operation type 15 from module /[Default VFS]/ Checking operation #16 (type 16, layer 0) Making operation type 16 opaque [module /[Default VFS]/] Accepting operation type 16 from module /[Default VFS]/ Checking operation #17 (type 17, layer 0) Making operation type 17 opaque [module /[Default VFS]/] Accepting operation type 17 from module /[Default VFS]/ Checking operation #18 (type 18, layer 0) Making operation type 18 opaque [module /[Default VFS]/] Accepting operation type 18 from module /[Default VFS]/ Checking operation #19 (type 19, layer 0) Making operation type 19 opaque [module /[Default VFS]/] Accepting operation type 19 from module /[Default VFS]/ Checking operation #20 (type 20, layer 0) Making operation type 20 opaque [module /[Default VFS]/] Accepting operation type 20 from module /[Default VFS]/ Checking operation #21 (type 21, layer 0) Making operation type 21 opaque [module /[Default VFS]/] Accepting operation type 21 from module /[Default VFS]/ Checking operation #22 (type 22, layer 0) Making operation type 22 opaque [module /[Default VFS]/] Accepting operation type 22 from module /[Default VFS]/ Checking operation #23 (type 23, layer 0) Making operation type 23 opaque [module /[Default VFS]/] Accepting operation type 23 from module /[Default VFS]/ Checking operation #24 (type 24, layer 0) Making operation type 24 opaque [module /[Default VFS]/] Accepting operation type 24 from module /[Default VFS]/ Checking operation #25 (type 25, layer 0) Making operation type 25 opaque [module /[Default VFS]/] Accepting operation type 25 from module /[Default VFS]/ Checking operation #26 (type 26, layer 0) Making operation type 26 opaque [module /[Default VFS]/] Accepting operation type 26 from module /[Default VFS]/ Checking operation #27 (type 27, layer 0) Making operation type 27 opaque [module /[Default VFS]/] Accepting operation type 27 from module /[Default VFS]/ Checking operation #28 (type 28, layer 0) Making operation type 28 opaque [module /[Default VFS]/] Accepting operation type 28 from module /[Default VFS]/ Checking operation #29 (type 29, layer 0) Making operation type 29 opaque [module /[Default VFS]/] Accepting operation type 29 from module /[Default VFS]/ Checking operation #30 (type 30, layer 0) Making operation type 30 opaque [module /[Default VFS]/] Accepting operation type 30 from module /[Default VFS]/ Checking operation #31 (type 31, layer 0) Making operation type 31 opaque [module /[Default VFS]/] Accepting operation type 31 from module /[Default VFS]/ Checking operation #32 (type 32, layer 0) Making operation type 32 opaque [module /[Default VFS]/] Accepting operation type 32 from module /[Default VFS]/ Checking operation #33 (type 33, layer 0) Making operation type 33 opaque [module /[Default VFS]/] Accepting operation type 33 from module /[Default VFS]/ Checking operation #34 (type 34, layer 0) Making operation type 34 opaque [module /[Default VFS]/] Accepting operation type 34 from module /[Default VFS]/ Checking operation #35 (type 35, layer 0) Making operation type 35 opaque [module /[Default VFS]/] Accepting operation type 35 from module /[Default VFS]/ Checking operation #36 (type 36, layer 0) Making operation type 36 opaque [module /[Default VFS]/] Accepting operation type 36 from module /[Default VFS]/ Checking operation #37 (type 37, layer 0) Making operation type 37 opaque [module /[Default VFS]/] Accepting operation type 37 from module /[Default VFS]/ Checking operation #38 (type 38, layer 0) Making operation type 38 opaque [module /[Default VFS]/] Accepting operation type 38 from module /[Default VFS]/ Checking operation #39 (type 39, layer 0) Making operation type 39 opaque [module /[Default VFS]/] Accepting operation type 39 from module /[Default VFS]/ Checking operation #40 (type 40, layer 0) Making operation type 40 opaque [module /[Default VFS]/] Accepting operation type 40 from module /[Default VFS]/ Checking operation #41 (type 41, layer 0) Making operation type 41 opaque [module /[Default VFS]/] Accepting operation type 41 from module /[Default VFS]/ Checking operation #42 (type 42, layer 0) Making operation type 42 opaque [module /[Default VFS]/] Accepting operation type 42 from module /[Default VFS]/ Checking operation #43 (type 43, layer 0) Making operation type 43 opaque [module /[Default VFS]/] Accepting operation type 43 from module /[Default VFS]/ Checking operation #44 (type 44, layer 0) Making operation type 44 opaque [module /[Default VFS]/] Accepting operation type 44 from module /[Default VFS]/ Checking operation #45 (type 45, layer 0) Making operation type 45 opaque [module /[Default VFS]/] Accepting operation type 45 from module /[Default VFS]/ Checking operation #46 (type 46, layer 0) Making operation type 46 opaque [module /[Default VFS]/] Accepting operation type 46 from module /[Default VFS]/ Checking operation #47 (type 47, layer 0) Making operation type 47 opaque [module /[Default VFS]/] Accepting operation type 47 from module /[Default VFS]/ Checking operation #48 (type 48, layer 0) Making operation type 48 opaque [module /[Default VFS]/] Accepting operation type 48 from module /[Default VFS]/ Checking operation #49 (type 49, layer 0) Making operation type 49 opaque [module /[Default VFS]/] Accepting operation type 49 from module /[Default VFS]/ Checking operation #50 (type 50, layer 0) Making operation type 50 opaque [module /[Default VFS]/] Accepting operation type 50 from module /[Default VFS]/ Checking operation #51 (type 51, layer 0) Making operation type 51 opaque [module /[Default VFS]/] Accepting operation type 51 from module /[Default VFS]/ Checking operation #52 (type 52, layer 0) Making operation type 52 opaque [module /[Default VFS]/] Accepting operation type 52 from module /[Default VFS]/ Checking operation #53 (type 53, layer 0) Making operation type 53 opaque [module /[Default VFS]/] Accepting operation type 53 from module /[Default VFS]/ Checking operation #54 (type 54, layer 0) Making operation type 54 opaque [module /[Default VFS]/] Accepting operation type 54 from module /[Default VFS]/ Checking operation #55 (type 55, layer 0) Making operation type 55 opaque [module /[Default VFS]/] Accepting operation type 55 from module /[Default VFS]/ Checking operation #56 (type 56, layer 0) Making operation type 56 opaque [module /[Default VFS]/] Accepting operation type 56 from module /[Default VFS]/ Checking operation #57 (type 57, layer 0) Making operation type 57 opaque [module /[Default VFS]/] Accepting operation type 57 from module /[Default VFS]/ Checking operation #58 (type 58, layer 0) Making operation type 58 opaque [module /[Default VFS]/] Accepting operation type 58 from module /[Default VFS]/ Checking operation #59 (type 59, layer 0) Making operation type 59 opaque [module /[Default VFS]/] Accepting operation type 59 from module /[Default VFS]/ Checking operation #60 (type 60, layer 0) Making operation type 60 opaque [module /[Default VFS]/] Accepting operation type 60 from module /[Default VFS]/ Checking operation #61 (type 61, layer 0) Making operation type 61 opaque [module /[Default VFS]/] Accepting operation type 61 from module /[Default VFS]/ Checking operation #62 (type 62, layer 0) Making operation type 62 opaque [module /[Default VFS]/] Accepting operation type 62 from module /[Default VFS]/ Checking operation #63 (type 63, layer 0) Making operation type 63 opaque [module /[Default VFS]/] Accepting operation type 63 from module /[Default VFS]/ Checking operation #64 (type 64, layer 0) Making operation type 64 opaque [module /[Default VFS]/] Accepting operation type 64 from module /[Default VFS]/ Checking operation #65 (type 65, layer 0) Making operation type 65 opaque [module /[Default VFS]/] Accepting operation type 65 from module /[Default VFS]/ Checking operation #66 (type 66, layer 0) Making operation type 66 opaque [module /[Default VFS]/] Accepting operation type 66 from module /[Default VFS]/ Checking operation #67 (type 67, layer 0) Making operation type 67 opaque [module /[Default VFS]/] Accepting operation type 67 from module /[Default VFS]/ Checking operation #68 (type 68, layer 0) Making operation type 68 opaque [module /[Default VFS]/] Accepting operation type 68 from module /[Default VFS]/ Checking operation #69 (type 69, layer 0) Making operation type 69 opaque [module /[Default VFS]/] Accepting operation type 69 from module /[Default VFS]/ Checking operation #70 (type 70, layer 0) Making operation type 70 opaque [module /[Default VFS]/] Accepting operation type 70 from module /[Default VFS]/ Checking operation #71 (type 71, layer 0) Making operation type 71 opaque [module /[Default VFS]/] Accepting operation type 71 from module /[Default VFS]/ Checking operation #72 (type 72, layer 0) Making operation type 72 opaque [module /[Default VFS]/] Accepting operation type 72 from module /[Default VFS]/ Checking operation #73 (type 73, layer 0) Making operation type 73 opaque [module /[Default VFS]/] Accepting operation type 73 from module /[Default VFS]/ Checking operation #74 (type 74, layer 0) Making operation type 74 opaque [module /[Default VFS]/] Accepting operation type 74 from module /[Default VFS]/ Checking operation #75 (type 75, layer 0) Making operation type 75 opaque [module /[Default VFS]/] Accepting operation type 75 from module /[Default VFS]/ Checking operation #76 (type 76, layer 0) Making operation type 76 opaque [module /[Default VFS]/] Accepting operation type 76 from module /[Default VFS]/ Checking operation #77 (type 77, layer 0) Making operation type 77 opaque [module /[Default VFS]/] Accepting operation type 77 from module /[Default VFS]/ Checking operation #78 (type 78, layer 0) Making operation type 78 opaque [module /[Default VFS]/] Accepting operation type 78 from module /[Default VFS]/ Checking operation #79 (type 79, layer 0) Making operation type 79 opaque [module /[Default VFS]/] Accepting operation type 79 from module /[Default VFS]/ Checking operation #80 (type 80, layer 0) Making operation type 80 opaque [module /[Default VFS]/] Accepting operation type 80 from module /[Default VFS]/ Checking operation #81 (type 81, layer 0) Making operation type 81 opaque [module /[Default VFS]/] Accepting operation type 81 from module /[Default VFS]/ Checking operation #82 (type 82, layer 0) Making operation type 82 opaque [module /[Default VFS]/] Accepting operation type 82 from module /[Default VFS]/ Checking operation #83 (type 83, layer 0) Making operation type 83 opaque [module /[Default VFS]/] Accepting operation type 83 from module /[Default VFS]/ Checking operation #84 (type 84, layer 0) Making operation type 84 opaque [module /[Default VFS]/] Accepting operation type 84 from module /[Default VFS]/ Checking operation #85 (type 85, layer 0) Making operation type 85 opaque [module /[Default VFS]/] Accepting operation type 85 from module /[Default VFS]/ Checking operation #86 (type 86, layer 0) Making operation type 86 opaque [module /[Default VFS]/] Accepting operation type 86 from module /[Default VFS]/ Checking operation #87 (type 87, layer 0) Making operation type 87 opaque [module /[Default VFS]/] Accepting operation type 87 from module /[Default VFS]/ Checking operation #88 (type 88, layer 0) Making operation type 88 opaque [module /[Default VFS]/] Accepting operation type 88 from module /[Default VFS]/ Checking operation #89 (type 89, layer 0) Making operation type 89 opaque [module /[Default VFS]/] Accepting operation type 89 from module /[Default VFS]/ Checking operation #90 (type 90, layer 0) Making operation type 90 opaque [module /[Default VFS]/] Accepting operation type 90 from module /[Default VFS]/ Checking operation #91 (type 91, layer 0) Making operation type 91 opaque [module /[Default VFS]/] Accepting operation type 91 from module /[Default VFS]/ Checking operation #92 (type 92, layer 0) Making operation type 92 opaque [module /[Default VFS]/] Accepting operation type 92 from module /[Default VFS]/ Checking operation #93 (type 93, layer 0) Making operation type 93 opaque [module /[Default VFS]/] Accepting operation type 93 from module /[Default VFS]/ Checking operation #94 (type 94, layer 0) Making operation type 94 opaque [module /[Default VFS]/] Accepting operation type 94 from module /[Default VFS]/ Checking operation #95 (type 95, layer 0) Making operation type 95 opaque [module /[Default VFS]/] Accepting operation type 95 from module /[Default VFS]/ Checking operation #96 (type 96, layer 0) Making operation type 96 opaque [module /[Default VFS]/] Accepting operation type 96 from module /[Default VFS]/ Checking operation #97 (type 97, layer 0) Making operation type 97 opaque [module /[Default VFS]/] Accepting operation type 97 from module /[Default VFS]/ Checking operation #98 (type 98, layer 0) Making operation type 98 opaque [module /[Default VFS]/] Accepting operation type 98 from module /[Default VFS]/ Checking operation #99 (type 99, layer 0) Making operation type 99 opaque [module /[Default VFS]/] Accepting operation type 99 from module /[Default VFS]/ Checking operation #100 (type 100, layer 0) Making operation type 100 opaque [module /[Default VFS]/] Accepting operation type 100 from module /[Default VFS]/ Checking operation #101 (type 101, layer 0) Making operation type 101 opaque [module /[Default VFS]/] Accepting operation type 101 from module /[Default VFS]/ Checking operation #102 (type 102, layer 0) Making operation type 102 opaque [module /[Default VFS]/] Accepting operation type 102 from module /[Default VFS]/ claiming [IPC$] Locking key 42450000010000004950 Allocated locked data 0x0x80667330 Unlocking key 42450000010000004950 user_ok_token: share IPC$ is ok for unix user nobody is_share_read_only_for_user: share IPC$ is read-only for unix user nobody se_map_generic(): mapped mask 0x10000000 to 0x001f01ff push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Thu May 14 16:05:33 2009 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 pdb_set_username: setting username nobody, was pdb_set_domain: setting domain IST, was pdb_set_nt_username: setting nt username , was pdb_set_full_name: setting full name nobody, was pdb_set_homedir: setting home dir , was pdb_set_dir_drive: setting dir drive , was NULL pdb_set_logon_script: setting logon script IST\netlogon.bat, was pdb_set_profile_path: setting profile path , was pdb_set_workstations: setting workstations , was push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Thu May 14 16:05:33 2009 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 pdb_set_user_sid: setting user sid S-1-5-21-1975603481-473135534-3533444853-501 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-1975603481-473135534-3533444853-501 from rid 501 setting sec ctx (65534, 65534) - sec_ctx_stack_ndx = 0 NT user token of user S-1-5-21-1975603481-473135534-3533444853-501 contains 7 SIDs SID[ 0]: S-1-5-21-1975603481-473135534-3533444853-501 SID[ 1]: S-1-1-0 SID[ 2]: S-1-5-2 SID[ 3]: S-1-5-32-546 SID[ 4]: S-1-22-1-65534 SID[ 5]: S-1-22-2-20003 SID[ 6]: S-1-22-2-20002 SE_PRIV 0x0 0x0 0x0 0x0 UNIX token of user 65534 Primary group is 65534 and contains 2 supplementary groups Group[ 0]: 20003 Group[ 1]: 20002 change_to_user uid=(0,65534) gid=(0,65534) windows7 (::ffff:130.123.168.109) connect to service IPC$ initially as user nobody (uid=65534, gid=65534) (pid 17730) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups change_to_root_user: now uid=(0,0) gid=(0,0) tconX service=IPC$ size=56 smb_com=0x75 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=65279 smb_uid=100 smb_mid=192 smt_wct=7 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 1 (0x1) smb_vwv[ 3]= 511 (0x1FF) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 511 (0x1FF) smb_vwv[ 6]= 0 (0x0) smb_bcc=7 [000] 49 50 43 00 00 00 00 IPC.... got smb length of 104 got message type 0x0 of len 0x68 Transaction 4 of length 108 (0 toread) size=104 smb_com=0xa2 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=492 smb_uid=100 smb_mid=256 smt_wct=24 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]= 4608 (0x1200) smb_vwv[ 3]= 4096 (0x1000) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=40704 (0x9F00) smb_vwv[ 8]= 4609 (0x1201) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 1792 (0x700) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 256 (0x100) smb_vwv[18]= 0 (0x0) smb_vwv[19]=16384 (0x4000) smb_vwv[20]=16384 (0x4000) smb_vwv[21]= 512 (0x200) smb_vwv[22]= 0 (0x0) smb_vwv[23]= 256 (0x100) smb_bcc=21 [000] FF 5C 00 4E 00 45 00 54 00 4C 00 4F 00 47 00 4F ÿ\.N.E.T .L.O.G.O [010] 00 4E 00 00 00 .N... switch message SMBntcreateX (pid 17730) conn 0x80650080 setting sec ctx (65534, 65534) - sec_ctx_stack_ndx = 0 NT user token of user S-1-5-21-1975603481-473135534-3533444853-501 contains 7 SIDs SID[ 0]: S-1-5-21-1975603481-473135534-3533444853-501 SID[ 1]: S-1-1-0 SID[ 2]: S-1-5-2 SID[ 3]: S-1-5-32-546 SID[ 4]: S-1-22-1-65534 SID[ 5]: S-1-22-2-20003 SID[ 6]: S-1-22-2-20002 SE_PRIV 0x0 0x0 0x0 0x0 UNIX token of user 65534 Primary group is 65534 and contains 2 supplementary groups Group[ 0]: 20003 Group[ 1]: 20002 change_to_user uid=(0,65534) gid=(0,65534) vfs_ChDir to /tmp reply_ntcreate_and_X: flags = 0x10, access_mask = 0x12019f file_attributes = 0x0, share_access = 0x7, create_disposition = 0x1 create_options = 0x400040 root_dir_fid = 0x0, fname = NETLOGON nt_open_pipe: Opening pipe \NETLOGON. nt_open_pipe: Known pipe NETLOGON opening. Open pipe requested NETLOGON (pipes_open=0) Create pipe requested NETLOGON init_pipe_handles: created handle list for pipe NETLOGON init_pipe_handles: pipe_handles ref count = 1 for pipe NETLOGON smbldap_search_ext: base => [ou=groups,dc=ist,dc=massey,dc=ac,dc=nz], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=65534))], scope => [2] ldapsam_getgroup: Did not find group, filter was (&(objectClass=sambaGroupMapping)(gidNumber=65534)) push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1 push_conn_ctx(100) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Thu May 14 16:05:33 2009 pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0 pdb_set_username: setting username nobody, was pdb_set_domain: setting domain IST, was pdb_set_nt_username: setting nt username , was pdb_set_full_name: setting full name nobody, was pdb_set_homedir: setting home dir , was pdb_set_dir_drive: setting dir drive , was NULL pdb_set_logon_script: setting logon script IST\netlogon.bat, was pdb_set_profile_path: setting profile path , was pdb_set_workstations: setting workstations , was push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1 push_conn_ctx(100) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Thu May 14 16:05:33 2009 pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0 pdb_set_user_sid: setting user sid S-1-5-21-1975603481-473135534-3533444853-501 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-1975603481-473135534-3533444853-501 from rid 501 Created internal pipe NETLOGON (pipes_open=0) Opened pipe NETLOGON with handle 7538 (pipes_open=1) open pipes: name NETLOGON pnum=7538 Locking key 4E45544C4F474F4E2F31 Allocated locked data 0x0x80666900 Unlocking key 4E45544C4F474F4E2F31 do_ntcreate_pipe_open: open pipe = \NETLOGON size=135 smb_com=0xa2 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=492 smb_uid=100 smb_mid=256 smt_wct=42 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]=14336 (0x3800) smb_vwv[ 3]= 373 (0x175) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_vwv[18]= 0 (0x0) smb_vwv[19]= 0 (0x0) smb_vwv[20]= 0 (0x0) smb_vwv[21]=32768 (0x8000) smb_vwv[22]= 0 (0x0) smb_vwv[23]= 0 (0x0) smb_vwv[24]= 0 (0x0) smb_vwv[25]= 0 (0x0) smb_vwv[26]= 0 (0x0) smb_vwv[27]= 0 (0x0) smb_vwv[28]= 0 (0x0) smb_vwv[29]= 0 (0x0) smb_vwv[30]= 0 (0x0) smb_vwv[31]= 512 (0x200) smb_vwv[32]=65280 (0xFF00) smb_vwv[33]= 5 (0x5) smb_vwv[34]= 0 (0x0) smb_vwv[35]= 0 (0x0) smb_vwv[36]= 0 (0x0) smb_vwv[37]= 0 (0x0) smb_vwv[38]= 0 (0x0) smb_vwv[39]= 0 (0x0) smb_vwv[40]= 0 (0x0) smb_vwv[41]= 0 (0x0) smb_bcc=0 got smb length of 72 got message type 0x0 of len 0x48 Transaction 5 of length 76 (0 toread) size=72 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=492 smb_uid=100 smb_mid=320 smt_wct=15 smb_vwv[ 0]= 4 (0x4) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 2 (0x2) smb_vwv[ 3]= 24 (0x18) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 4 (0x4) smb_vwv[10]= 68 (0x44) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 7 (0x7) smb_bcc=7 [000] 00 00 00 38 75 ED 03 ...8uí. switch message SMBtrans2 (pid 17730) conn 0x80650080 change_to_user: Skipping user change - already user search for pipe pnum=7538 pipe name NETLOGON pnum=7538 (pipes_open=1) t2_rep: params_sent_thistime = 2, data_sent_thistime = 24, useable_space = 131010 t2_rep: params_to_send = 2, data_to_send = 24, paramsize = 2, datasize = 24 size=84 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=492 smb_uid=100 smb_mid=320 smt_wct=10 smb_vwv[ 0]= 2 (0x2) smb_vwv[ 1]= 24 (0x18) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 2 (0x2) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 24 (0x18) smb_vwv[ 7]= 60 (0x3C) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=29 [000] 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 ........ ........ [010] 00 00 00 00 00 01 00 00 00 01 00 00 00 ........ ..... got smb length of 263 got message type 0x0 of len 0x107 Transaction 6 of length 267 (0 toread) size=263 smb_com=0x2f smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=65279 smb_uid=100 smb_mid=384 smt_wct=14 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]=30008 (0x7538) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]=65535 (0xFFFF) smb_vwv[ 6]=65535 (0xFFFF) smb_vwv[ 7]= 8 (0x8) smb_vwv[ 8]= 199 (0xC7) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 199 (0xC7) smb_vwv[11]= 64 (0x40) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_bcc=200 [000] EE 05 00 0B 07 10 00 00 00 C7 00 1F 00 04 00 00 î....... .Ç...... [010] 00 B8 10 B8 10 00 00 00 00 03 00 00 00 00 00 01 .¸.¸.... ........ [020] 00 78 56 34 12 34 12 CD AB EF 00 01 23 45 67 CF .xV4.4.Í «ï..#EgÏ [030] FB 01 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 û.....]. .ë.É..è. [040] 00 2B 10 48 60 02 00 00 00 01 00 01 00 78 56 34 .+.H`... .....xV4 [050] 12 34 12 CD AB EF 00 01 23 45 67 CF FB 01 00 00 .4.Í«ï.. #EgÏû... [060] 00 33 05 71 71 BA BE 37 49 83 19 B5 DB EF 9C CC .3.qqº¾7 I..µÛï.Ì [070] 36 01 00 00 00 02 00 01 00 78 56 34 12 34 12 CD 6....... .xV4.4.Í [080] AB EF 00 01 23 45 67 CF FB 01 00 00 00 2C 1C B7 «ï..#EgÏ û....,.· [090] 6C 12 98 40 45 03 00 00 00 00 00 00 00 01 00 00 l..@E... ........ [0A0] 00 44 06 00 00 00 00 00 00 00 00 00 00 13 00 00 .D...... ........ [0B0] 00 49 53 54 00 57 49 4E 44 4F 57 53 37 00 08 57 .IST.WIN DOWS7..W [0C0] 49 4E 44 4F 57 53 37 00 INDOWS7. switch message SMBwriteX (pid 17730) conn 0x80650080 change_to_user: Skipping user change - already user search for pipe pnum=7538 pipe name NETLOGON pnum=7538 (pipes_open=1) write_to_pipe: 7538 name: NETLOGON open: Yes len: 199 write_to_pipe: data_left = 199 process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 199 fill_rpc_header: data_to_copy = 199, len_needed_to_complete_hdr = 16, receive_len = 0 write_to_pipe: data_used = 16 write_to_pipe: data_left = 183 process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 183 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0b 0003 flags : 07 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 00c7 000a auth_len : 001f 000c call_id : 00000004 unmarshall_rpc_header: using little-endian RPC unmarshall_rpc_header: type = 11, flags = 7 write_to_pipe: data_used = 0 write_to_pipe: data_left = 183 process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 183, incoming data = 183 process_complete_pdu: processing packet type 11 api_pipe_bind_req: decode request. 1591 000000 smb_io_rpc_hdr_rb 000000 smb_io_rpc_hdr_bba 0000 max_tsize: 10b8 0002 max_rsize: 10b8 0004 assoc_gid: 00000000 0008 num_contexts: 03 000c context_id : 0000 000e num_transfer_syntaxes: 01 00000f smb_io_rpc_iface 000010 smb_io_uuid uuid 0010 data : 12345678 0014 data : 1234 0016 data : abcd 0018 data : ef 00 001a data : 01 23 45 67 cf fb 0020 version: 00000001 000024 smb_io_rpc_iface 000024 smb_io_uuid uuid 0024 data : 8a885d04 0028 data : 1ceb 002a data : 11c9 002c data : 9f e8 002e data : 08 00 2b 10 48 60 0034 version: 00000002 0038 context_id : 0001 003a num_transfer_syntaxes: 01 00003b smb_io_rpc_iface 00003c smb_io_uuid uuid 003c data : 12345678 0040 data : 1234 0042 data : abcd 0044 data : ef 00 0046 data : 01 23 45 67 cf fb 004c version: 00000001 000050 smb_io_rpc_iface 000050 smb_io_uuid uuid 0050 data : 71710533 0054 data : beba 0056 data : 4937 0058 data : 83 19 005a data : b5 db ef 9c cc 36 0060 version: 00000001 0064 context_id : 0002 0066 num_transfer_syntaxes: 01 000067 smb_io_rpc_iface 000068 smb_io_uuid uuid 0068 data : 12345678 006c data : 1234 006e data : abcd 0070 data : ef 00 0072 data : 01 23 45 67 cf fb 0078 version: 00000001 00007c smb_io_rpc_iface 00007c smb_io_uuid uuid 007c data : 6cb71c2c 0080 data : 9812 0082 data : 4540 0084 data : 03 00 0086 data : 00 00 00 00 00 00 008c version: 00000001 api_pipe_bind_req: \PIPE\netlogon -> \PIPE\netlogon api_pipe_bind_req: make response. 1654 000090 smb_io_rpc_hdr_auth 0090 auth_type : 44 0091 auth_level : 06 0092 auth_pad_len : 00 0093 auth_reserved: 00 0094 auth_context_id: 00000000 000098 smb_io_rpc_auth_schannel_neg 0098 type1: 00000000 009c type2: 00000013 [000] 49 53 54 IST [000] 57 49 4E 44 4F 57 53 37 WINDOWS7 push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1 push_conn_ctx(100) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups secrets_restore_schannel_session_info: restored schannel info key SECRETS/SCHANNEL/WINDOWS7 pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0 000000 smb_io_rpc_hdr_auth 0000 auth_type : 44 0001 auth_level : 06 0002 auth_pad_len : 08 0003 auth_reserved: 00 0004 auth_context_id: 00000001 000008 smb_io_rpc_schannel_verifier [000] 01 . 000a msg_type : 00000000 0010 flags : 00000005 pipe_schannel_auth_bind: schannel auth: domain [IST] myname [WINDOWS7] check_bind_req for netlogon checking lsarpc checking winreg checking initshutdown checking dssetup checking wkssvc checking svcctl checking ntsvcs checking netlogon 000000 smb_io_rpc_hdr_ba 000000 smb_io_rpc_hdr_bba 0000 max_tsize: 10b8 0002 max_rsize: 10b8 0004 assoc_gid: 000053f0 000008 smb_io_rpc_addr_str 0008 len: 000f 000a str: \PIPE\netlogon. 000019 smb_io_rpc_results 001c num_results: 01 0020 result : 0000 0022 reason : 0000 000024 smb_io_rpc_iface 000024 smb_io_uuid uuid 0024 data : 8a885d04 0028 data : 1ceb 002a data : 11c9 002c data : 9f e8 002e data : 08 00 2b 10 48 60 0034 version: 00000002 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 005c 000a auth_len : 000c 000c call_id : 00000004 write_to_pipe: data_used = 183 writeX-IPC pnum=7538 nwritten=199 size=47 smb_com=0x2f smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=65279 smb_uid=100 smb_mid=384 smt_wct=6 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 199 (0xC7) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_bcc=0 got smb length of 59 got message type 0x0 of len 0x3b Transaction 7 of length 63 (0 toread) size=59 smb_com=0x2e smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=65279 smb_uid=100 smb_mid=448 smt_wct=12 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]=30008 (0x7538) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 1024 (0x400) smb_vwv[ 7]=65535 (0xFFFF) smb_vwv[ 8]=65535 (0xFFFF) smb_vwv[ 9]= 1024 (0x400) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_bcc=0 switch message SMBreadX (pid 17730) conn 0x80650080 change_to_user: Skipping user change - already user search for pipe pnum=7538 pipe name NETLOGON pnum=7538 (pipes_open=1) read_from_pipe: 7538 name: netlogon len: 1024 read_from_pipe: netlogon: current_pdu_len = 92, current_pdu_sent = 0 returning 92 bytes. readX-IPC pnum=7538 min=1024 max=1024 nread=92 size=151 smb_com=0x2e smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=65279 smb_uid=100 smb_mid=448 smt_wct=12 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 92 (0x5C) smb_vwv[ 6]= 59 (0x3B) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_bcc=92 [000] 05 00 0C 03 10 00 00 00 5C 00 0C 00 04 00 00 00 ........ \....... [010] B8 10 B8 10 F0 53 00 00 0F 00 5C 50 49 50 45 5C ¸.¸.ðS.. ..\PIPE\ [020] 6E 65 74 6C 6F 67 6F 6E 00 00 00 00 01 00 00 00 netlogon ........ [030] 00 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 .....].. ë.É..è.. [040] 2B 10 48 60 02 00 00 00 44 06 08 00 01 00 00 00 +.H`.... D....... [050] 01 00 00 00 00 00 00 00 05 00 00 00 ........ .... got smb length of 488 got message type 0x0 of len 0x1e8 Transaction 8 of length 492 (0 toread) size=488 smb_com=0x2f smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=65279 smb_uid=100 smb_mid=512 smt_wct=14 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]=30008 (0x7538) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]=65535 (0xFFFF) smb_vwv[ 6]=65535 (0xFFFF) smb_vwv[ 7]= 8 (0x8) smb_vwv[ 8]= 424 (0x1A8) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 424 (0x1A8) smb_vwv[11]= 64 (0x40) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_bcc=425 [000] EE 05 00 00 03 10 00 00 00 A8 01 38 00 04 00 00 î....... .¨.8.... [010] 00 44 01 00 00 00 00 02 00 51 11 63 D1 AD 44 75 .D...... .Q.cÑ­Du [020] 5B 76 11 48 4C 21 EE 3E A4 9B 2E 02 09 BF 1B A2 [v.HL!î> ¤....¿.¢ [030] C9 44 F8 FE EF B4 1E 3E A0 F1 C3 02 68 DF E5 F9 ÉDøþï´.>  ñÃ.hßåù [040] 4E 9B 6F 4F C4 CA 1E 67 07 0C 95 E5 8E F9 20 8F N.oOÄÊ.g ...å.ù . [050] 6F 24 39 76 D8 A0 AB FD EE 79 FD F5 18 BB 60 D1 o$9vØ «ý îyýõ.»`Ñ [060] 82 FC C1 DB 74 0A C5 AB 57 50 A1 BF 5F 74 BC CD .üÁÛt.Å« WP¡¿_t¼Í [070] 34 9A 69 FB 8A 68 7A 34 FB 90 BB DB 1A 07 02 71 4.iû.hz4 û.»Û...q [080] A3 08 C5 85 17 38 94 BF 5A E2 A9 31 1C 66 D3 56 £.Å..8.¿ Zâ©1.fÓV [090] C0 0F BE 2C 31 DF 2A F7 38 5B A7 44 58 13 5C DD À.¾,1ß*÷ 8[§DX.\Ý [0A0] 9B 8D 19 F5 BC D6 D7 A9 6E 2D 40 20 62 53 83 E5 ...õ¼Öש n-@ bS.å [0B0] E2 12 B4 32 AD 2E 7A A6 3C 82 00 11 37 F0 8E 64 â.´2­.z¦ <...7ð.d [0C0] AB 1F F1 9E 58 5D 04 46 27 15 71 F8 69 31 12 94 «.ñ.X].F '.qøi1.. [0D0] 30 18 7C 7E 32 E2 BA 66 96 D3 30 8D D4 E1 BA 07 0.|~2âºf .Ó0.Ôáº. [0E0] D5 4C 8C C1 EE B2 B6 BC 05 C5 E1 B7 D5 72 9C BA ÕL.Á¼ .Åá·Õr.º [0F0] 0A 77 A6 A8 17 29 3A 32 2E A5 B5 DF 0A 2E B0 89 .w¦¨.):2 .¥µß..°. [100] B6 35 37 1E 01 0F 36 38 A3 9F 6E 8E 1F C4 8A 69 ¶57...68 £.n..Ä.i [110] AB D8 A0 56 D5 44 14 0F 42 57 A5 7F B8 66 57 B0 «Ø VÕD.. BW¥.¸fW° [120] 68 54 A6 24 C2 13 EB BB 96 B5 E6 0E FA 73 08 BD hT¦$Â.ë» .µæ.ús.½ [130] FE 77 45 58 B7 62 9C 1A D5 76 B4 D7 31 51 1F 88 þwEX·b.. Õv´×1Q.. [140] 4F 57 D7 B2 83 1A 83 98 51 D6 D5 CA 8E B5 87 1D OWײ.... QÖÕÊ.µ.. [150] D5 8C D5 4B 5B 5C 14 52 DA 27 FD 2D AB 24 EA E6 Õ.ÕK[\.R Ú'ý-«$êæ [160] 6C 2B D7 5E 9C 00 C9 26 44 44 06 0C 00 00 00 00 l+×^..É& DD...... [170] 00 77 00 7A 00 FF FF 00 00 79 37 1B 74 56 85 D4 .w.z.ÿÿ. .y7.tV.Ô [180] 31 10 A3 FB 2E B1 0D 0F CC 65 9D 47 0F 40 B9 0E 1.£û.±.. Ìe.G.@¹. [190] 1C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [1A0] 00 00 00 00 00 00 00 00 00 ........ . switch message SMBwriteX (pid 17730) conn 0x80650080 change_to_user: Skipping user change - already user search for pipe pnum=7538 pipe name NETLOGON pnum=7538 (pipes_open=1) write_to_pipe: 7538 name: NETLOGON open: Yes len: 424 write_to_pipe: data_left = 424 process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 424 fill_rpc_header: data_to_copy = 424, len_needed_to_complete_hdr = 16, receive_len = 0 write_to_pipe: data_used = 16 write_to_pipe: data_left = 408 process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 408 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 01a8 000a auth_len : 0038 000c call_id : 00000004 unmarshall_rpc_header: using little-endian RPC unmarshall_rpc_header: type = 0, flags = 3 write_to_pipe: data_used = 0 write_to_pipe: data_left = 408 process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 408, incoming data = 408 process_complete_pdu: processing packet type 0 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000144 0004 context_id: 0000 0006 opnum : 0002 data 336 auth 56 000158 smb_io_rpc_hdr_auth hdr_auth 0158 auth_type : 44 0159 auth_level : 06 015a auth_pad_len : 0c 015b auth_reserved: 00 015c auth_context_id: 00000000 000160 smb_io_rpc_auth_schannel_chk 0160 sig : 77 00 7a 00 ff ff 00 00 0168 seq_num: 79 37 1b 74 56 85 d4 31 0170 packet_digest: 10 a3 fb 2e b1 0d 0f cc 0178 confounder: 65 9d 47 0f 40 b9 0e 1c SCHANNEL: schannel_decode seq_num=0 data_len=336 SCHANNEL: schannel_decode seq_num=0 data_len=336 free_pipe_context: destroying talloc pool of size 169 Requested \PIPE\netlogon api_rpcTNP: netlogon op 0x2 - api_rpcTNP: rpc command: NETR_LOGONSAMLOGON api_rpc_cmds[2].fn == 0x801e61d9 netr_LogonSamLogon: struct netr_LogonSamLogon in: struct netr_LogonSamLogon server_name : * server_name : '\\IST-DC1' computer_name : * computer_name : 'WINDOWS7' credential : * credential: struct netr_Authenticator cred: struct netr_Credential data : 91f387db88bdb34f timestamp : Thu 14 May 2009 16:05:12 NZST NZST return_authenticator : * return_authenticator: struct netr_Authenticator cred: struct netr_Credential data : 0000000000000000 timestamp : (time_t)0 logon_level : INTERACTIVE_LOGON_TYPE (1) logon : * logon : union netr_LogonInfo(case 1) password : * password: struct netr_PasswordInfo identity_info: struct netr_IdentityInfo domain_name: struct lsa_String length : 0x000c (12) size : 0x000c (12) string : * string : 'MASSEY' parameter_control : 0x00000000 (0) 0: MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 0: MSV1_0_UPDATE_LOGON_STATISTICS 0: MSV1_0_RETURN_USER_PARAMETERS 0: MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 0: MSV1_0_RETURN_PROFILE_PATH 0: MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT logon_id_low : 0x00071162 (463202) logon_id_high : 0x00000000 (0) account_name: struct lsa_String length : 0x0010 (16) size : 0x0010 (16) string : * string : 'prynhart' workstation: struct lsa_String length : 0x0010 (16) size : 0x0010 (16) string : * string : 'WINDOWS7' lmpassword: struct samr_Password hash : 69bf7499c42babfea40b39a01dc2cdb3 ntpassword: struct samr_Password hash : 2e8846d7ea5b06332430c7450b1881f6 validation_level : 0x0003 (3) push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1 push_conn_ctx(100) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups secrets_restore_schannel_session_info: restored schannel info key SECRETS/SCHANNEL/WINDOWS7 pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0 sequence = 0x4a0b9878 seed: 9F24B1B44389BF43 seed+seq 17BDBCFE4389BF43 CLIENT 91F387DB88BDB34F seed+seq+1 18BDBCFE4389BF43 SERVER 91E9460FB8542D6C cred_reseed: seed 18BDBCFE4389BF43 netlogon_creds_server_check: credentials check OK. push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1 push_conn_ctx(100) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups secrets_store_schannel_session_info: stored schannel info with key SECRETS/SCHANNEL/WINDOWS7 pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0 SAM Logon (Interactive). Domain:[IST]. User:[prynhart@WINDOWS7] Requested Domain:[MASSEY] Attempting validation level 3 for unmapped username prynhart. Making default auth method list for DC, security=user, encrypt passwords = yes load_auth_module: Attempting to find an auth method to match guest load_auth_module: auth method guest has a valid init load_auth_module: Attempting to find an auth method to match sam load_auth_module: auth method sam has a valid init load_auth_module: Attempting to find an auth method to match winbind:trustdomain load_auth_module: Attempting to find an auth method to match trustdomain load_auth_module: auth method trustdomain has a valid init load_auth_module: auth method winbind has a valid init auth_get_challenge: module guest did not want to specify a challenge auth_get_challenge: module sam did not want to specify a challenge auth_get_challenge: module winbind did not want to specify a challenge auth_context challenge created by random challenge is: [000] B5 2B 9B A6 3E 37 E1 55 µ+.¦>7áU make_user_info_map: Mapping user [MASSEY]\[prynhart] from workstation [WINDOWS7] push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1 push_conn_ctx(100) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups is_trusted_domain: Checking for domain trust with [MASSEY] ldapsam_get_trusteddom_pw called for domain MASSEY smbldap_search_ext: base => [sambaDomainName=MASSEY,sambaDomainName=IST,dc=ist,dc=massey,dc=ac,dc=nz], filter => [(&(objectClass=sambaTrustedDomainPassword)(sambaDomainName=MASSEY))], scope => [2] pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0 attempting to make a user_info for prynhart (prynhart) making strings for prynhart's user_info struct making blobs for prynhart's user_info struct made an encrypted user_info for prynhart (prynhart) check_ntlm_password: Checking password for unmapped user [MASSEY]\[prynhart]@[WINDOWS7] with the new password interface check_ntlm_password: mapped user is: [MASSEY]\[prynhart]@[WINDOWS7] check_ntlm_password: auth_context challenge created by random challenge is: [000] B5 2B 9B A6 3E 37 E1 55 µ+.¦>7áU check_ntlm_password: guest had nothing to say is_myname("MASSEY") returns 0 check_samstrict_security: MASSEY is not one of my local names or domain name (DC) check_ntlm_password: sam had nothing to say push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1 push_conn_ctx(100) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0 Finding user MASSEY\prynhart Trying _Get_Pwnam(), username as lowercase is massey\prynhart Get_Pwnam_internals did find user [MASSEY\prynhart]! fill_sam_account: located username was [MASSEY\prynhart] pdb_set_username: setting username MASSEY\prynhart, was pdb_set_full_name: setting full name , was pdb_set_domain: setting domain IST, was pdb_set_profile_path: setting profile path , was pdb_set_homedir: setting home dir , was pdb_set_dir_drive: setting dir drive , was NULL pdb_set_logon_script: setting logon script IST\netlogon.bat, was pdb_set_user_sid: setting user sid S-1-5-21-1975603481-473135534-3533444853-21002 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-1975603481-473135534-3533444853-21002 from rid 21002 pdb_set_nt_username: setting nt username prynhart, was pdb_set_username: setting username prynhart, was MASSEY\prynhart pdb_set_domain: setting domain MASSEY, was IST pdb_set_user_sid: setting user sid S-1-5-21-95318837-410984162-318601546-6467 Returning valid cache entry: key = IDMAP/SID2GID/S-1-5-21-95318837-410984162-318601546-513, value = 10008, timeout = Tue May 19 11:30:00 2009 sid S-1-5-21-95318837-410984162-318601546-513 -> gid 10008 pdb_set_group_sid: setting group sid S-1-5-21-95318837-410984162-318601546-513 pdb_set_full_name: setting full name , was pdb_set_logon_script: setting logon script IST\netlogon.bat, was IST\netlogon.bat pdb_set_profile_path: setting profile path , was pdb_set_homedir: setting home dir , was pdb_set_dir_drive: setting dir drive , was check_ntlm_password: winbind authentication for user [prynhart] succeeded push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1 push_conn_ctx(100) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups smb_pam_start: PAM: Init user: MASSEY\prynhart smb_pam_start: PAM: setting rhost to: ::ffff:130.123.168.109 smb_pam_start: PAM: setting tty smb_pam_start: PAM: Init passed for user: MASSEY\prynhart smb_pam_account: PAM: Account Management for User: MASSEY\prynhart smb_pam_account: PAM: Account OK for User: MASSEY\prynhart smb_pam_end: PAM: PAM_END OK. pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0 check_ntlm_password: PAM Account for user [MASSEY\prynhart] succeeded check_ntlm_password: authentication for user [prynhart] -> [prynhart] -> [MASSEY\prynhart] succeeded attempting to free (and zero) a user_info structure structure was created for prynhart _netr_LogonSamLogon: check_password returned status NT_STATUS_OK push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1 push_conn_ctx(100) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups Returning expired cache entry: key = ACCT_POL/minimum password age, value = 0 , timeout = Thu May 14 16:04:33 2009 ldapsam_get_account_policy_from_ldap smbldap_search_ext: base => [sambaDomainName=IST,dc=ist,dc=massey,dc=ac,dc=nz], filter => [(objectclass=*)], scope => [0] cache_account_policy_set: updating account pol cache Adding cache entry with key = ACCT_POL/minimum password age; value = 0 and timeout = Thu May 14 16:06:14 2009 (60 seconds ahead) pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0 push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1 push_conn_ctx(100) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 NT user token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups Returning expired cache entry: key = ACCT_POL/maximum password age, value = 4294967295 , timeout = Thu May 14 16:04:33 2009 ldapsam_get_account_policy_from_ldap smbldap_search_ext: base => [sambaDomainName=IST,dc=ist,dc=massey,dc=ac,dc=nz], filter => [(objectclass=*)], scope => [0] cache_account_policy_set: updating account pol cache Adding cache entry with key = ACCT_POL/maximum password age; value = 4294967295 and timeout = Thu May 14 16:06:14 2009 (60 seconds ahead) pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0 netr_LogonSamLogon: struct netr_LogonSamLogon out: struct netr_LogonSamLogon return_authenticator : * return_authenticator: struct netr_Authenticator cred: struct netr_Credential data : 91e9460fb8542d6c timestamp : Thu 14 May 2009 16:05:13 NZST NZST validation : * validation : union netr_Validation(case 3) sam3 : * sam3: struct netr_SamInfo3 base: struct netr_SamBaseInfo last_logon : NTTIME(0) last_logoff : Tue 19 Jan 2038 16:14:07 NZDT NZDT acct_expiry : Tue 19 Jan 2038 16:14:07 NZDT NZDT last_password_change : Sat 14 Dec 1901 08:15:52 NZMT NZMT allow_password_change : Sat 14 Dec 1901 08:15:52 NZMT NZMT force_password_change : Tue 19 Jan 2038 16:14:07 NZDT NZDT account_name: struct lsa_String length : 0x0010 (16) size : 0x0010 (16) string : * string : 'prynhart' full_name: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : '' logon_script: struct lsa_String length : 0x0020 (32) size : 0x0020 (32) string : * string : 'IST\netlogon.bat' profile_path: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : '' home_directory: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : '' home_drive: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : '' logon_count : 0x0000 (0) bad_password_count : 0x0000 (0) rid : 0x00001943 (6467) primary_gid : 0x00000201 (513) groups: struct samr_RidWithAttributeArray count : 0x00000018 (24) rids : * rids: ARRAY(24) rids: struct samr_RidWithAttribute rid : 0x00000201 (513) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x0000bc51 (48209) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x0000bbcf (48079) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x00002bcd (11213) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x00049b12 (301842) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x00044b13 (281363) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x00049b10 (301840) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x0002d1f5 (184821) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x0003dafd (252669) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x00044369 (279401) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x0002137c (136060) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x00002f36 (12086) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x000321e1 (205281) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x00002bb4 (11188) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x0004c97e (313726) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x000227b3 (141235) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x0000c861 (51297) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x00001631 (5681) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x00044b14 (281364) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x00043f54 (278356) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x0000336f (13167) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x00033a2e (211502) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x0003dd44 (253252) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x0004e732 (321330) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) user_flags : 0x00000020 (32) 0: NETLOGON_GUEST 0: NETLOGON_NOENCRYPTION 0: NETLOGON_CACHED_ACCOUNT 0: NETLOGON_USED_LM_PASSWORD 1: NETLOGON_EXTRA_SIDS 0: NETLOGON_SUBAUTH_SESSION_KEY 0: NETLOGON_SERVER_TRUST_ACCOUNT 0: NETLOGON_NTLMV2_ENABLED 0: NETLOGON_RESOURCE_GROUPS 0: NETLOGON_PROFILE_PATH_RETURNED 0: NETLOGON_GRACE_LOGON key: struct netr_UserSessionKey key : ff2cacda6e201b21342ee19f0a35bb22 logon_server: struct lsa_StringLarge length : 0x0000 (0) size : 0x0000 (0) string : * string : 'ITS-DC1' domain: struct lsa_StringLarge length : 0x0000 (0) size : 0x0000 (0) string : * string : 'MASSEY' domain_sid : * domain_sid : S-1-5-21-95318837-410984162-318601546 LMSessKey: struct netr_LMSessionKey key : 69bf7499c42babfe acct_flags : 0x00000014 (20) 0: ACB_DISABLED 0: ACB_HOMDIRREQ 1: ACB_PWNOTREQ 0: ACB_TEMPDUP 1: ACB_NORMAL 0: ACB_MNS 0: ACB_DOMTRUST 0: ACB_WSTRUST 0: ACB_SVRTRUST 0: ACB_PWNOEXP 0: ACB_AUTOLOCK 0: ACB_ENC_TXT_PWD_ALLOWED 0: ACB_SMARTCARD_REQUIRED 0: ACB_TRUSTED_FOR_DELEGATION 0: ACB_NOT_DELEGATED 0: ACB_USE_DES_KEY_ONLY 0: ACB_DONT_REQUIRE_PREAUTH 0: ACB_PW_EXPIRED 0: ACB_NO_AUTH_DATA_REQD unknown: ARRAY(7) unknown : 0x00000000 (0) unknown : 0x00000000 (0) unknown : 0x00000000 (0) unknown : 0x00000000 (0) unknown : 0x00000000 (0) unknown : 0x00000000 (0) unknown : 0x00000000 (0) sidcount : 0x00000000 (0) sids : NULL authoritative : * authoritative : 0x01 (1) result : NT_STATUS_OK api_rpcTNP: called netlogon successfully free_pipe_context: destroying talloc pool of size 693 write_to_pipe: data_used = 408 writeX-IPC pnum=7538 nwritten=424 size=47 smb_com=0x2f smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=65279 smb_uid=100 smb_mid=512 smt_wct=6 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 424 (0x1A8) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_bcc=0 got smb length of 59 got message type 0x0 of len 0x3b Transaction 9 of length 63 (0 toread) size=59 smb_com=0x2e smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=65279 smb_uid=100 smb_mid=576 smt_wct=12 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]=30008 (0x7538) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 1024 (0x400) smb_vwv[ 7]=65535 (0xFFFF) smb_vwv[ 8]=65535 (0xFFFF) smb_vwv[ 9]= 1024 (0x400) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_bcc=0 switch message SMBreadX (pid 17730) conn 0x80650080 change_to_user: Skipping user change - already user search for pipe pnum=7538 pipe name NETLOGON pnum=7538 (pipes_open=1) read_from_pipe: 7538 name: netlogon len: 1024 read_from_pipe: netlogon: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 632. 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 02b8 000a auth_len : 0020 000c call_id : 00000004 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000278 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 000290 smb_io_rpc_hdr_auth hdr_auth 0290 auth_type : 44 0291 auth_level : 06 0292 auth_pad_len : 00 0293 auth_reserved: 00 0294 auth_context_id: 00000001 SCHANNEL: schannel_encode seq_num=1 data_len=632 000298 smb_io_rpc_auth_schannel_chk 0298 sig : 77 00 7a 00 ff ff 00 00 02a0 seq_num: be d8 b2 de 85 bd 69 77 02a8 packet_digest: 56 39 04 11 92 75 f5 ed 02b0 confounder: 4a 54 dd 00 0d c2 2d 08 readX-IPC pnum=7538 min=1024 max=1024 nread=696 size=755 smb_com=0x2e smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=65279 smb_uid=100 smb_mid=576 smt_wct=12 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 696 (0x2B8) smb_vwv[ 6]= 59 (0x3B) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_bcc=696 [000] 05 00 02 03 10 00 00 00 B8 02 20 00 04 00 00 00 ........ ¸. ..... [010] 78 02 00 00 00 00 00 00 5E F4 BA B6 07 97 EB FA x....... ^ôº¶..ëú [020] C7 4E C7 94 81 AF 40 9D 25 12 C0 DC E0 C3 4C 18 ÇNÇ..¯@. %.ÀÜàÃL. [030] C9 18 60 7C 7A DC B1 A3 1F 92 E8 9B 44 FD D7 F4 É.`|zܱ£ ..è.Dý×ô [040] 0F 78 B1 E6 BD BC 37 EE 9C D0 43 A7 58 77 32 F9 .x±æ½¼7î .ÐC§Xw2ù [050] 82 DF 69 CF 40 8A C3 B0 BF 02 69 9B AB B3 C7 32 .ßiÏ@.ð ¿.i.«³Ç2 [060] D9 AA 61 73 E2 D0 79 EA 79 C4 D8 6C A5 FD 8E CC ÙªasâÐyê yÄØl¥ý.Ì [070] E4 9B 8E 9A B5 84 CB DB 6C 10 81 B1 C2 2A 55 A6 ä...µ.ËÛ l..±Â*U¦ [080] 38 08 6B 41 D4 38 97 27 D4 29 7E 24 9D 78 B4 A9 8.kAÔ8.' Ô)~$.x´© [090] FB 15 78 32 B6 2F 8F F6 E0 94 97 0C 8A 4E 21 1E û.x2¶/.ö à....N!. [0A0] 42 2D 50 83 93 7C E8 5E E7 85 D4 F9 1A 98 E4 DC B-P..|è^ ç.Ôù..äÜ [0B0] EE E0 C9 33 BC EE 7E B9 B4 8C DA 01 97 AA D8 4A îàÉ3¼î~¹ ´.Ú..ªØJ [0C0] 1C 40 C7 A9 39 10 49 AF F9 56 B6 88 E1 06 9A 5B .@Ç©9.I¯ ùV¶.á..[ [0D0] 58 AE E4 25 35 DF 47 32 43 B0 D3 2B E2 4D B1 19 X®ä%5ßG2 C°Ó+âM±. [0E0] 05 B1 24 71 82 37 A2 BE FE 62 77 AD E1 BD E3 09 .±$q.7¢¾ þbw­á½ã. [0F0] 2F 5E EC F5 C9 16 84 DA 55 60 AC 48 15 B1 2A 1B /^ìõÉ..Ú U`¬H.±*. [100] 31 84 3E D3 85 11 CE 21 D8 CF D9 CE 88 FB 0E 7F 1.>Ó..Î! ØÏÙÎ.û.. [110] 80 06 1A 16 5B 70 43 E2 9F A3 ED 55 ED A7 2F C1 ....[pCâ .£íUí§/Á [120] 15 C1 9D 07 78 58 B0 CA 89 C4 E3 38 2D 5E 77 25 .Á..xX°Ê .Äã8-^w% [130] 7A E9 9A 26 B9 01 11 97 2D FB 3A 03 F1 06 DE 30 zé.&¹... -û:.ñ.Þ0 [140] 5C 3F 42 7D DD DE 60 5B E0 3F 8E B2 42 81 8D 36 \?B}ÝÞ`[ à?.²B..6 [150] DE 90 B4 3D 85 4D EF BC 42 6F A8 E3 09 12 04 CA Þ.´=.Mï¼ Bo¨ã...Ê [160] 06 59 FD BA E1 C1 37 31 20 C9 97 61 EB C1 64 EE .YýºáÁ71 É.aëÁdî [170] 82 91 FF 93 3F FF 29 2A EC A7 1E 3A FB 65 51 5E ..ÿ.?ÿ)* ì§.:ûeQ^ [180] 00 3F 38 0E 08 C8 AF 6E B8 55 D4 B3 63 A0 F1 DA .?8..ȯn ¸UÔ³c ñÚ [190] CA 66 F4 98 2A 30 05 8C CF 06 3A 1F 5B C7 9F EB Êfô.*0.. Ï.:.[Ç.ë [1A0] 61 68 67 98 EE C4 37 B0 EB 4A EB 5D 33 84 62 3E ahg.îÄ7° ëJë]3.b> [1B0] 12 62 86 D0 4F 51 5D EC F9 58 D6 4A C6 4D 3F 29 .b.ÐOQ]ì ùXÖJÆM?) [1C0] AB 13 2F BA 19 F7 2E 39 D0 6E 9C FA 26 FA 67 DB «./º.÷.9 Ðn.ú&úgÛ [1D0] 05 04 4E 69 A7 13 4F DB 2F BD 6A EF 26 0B 6B 54 ..Ni§.OÛ /½jï&.kT [1E0] 1C B1 EE 7F 00 E7 08 03 E9 9A 28 48 BE 29 88 7E .±î..ç.. é.(H¾).~ [1F0] 4C 4B 70 B1 E6 99 6C 7F 11 AE 7D 72 DD 0C FC 7A LKp±æ.l. .®}rÝ.üz