[2009/09/24 09:06:20, 5] lib/messages.c:329(messaging_deregister) Deregistering messaging pointer for type 769 - private_data=(nil) [2009/09/24 09:06:20, 5] lib/messages.c:329(messaging_deregister) Deregistering messaging pointer for type 13 - private_data=(nil) [2009/09/24 09:06:20, 5] lib/messages.c:329(messaging_deregister) Deregistering messaging pointer for type 1028 - private_data=(nil) [2009/09/24 09:06:20, 5] lib/messages.c:329(messaging_deregister) Deregistering messaging pointer for type 1027 - private_data=(nil) [2009/09/24 09:06:20, 5] lib/messages.c:329(messaging_deregister) Deregistering messaging pointer for type 1029 - private_data=(nil) [2009/09/24 09:06:20, 5] lib/messages.c:329(messaging_deregister) Deregistering messaging pointer for type 1280 - private_data=(nil) [2009/09/24 09:06:20, 5] lib/messages.c:329(messaging_deregister) Deregistering messaging pointer for type 1033 - private_data=(nil) [2009/09/24 09:06:20, 5] lib/messages.c:329(messaging_deregister) Deregistering messaging pointer for type 1 - private_data=(nil) [2009/09/24 09:06:20, 10] winbindd/winbindd_cm.c:479(set_domain_online_request) set_domain_online_request: called for domain MUC [2009/09/24 09:06:20, 10] winbindd/winbindd_cm.c:508(set_domain_online_request) set_domain_online_request: domain MUC was globally offline. [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "check_domain_online_handler": 0x805bd588 [2009/09/24 09:06:20, 10] winbindd/winbindd_dual.c:906(calculate_next_machine_pwd_change) machine password still valid until: Wed, 30 Sep 2009 16:27:05 CEST [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "machine_password_change_handler": 0x805b4a58 [2009/09/24 09:06:20, 10] lib/events.c:148(get_timed_events_timeout) timed_events_timeout: 5/0 [2009/09/24 09:06:20, 4] winbindd/winbindd_dual.c:1452(fork_domain_child) child daemon request 50 [2009/09/24 09:06:20, 10] winbindd/winbindd_dual.c:452(child_process_request) child_process_request: request fn INIT_CONNECTION [2009/09/24 09:06:20, 8] winbindd/winbindd_cm.c:1589(connection_ok) connection_ok: Connection to for domain MUC has NULL cli! [2009/09/24 09:06:20, 10] lib/gencache.c:194(gencache_get) Cache entry with key = SAFJOIN/DOMAIN/MUC couldn't be found [2009/09/24 09:06:20, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = SAF/DOMAIN/MUC, value = GENOME, timeout = Thu Sep 24 09:21:16 2009 [2009/09/24 09:06:20, 5] libsmb/namequery.c:200(saf_fetch) saf_fetch: Returning "GENOME" for "MUC" domain [2009/09/24 09:06:20, 10] lib/gencache.c:194(gencache_get) Cache entry with key = NEG_CONN_CACHE/MUC,GENOME couldn't be found [2009/09/24 09:06:20, 9] libsmb/conncache.c:150(check_negative_conn_cache) check_negative_conn_cache returning result 0 for domain MUC server GENOME [2009/09/24 09:06:20, 10] winbindd/winbindd_cm.c:1430(cm_open_connection) cm_open_connection: saf_servername is 'GENOME' for domain MUC [2009/09/24 09:06:20, 10] winbindd/winbindd_cm.c:1462(cm_open_connection) cm_open_connection: dcname is 'GENOME' for domain MUC [2009/09/24 09:06:20, 10] lib/gencache.c:194(gencache_get) Cache entry with key = NEG_CONN_CACHE/MUC,GENOME couldn't be found [2009/09/24 09:06:20, 9] libsmb/conncache.c:150(check_negative_conn_cache) check_negative_conn_cache returning result 0 for domain MUC server GENOME [2009/09/24 09:06:20, 10] lib/gencache.c:194(gencache_get) Cache entry with key = AD_SITENAME/DOMAIN/ couldn't be found [2009/09/24 09:06:20, 5] libads/dns.c:814(sitename_fetch) sitename_fetch: No stored sitename for [2009/09/24 09:06:20, 10] libsmb/namequery.c:1505(internal_resolve_name) internal_resolve_name: looking up GENOME#20 (sitename (null)) [2009/09/24 09:06:20, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = NBT/GENOME#20, value = 192.168.29.4:0, timeout = Thu Sep 24 09:16:42 2009 [2009/09/24 09:06:20, 5] libsmb/namecache.c:212(namecache_fetch) name GENOME#20 found. [2009/09/24 09:06:20, 10] winbindd/winbindd_cm.c:774(cm_prepare_connection) cm_prepare_connection: connecting to DC GENOME for domain MUC [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=1 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 1 [2009/09/24 09:06:20, 5] winbindd/winbindd_cm.c:882(cm_prepare_connection) connecting to GENOME from NUCLEUS with username [MUC]\[NUCLEUS$] [2009/09/24 09:06:20, 3] libsmb/cliconnect.c:939(cli_session_setup_spnego) Doing spnego session setup (blob length=58) [2009/09/24 09:06:20, 3] libsmb/cliconnect.c:966(cli_session_setup_spnego) got OID=1.3.6.1.4.1.311.2.2.10 [2009/09/24 09:06:20, 3] libsmb/cliconnect.c:974(cli_session_setup_spnego) got principal=NONE [2009/09/24 09:06:20, 6] libsmb/clientgen.c:245(write_socket) write_socket(19,162) [2009/09/24 09:06:20, 6] libsmb/clientgen.c:248(write_socket) write_socket(19,162) wrote 162 [2009/09/24 09:06:20, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 262 [2009/09/24 09:06:20, 5] lib/util.c:632(show_msg) [2009/09/24 09:06:20, 5] lib/util.c:642(show_msg) size=262 smb_com=0x73 smb_rcls=22 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=30971 smb_uid=100 smb_mid=2 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 177 (0xB1) smb_bcc=219 [2009/09/24 09:06:20, 10] ../lib/util/util.c:304(_dump_data) [0000] A1 81 AE 30 81 AB A0 03 0A 01 01 A1 0C 06 0A 2B ...0.... .......+ [0010] 06 01 04 01 82 37 02 02 0A A2 81 95 04 81 92 4E .....7.. .......N [0020] 54 4C 4D 53 53 50 00 02 00 00 00 06 00 06 00 30 TLMSSP.. .......0 [0030] 00 00 00 15 82 89 60 5C 5D 04 B8 7D 8E 69 A9 00 ......`\ ]..}.i.. [0040] 00 00 00 00 00 00 00 5C 00 5C 00 36 00 00 00 4D .......\ .\.6...M [0050] 00 55 00 43 00 02 00 06 00 4D 00 55 00 43 00 01 .U.C.... .M.U.C.. [0060] 00 0C 00 47 00 45 00 4E 00 4F 00 4D 00 45 00 04 ...G.E.N .O.M.E.. [0070] 00 14 00 6D 00 72 00 2E 00 6C 00 66 00 6D 00 67 ...m.r.. .l.f.m.g [0080] 00 2E 00 64 00 65 00 03 00 22 00 67 00 65 00 6E ...d.e.. .".g.e.n [0090] 00 6F 00 6D 00 65 00 2E 00 6D 00 72 00 2E 00 6C .o.m.e.. .m.r...l [00A0] 00 66 00 6D 00 67 00 2E 00 64 00 65 00 00 00 00 .f.m.g.. .d.e.... [00B0] 00 55 00 6E 00 69 00 78 00 00 00 53 00 61 00 6D .U.n.i.x ...S.a.m [00C0] 00 62 00 61 00 20 00 33 00 2E 00 33 00 2E 00 37 .b.a. .3 ...3...7 [00D0] 00 00 00 4D 00 55 00 43 00 00 00 ...M.U.C ... [2009/09/24 09:06:20, 5] lib/util.c:632(show_msg) [2009/09/24 09:06:20, 5] lib/util.c:642(show_msg) size=262 smb_com=0x73 smb_rcls=22 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=30971 smb_uid=100 smb_mid=2 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 177 (0xB1) smb_bcc=219 [2009/09/24 09:06:20, 10] ../lib/util/util.c:304(_dump_data) [0000] A1 81 AE 30 81 AB A0 03 0A 01 01 A1 0C 06 0A 2B ...0.... .......+ [0010] 06 01 04 01 82 37 02 02 0A A2 81 95 04 81 92 4E .....7.. .......N [0020] 54 4C 4D 53 53 50 00 02 00 00 00 06 00 06 00 30 TLMSSP.. .......0 [0030] 00 00 00 15 82 89 60 5C 5D 04 B8 7D 8E 69 A9 00 ......`\ ]..}.i.. [0040] 00 00 00 00 00 00 00 5C 00 5C 00 36 00 00 00 4D .......\ .\.6...M [0050] 00 55 00 43 00 02 00 06 00 4D 00 55 00 43 00 01 .U.C.... .M.U.C.. [0060] 00 0C 00 47 00 45 00 4E 00 4F 00 4D 00 45 00 04 ...G.E.N .O.M.E.. [0070] 00 14 00 6D 00 72 00 2E 00 6C 00 66 00 6D 00 67 ...m.r.. .l.f.m.g [0080] 00 2E 00 64 00 65 00 03 00 22 00 67 00 65 00 6E ...d.e.. .".g.e.n [0090] 00 6F 00 6D 00 65 00 2E 00 6D 00 72 00 2E 00 6C .o.m.e.. .m.r...l [00A0] 00 66 00 6D 00 67 00 2E 00 64 00 65 00 00 00 00 .f.m.g.. .d.e.... [00B0] 00 55 00 6E 00 69 00 78 00 00 00 53 00 61 00 6D .U.n.i.x ...S.a.m [00C0] 00 62 00 61 00 20 00 33 00 2E 00 33 00 2E 00 37 .b.a. .3 ...3...7 [00D0] 00 00 00 4D 00 55 00 43 00 00 00 ...M.U.C ... [2009/09/24 09:06:20, 3] libsmb/ntlmssp.c:1023(ntlmssp_client_challenge) Got challenge flags: [2009/09/24 09:06:20, 3] libsmb/ntlmssp.c:62(debug_ntlmssp_flags) Got NTLMSSP neg_flags=0x60898215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_CHAL_TARGET_INFO NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH [2009/09/24 09:06:20, 3] libsmb/ntlmssp.c:1045(ntlmssp_client_challenge) NTLMSSP: Set final flags: [2009/09/24 09:06:20, 3] libsmb/ntlmssp.c:62(debug_ntlmssp_flags) Got NTLMSSP neg_flags=0x60088215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH [2009/09/24 09:06:20, 5] libsmb/ntlmssp.c:1119(ntlmssp_client_challenge) NTLMSSP challenge set by NTLM2 [2009/09/24 09:06:20, 5] libsmb/ntlmssp.c:1120(ntlmssp_client_challenge) challenge is: [2009/09/24 09:06:20, 5] ../lib/util/util.c:304(_dump_data) [0000] 55 65 75 EB A8 02 D9 3E Ueu....> [2009/09/24 09:06:20, 3] libsmb/ntlmssp_sign.c:342(ntlmssp_sign_init) NTLMSSP Sign/Seal - Initialising with flags: [2009/09/24 09:06:20, 3] libsmb/ntlmssp.c:62(debug_ntlmssp_flags) Got NTLMSSP neg_flags=0x60088215 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH [2009/09/24 09:06:20, 6] libsmb/clientgen.c:245(write_socket) write_socket(19,262) [2009/09/24 09:06:20, 6] libsmb/clientgen.c:248(write_socket) write_socket(19,262) wrote 262 [2009/09/24 09:06:20, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 35 [2009/09/24 09:06:20, 5] lib/util.c:632(show_msg) [2009/09/24 09:06:20, 5] lib/util.c:642(show_msg) size=35 smb_com=0x73 smb_rcls=109 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=30971 smb_uid=100 smb_mid=3 smt_wct=0 smb_bcc=0 [2009/09/24 09:06:20, 5] lib/util.c:632(show_msg) [2009/09/24 09:06:20, 5] lib/util.c:642(show_msg) size=35 smb_com=0x73 smb_rcls=109 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=30971 smb_uid=100 smb_mid=3 smt_wct=0 smb_bcc=0 [2009/09/24 09:06:20, 4] winbindd/winbindd_cm.c:891(cm_prepare_connection) authenticated session setup failed with Logon failure [2009/09/24 09:06:20, 3] winbindd/winbindd_cm.c:570(cm_get_ipc_userpass) cm_get_ipc_userpass: No auth-user defined [2009/09/24 09:06:20, 10] winbindd/winbindd_cm.c:942(cm_prepare_connection) cm_prepare_connection: falling back to anonymous connection for DC GENOME [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=4 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 4 [2009/09/24 09:06:20, 5] winbindd/winbindd_cm.c:946(cm_prepare_connection) Connected anonymously [2009/09/24 09:06:20, 10] libsmb/clientgen.c:467(cli_init_creds) cli_init_creds: user domain [2009/09/24 09:06:20, 10] libsmb/namequery.c:86(saf_store) saf_store: domain = [MUC], server = [GENOME], expire = [1253776880] [2009/09/24 09:06:20, 10] lib/gencache.c:131(gencache_set) Adding cache entry with key = SAF/DOMAIN/MUC; value = GENOME and timeout = Thu Sep 24 09:21:20 2009 (900 seconds ahead) [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=5 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 5 [2009/09/24 09:06:20, 10] winbindd/winbindd_cache.c:3064(set_global_winbindd_state_online) set_global_winbindd_state_online: online requested. [2009/09/24 09:06:20, 10] winbindd/winbindd_cache.c:3067(set_global_winbindd_state_online) set_global_winbindd_state_online: rejecting. [2009/09/24 09:06:20, 10] winbindd/winbindd_cm.c:402(set_domain_online) set_domain_online: called for domain MUC [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805bd588 "check_domain_online_handler" [2009/09/24 09:06:20, 10] winbindd/winbindd_cm.c:1945(set_dc_type_and_flags) set_dc_type_and_flags: setting up flags for primary domain [2009/09/24 09:06:20, 5] winbindd/winbindd_cm.c:1791(set_dc_type_and_flags_connect) set_dc_type_and_flags_connect: domain MUC [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=6 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 6 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:2554(rpc_pipe_bind_send) Bind RPC Pipe: host GENOME auth_type 0, auth_level 0 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0b 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 00000001 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_rb [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 10b8 0012 max_rsize: 10b8 0014 assoc_gid: 00000000 0018 num_contexts: 01 001c context_id : 0000 001e num_transfer_syntaxes: 01 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 00001f smb_io_rpc_iface [2009/09/24 09:06:20, 7] rpc_parse/parse_prs.c:88(prs_debug) 000020 smb_io_uuid uuid 0020 data : 3919286a 0024 data : b10c 0026 data : 11d0 0028 data : 9b a8 002a data : 00 c0 4f d9 2e f5 0030 version: 00000000 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_rpc_iface [2009/09/24 09:06:20, 7] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_uuid uuid 0034 data : 8a885d04 0038 data : 1ceb 003a data : 11c9 003c data : 9f e8 003e data : 08 00 2b 10 48 60 0044 version: 00000002 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=72, this_data=72, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=7 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 7 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000001 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805bdf20 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805bdf20 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805bdf20 "async_trigger" [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 68 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 68 bytes. [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000001 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_ba [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 10b8 0012 max_rsize: 10b8 0014 assoc_gid: 000053f0 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000018 smb_io_rpc_addr_str 0018 len: 000e 001a str: \PIPE\dssetup. [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000028 smb_io_rpc_results 0028 num_results: 01 002c result : 0000 002e reason : 0000 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000030 smb_io_rpc_iface [2009/09/24 09:06:20, 7] rpc_parse/parse_prs.c:88(prs_debug) 000030 smb_io_uuid uuid 0030 data : 8a885d04 0034 data : 1ceb 0036 data : 11c9 0038 data : 9f e8 003a data : 08 00 2b 10 48 60 0040 version: 00000002 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:2401(check_bind_response) check_bind_response: accepted! [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:3672(cli_rpc_pipe_open_noauth) cli_rpc_pipe_open_noauth: opened pipe \lsarpc to machine GENOME and bound anonymously. [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) dssetup_DsRoleGetPrimaryDomainInformation: struct dssetup_DsRoleGetPrimaryDomainInformation in: struct dssetup_DsRoleGetPrimaryDomainInformation level : DS_ROLE_BASIC_INFORMATION (1) [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 001a 000a auth_len : 0000 000c call_id : 00000002 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000002 0014 context_id: 0000 0016 opnum : 0000 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=26, this_data=26, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=8 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 8 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 005c 000a auth_len : 0000 000c call_id : 00000002 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805b8c28 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805b8c28 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805b8c28 "async_trigger" [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000044 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:904(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 92, data_len 68, ss_len 0 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 92 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 136 bytes. [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) dssetup_DsRoleGetPrimaryDomainInformation: struct dssetup_DsRoleGetPrimaryDomainInformation out: struct dssetup_DsRoleGetPrimaryDomainInformation info : * info : union dssetup_DsRoleInfo(case 1) basic: struct dssetup_DsRolePrimaryDomInfoBasic role : DS_ROLE_PRIMARY_DC (5) flags : 0x01000000 (16777216) 0: DS_ROLE_PRIMARY_DS_RUNNING 0: DS_ROLE_PRIMARY_DS_MIXED_MODE 0: DS_ROLE_UPGRADE_IN_PROGRESS 1: DS_ROLE_PRIMARY_DOMAIN_GUID_PRESENT domain : * domain : 'MUC' dns_domain : NULL forest : NULL domain_guid : b4423e0a-9078-490c-a2ad-48abadb833b3 result : WERR_OK [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=9 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 9 [2009/09/24 09:06:20, 10] rpc_client/rpc_transport_np.c:40(rpc_transport_np_state_destructor) rpc_pipe_destructor: closed \lsarpc [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=10 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 10 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:2554(rpc_pipe_bind_send) Bind RPC Pipe: host GENOME auth_type 0, auth_level 0 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0b 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 00000003 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_rb [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 10b8 0012 max_rsize: 10b8 0014 assoc_gid: 00000000 0018 num_contexts: 01 001c context_id : 0000 001e num_transfer_syntaxes: 01 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 00001f smb_io_rpc_iface [2009/09/24 09:06:20, 7] rpc_parse/parse_prs.c:88(prs_debug) 000020 smb_io_uuid uuid 0020 data : 12345778 0024 data : 1234 0026 data : abcd 0028 data : ef 00 002a data : 01 23 45 67 89 ab 0030 version: 00000000 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_rpc_iface [2009/09/24 09:06:20, 7] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_uuid uuid 0034 data : 8a885d04 0038 data : 1ceb 003a data : 11c9 003c data : 9f e8 003e data : 08 00 2b 10 48 60 0044 version: 00000002 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=72, this_data=72, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=11 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 11 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000003 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805b82a8 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805b82a8 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805b82a8 "async_trigger" [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 68 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 68 bytes. [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000003 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_ba [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 10b8 0012 max_rsize: 10b8 0014 assoc_gid: 000053f0 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000018 smb_io_rpc_addr_str 0018 len: 000d 001a str: \PIPE\lsarpc. [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000027 smb_io_rpc_results 0028 num_results: 01 002c result : 0000 002e reason : 0000 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000030 smb_io_rpc_iface [2009/09/24 09:06:20, 7] rpc_parse/parse_prs.c:88(prs_debug) 000030 smb_io_uuid uuid 0030 data : 8a885d04 0034 data : 1ceb 0036 data : 11c9 0038 data : 9f e8 003a data : 08 00 2b 10 48 60 0040 version: 00000002 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:2401(check_bind_response) check_bind_response: accepted! [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:3672(cli_rpc_pipe_open_noauth) cli_rpc_pipe_open_noauth: opened pipe \lsarpc to machine GENOME and bound anonymously. [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_OpenPolicy2: struct lsa_OpenPolicy2 in: struct lsa_OpenPolicy2 system_name : * system_name : '\\GENOME' attr : * attr: struct lsa_ObjectAttribute len : 0x00000018 (24) root_dir : NULL object_name : NULL attributes : 0x00000000 (0) sec_desc : NULL sec_qos : * sec_qos: struct lsa_QosInfo len : 0x0000000c (12) impersonation_level : 0x0002 (2) context_mode : 0x01 (1) effective_only : 0x00 (0) access_mask : 0x02000000 (33554432) 0: LSA_POLICY_VIEW_LOCAL_INFORMATION 0: LSA_POLICY_VIEW_AUDIT_INFORMATION 0: LSA_POLICY_GET_PRIVATE_INFORMATION 0: LSA_POLICY_TRUST_ADMIN 0: LSA_POLICY_CREATE_ACCOUNT 0: LSA_POLICY_CREATE_SECRET 0: LSA_POLICY_CREATE_PRIVILEGE 0: LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS 0: LSA_POLICY_SET_AUDIT_REQUIREMENTS 0: LSA_POLICY_AUDIT_LOG_ADMIN 0: LSA_POLICY_SERVER_ADMIN 0: LSA_POLICY_LOOKUP_NAMES 0: LSA_POLICY_NOTIFICATION [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0060 000a auth_len : 0000 000c call_id : 00000004 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000048 0014 context_id: 0000 0016 opnum : 002c [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=96, this_data=96, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=12 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 12 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000004 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805bdf80 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805bdf80 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805bdf80 "async_trigger" [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:904(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 48, data_len 24, ss_len 0 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 48 bytes. [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_OpenPolicy2: struct lsa_OpenPolicy2 out: struct lsa_OpenPolicy2 handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-bb4a-6c1aa8660000 result : NT_STATUS_OK [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_QueryInfoPolicy2: struct lsa_QueryInfoPolicy2 in: struct lsa_QueryInfoPolicy2 handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-bb4a-6c1aa8660000 level : LSA_POLICY_INFO_DNS (12) [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002e 000a auth_len : 0000 000c call_id : 00000005 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000016 0014 context_id: 0000 0016 opnum : 002e [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=46, this_data=46, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=13 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 13 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 03 0003 flags : 23 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0020 000a auth_len : 0000 000c call_id : 00000005 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805bdf88 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805bdf88 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805bdf88 "async_trigger" [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000000 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000018 smb_io_rpc_hdr_fault fault 0018 status : DCERPC_FAULT_OP_RNG_ERROR 001c reserved: 00000000 [2009/09/24 09:06:20, 1] rpc_client/cli_pipe.c:948(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from host GENOME! [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 32 at offset 0: NT code 0x1c010002 [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_OpenPolicy: struct lsa_OpenPolicy in: struct lsa_OpenPolicy system_name : * system_name : 0x005c (92) attr : * attr: struct lsa_ObjectAttribute len : 0x00000018 (24) root_dir : NULL object_name : NULL attributes : 0x00000000 (0) sec_desc : NULL sec_qos : * sec_qos: struct lsa_QosInfo len : 0x0000000c (12) impersonation_level : 0x0002 (2) context_mode : 0x01 (1) effective_only : 0x00 (0) access_mask : 0x02000000 (33554432) 0: LSA_POLICY_VIEW_LOCAL_INFORMATION 0: LSA_POLICY_VIEW_AUDIT_INFORMATION 0: LSA_POLICY_GET_PRIVATE_INFORMATION 0: LSA_POLICY_TRUST_ADMIN 0: LSA_POLICY_CREATE_ACCOUNT 0: LSA_POLICY_CREATE_SECRET 0: LSA_POLICY_CREATE_PRIVILEGE 0: LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS 0: LSA_POLICY_SET_AUDIT_REQUIREMENTS 0: LSA_POLICY_AUDIT_LOG_ADMIN 0: LSA_POLICY_SERVER_ADMIN 0: LSA_POLICY_LOOKUP_NAMES 0: LSA_POLICY_NOTIFICATION [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000006 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 0000002c 0014 context_id: 0000 0016 opnum : 0006 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=68, this_data=68, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=14 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 14 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000006 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805bc310 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805bc310 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805bc310 "async_trigger" [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:904(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 48, data_len 24, ss_len 0 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 48 bytes. [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_OpenPolicy: struct lsa_OpenPolicy out: struct lsa_OpenPolicy handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-bb4a-6c1aa8660000 result : NT_STATUS_OK [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_QueryInfoPolicy: struct lsa_QueryInfoPolicy in: struct lsa_QueryInfoPolicy handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-bb4a-6c1aa8660000 level : LSA_POLICY_INFO_ACCOUNT_DOMAIN (5) [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002e 000a auth_len : 0000 000c call_id : 00000007 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000016 0014 context_id: 0000 0016 opnum : 0007 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=46, this_data=46, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=15 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 15 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0060 000a auth_len : 0000 000c call_id : 00000007 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805bde28 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805bde28 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805bde28 "async_trigger" [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000048 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:904(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 96, data_len 72, ss_len 0 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 96 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 144 bytes. [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_QueryInfoPolicy: struct lsa_QueryInfoPolicy out: struct lsa_QueryInfoPolicy info : * info : * info : union lsa_PolicyInformation(case 5) account_domain: struct lsa_DomainInfo name: struct lsa_StringLarge length : 0x0006 (6) size : 0x0008 (8) string : * string : 'MUC' sid : * sid : S-1-5-21-1362721961-1801182073-732966438 result : NT_STATUS_OK [2009/09/24 09:06:20, 5] winbindd/winbindd_cm.c:1923(set_dc_type_and_flags_connect) set_dc_type_and_flags_connect: domain MUC is NOT in native mode. [2009/09/24 09:06:20, 5] winbindd/winbindd_cm.c:1926(set_dc_type_and_flags_connect) set_dc_type_and_flags_connect: domain MUC is NOT running active directory. [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=16 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 16 [2009/09/24 09:06:20, 10] rpc_client/rpc_transport_np.c:40(rpc_transport_np_state_destructor) rpc_pipe_destructor: closed \lsarpc [2009/09/24 09:06:20, 10] winbindd/winbindd_cache.c:2627(cache_store_response) Storing response for pid 30971, len 3496 [2009/09/24 09:06:20, 10] lib/events.c:148(get_timed_events_timeout) timed_events_timeout: 544844/339773 [2009/09/24 09:06:20, 4] winbindd/winbindd_dual.c:1452(fork_domain_child) child daemon request 20 [2009/09/24 09:06:20, 10] winbindd/winbindd_dual.c:452(child_process_request) child_process_request: request fn LIST_TRUSTDOM [2009/09/24 09:06:20, 3] winbindd/winbindd_misc.c:359(winbindd_dual_list_trusted_domains) [30970]: list trusted domains [2009/09/24 09:06:20, 5] winbindd/winbindd_cache.c:182(get_cache) get_cache: Setting MS-RPC methods for domain MUC [2009/09/24 09:06:20, 10] winbindd/winbindd_cache.c:405(fetch_cache_seqnum) fetch_cache_seqnum: invalid data size key [SEQNUM/MUC] [2009/09/24 09:06:20, 10] winbindd/winbindd_rpc.c:995(sequence_number) rpc: fetch sequence_number for MUC [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=17 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 17 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:2554(rpc_pipe_bind_send) Bind RPC Pipe: host GENOME auth_type 3, auth_level 6 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1545(create_spnego_ntlmssp_auth_rpc_bind_req) create_spnego_ntlmssp_auth_rpc_bind_req: Processing NTLMSSP Negotiate [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1568(create_spnego_ntlmssp_auth_rpc_bind_req) create_spnego_ntlmssp_auth_rpc_bind_req: NTLMSSP Negotiate: [2009/09/24 09:06:20, 5] ../lib/util/util.c:304(_dump_data) [0000] 60 4A 06 06 2B 06 01 05 05 02 A0 40 30 3E A0 0E `J..+... ...@0>.. [0010] 30 0C 06 0A 2B 06 01 04 01 82 37 02 02 0A A2 2C 0...+... ..7...., [0020] 04 2A 4E 54 4C 4D 53 53 50 00 01 00 00 00 35 82 .*NTLMSS P.....5. [0030] 08 60 03 00 03 00 20 00 00 00 07 00 07 00 23 00 .`.... . ......#. [0040] 00 00 4D 55 43 4E 55 43 4C 45 55 53 ..MUCNUC LEUS [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0b 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 009c 000a auth_len : 004c 000c call_id : 00000008 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_rb [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 10b8 0012 max_rsize: 10b8 0014 assoc_gid: 00000000 0018 num_contexts: 01 001c context_id : 0000 001e num_transfer_syntaxes: 01 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 00001f smb_io_rpc_iface [2009/09/24 09:06:20, 7] rpc_parse/parse_prs.c:88(prs_debug) 000020 smb_io_uuid uuid 0020 data : 12345778 0024 data : 1234 0026 data : abcd 0028 data : ef 00 002a data : 01 23 45 67 89 ac 0030 version: 00000001 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_rpc_iface [2009/09/24 09:06:20, 7] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_uuid uuid 0034 data : 8a885d04 0038 data : 1ceb 003a data : 11c9 003c data : 9f e8 003e data : 08 00 2b 10 48 60 0044 version: 00000002 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000048 smb_io_rpc_hdr_auth hdr_auth 0048 auth_type : 09 0049 auth_level : 06 004a auth_pad_len : 00 004b auth_reserved: 00 004c auth_context_id: 00000001 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=156, this_data=156, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=18 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 18 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 00fd 000a auth_len : 00b1 000c call_id : 00000008 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805bada0 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805bada0 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805bada0 "async_trigger" [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 253 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 253 bytes. [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 00fd 000a auth_len : 00b1 000c call_id : 00000008 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_ba [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 10b8 0012 max_rsize: 10b8 0014 assoc_gid: 000053f0 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000018 smb_io_rpc_addr_str 0018 len: 000b 001a str: \PIPE\samr. [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000025 smb_io_rpc_results 0028 num_results: 01 002c result : 0000 002e reason : 0000 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000030 smb_io_rpc_iface [2009/09/24 09:06:20, 7] rpc_parse/parse_prs.c:88(prs_debug) 000030 smb_io_uuid uuid 0030 data : 8a885d04 0034 data : 1ceb 0036 data : 11c9 0038 data : 9f e8 003a data : 08 00 2b 10 48 60 0040 version: 00000002 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:2401(check_bind_response) check_bind_response: accepted! [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000044 smb_io_rpc_hdr_auth hdr_auth 0044 auth_type : 09 0045 auth_level : 06 0046 auth_pad_len : 08 0047 auth_reserved: 00 0048 auth_context_id: 00000001 [2009/09/24 09:06:20, 3] libsmb/ntlmssp.c:1023(ntlmssp_client_challenge) Got challenge flags: [2009/09/24 09:06:20, 3] libsmb/ntlmssp.c:62(debug_ntlmssp_flags) Got NTLMSSP neg_flags=0x60898235 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_SEAL NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_CHAL_TARGET_INFO NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH [2009/09/24 09:06:20, 3] libsmb/ntlmssp.c:1045(ntlmssp_client_challenge) NTLMSSP: Set final flags: [2009/09/24 09:06:20, 3] libsmb/ntlmssp.c:62(debug_ntlmssp_flags) Got NTLMSSP neg_flags=0x60088235 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_SEAL NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH [2009/09/24 09:06:20, 5] libsmb/ntlmssp.c:1119(ntlmssp_client_challenge) NTLMSSP challenge set by NTLM2 [2009/09/24 09:06:20, 5] libsmb/ntlmssp.c:1120(ntlmssp_client_challenge) challenge is: [2009/09/24 09:06:20, 5] ../lib/util/util.c:304(_dump_data) [0000] 06 62 10 F9 7E 49 37 7A .b..~I7z [2009/09/24 09:06:20, 3] libsmb/ntlmssp_sign.c:342(ntlmssp_sign_init) NTLMSSP Sign/Seal - Initialising with flags: [2009/09/24 09:06:20, 3] libsmb/ntlmssp.c:62(debug_ntlmssp_flags) Got NTLMSSP neg_flags=0x60088235 NTLMSSP_NEGOTIATE_UNICODE NTLMSSP_REQUEST_TARGET NTLMSSP_NEGOTIATE_SIGN NTLMSSP_NEGOTIATE_SEAL NTLMSSP_NEGOTIATE_NTLM NTLMSSP_NEGOTIATE_ALWAYS_SIGN NTLMSSP_NEGOTIATE_NTLM2 NTLMSSP_NEGOTIATE_128 NTLMSSP_NEGOTIATE_KEY_EXCH [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0e 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0100 000a auth_len : 00b0 000c call_id : 00000008 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_rb [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 10b8 0012 max_rsize: 10b8 0014 assoc_gid: 00000000 0018 num_contexts: 01 001c context_id : 0000 001e num_transfer_syntaxes: 01 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 00001f smb_io_rpc_iface [2009/09/24 09:06:20, 7] rpc_parse/parse_prs.c:88(prs_debug) 000020 smb_io_uuid uuid 0020 data : 12345778 0024 data : 1234 0026 data : abcd 0028 data : ef 00 002a data : 01 23 45 67 89 ac 0030 version: 00000001 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_rpc_iface [2009/09/24 09:06:20, 7] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_uuid uuid 0034 data : 8a885d04 0038 data : 1ceb 003a data : 11c9 003c data : 9f e8 003e data : 08 00 2b 10 48 60 0044 version: 00000002 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000048 smb_io_rpc_hdr_auth hdr_auth 0048 auth_type : 09 0049 auth_level : 06 004a auth_pad_len : 00 004b auth_reserved: 00 004c auth_context_id: 00000001 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=256, this_data=256, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=19 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 19 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0d 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0012 000a auth_len : 0000 000c call_id : 00000008 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805b8280 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805b8280 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805b8280 "async_trigger" [2009/09/24 09:06:20, 1] rpc_client/cli_pipe.c:926(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: Bind NACK received from host GENOME! [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 18 at offset 0: NT_STATUS_NETWORK_ACCESS_DENIED [2009/09/24 09:06:20, 0] rpc_client/cli_pipe.c:3712(cli_rpc_pipe_open_ntlmssp_internal) cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error NT_STATUS_NETWORK_ACCESS_DENIED [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=20 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 20 [2009/09/24 09:06:20, 10] rpc_client/rpc_transport_np.c:40(rpc_transport_np_state_destructor) rpc_pipe_destructor: closed \samr [2009/09/24 09:06:20, 10] winbindd/winbindd_cm.c:2059(cm_connect_sam) cm_connect_sam: failed to connect to SAMR pipe for domain MUC using NTLMSSP authenticated pipe: user MUC\NUCLEUS$. Error was NT_STATUS_NETWORK_ACCESS_DENIED [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=21 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 21 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:2554(rpc_pipe_bind_send) Bind RPC Pipe: host GENOME auth_type 0, auth_level 0 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0b 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 00000009 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_rb [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 10b8 0012 max_rsize: 10b8 0014 assoc_gid: 00000000 0018 num_contexts: 01 001c context_id : 0000 001e num_transfer_syntaxes: 01 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 00001f smb_io_rpc_iface [2009/09/24 09:06:20, 7] rpc_parse/parse_prs.c:88(prs_debug) 000020 smb_io_uuid uuid 0020 data : 12345678 0024 data : 1234 0026 data : abcd 0028 data : ef 00 002a data : 01 23 45 67 cf fb 0030 version: 00000001 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_rpc_iface [2009/09/24 09:06:20, 7] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_uuid uuid 0034 data : 8a885d04 0038 data : 1ceb 003a data : 11c9 003c data : 9f e8 003e data : 08 00 2b 10 48 60 0044 version: 00000002 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=72, this_data=72, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=22 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 22 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 00000009 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805dfbb0 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805dfbb0 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805dfbb0 "async_trigger" [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 72 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 72 bytes. [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 00000009 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_ba [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 10b8 0012 max_rsize: 10b8 0014 assoc_gid: 000053f0 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000018 smb_io_rpc_addr_str 0018 len: 000f 001a str: \PIPE\netlogon. [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000029 smb_io_rpc_results 002c num_results: 01 0030 result : 0000 0032 reason : 0000 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_rpc_iface [2009/09/24 09:06:20, 7] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_uuid uuid 0034 data : 8a885d04 0038 data : 1ceb 003a data : 11c9 003c data : 9f e8 003e data : 08 00 2b 10 48 60 0044 version: 00000002 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:2401(check_bind_response) check_bind_response: accepted! [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:3672(cli_rpc_pipe_open_noauth) cli_rpc_pipe_open_noauth: opened pipe \NETLOGON to machine GENOME and bound anonymously. [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerReqChallenge: struct netr_ServerReqChallenge in: struct netr_ServerReqChallenge server_name : * server_name : '\\GENOME' computer_name : 'NUCLEUS' credentials : * credentials: struct netr_Credential data : d2862d10c69fa0d4 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0060 000a auth_len : 0000 000c call_id : 0000000a [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000048 0014 context_id: 0000 0016 opnum : 0004 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=96, this_data=96, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=23 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 23 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0024 000a auth_len : 0000 000c call_id : 0000000a [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805b63c0 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805b63c0 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805b63c0 "async_trigger" [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 0000000c 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:904(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 36, data_len 12, ss_len 0 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 36 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 24 bytes. [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerReqChallenge: struct netr_ServerReqChallenge out: struct netr_ServerReqChallenge return_credentials : * return_credentials: struct netr_Credential data : 575a1e9d50fb3e2e result : NT_STATUS_OK [2009/09/24 09:06:20, 10] libsmb/credentials.c:298(creds_client_init) creds_client_init: neg_flags : 600fffff [2009/09/24 09:06:20, 10] libsmb/credentials.c:299(creds_client_init) creds_client_init: client chal : D2862D10C69FA0D4 [2009/09/24 09:06:20, 10] libsmb/credentials.c:300(creds_client_init) creds_client_init: server chal : 575A1E9D50FB3E2E [2009/09/24 09:06:20, 5] libsmb/credentials.c:70(creds_init_128) creds_init_128 [2009/09/24 09:06:20, 5] libsmb/credentials.c:71(creds_init_128) clnt_chal_in: D2862D10C69FA0D4 [2009/09/24 09:06:20, 5] libsmb/credentials.c:72(creds_init_128) srv_chal_in : 575A1E9D50FB3E2E [2009/09/24 09:06:20, 10] libsmb/credentials.c:318(creds_client_init) creds_client_init: clnt : A35BF484B739EFC1 [2009/09/24 09:06:20, 10] libsmb/credentials.c:319(creds_client_init) creds_client_init: server : 981F2184A527DA0B [2009/09/24 09:06:20, 10] libsmb/credentials.c:320(creds_client_init) creds_client_init: seed : A35BF484B739EFC1 [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerAuthenticate2: struct netr_ServerAuthenticate2 in: struct netr_ServerAuthenticate2 server_name : * server_name : '\\GENOME' account_name : 'NUCLEUS$' secure_channel_type : SEC_CHAN_WKSTA (2) computer_name : 'NUCLEUS' credentials : * credentials: struct netr_Credential data : a35bf484b739efc1 negotiate_flags : * negotiate_flags : 0x600fffff (1611661311) 1: NETLOGON_NEG_ACCOUNT_LOCKOUT 1: NETLOGON_NEG_PERSISTENT_SAMREPL 1: NETLOGON_NEG_ARCFOUR 1: NETLOGON_NEG_PROMOTION_COUNT 1: NETLOGON_NEG_CHANGELOG_BDC 1: NETLOGON_NEG_FULL_SYNC_REPL 1: NETLOGON_NEG_MULTIPLE_SIDS 1: NETLOGON_NEG_REDO 1: NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL 1: NETLOGON_NEG_SEND_PASSWORD_INFO_PDC 1: NETLOGON_NEG_GENERIC_PASSTHROUGH 1: NETLOGON_NEG_CONCURRENT_RPC 1: NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL 1: NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL 1: NETLOGON_NEG_STRONG_KEYS 1: NETLOGON_NEG_TRANSITIVE_TRUSTS 1: NETLOGON_NEG_DNS_DOMAIN_TRUSTS 1: NETLOGON_NEG_PASSWORD_SET2 1: NETLOGON_NEG_GETDOMAININFO 1: NETLOGON_NEG_CROSS_FOREST_TRUSTS 0: NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION 0: NETLOGON_NEG_RODC_PASSTHROUGH 0: NETLOGON_NEG_SUPPORTS_AES_SHA2 1: NETLOGON_NEG_AUTHENTICATED_RPC_LSASS 1: NETLOGON_NEG_AUTHENTICATED_RPC [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0084 000a auth_len : 0000 000c call_id : 0000000b [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 0000006c 0014 context_id: 0000 0016 opnum : 000f [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=132, this_data=132, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=24 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 24 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0028 000a auth_len : 0000 000c call_id : 0000000b [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805b8e38 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805b8e38 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805b8e38 "async_trigger" [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000010 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:904(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 40, data_len 16, ss_len 0 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 40 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 32 bytes. [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerAuthenticate2: struct netr_ServerAuthenticate2 out: struct netr_ServerAuthenticate2 return_credentials : * return_credentials: struct netr_Credential data : 0000000000000000 negotiate_flags : * negotiate_flags : 0x400041ff (1073758719) 1: NETLOGON_NEG_ACCOUNT_LOCKOUT 1: NETLOGON_NEG_PERSISTENT_SAMREPL 1: NETLOGON_NEG_ARCFOUR 1: NETLOGON_NEG_PROMOTION_COUNT 1: NETLOGON_NEG_CHANGELOG_BDC 1: NETLOGON_NEG_FULL_SYNC_REPL 1: NETLOGON_NEG_MULTIPLE_SIDS 1: NETLOGON_NEG_REDO 1: NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL 0: NETLOGON_NEG_SEND_PASSWORD_INFO_PDC 0: NETLOGON_NEG_GENERIC_PASSTHROUGH 0: NETLOGON_NEG_CONCURRENT_RPC 0: NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL 0: NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL 1: NETLOGON_NEG_STRONG_KEYS 0: NETLOGON_NEG_TRANSITIVE_TRUSTS 0: NETLOGON_NEG_DNS_DOMAIN_TRUSTS 0: NETLOGON_NEG_PASSWORD_SET2 0: NETLOGON_NEG_GETDOMAININFO 0: NETLOGON_NEG_CROSS_FOREST_TRUSTS 0: NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION 0: NETLOGON_NEG_RODC_PASSTHROUGH 0: NETLOGON_NEG_SUPPORTS_AES_SHA2 0: NETLOGON_NEG_AUTHENTICATED_RPC_LSASS 1: NETLOGON_NEG_AUTHENTICATED_RPC result : NT_STATUS_ACCESS_DENIED [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerReqChallenge: struct netr_ServerReqChallenge in: struct netr_ServerReqChallenge server_name : * server_name : '\\GENOME' computer_name : 'NUCLEUS' credentials : * credentials: struct netr_Credential data : edb476772376d282 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0060 000a auth_len : 0000 000c call_id : 0000000c [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000048 0014 context_id: 0000 0016 opnum : 0004 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=96, this_data=96, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=25 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 25 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0024 000a auth_len : 0000 000c call_id : 0000000c [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805bc240 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805bc240 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805bc240 "async_trigger" [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 0000000c 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:904(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 36, data_len 12, ss_len 0 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 36 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 24 bytes. [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerReqChallenge: struct netr_ServerReqChallenge out: struct netr_ServerReqChallenge return_credentials : * return_credentials: struct netr_Credential data : 0abb6c9ee0d34052 result : NT_STATUS_OK [2009/09/24 09:06:20, 10] libsmb/credentials.c:298(creds_client_init) creds_client_init: neg_flags : 400041ff [2009/09/24 09:06:20, 10] libsmb/credentials.c:299(creds_client_init) creds_client_init: client chal : EDB476772376D282 [2009/09/24 09:06:20, 10] libsmb/credentials.c:300(creds_client_init) creds_client_init: server chal : 0ABB6C9EE0D34052 [2009/09/24 09:06:20, 5] libsmb/credentials.c:70(creds_init_128) creds_init_128 [2009/09/24 09:06:20, 5] libsmb/credentials.c:71(creds_init_128) clnt_chal_in: EDB476772376D282 [2009/09/24 09:06:20, 5] libsmb/credentials.c:72(creds_init_128) srv_chal_in : 0ABB6C9EE0D34052 [2009/09/24 09:06:20, 10] libsmb/credentials.c:318(creds_client_init) creds_client_init: clnt : 4870D519EC1DFF94 [2009/09/24 09:06:20, 10] libsmb/credentials.c:319(creds_client_init) creds_client_init: server : FA41E1A2C77FDD9C [2009/09/24 09:06:20, 10] libsmb/credentials.c:320(creds_client_init) creds_client_init: seed : 4870D519EC1DFF94 [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerAuthenticate2: struct netr_ServerAuthenticate2 in: struct netr_ServerAuthenticate2 server_name : * server_name : '\\GENOME' account_name : 'NUCLEUS$' secure_channel_type : SEC_CHAN_WKSTA (2) computer_name : 'NUCLEUS' credentials : * credentials: struct netr_Credential data : 4870d519ec1dff94 negotiate_flags : * negotiate_flags : 0x400041ff (1073758719) 1: NETLOGON_NEG_ACCOUNT_LOCKOUT 1: NETLOGON_NEG_PERSISTENT_SAMREPL 1: NETLOGON_NEG_ARCFOUR 1: NETLOGON_NEG_PROMOTION_COUNT 1: NETLOGON_NEG_CHANGELOG_BDC 1: NETLOGON_NEG_FULL_SYNC_REPL 1: NETLOGON_NEG_MULTIPLE_SIDS 1: NETLOGON_NEG_REDO 1: NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL 0: NETLOGON_NEG_SEND_PASSWORD_INFO_PDC 0: NETLOGON_NEG_GENERIC_PASSTHROUGH 0: NETLOGON_NEG_CONCURRENT_RPC 0: NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL 0: NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL 1: NETLOGON_NEG_STRONG_KEYS 0: NETLOGON_NEG_TRANSITIVE_TRUSTS 0: NETLOGON_NEG_DNS_DOMAIN_TRUSTS 0: NETLOGON_NEG_PASSWORD_SET2 0: NETLOGON_NEG_GETDOMAININFO 0: NETLOGON_NEG_CROSS_FOREST_TRUSTS 0: NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION 0: NETLOGON_NEG_RODC_PASSTHROUGH 0: NETLOGON_NEG_SUPPORTS_AES_SHA2 0: NETLOGON_NEG_AUTHENTICATED_RPC_LSASS 1: NETLOGON_NEG_AUTHENTICATED_RPC [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0084 000a auth_len : 0000 000c call_id : 0000000d [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 0000006c 0014 context_id: 0000 0016 opnum : 000f [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=132, this_data=132, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=26 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 26 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0028 000a auth_len : 0000 000c call_id : 0000000d [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805b63c0 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805b63c0 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805b63c0 "async_trigger" [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000010 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:904(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 40, data_len 16, ss_len 0 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 40 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 32 bytes. [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerAuthenticate2: struct netr_ServerAuthenticate2 out: struct netr_ServerAuthenticate2 return_credentials : * return_credentials: struct netr_Credential data : 0000000000000000 negotiate_flags : * negotiate_flags : 0x400041ff (1073758719) 1: NETLOGON_NEG_ACCOUNT_LOCKOUT 1: NETLOGON_NEG_PERSISTENT_SAMREPL 1: NETLOGON_NEG_ARCFOUR 1: NETLOGON_NEG_PROMOTION_COUNT 1: NETLOGON_NEG_CHANGELOG_BDC 1: NETLOGON_NEG_FULL_SYNC_REPL 1: NETLOGON_NEG_MULTIPLE_SIDS 1: NETLOGON_NEG_REDO 1: NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL 0: NETLOGON_NEG_SEND_PASSWORD_INFO_PDC 0: NETLOGON_NEG_GENERIC_PASSTHROUGH 0: NETLOGON_NEG_CONCURRENT_RPC 0: NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL 0: NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL 1: NETLOGON_NEG_STRONG_KEYS 0: NETLOGON_NEG_TRANSITIVE_TRUSTS 0: NETLOGON_NEG_DNS_DOMAIN_TRUSTS 0: NETLOGON_NEG_PASSWORD_SET2 0: NETLOGON_NEG_GETDOMAININFO 0: NETLOGON_NEG_CROSS_FOREST_TRUSTS 0: NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION 0: NETLOGON_NEG_RODC_PASSTHROUGH 0: NETLOGON_NEG_SUPPORTS_AES_SHA2 0: NETLOGON_NEG_AUTHENTICATED_RPC_LSASS 1: NETLOGON_NEG_AUTHENTICATED_RPC result : NT_STATUS_ACCESS_DENIED [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=27 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 27 [2009/09/24 09:06:20, 10] rpc_client/rpc_transport_np.c:40(rpc_transport_np_state_destructor) rpc_pipe_destructor: closed \NETLOGON [2009/09/24 09:06:20, 10] winbindd/winbindd_cm.c:2087(cm_connect_sam) cm_connect_sam: Could not get schannel auth info for domain MUC, trying anon [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=28 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 28 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:2554(rpc_pipe_bind_send) Bind RPC Pipe: host GENOME auth_type 0, auth_level 0 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0b 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 0000000e [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_rb [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 10b8 0012 max_rsize: 10b8 0014 assoc_gid: 00000000 0018 num_contexts: 01 001c context_id : 0000 001e num_transfer_syntaxes: 01 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 00001f smb_io_rpc_iface [2009/09/24 09:06:20, 7] rpc_parse/parse_prs.c:88(prs_debug) 000020 smb_io_uuid uuid 0020 data : 12345778 0024 data : 1234 0026 data : abcd 0028 data : ef 00 002a data : 01 23 45 67 89 ac 0030 version: 00000001 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_rpc_iface [2009/09/24 09:06:20, 7] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_uuid uuid 0034 data : 8a885d04 0038 data : 1ceb 003a data : 11c9 003c data : 9f e8 003e data : 08 00 2b 10 48 60 0044 version: 00000002 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=72, this_data=72, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=29 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 29 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 0000000e [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805ba238 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805ba238 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805ba238 "async_trigger" [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 68 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 68 bytes. [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 0000000e [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_ba [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 10b8 0012 max_rsize: 10b8 0014 assoc_gid: 000053f0 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000018 smb_io_rpc_addr_str 0018 len: 000b 001a str: \PIPE\samr. [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000025 smb_io_rpc_results 0028 num_results: 01 002c result : 0000 002e reason : 0000 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000030 smb_io_rpc_iface [2009/09/24 09:06:20, 7] rpc_parse/parse_prs.c:88(prs_debug) 000030 smb_io_uuid uuid 0030 data : 8a885d04 0034 data : 1ceb 0036 data : 11c9 0038 data : 9f e8 003a data : 08 00 2b 10 48 60 0040 version: 00000002 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:2401(check_bind_response) check_bind_response: accepted! [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:3672(cli_rpc_pipe_open_noauth) cli_rpc_pipe_open_noauth: opened pipe \samr to machine GENOME and bound anonymously. [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_Connect2: struct samr_Connect2 in: struct samr_Connect2 system_name : * system_name : 'GENOME' access_mask : 0x02000000 (33554432) 0: SAMR_ACCESS_CONNECT_TO_SERVER 0: SAMR_ACCESS_SHUTDOWN_SERVER 0: SAMR_ACCESS_INITIALIZE_SERVER 0: SAMR_ACCESS_CREATE_DOMAIN 0: SAMR_ACCESS_ENUM_DOMAINS 0: SAMR_ACCESS_LOOKUP_DOMAIN [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 003c 000a auth_len : 0000 000c call_id : 0000000f [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000024 0014 context_id: 0000 0016 opnum : 0039 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=60, this_data=60, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=30 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 30 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 0000000f [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805b61d0 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805b61d0 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805b61d0 "async_trigger" [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:904(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 48, data_len 24, ss_len 0 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 48 bytes. [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_Connect2: struct samr_Connect2 out: struct samr_Connect2 connect_handle : * connect_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-bb4a-6c1aa8660000 result : NT_STATUS_OK [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_OpenDomain: struct samr_OpenDomain in: struct samr_OpenDomain connect_handle : * connect_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-bb4a-6c1aa8660000 access_mask : 0x02000000 (33554432) 0: SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 0: SAMR_DOMAIN_ACCESS_SET_INFO_1 0: SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 0: SAMR_DOMAIN_ACCESS_SET_INFO_2 0: SAMR_DOMAIN_ACCESS_CREATE_USER 0: SAMR_DOMAIN_ACCESS_CREATE_GROUP 0: SAMR_DOMAIN_ACCESS_CREATE_ALIAS 0: SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS 0: SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS 0: SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT 0: SAMR_DOMAIN_ACCESS_SET_INFO_3 sid : * sid : S-1-5-21-1362721961-1801182073-732966438 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 004c 000a auth_len : 0000 000c call_id : 00000010 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000034 0014 context_id: 0000 0016 opnum : 0007 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=76, this_data=76, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=31 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 31 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000010 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805bc240 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805bc240 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805bc240 "async_trigger" [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:904(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 48, data_len 24, ss_len 0 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 48 bytes. [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_OpenDomain: struct samr_OpenDomain out: struct samr_OpenDomain domain_handle : * domain_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000004-0000-0000-bb4a-6c1aa8660000 result : NT_STATUS_OK [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_QueryDomainInfo: struct samr_QueryDomainInfo in: struct samr_QueryDomainInfo domain_handle : * domain_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000004-0000-0000-bb4a-6c1aa8660000 level : 0x0008 (8) [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002e 000a auth_len : 0000 000c call_id : 00000011 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000016 0014 context_id: 0000 0016 opnum : 0008 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=46, this_data=46, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=32 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 32 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0034 000a auth_len : 0000 000c call_id : 00000011 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805b8e18 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805b8e18 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805b8e18 "async_trigger" [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 0000001c 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:904(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 52, data_len 28, ss_len 0 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 52 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 56 bytes. [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_QueryDomainInfo: struct samr_QueryDomainInfo out: struct samr_QueryDomainInfo info : * info : * info : union samr_DomainInfo(case 8) info8: struct samr_DomInfo8 sequence_num : 0x000000004abb1a6c (1253775980) domain_create_time : NTTIME(0) result : NT_STATUS_OK [2009/09/24 09:06:20, 10] winbindd/winbindd_rpc.c:1067(sequence_number) domain_sequence_number: for domain MUC is 1253775980 [2009/09/24 09:06:20, 10] winbindd/winbindd_cache.c:456(store_cache_seqnum) store_cache_seqnum: success [MUC][1253775980 @ 1253775980] [2009/09/24 09:06:20, 10] winbindd/winbindd_cache.c:537(refresh_sequence_number) refresh_sequence_number: MUC seq number is now 1253775980 [2009/09/24 09:06:20, 10] winbindd/winbindd_cache.c:2310(trusted_domains) trusted_domains: [Cached] - doing backend query for info for domain MUC [2009/09/24 09:06:20, 3] winbindd/winbindd_rpc.c:1094(trusted_domains) rpc: trusted_domains [2009/09/24 09:06:20, 10] winbindd/winbindd_cm.c:2179(cm_connect_lsa) cm_connect_lsa: No no user available for domain MUC, trying schannel [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=33 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 33 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:2554(rpc_pipe_bind_send) Bind RPC Pipe: host GENOME auth_type 0, auth_level 0 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0b 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 00000012 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_rb [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 10b8 0012 max_rsize: 10b8 0014 assoc_gid: 00000000 0018 num_contexts: 01 001c context_id : 0000 001e num_transfer_syntaxes: 01 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 00001f smb_io_rpc_iface [2009/09/24 09:06:20, 7] rpc_parse/parse_prs.c:88(prs_debug) 000020 smb_io_uuid uuid 0020 data : 12345678 0024 data : 1234 0026 data : abcd 0028 data : ef 00 002a data : 01 23 45 67 cf fb 0030 version: 00000001 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_rpc_iface [2009/09/24 09:06:20, 7] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_uuid uuid 0034 data : 8a885d04 0038 data : 1ceb 003a data : 11c9 003c data : 9f e8 003e data : 08 00 2b 10 48 60 0044 version: 00000002 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=72, this_data=72, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=34 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 34 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 00000012 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805bdc08 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805bdc08 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805bdc08 "async_trigger" [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 72 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 72 bytes. [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 00000012 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_ba [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 10b8 0012 max_rsize: 10b8 0014 assoc_gid: 000053f0 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000018 smb_io_rpc_addr_str 0018 len: 000f 001a str: \PIPE\netlogon. [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000029 smb_io_rpc_results 002c num_results: 01 0030 result : 0000 0032 reason : 0000 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_rpc_iface [2009/09/24 09:06:20, 7] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_uuid uuid 0034 data : 8a885d04 0038 data : 1ceb 003a data : 11c9 003c data : 9f e8 003e data : 08 00 2b 10 48 60 0044 version: 00000002 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:2401(check_bind_response) check_bind_response: accepted! [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:3672(cli_rpc_pipe_open_noauth) cli_rpc_pipe_open_noauth: opened pipe \NETLOGON to machine GENOME and bound anonymously. [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerReqChallenge: struct netr_ServerReqChallenge in: struct netr_ServerReqChallenge server_name : * server_name : '\\GENOME' computer_name : 'NUCLEUS' credentials : * credentials: struct netr_Credential data : 30544b4b842162ed [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0060 000a auth_len : 0000 000c call_id : 00000013 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000048 0014 context_id: 0000 0016 opnum : 0004 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=96, this_data=96, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=35 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 35 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0024 000a auth_len : 0000 000c call_id : 00000013 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805df780 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805df780 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805df780 "async_trigger" [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 0000000c 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:904(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 36, data_len 12, ss_len 0 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 36 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 24 bytes. [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerReqChallenge: struct netr_ServerReqChallenge out: struct netr_ServerReqChallenge return_credentials : * return_credentials: struct netr_Credential data : 49066541224e018b result : NT_STATUS_OK [2009/09/24 09:06:20, 10] libsmb/credentials.c:298(creds_client_init) creds_client_init: neg_flags : 600fffff [2009/09/24 09:06:20, 10] libsmb/credentials.c:299(creds_client_init) creds_client_init: client chal : 30544B4B842162ED [2009/09/24 09:06:20, 10] libsmb/credentials.c:300(creds_client_init) creds_client_init: server chal : 49066541224E018B [2009/09/24 09:06:20, 5] libsmb/credentials.c:70(creds_init_128) creds_init_128 [2009/09/24 09:06:20, 5] libsmb/credentials.c:71(creds_init_128) clnt_chal_in: 30544B4B842162ED [2009/09/24 09:06:20, 5] libsmb/credentials.c:72(creds_init_128) srv_chal_in : 49066541224E018B [2009/09/24 09:06:20, 10] libsmb/credentials.c:318(creds_client_init) creds_client_init: clnt : 8C42E873AC1A3518 [2009/09/24 09:06:20, 10] libsmb/credentials.c:319(creds_client_init) creds_client_init: server : AA8A9032D9F96CC5 [2009/09/24 09:06:20, 10] libsmb/credentials.c:320(creds_client_init) creds_client_init: seed : 8C42E873AC1A3518 [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerAuthenticate2: struct netr_ServerAuthenticate2 in: struct netr_ServerAuthenticate2 server_name : * server_name : '\\GENOME' account_name : 'NUCLEUS$' secure_channel_type : SEC_CHAN_WKSTA (2) computer_name : 'NUCLEUS' credentials : * credentials: struct netr_Credential data : 8c42e873ac1a3518 negotiate_flags : * negotiate_flags : 0x600fffff (1611661311) 1: NETLOGON_NEG_ACCOUNT_LOCKOUT 1: NETLOGON_NEG_PERSISTENT_SAMREPL 1: NETLOGON_NEG_ARCFOUR 1: NETLOGON_NEG_PROMOTION_COUNT 1: NETLOGON_NEG_CHANGELOG_BDC 1: NETLOGON_NEG_FULL_SYNC_REPL 1: NETLOGON_NEG_MULTIPLE_SIDS 1: NETLOGON_NEG_REDO 1: NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL 1: NETLOGON_NEG_SEND_PASSWORD_INFO_PDC 1: NETLOGON_NEG_GENERIC_PASSTHROUGH 1: NETLOGON_NEG_CONCURRENT_RPC 1: NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL 1: NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL 1: NETLOGON_NEG_STRONG_KEYS 1: NETLOGON_NEG_TRANSITIVE_TRUSTS 1: NETLOGON_NEG_DNS_DOMAIN_TRUSTS 1: NETLOGON_NEG_PASSWORD_SET2 1: NETLOGON_NEG_GETDOMAININFO 1: NETLOGON_NEG_CROSS_FOREST_TRUSTS 0: NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION 0: NETLOGON_NEG_RODC_PASSTHROUGH 0: NETLOGON_NEG_SUPPORTS_AES_SHA2 1: NETLOGON_NEG_AUTHENTICATED_RPC_LSASS 1: NETLOGON_NEG_AUTHENTICATED_RPC [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0084 000a auth_len : 0000 000c call_id : 00000014 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 0000006c 0014 context_id: 0000 0016 opnum : 000f [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=132, this_data=132, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=36 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 36 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0028 000a auth_len : 0000 000c call_id : 00000014 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805b60e8 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805b60e8 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805b60e8 "async_trigger" [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000010 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:904(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 40, data_len 16, ss_len 0 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 40 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 32 bytes. [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerAuthenticate2: struct netr_ServerAuthenticate2 out: struct netr_ServerAuthenticate2 return_credentials : * return_credentials: struct netr_Credential data : 0000000000000000 negotiate_flags : * negotiate_flags : 0x400041ff (1073758719) 1: NETLOGON_NEG_ACCOUNT_LOCKOUT 1: NETLOGON_NEG_PERSISTENT_SAMREPL 1: NETLOGON_NEG_ARCFOUR 1: NETLOGON_NEG_PROMOTION_COUNT 1: NETLOGON_NEG_CHANGELOG_BDC 1: NETLOGON_NEG_FULL_SYNC_REPL 1: NETLOGON_NEG_MULTIPLE_SIDS 1: NETLOGON_NEG_REDO 1: NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL 0: NETLOGON_NEG_SEND_PASSWORD_INFO_PDC 0: NETLOGON_NEG_GENERIC_PASSTHROUGH 0: NETLOGON_NEG_CONCURRENT_RPC 0: NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL 0: NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL 1: NETLOGON_NEG_STRONG_KEYS 0: NETLOGON_NEG_TRANSITIVE_TRUSTS 0: NETLOGON_NEG_DNS_DOMAIN_TRUSTS 0: NETLOGON_NEG_PASSWORD_SET2 0: NETLOGON_NEG_GETDOMAININFO 0: NETLOGON_NEG_CROSS_FOREST_TRUSTS 0: NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION 0: NETLOGON_NEG_RODC_PASSTHROUGH 0: NETLOGON_NEG_SUPPORTS_AES_SHA2 0: NETLOGON_NEG_AUTHENTICATED_RPC_LSASS 1: NETLOGON_NEG_AUTHENTICATED_RPC result : NT_STATUS_ACCESS_DENIED [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerReqChallenge: struct netr_ServerReqChallenge in: struct netr_ServerReqChallenge server_name : * server_name : '\\GENOME' computer_name : 'NUCLEUS' credentials : * credentials: struct netr_Credential data : 6999a8758fcd34b4 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0060 000a auth_len : 0000 000c call_id : 00000015 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000048 0014 context_id: 0000 0016 opnum : 0004 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=96, this_data=96, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=37 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 37 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0024 000a auth_len : 0000 000c call_id : 00000015 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805b4988 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805b4988 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805b4988 "async_trigger" [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 0000000c 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:904(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 36, data_len 12, ss_len 0 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 36 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 24 bytes. [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerReqChallenge: struct netr_ServerReqChallenge out: struct netr_ServerReqChallenge return_credentials : * return_credentials: struct netr_Credential data : eb79be3632c16542 result : NT_STATUS_OK [2009/09/24 09:06:20, 10] libsmb/credentials.c:298(creds_client_init) creds_client_init: neg_flags : 400041ff [2009/09/24 09:06:20, 10] libsmb/credentials.c:299(creds_client_init) creds_client_init: client chal : 6999A8758FCD34B4 [2009/09/24 09:06:20, 10] libsmb/credentials.c:300(creds_client_init) creds_client_init: server chal : EB79BE3632C16542 [2009/09/24 09:06:20, 5] libsmb/credentials.c:70(creds_init_128) creds_init_128 [2009/09/24 09:06:20, 5] libsmb/credentials.c:71(creds_init_128) clnt_chal_in: 6999A8758FCD34B4 [2009/09/24 09:06:20, 5] libsmb/credentials.c:72(creds_init_128) srv_chal_in : EB79BE3632C16542 [2009/09/24 09:06:20, 10] libsmb/credentials.c:318(creds_client_init) creds_client_init: clnt : 029CD3B6306737FF [2009/09/24 09:06:20, 10] libsmb/credentials.c:319(creds_client_init) creds_client_init: server : 28B14FC39B2EB344 [2009/09/24 09:06:20, 10] libsmb/credentials.c:320(creds_client_init) creds_client_init: seed : 029CD3B6306737FF [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerAuthenticate2: struct netr_ServerAuthenticate2 in: struct netr_ServerAuthenticate2 server_name : * server_name : '\\GENOME' account_name : 'NUCLEUS$' secure_channel_type : SEC_CHAN_WKSTA (2) computer_name : 'NUCLEUS' credentials : * credentials: struct netr_Credential data : 029cd3b6306737ff negotiate_flags : * negotiate_flags : 0x400041ff (1073758719) 1: NETLOGON_NEG_ACCOUNT_LOCKOUT 1: NETLOGON_NEG_PERSISTENT_SAMREPL 1: NETLOGON_NEG_ARCFOUR 1: NETLOGON_NEG_PROMOTION_COUNT 1: NETLOGON_NEG_CHANGELOG_BDC 1: NETLOGON_NEG_FULL_SYNC_REPL 1: NETLOGON_NEG_MULTIPLE_SIDS 1: NETLOGON_NEG_REDO 1: NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL 0: NETLOGON_NEG_SEND_PASSWORD_INFO_PDC 0: NETLOGON_NEG_GENERIC_PASSTHROUGH 0: NETLOGON_NEG_CONCURRENT_RPC 0: NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL 0: NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL 1: NETLOGON_NEG_STRONG_KEYS 0: NETLOGON_NEG_TRANSITIVE_TRUSTS 0: NETLOGON_NEG_DNS_DOMAIN_TRUSTS 0: NETLOGON_NEG_PASSWORD_SET2 0: NETLOGON_NEG_GETDOMAININFO 0: NETLOGON_NEG_CROSS_FOREST_TRUSTS 0: NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION 0: NETLOGON_NEG_RODC_PASSTHROUGH 0: NETLOGON_NEG_SUPPORTS_AES_SHA2 0: NETLOGON_NEG_AUTHENTICATED_RPC_LSASS 1: NETLOGON_NEG_AUTHENTICATED_RPC [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0084 000a auth_len : 0000 000c call_id : 00000016 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 0000006c 0014 context_id: 0000 0016 opnum : 000f [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=132, this_data=132, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=38 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 38 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0028 000a auth_len : 0000 000c call_id : 00000016 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805bc240 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805bc240 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805bc240 "async_trigger" [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000010 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:904(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 40, data_len 16, ss_len 0 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 40 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 32 bytes. [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerAuthenticate2: struct netr_ServerAuthenticate2 out: struct netr_ServerAuthenticate2 return_credentials : * return_credentials: struct netr_Credential data : 0000000000000000 negotiate_flags : * negotiate_flags : 0x400041ff (1073758719) 1: NETLOGON_NEG_ACCOUNT_LOCKOUT 1: NETLOGON_NEG_PERSISTENT_SAMREPL 1: NETLOGON_NEG_ARCFOUR 1: NETLOGON_NEG_PROMOTION_COUNT 1: NETLOGON_NEG_CHANGELOG_BDC 1: NETLOGON_NEG_FULL_SYNC_REPL 1: NETLOGON_NEG_MULTIPLE_SIDS 1: NETLOGON_NEG_REDO 1: NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL 0: NETLOGON_NEG_SEND_PASSWORD_INFO_PDC 0: NETLOGON_NEG_GENERIC_PASSTHROUGH 0: NETLOGON_NEG_CONCURRENT_RPC 0: NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL 0: NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL 1: NETLOGON_NEG_STRONG_KEYS 0: NETLOGON_NEG_TRANSITIVE_TRUSTS 0: NETLOGON_NEG_DNS_DOMAIN_TRUSTS 0: NETLOGON_NEG_PASSWORD_SET2 0: NETLOGON_NEG_GETDOMAININFO 0: NETLOGON_NEG_CROSS_FOREST_TRUSTS 0: NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION 0: NETLOGON_NEG_RODC_PASSTHROUGH 0: NETLOGON_NEG_SUPPORTS_AES_SHA2 0: NETLOGON_NEG_AUTHENTICATED_RPC_LSASS 1: NETLOGON_NEG_AUTHENTICATED_RPC result : NT_STATUS_ACCESS_DENIED [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=39 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 39 [2009/09/24 09:06:20, 10] rpc_client/rpc_transport_np.c:40(rpc_transport_np_state_destructor) rpc_pipe_destructor: closed \NETLOGON [2009/09/24 09:06:20, 10] winbindd/winbindd_cm.c:2223(cm_connect_lsa) cm_connect_lsa: Could not get schannel auth info for domain MUC, trying anon [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=40 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 40 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:2554(rpc_pipe_bind_send) Bind RPC Pipe: host GENOME auth_type 0, auth_level 0 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0b 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 00000017 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_rb [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 10b8 0012 max_rsize: 10b8 0014 assoc_gid: 00000000 0018 num_contexts: 01 001c context_id : 0000 001e num_transfer_syntaxes: 01 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 00001f smb_io_rpc_iface [2009/09/24 09:06:20, 7] rpc_parse/parse_prs.c:88(prs_debug) 000020 smb_io_uuid uuid 0020 data : 12345778 0024 data : 1234 0026 data : abcd 0028 data : ef 00 002a data : 01 23 45 67 89 ab 0030 version: 00000000 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_rpc_iface [2009/09/24 09:06:20, 7] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_uuid uuid 0034 data : 8a885d04 0038 data : 1ceb 003a data : 11c9 003c data : 9f e8 003e data : 08 00 2b 10 48 60 0044 version: 00000002 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=72, this_data=72, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=41 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 41 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000017 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805b8410 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805b8410 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805b8410 "async_trigger" [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 68 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 68 bytes. [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000017 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_ba [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 10b8 0012 max_rsize: 10b8 0014 assoc_gid: 000053f0 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000018 smb_io_rpc_addr_str 0018 len: 000d 001a str: \PIPE\lsarpc. [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000027 smb_io_rpc_results 0028 num_results: 01 002c result : 0000 002e reason : 0000 [2009/09/24 09:06:20, 6] rpc_parse/parse_prs.c:88(prs_debug) 000030 smb_io_rpc_iface [2009/09/24 09:06:20, 7] rpc_parse/parse_prs.c:88(prs_debug) 000030 smb_io_uuid uuid 0030 data : 8a885d04 0034 data : 1ceb 0036 data : 11c9 0038 data : 9f e8 003a data : 08 00 2b 10 48 60 0040 version: 00000002 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:2401(check_bind_response) check_bind_response: accepted! [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:3672(cli_rpc_pipe_open_noauth) cli_rpc_pipe_open_noauth: opened pipe \lsarpc to machine GENOME and bound anonymously. [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_OpenPolicy: struct lsa_OpenPolicy in: struct lsa_OpenPolicy system_name : * system_name : 0x005c (92) attr : * attr: struct lsa_ObjectAttribute len : 0x00000018 (24) root_dir : NULL object_name : NULL attributes : 0x00000000 (0) sec_desc : NULL sec_qos : * sec_qos: struct lsa_QosInfo len : 0x0000000c (12) impersonation_level : 0x0002 (2) context_mode : 0x01 (1) effective_only : 0x00 (0) access_mask : 0x02000000 (33554432) 0: LSA_POLICY_VIEW_LOCAL_INFORMATION 0: LSA_POLICY_VIEW_AUDIT_INFORMATION 0: LSA_POLICY_GET_PRIVATE_INFORMATION 0: LSA_POLICY_TRUST_ADMIN 0: LSA_POLICY_CREATE_ACCOUNT 0: LSA_POLICY_CREATE_SECRET 0: LSA_POLICY_CREATE_PRIVILEGE 0: LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS 0: LSA_POLICY_SET_AUDIT_REQUIREMENTS 0: LSA_POLICY_AUDIT_LOG_ADMIN 0: LSA_POLICY_SERVER_ADMIN 0: LSA_POLICY_LOOKUP_NAMES 0: LSA_POLICY_NOTIFICATION [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000018 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 0000002c 0014 context_id: 0000 0016 opnum : 0006 [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=68, this_data=68, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=42 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 42 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000018 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805b6368 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805b6368 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805b6368 "async_trigger" [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:904(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 48, data_len 24, ss_len 0 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 48 bytes. [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_OpenPolicy: struct lsa_OpenPolicy out: struct lsa_OpenPolicy handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-bb4a-6c1aa8660000 result : NT_STATUS_OK [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_EnumTrustDom: struct lsa_EnumTrustDom in: struct lsa_EnumTrustDom handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-bb4a-6c1aa8660000 resume_handle : * resume_handle : 0x00000000 (0) max_size : 0xffffffff (4294967295) [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0034 000a auth_len : 0000 000c call_id : 00000019 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 0000001c 0014 context_id: 0000 0016 opnum : 000d [2009/09/24 09:06:20, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:20, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=52, this_data=52, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=43 [2009/09/24 09:06:20, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 43 [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 00000019 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805b6138 [2009/09/24 09:06:20, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805b6138 [2009/09/24 09:06:20, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805b6138 "async_trigger" [2009/09/24 09:06:20, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000014 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:904(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 44, data_len 20, ss_len 0 [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 44 at offset 0: NT_STATUS_OK [2009/09/24 09:06:20, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 40 bytes. [2009/09/24 09:06:20, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_EnumTrustDom: struct lsa_EnumTrustDom out: struct lsa_EnumTrustDom resume_handle : * resume_handle : 0xffffffff (4294967295) domains : * domains: struct lsa_DomainList count : 0x00000000 (0) domains : * domains: ARRAY(0) result : NT_STATUS_NO_MORE_ENTRIES [2009/09/24 09:06:20, 10] winbindd/winbindd_cache.c:2627(cache_store_response) Storing response for pid 30971, len 3496 [2009/09/24 09:06:20, 10] lib/events.c:148(get_timed_events_timeout) timed_events_timeout: 544844/247779 [2009/09/24 09:06:23, 4] winbindd/winbindd_dual.c:1452(fork_domain_child) child daemon request 22 [2009/09/24 09:06:23, 10] winbindd/winbindd_dual.c:452(child_process_request) child_process_request: request fn LOOKUPNAME [2009/09/24 09:06:23, 3] winbindd/winbindd_async.c:442(winbindd_dual_lookupname) [30970]: lookupname MUC\Administrator [2009/09/24 09:06:23, 10] winbindd/winbindd_cache.c:492(refresh_sequence_number) refresh_sequence_number: MUC time ok [2009/09/24 09:06:23, 10] winbindd/winbindd_cache.c:537(refresh_sequence_number) refresh_sequence_number: MUC seq number is now 1253775980 [2009/09/24 09:06:23, 10] winbindd/winbindd_cache.c:1653(name_to_sid) name_to_sid: [Cached] - doing backend query for name for domain MUC [2009/09/24 09:06:23, 3] winbindd/winbindd_rpc.c:298(msrpc_name_to_sid) rpc: name_to_sid name=MUC\Administrator [2009/09/24 09:06:23, 3] winbindd/winbindd_rpc.c:312(msrpc_name_to_sid) name_to_sid [rpc] MUC\Administrator for domain MUC [2009/09/24 09:06:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_LookupNames: struct lsa_LookupNames in: struct lsa_LookupNames handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-bb4a-6c1aa8660000 num_names : 0x00000001 (1) names: ARRAY(1) names: struct lsa_String length : 0x0022 (34) size : 0x0022 (34) string : * string : 'MUC\Administrator' sids : * sids: struct lsa_TransSidArray count : 0x00000000 (0) sids : NULL level : LSA_LOOKUP_NAMES_ALL (1) count : * count : 0x00000000 (0) [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 007c 000a auth_len : 0000 000c call_id : 0000001a [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000064 0014 context_id: 0000 0016 opnum : 000e [2009/09/24 09:06:23, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:23, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=124, this_data=124, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:23, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=44 [2009/09/24 09:06:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 44 [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0088 000a auth_len : 0000 000c call_id : 0000001a [2009/09/24 09:06:23, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805bcd90 [2009/09/24 09:06:23, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805bcd90 [2009/09/24 09:06:23, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805bcd90 "async_trigger" [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000070 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/09/24 09:06:23, 10] rpc_client/cli_pipe.c:904(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 136, data_len 112, ss_len 0 [2009/09/24 09:06:23, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 136 at offset 0: NT_STATUS_OK [2009/09/24 09:06:23, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 224 bytes. [2009/09/24 09:06:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_LookupNames: struct lsa_LookupNames out: struct lsa_LookupNames domains : * domains : * domains: struct lsa_RefDomainList count : 0x00000001 (1) domains : * domains: ARRAY(1) domains: struct lsa_DomainInfo name: struct lsa_StringLarge length : 0x0006 (6) size : 0x0008 (8) string : * string : 'MUC' sid : * sid : S-1-5-21-1362721961-1801182073-732966438 max_size : 0x00000020 (32) sids : * sids: struct lsa_TransSidArray count : 0x00000001 (1) sids : * sids: ARRAY(1) sids: struct lsa_TranslatedSid sid_type : SID_NAME_USER (1) rid : 0x00000bb4 (2996) sid_index : 0x00000000 (0) count : * count : 0x00000001 (1) result : NT_STATUS_OK [2009/09/24 09:06:23, 10] winbindd/winbindd_cache.c:492(refresh_sequence_number) refresh_sequence_number: MUC time ok [2009/09/24 09:06:23, 10] winbindd/winbindd_cache.c:537(refresh_sequence_number) refresh_sequence_number: MUC seq number is now 1253775980 [2009/09/24 09:06:23, 10] winbindd/winbindd_cache.c:869(wcache_save_name_to_sid) wcache_save_name_to_sid: MUC\ADMINISTRATOR -> S-1-5-21-1362721961-1801182073-732966438-2996 (NT_STATUS_OK) [2009/09/24 09:06:23, 10] winbindd/winbindd_cache.c:891(wcache_save_sid_to_name) wcache_save_sid_to_name: S-1-5-21-1362721961-1801182073-732966438-2996 -> administrator (NT_STATUS_OK) [2009/09/24 09:06:23, 10] winbindd/winbindd_cache.c:2627(cache_store_response) Storing response for pid 30971, len 3496 [2009/09/24 09:06:23, 10] lib/events.c:148(get_timed_events_timeout) timed_events_timeout: 544841/763937 [2009/09/24 09:06:23, 4] winbindd/winbindd_dual.c:1452(fork_domain_child) child daemon request 14 [2009/09/24 09:06:23, 10] winbindd/winbindd_dual.c:452(child_process_request) child_process_request: request fn AUTH_CRAP [2009/09/24 09:06:23, 3] winbindd/winbindd_pam.c:1847(winbindd_dual_pam_auth_crap) [30970]: pam auth crap domain: MUC user: muehlfeld [2009/09/24 09:06:23, 8] lib/util.c:1879(is_myname) is_myname("MUC") returns 0 [2009/09/24 09:06:23, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=45 [2009/09/24 09:06:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 45 [2009/09/24 09:06:23, 5] rpc_client/cli_pipe.c:2554(rpc_pipe_bind_send) Bind RPC Pipe: host GENOME auth_type 0, auth_level 0 [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0b 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 0000001b [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_rb [2009/09/24 09:06:23, 6] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 10b8 0012 max_rsize: 10b8 0014 assoc_gid: 00000000 0018 num_contexts: 01 001c context_id : 0000 001e num_transfer_syntaxes: 01 [2009/09/24 09:06:23, 6] rpc_parse/parse_prs.c:88(prs_debug) 00001f smb_io_rpc_iface [2009/09/24 09:06:23, 7] rpc_parse/parse_prs.c:88(prs_debug) 000020 smb_io_uuid uuid 0020 data : 12345678 0024 data : 1234 0026 data : abcd 0028 data : ef 00 002a data : 01 23 45 67 cf fb 0030 version: 00000001 [2009/09/24 09:06:23, 6] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_rpc_iface [2009/09/24 09:06:23, 7] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_uuid uuid 0034 data : 8a885d04 0038 data : 1ceb 003a data : 11c9 003c data : 9f e8 003e data : 08 00 2b 10 48 60 0044 version: 00000002 [2009/09/24 09:06:23, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:23, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=72, this_data=72, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:23, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=46 [2009/09/24 09:06:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 46 [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 0000001b [2009/09/24 09:06:23, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805df828 [2009/09/24 09:06:23, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805df828 [2009/09/24 09:06:23, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805df828 "async_trigger" [2009/09/24 09:06:23, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 72 at offset 0: NT_STATUS_OK [2009/09/24 09:06:23, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 72 bytes. [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 0000001b [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_ba [2009/09/24 09:06:23, 6] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 10b8 0012 max_rsize: 10b8 0014 assoc_gid: 000053f0 [2009/09/24 09:06:23, 6] rpc_parse/parse_prs.c:88(prs_debug) 000018 smb_io_rpc_addr_str 0018 len: 000f 001a str: \PIPE\netlogon. [2009/09/24 09:06:23, 6] rpc_parse/parse_prs.c:88(prs_debug) 000029 smb_io_rpc_results 002c num_results: 01 0030 result : 0000 0032 reason : 0000 [2009/09/24 09:06:23, 6] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_rpc_iface [2009/09/24 09:06:23, 7] rpc_parse/parse_prs.c:88(prs_debug) 000034 smb_io_uuid uuid 0034 data : 8a885d04 0038 data : 1ceb 003a data : 11c9 003c data : 9f e8 003e data : 08 00 2b 10 48 60 0044 version: 00000002 [2009/09/24 09:06:23, 5] rpc_client/cli_pipe.c:2401(check_bind_response) check_bind_response: accepted! [2009/09/24 09:06:23, 10] rpc_client/cli_pipe.c:3672(cli_rpc_pipe_open_noauth) cli_rpc_pipe_open_noauth: opened pipe \NETLOGON to machine GENOME and bound anonymously. [2009/09/24 09:06:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerReqChallenge: struct netr_ServerReqChallenge in: struct netr_ServerReqChallenge server_name : * server_name : '\\GENOME' computer_name : 'NUCLEUS' credentials : * credentials: struct netr_Credential data : 387876cea5f3f552 [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0060 000a auth_len : 0000 000c call_id : 0000001c [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000048 0014 context_id: 0000 0016 opnum : 0004 [2009/09/24 09:06:23, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:23, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=96, this_data=96, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:23, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=47 [2009/09/24 09:06:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 47 [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0024 000a auth_len : 0000 000c call_id : 0000001c [2009/09/24 09:06:23, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805bc0b8 [2009/09/24 09:06:23, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805bc0b8 [2009/09/24 09:06:23, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805bc0b8 "async_trigger" [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 0000000c 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/09/24 09:06:23, 10] rpc_client/cli_pipe.c:904(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 36, data_len 12, ss_len 0 [2009/09/24 09:06:23, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 36 at offset 0: NT_STATUS_OK [2009/09/24 09:06:23, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 24 bytes. [2009/09/24 09:06:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerReqChallenge: struct netr_ServerReqChallenge out: struct netr_ServerReqChallenge return_credentials : * return_credentials: struct netr_Credential data : c78f98c1691f6cc7 result : NT_STATUS_OK [2009/09/24 09:06:23, 10] libsmb/credentials.c:298(creds_client_init) creds_client_init: neg_flags : 600fffff [2009/09/24 09:06:23, 10] libsmb/credentials.c:299(creds_client_init) creds_client_init: client chal : 387876CEA5F3F552 [2009/09/24 09:06:23, 10] libsmb/credentials.c:300(creds_client_init) creds_client_init: server chal : C78F98C1691F6CC7 [2009/09/24 09:06:23, 5] libsmb/credentials.c:70(creds_init_128) creds_init_128 [2009/09/24 09:06:23, 5] libsmb/credentials.c:71(creds_init_128) clnt_chal_in: 387876CEA5F3F552 [2009/09/24 09:06:23, 5] libsmb/credentials.c:72(creds_init_128) srv_chal_in : C78F98C1691F6CC7 [2009/09/24 09:06:23, 10] libsmb/credentials.c:318(creds_client_init) creds_client_init: clnt : 40EC88F4D722D7E2 [2009/09/24 09:06:23, 10] libsmb/credentials.c:319(creds_client_init) creds_client_init: server : D0AB4696D68E3603 [2009/09/24 09:06:23, 10] libsmb/credentials.c:320(creds_client_init) creds_client_init: seed : 40EC88F4D722D7E2 [2009/09/24 09:06:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerAuthenticate2: struct netr_ServerAuthenticate2 in: struct netr_ServerAuthenticate2 server_name : * server_name : '\\GENOME' account_name : 'NUCLEUS$' secure_channel_type : SEC_CHAN_WKSTA (2) computer_name : 'NUCLEUS' credentials : * credentials: struct netr_Credential data : 40ec88f4d722d7e2 negotiate_flags : * negotiate_flags : 0x600fffff (1611661311) 1: NETLOGON_NEG_ACCOUNT_LOCKOUT 1: NETLOGON_NEG_PERSISTENT_SAMREPL 1: NETLOGON_NEG_ARCFOUR 1: NETLOGON_NEG_PROMOTION_COUNT 1: NETLOGON_NEG_CHANGELOG_BDC 1: NETLOGON_NEG_FULL_SYNC_REPL 1: NETLOGON_NEG_MULTIPLE_SIDS 1: NETLOGON_NEG_REDO 1: NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL 1: NETLOGON_NEG_SEND_PASSWORD_INFO_PDC 1: NETLOGON_NEG_GENERIC_PASSTHROUGH 1: NETLOGON_NEG_CONCURRENT_RPC 1: NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL 1: NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL 1: NETLOGON_NEG_STRONG_KEYS 1: NETLOGON_NEG_TRANSITIVE_TRUSTS 1: NETLOGON_NEG_DNS_DOMAIN_TRUSTS 1: NETLOGON_NEG_PASSWORD_SET2 1: NETLOGON_NEG_GETDOMAININFO 1: NETLOGON_NEG_CROSS_FOREST_TRUSTS 0: NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION 0: NETLOGON_NEG_RODC_PASSTHROUGH 0: NETLOGON_NEG_SUPPORTS_AES_SHA2 1: NETLOGON_NEG_AUTHENTICATED_RPC_LSASS 1: NETLOGON_NEG_AUTHENTICATED_RPC [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0084 000a auth_len : 0000 000c call_id : 0000001d [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 0000006c 0014 context_id: 0000 0016 opnum : 000f [2009/09/24 09:06:23, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:23, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=132, this_data=132, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:23, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=48 [2009/09/24 09:06:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 48 [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0028 000a auth_len : 0000 000c call_id : 0000001d [2009/09/24 09:06:23, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805bdfa0 [2009/09/24 09:06:23, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805bdfa0 [2009/09/24 09:06:23, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805bdfa0 "async_trigger" [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000010 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/09/24 09:06:23, 10] rpc_client/cli_pipe.c:904(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 40, data_len 16, ss_len 0 [2009/09/24 09:06:23, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 40 at offset 0: NT_STATUS_OK [2009/09/24 09:06:23, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 32 bytes. [2009/09/24 09:06:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerAuthenticate2: struct netr_ServerAuthenticate2 out: struct netr_ServerAuthenticate2 return_credentials : * return_credentials: struct netr_Credential data : 0000000000000000 negotiate_flags : * negotiate_flags : 0x400041ff (1073758719) 1: NETLOGON_NEG_ACCOUNT_LOCKOUT 1: NETLOGON_NEG_PERSISTENT_SAMREPL 1: NETLOGON_NEG_ARCFOUR 1: NETLOGON_NEG_PROMOTION_COUNT 1: NETLOGON_NEG_CHANGELOG_BDC 1: NETLOGON_NEG_FULL_SYNC_REPL 1: NETLOGON_NEG_MULTIPLE_SIDS 1: NETLOGON_NEG_REDO 1: NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL 0: NETLOGON_NEG_SEND_PASSWORD_INFO_PDC 0: NETLOGON_NEG_GENERIC_PASSTHROUGH 0: NETLOGON_NEG_CONCURRENT_RPC 0: NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL 0: NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL 1: NETLOGON_NEG_STRONG_KEYS 0: NETLOGON_NEG_TRANSITIVE_TRUSTS 0: NETLOGON_NEG_DNS_DOMAIN_TRUSTS 0: NETLOGON_NEG_PASSWORD_SET2 0: NETLOGON_NEG_GETDOMAININFO 0: NETLOGON_NEG_CROSS_FOREST_TRUSTS 0: NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION 0: NETLOGON_NEG_RODC_PASSTHROUGH 0: NETLOGON_NEG_SUPPORTS_AES_SHA2 0: NETLOGON_NEG_AUTHENTICATED_RPC_LSASS 1: NETLOGON_NEG_AUTHENTICATED_RPC result : NT_STATUS_ACCESS_DENIED [2009/09/24 09:06:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerReqChallenge: struct netr_ServerReqChallenge in: struct netr_ServerReqChallenge server_name : * server_name : '\\GENOME' computer_name : 'NUCLEUS' credentials : * credentials: struct netr_Credential data : 31f685bc52647d47 [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0060 000a auth_len : 0000 000c call_id : 0000001e [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000048 0014 context_id: 0000 0016 opnum : 0004 [2009/09/24 09:06:23, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:23, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=96, this_data=96, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:23, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=49 [2009/09/24 09:06:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 49 [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0024 000a auth_len : 0000 000c call_id : 0000001e [2009/09/24 09:06:23, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805b4988 [2009/09/24 09:06:23, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805b4988 [2009/09/24 09:06:23, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805b4988 "async_trigger" [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 0000000c 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/09/24 09:06:23, 10] rpc_client/cli_pipe.c:904(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 36, data_len 12, ss_len 0 [2009/09/24 09:06:23, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 36 at offset 0: NT_STATUS_OK [2009/09/24 09:06:23, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 24 bytes. [2009/09/24 09:06:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerReqChallenge: struct netr_ServerReqChallenge out: struct netr_ServerReqChallenge return_credentials : * return_credentials: struct netr_Credential data : 496cf239d1167597 result : NT_STATUS_OK [2009/09/24 09:06:23, 10] libsmb/credentials.c:298(creds_client_init) creds_client_init: neg_flags : 400041ff [2009/09/24 09:06:23, 10] libsmb/credentials.c:299(creds_client_init) creds_client_init: client chal : 31F685BC52647D47 [2009/09/24 09:06:23, 10] libsmb/credentials.c:300(creds_client_init) creds_client_init: server chal : 496CF239D1167597 [2009/09/24 09:06:23, 5] libsmb/credentials.c:70(creds_init_128) creds_init_128 [2009/09/24 09:06:23, 5] libsmb/credentials.c:71(creds_init_128) clnt_chal_in: 31F685BC52647D47 [2009/09/24 09:06:23, 5] libsmb/credentials.c:72(creds_init_128) srv_chal_in : 496CF239D1167597 [2009/09/24 09:06:23, 10] libsmb/credentials.c:318(creds_client_init) creds_client_init: clnt : 19D7C8EC8FDB1C4F [2009/09/24 09:06:23, 10] libsmb/credentials.c:319(creds_client_init) creds_client_init: server : D02A1E8FD7C58C5C [2009/09/24 09:06:23, 10] libsmb/credentials.c:320(creds_client_init) creds_client_init: seed : 19D7C8EC8FDB1C4F [2009/09/24 09:06:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerAuthenticate2: struct netr_ServerAuthenticate2 in: struct netr_ServerAuthenticate2 server_name : * server_name : '\\GENOME' account_name : 'NUCLEUS$' secure_channel_type : SEC_CHAN_WKSTA (2) computer_name : 'NUCLEUS' credentials : * credentials: struct netr_Credential data : 19d7c8ec8fdb1c4f negotiate_flags : * negotiate_flags : 0x400041ff (1073758719) 1: NETLOGON_NEG_ACCOUNT_LOCKOUT 1: NETLOGON_NEG_PERSISTENT_SAMREPL 1: NETLOGON_NEG_ARCFOUR 1: NETLOGON_NEG_PROMOTION_COUNT 1: NETLOGON_NEG_CHANGELOG_BDC 1: NETLOGON_NEG_FULL_SYNC_REPL 1: NETLOGON_NEG_MULTIPLE_SIDS 1: NETLOGON_NEG_REDO 1: NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL 0: NETLOGON_NEG_SEND_PASSWORD_INFO_PDC 0: NETLOGON_NEG_GENERIC_PASSTHROUGH 0: NETLOGON_NEG_CONCURRENT_RPC 0: NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL 0: NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL 1: NETLOGON_NEG_STRONG_KEYS 0: NETLOGON_NEG_TRANSITIVE_TRUSTS 0: NETLOGON_NEG_DNS_DOMAIN_TRUSTS 0: NETLOGON_NEG_PASSWORD_SET2 0: NETLOGON_NEG_GETDOMAININFO 0: NETLOGON_NEG_CROSS_FOREST_TRUSTS 0: NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION 0: NETLOGON_NEG_RODC_PASSTHROUGH 0: NETLOGON_NEG_SUPPORTS_AES_SHA2 0: NETLOGON_NEG_AUTHENTICATED_RPC_LSASS 1: NETLOGON_NEG_AUTHENTICATED_RPC [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0084 000a auth_len : 0000 000c call_id : 0000001f [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 0000006c 0014 context_id: 0000 0016 opnum : 000f [2009/09/24 09:06:23, 5] rpc_client/cli_pipe.c:1279(rpc_api_pipe_send) rpc_api_pipe: host GENOME [2009/09/24 09:06:23, 10] libsmb/clitrans.c:825(cli_ship_trans) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=132, this_data=132, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2009/09/24 09:06:23, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=50 [2009/09/24 09:06:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 50 [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0028 000a auth_len : 0000 000c call_id : 0000001f [2009/09/24 09:06:23, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "async_trigger": 0x805bc290 [2009/09/24 09:06:23, 10] lib/events.c:105(run_events) Running timed event "async_trigger" 0x805bc290 [2009/09/24 09:06:23, 10] lib/events.c:287(s3_event_debug) s3_event: Destroying timer event 0x805bc290 "async_trigger" [2009/09/24 09:06:23, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000010 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/09/24 09:06:23, 10] rpc_client/cli_pipe.c:904(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 40, data_len 16, ss_len 0 [2009/09/24 09:06:23, 10] rpc_client/cli_pipe.c:1381(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 40 at offset 0: NT_STATUS_OK [2009/09/24 09:06:23, 10] rpc_client/cli_pipe.c:1432(rpc_api_pipe_got_pdu) rpc_api_pipe: host GENOME returned 32 bytes. [2009/09/24 09:06:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) netr_ServerAuthenticate2: struct netr_ServerAuthenticate2 out: struct netr_ServerAuthenticate2 return_credentials : * return_credentials: struct netr_Credential data : 0000000000000000 negotiate_flags : * negotiate_flags : 0x400041ff (1073758719) 1: NETLOGON_NEG_ACCOUNT_LOCKOUT 1: NETLOGON_NEG_PERSISTENT_SAMREPL 1: NETLOGON_NEG_ARCFOUR 1: NETLOGON_NEG_PROMOTION_COUNT 1: NETLOGON_NEG_CHANGELOG_BDC 1: NETLOGON_NEG_FULL_SYNC_REPL 1: NETLOGON_NEG_MULTIPLE_SIDS 1: NETLOGON_NEG_REDO 1: NETLOGON_NEG_PASSWORD_CHANGE_REFUSAL 0: NETLOGON_NEG_SEND_PASSWORD_INFO_PDC 0: NETLOGON_NEG_GENERIC_PASSTHROUGH 0: NETLOGON_NEG_CONCURRENT_RPC 0: NETLOGON_NEG_AVOID_ACCOUNT_DB_REPL 0: NETLOGON_NEG_AVOID_SECURITYAUTH_DB_REPL 1: NETLOGON_NEG_STRONG_KEYS 0: NETLOGON_NEG_TRANSITIVE_TRUSTS 0: NETLOGON_NEG_DNS_DOMAIN_TRUSTS 0: NETLOGON_NEG_PASSWORD_SET2 0: NETLOGON_NEG_GETDOMAININFO 0: NETLOGON_NEG_CROSS_FOREST_TRUSTS 0: NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION 0: NETLOGON_NEG_RODC_PASSTHROUGH 0: NETLOGON_NEG_SUPPORTS_AES_SHA2 0: NETLOGON_NEG_AUTHENTICATED_RPC_LSASS 1: NETLOGON_NEG_AUTHENTICATED_RPC result : NT_STATUS_ACCESS_DENIED [2009/09/24 09:06:23, 10] libsmb/async_smb.c:510(cli_chain_cork) cli_chain_cork: mid=51 [2009/09/24 09:06:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu) handle_incoming_pdu: got mid 51 [2009/09/24 09:06:23, 10] rpc_client/rpc_transport_np.c:40(rpc_transport_np_state_destructor) rpc_pipe_destructor: closed \NETLOGON [2009/09/24 09:06:23, 3] winbindd/winbindd_pam.c:1908(winbindd_dual_pam_auth_crap) could not open handle to NETLOGON pipe (error: NT_STATUS_ACCESS_DENIED) [2009/09/24 09:06:23, 2] winbindd/winbindd_pam.c:2006(winbindd_dual_pam_auth_crap) NTLM CRAP authentication for user [MUC]\[muehlfeld] returned NT_STATUS_ACCESS_DENIED (PAM: 4) [2009/09/24 09:06:23, 10] winbindd/winbindd_cache.c:2627(cache_store_response) Storing response for pid 30971, len 3496 [2009/09/24 09:06:23, 10] lib/events.c:148(get_timed_events_timeout) timed_events_timeout: 544841/735939 [2009/09/24 09:06:52, 0] winbindd/winbindd.c:190(winbindd_sig_term_handler) Got sig[15] terminate (is_parent=0) [2009/09/24 09:06:52, 5] lib/gencache.c:93(gencache_shutdown) Closing cache file [2009/09/24 09:06:52, 1] rpc_client/cli_pipe.c:948(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from host GENOME! [2009/09/24 09:10:06, 0] winbindd/winbindd.c:190(winbindd_sig_term_handler) Got sig[15] terminate (is_parent=0) [2009/09/24 09:10:48, 1] rpc_client/cli_pipe.c:948(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_OP_RNG_ERROR received from host GENOME!