[2009/10/23 16:50:55, 5] lib/debug.c:407(debug_dump_status) INFO: Current debug levels: all: True/10 tdb: False/0 printdrivers: False/0 lanman: False/0 smb: False/0 rpc_parse: False/0 rpc_srv: False/0 rpc_cli: False/0 passdb: False/0 sam: False/0 auth: False/0 winbind: False/0 vfs: False/0 idmap: False/0 quota: False/0 acls: False/0 locking: False/0 msdfs: False/0 dmapi: False/0 registry: False/0 [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 94 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x5e [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 178 of length 98 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=94 smb_com=0xa2 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=9729 smt_wct=24 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]= 2048 (0x800) smb_vwv[ 3]= 4096 (0x1000) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=32768 (0x8000) smb_vwv[ 8]= 1536 (0x600) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 1792 (0x700) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 256 (0x100) smb_vwv[18]= 0 (0x0) smb_vwv[19]= 0 (0x0) smb_vwv[20]= 8192 (0x2000) smb_vwv[21]= 512 (0x200) smb_vwv[22]= 0 (0x0) smb_vwv[23]= 0 (0x0) smb_bcc=11 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 61 00 61 00 61 00 00 00 .\.a.a.a ... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBntcreateX (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 5] auth/token_util.c:528(debug_nt_user_token) NT user token of user S-1-5-21-3308023661-3915791984-1724325443-61012 contains 12 SIDs SID[ 0]: S-1-5-21-3308023661-3915791984-1724325443-61012 SID[ 1]: S-1-5-21-3308023661-3915791984-1724325443-513 SID[ 2]: S-1-1-0 SID[ 3]: S-1-5-2 SID[ 4]: S-1-5-11 SID[ 5]: S-1-5-21-3308023661-3915791984-1724325443-101275 SID[ 6]: S-1-5-21-3308023661-3915791984-1724325443-512 SID[ 7]: S-1-5-32-544 SID[ 8]: S-1-22-1-30006 SID[ 9]: S-1-22-2-50001 SID[ 10]: S-1-22-2-50137 SID[ 11]: S-1-22-2-50231 SE_PRIV 0xff0 0x0 0x0 0x0 [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 30006 Primary group is 50001 and contains 3 supplementary groups Group[ 0]: 50001 Group[ 1]: 50137 Group[ 2]: 50231 [2009/10/23 16:51:02, 5] smbd/uid.c:353(change_to_user) change_to_user uid=(0,30006) gid=(0,50001) [2009/10/23 16:51:02, 10] smbd/nttrans.c:483(reply_ntcreate_and_X) reply_ntcreate_and_X: flags = 0x10, access_mask = 0x60080 file_attributes = 0x0, share_access = 0x7, create_disposition = 0x1 create_options = 0x200000 root_dir_fid = 0x0, fname = aaa [2009/10/23 16:51:02, 10] smbd/open.c:3366(create_file_default) create_file: access_mask = 0x60080 file_attributes = 0x0, share_access = 0x7, create_disposition = 0x1 create_options = 0x200000 oplock_request = 0x0 root_dir_fid = 0x0, ea_list = 0x(nil), sd = 0x(nil), create_file_flags = 0x1, fname = aaa [2009/10/23 16:51:02, 5] smbd/filename.c:148(unix_convert) unix_convert called on file "aaa" [2009/10/23 16:51:02, 10] smbd/statcache.c:274(stat_cache_lookup) stat_cache_lookup: lookup succeeded for name [AAA] -> [aaa] [2009/10/23 16:51:02, 10] smbd/open.c:2896(create_file_unixpath) create_file_unixpath: access_mask = 0x60080 file_attributes = 0x0, share_access = 0x7, create_disposition = 0x1 create_options = 0x200000 oplock_request = 0x0 ea_list = 0x(nil), sd = 0x(nil), fname = aaa [2009/10/23 16:51:02, 5] smbd/files.c:103(file_new) allocated file structure 526, fnum = 4622 (3 used) [2009/10/23 16:51:02, 2] smbd/dosmode.c:83(unix_mode) unix_mode(aaa) inheriting from . [2009/10/23 16:51:02, 2] smbd/dosmode.c:92(unix_mode) unix_mode(aaa) inherit mode 40755 [2009/10/23 16:51:02, 3] smbd/dosmode.c:135(unix_mode) unix_mode(aaa) returning 0644 [2009/10/23 16:51:02, 10] smbd/open.c:1475(open_file_ntcreate) open_file_ntcreate: fname=aaa, dos_attrs=0x0 access_mask=0x60080 share_access=0x7 create_disposition = 0x1 create_options=0x200000 unix mode=0644 oplock_request=0 [2009/10/23 16:51:02, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa [2009/10/23 16:51:02, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa [2009/10/23 16:51:02, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning d [2009/10/23 16:51:02, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning d [2009/10/23 16:51:02, 10] smbd/open.c:1653(open_file_ntcreate) open_file_ntcreate: fname=aaa, after mapping access_mask=0x60080 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:100(db_tdb_fetch_locked) Locking key 32080000000000006225 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:129(db_tdb_fetch_locked) Allocated locked data 0x0xb80a5d38 [2009/10/23 16:51:02, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:18:29 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 2 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 3, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[1]: UNUSED pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x20080, mid = 0x0, type= 0x40, gen_id = 30, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] smbd/open.c:980(delay_for_oplocks) delay_for_oplocks: oplock type 0x0 on file [2009/10/23 16:51:02, 10] smbd/open.c:617(share_conflict) share_conflict: entry->access_mask = 0x100081, entry->share_access = 0x7, entry->private_options = 0x1 [2009/10/23 16:51:02, 10] smbd/open.c:620(share_conflict) share_conflict: access_mask = 0x60080, share_access = 0x7 [2009/10/23 16:51:02, 10] smbd/open.c:640(share_conflict) share_conflict: No conflict due to access_mask = 0x60080 [2009/10/23 16:51:02, 10] smbd/open.c:980(delay_for_oplocks) delay_for_oplocks: oplock type 0x0 on file [2009/10/23 16:51:02, 4] smbd/open.c:1913(open_file_ntcreate) calling open_file with flags=0x0 flags2=0x0 mode=0644, access_mask = 0x60080, open_access_mask = 0x60080 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 43 for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:544(create_pai_val_v2) create_pai_val_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:395(get_pai_owner_type) get_pai_owner_type: gid = 50001 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Default ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2969(merge_default_aces) merge_default_aces: Merging zero access ACE 2 onto ACE 5. [2009/10/23 16:51:02, 10] smbd/open.c:113(check_open_rights) check_open_rights: file aaa requesting 0x60080 returning 0x60000 (NT_STATUS_OK) [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr) Unlocking key 32080000000000006225 [2009/10/23 16:51:02, 5] smbd/files.c:484(file_free) freed files structure 4622 (2 used) [2009/10/23 16:51:02, 5] smbd/open.c:2391(open_directory) open_directory: opening directory aaa, access_mask = 0x60080, share_access = 0x7 create_options = 0x200000, create_disposition = 0x1, file_attributes = 0x0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 43 for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:544(create_pai_val_v2) create_pai_val_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:395(get_pai_owner_type) get_pai_owner_type: gid = 50001 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Default ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2969(merge_default_aces) merge_default_aces: Merging zero access ACE 2 onto ACE 5. [2009/10/23 16:51:02, 10] smbd/open.c:113(check_open_rights) check_open_rights: file aaa requesting 0x60080 returning 0x60000 (NT_STATUS_OK) [2009/10/23 16:51:02, 5] smbd/files.c:103(file_new) allocated file structure 527, fnum = 4623 (3 used) [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:100(db_tdb_fetch_locked) Locking key 32080000000000006225 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:129(db_tdb_fetch_locked) Allocated locked data 0x0xb80aed10 [2009/10/23 16:51:02, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:18:29 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 2 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 3, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[1]: UNUSED pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x20080, mid = 0x0, type= 0x40, gen_id = 30, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] smbd/open.c:617(share_conflict) share_conflict: entry->access_mask = 0x100081, entry->share_access = 0x7, entry->private_options = 0x1 [2009/10/23 16:51:02, 10] smbd/open.c:620(share_conflict) share_conflict: access_mask = 0x60080, share_access = 0x7 [2009/10/23 16:51:02, 10] smbd/open.c:640(share_conflict) share_conflict: No conflict due to access_mask = 0x60080 [2009/10/23 16:51:02, 10] locking/locking.c:716(unparse_share_modes) unparse_share_modes: del: 0, owrt: Fri Oct 23 15:18:29 2009 CEST cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num: 2 [2009/10/23 16:51:02, 10] locking/locking.c:518(print_share_mode_table) print_share_mode_table: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 3, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] locking/locking.c:518(print_share_mode_table) print_share_mode_table: share_mode_entry[1]: pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x60080, mid = 0x0, type= 0x0, gen_id = 32, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr) Unlocking key 32080000000000006225 [2009/10/23 16:51:02, 10] smbd/open.c:3201(create_file_unixpath) create_file_unixpath: info=1 [2009/10/23 16:51:02, 10] smbd/open.c:3496(create_file_default) create_file: info=1 [2009/10/23 16:51:02, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa [2009/10/23 16:51:02, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa [2009/10/23 16:51:02, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning d [2009/10/23 16:51:02, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning d [2009/10/23 16:51:02, 5] smbd/nttrans.c:650(reply_ntcreate_and_X) reply_ntcreate_and_X: fnum = 4623, open name = aaa [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 72 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x48 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 179 of length 76 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=72 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=9793 smt_wct=15 smb_vwv[ 0]= 4 (0x4) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 2 (0x2) smb_vwv[ 3]= 40 (0x28) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 4 (0x4) smb_vwv[10]= 68 (0x44) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 7 (0x7) smb_bcc=7 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 0F 12 EC 03 ....... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBtrans2 (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 3] smbd/trans2.c:3876(call_trans2qfilepathinfo) call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 1004 [2009/10/23 16:51:02, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:18:29 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 2 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 3, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[1]: pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x60080, mid = 0x0, type= 0x0, gen_id = 32, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 3] smbd/trans2.c:4066(call_trans2qfilepathinfo) call_trans2qfilepathinfo aaa (fnum = 4623) level=1004 call=7 total_data=0 [2009/10/23 16:51:02, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa [2009/10/23 16:51:02, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa [2009/10/23 16:51:02, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning d [2009/10/23 16:51:02, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning d [2009/10/23 16:51:02, 10] smbd/trans2.c:4308(call_trans2qfilepathinfo) call_trans2qfilepathinfo: SMB_FILE_BASIC_INFORMATION [2009/10/23 16:51:02, 5] smbd/trans2.c:4318(call_trans2qfilepathinfo) SMB_QFBI - create: Fri Oct 23 15:18:29 2009 access: Fri Oct 23 16:36:32 2009 write: Fri Oct 23 15:18:29 2009 change: Fri Oct 23 15:18:29 2009 mode: 10 [2009/10/23 16:51:02, 9] smbd/trans2.c:820(send_trans2_replies) t2_rep: params_sent_thistime = 2, data_sent_thistime = 40, useable_space = 131010 [2009/10/23 16:51:02, 9] smbd/trans2.c:822(send_trans2_replies) t2_rep: params_to_send = 2, data_to_send = 40, paramsize = 2, datasize = 40 [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=100 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=9793 smt_wct=10 smb_vwv[ 0]= 2 (0x2) smb_vwv[ 1]= 40 (0x28) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 2 (0x2) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 40 (0x28) smb_vwv[ 7]= 60 (0x3C) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=45 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 00 00 80 C0 80 4F E3 53 CA 01 00 D8 C9 ........ O.S..... [0010] 36 EE 53 CA 01 80 C0 80 4F E3 53 CA 01 80 C0 80 6.S..... O.S..... [0020] 4F E3 53 CA 01 10 00 00 00 00 00 00 00 O.S..... ..... [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 84 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x54 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 180 of length 88 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=84 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=9857 smt_wct=19 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 2048 (0x800) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 2048 (0x800) smb_vwv[10]= 0 (0x0) smb_vwv[11]=19456 (0x4C00) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_vwv[18]= 6 (0x6) smb_bcc=11 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 0F 12 00 00 03 00 00 00 ........ ... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBnttrans (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 10] smbd/nttrans.c:2697(reply_nttrans) num_setup=0, param_total=8, this_param=8, max_param=4, data_total=0, this_data=0, max_data=0, param_offset=76, data_offset=0 [2009/10/23 16:51:02, 3] smbd/nttrans.c:1663(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc: file = aaa, info_wanted = 0x3 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3315(posix_fget_nt_acl) posix_fget_nt_acl: called for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 43 for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:544(create_pai_val_v2) create_pai_val_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:395(get_pai_owner_type) get_pai_owner_type: gid = 50001 [2009/10/23 16:51:02, 3] smbd/nttrans.c:1697(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc: sd_size = 76. [2009/10/23 16:51:02, 10] smbd/nttrans.c:1700(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc for file aaa [2009/10/23 16:51:02, 1] ../librpc/ndr/ndr.c:214(ndr_print_debug) psd: struct security_descriptor revision : SECURITY_DESCRIPTOR_REVISION_1 (1) type : 0x9000 (36864) 0: SEC_DESC_OWNER_DEFAULTED 0: SEC_DESC_GROUP_DEFAULTED 0: SEC_DESC_DACL_PRESENT 0: SEC_DESC_DACL_DEFAULTED 0: SEC_DESC_SACL_PRESENT 0: SEC_DESC_SACL_DEFAULTED 0: SEC_DESC_DACL_TRUSTED 0: SEC_DESC_SERVER_SECURITY 0: SEC_DESC_DACL_AUTO_INHERIT_REQ 0: SEC_DESC_SACL_AUTO_INHERIT_REQ 0: SEC_DESC_DACL_AUTO_INHERITED 0: SEC_DESC_SACL_AUTO_INHERITED 1: SEC_DESC_DACL_PROTECTED 0: SEC_DESC_SACL_PROTECTED 0: SEC_DESC_RM_CONTROL_VALID 1: SEC_DESC_SELF_RELATIVE owner_sid : * owner_sid : S-1-5-21-3308023661-3915791984-1724325443-61012 group_sid : * group_sid : S-1-5-21-3308023661-3915791984-1724325443-513 sacl : NULL dacl : NULL [2009/10/23 16:51:02, 9] smbd/nttrans.c:219(send_nt_replies) nt_rep: params_sent_thistime = 4, data_sent_thistime = 0, useable_space = 130994 [2009/10/23 16:51:02, 9] smbd/nttrans.c:221(send_nt_replies) nt_rep: params_to_send = 4, data_to_send = 0, paramsize = 4, datasize = 0 [2009/10/23 16:51:02, 3] smbd/error.c:60(error_packet_set) error packet at smbd/nttrans.c(226) cmd=160 (SMBnttrans) NT_STATUS_BUFFER_TOO_SMALL [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=78 smb_com=0xa0 smb_rcls=35 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=9857 smt_wct=18 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 1024 (0x400) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=18944 (0x4A00) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_bcc=7 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 4C 00 00 00 ...L... [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 84 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x54 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 181 of length 88 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=84 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=9921 smt_wct=19 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 2048 (0x800) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=19456 (0x4C00) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 2048 (0x800) smb_vwv[10]= 0 (0x0) smb_vwv[11]=19456 (0x4C00) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_vwv[18]= 6 (0x6) smb_bcc=11 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 0F 12 00 00 03 00 00 00 ........ ... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBnttrans (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 10] smbd/nttrans.c:2697(reply_nttrans) num_setup=0, param_total=8, this_param=8, max_param=4, data_total=0, this_data=0, max_data=76, param_offset=76, data_offset=0 [2009/10/23 16:51:02, 3] smbd/nttrans.c:1663(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc: file = aaa, info_wanted = 0x3 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3315(posix_fget_nt_acl) posix_fget_nt_acl: called for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 43 for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:544(create_pai_val_v2) create_pai_val_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:395(get_pai_owner_type) get_pai_owner_type: gid = 50001 [2009/10/23 16:51:02, 3] smbd/nttrans.c:1697(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc: sd_size = 76. [2009/10/23 16:51:02, 10] smbd/nttrans.c:1700(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc for file aaa [2009/10/23 16:51:02, 1] ../librpc/ndr/ndr.c:214(ndr_print_debug) psd: struct security_descriptor revision : SECURITY_DESCRIPTOR_REVISION_1 (1) type : 0x9000 (36864) 0: SEC_DESC_OWNER_DEFAULTED 0: SEC_DESC_GROUP_DEFAULTED 0: SEC_DESC_DACL_PRESENT 0: SEC_DESC_DACL_DEFAULTED 0: SEC_DESC_SACL_PRESENT 0: SEC_DESC_SACL_DEFAULTED 0: SEC_DESC_DACL_TRUSTED 0: SEC_DESC_SERVER_SECURITY 0: SEC_DESC_DACL_AUTO_INHERIT_REQ 0: SEC_DESC_SACL_AUTO_INHERIT_REQ 0: SEC_DESC_DACL_AUTO_INHERITED 0: SEC_DESC_SACL_AUTO_INHERITED 1: SEC_DESC_DACL_PROTECTED 0: SEC_DESC_SACL_PROTECTED 0: SEC_DESC_RM_CONTROL_VALID 1: SEC_DESC_SELF_RELATIVE owner_sid : * owner_sid : S-1-5-21-3308023661-3915791984-1724325443-61012 group_sid : * group_sid : S-1-5-21-3308023661-3915791984-1724325443-513 sacl : NULL dacl : NULL [2009/10/23 16:51:02, 9] smbd/nttrans.c:219(send_nt_replies) nt_rep: params_sent_thistime = 4, data_sent_thistime = 76, useable_space = 130994 [2009/10/23 16:51:02, 9] smbd/nttrans.c:221(send_nt_replies) nt_rep: params_to_send = 4, data_to_send = 76, paramsize = 4, datasize = 76 [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=154 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=9921 smt_wct=18 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 1024 (0x400) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]=19456 (0x4C00) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=18944 (0x4A00) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]=19456 (0x4C00) smb_vwv[12]= 0 (0x0) smb_vwv[13]=19968 (0x4E00) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_bcc=83 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 4C 00 00 00 01 00 00 90 14 00 00 00 30 ...L.... .......0 [0010] 00 00 00 00 00 00 00 00 00 00 00 01 05 00 00 00 ........ ........ [0020] 00 00 05 15 00 00 00 6D 6F 2C C5 70 3E 66 E9 43 .......m o,.p>f.C [0030] 1E C7 66 54 EE 00 00 01 05 00 00 00 00 00 05 15 ..fT.... ........ [0040] 00 00 00 6D 6F 2C C5 70 3E 66 E9 43 1E C7 66 01 ...mo,.p >f.C..f. [0050] 02 00 00 ... [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 94 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x5e [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 182 of length 98 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=94 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=9985 smt_wct=15 smb_vwv[ 0]= 26 (0x1A) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 10 (0xA) smb_vwv[ 3]=16384 (0x4000) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 26 (0x1A) smb_vwv[10]= 68 (0x44) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 1 (0x1) smb_bcc=29 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 16 00 56 05 06 00 01 01 00 00 00 00 5C .....V.. .......\ [0010] 00 61 00 61 00 61 00 5C 00 2A 00 00 00 .a.a.a.\ .*... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBtrans2 (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 3] smbd/trans2.c:1927(call_trans2findfirst) call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=0, close_if_end = 1 requires_resume_key = 1 level = 0x101, max_data_bytes = 16384 [2009/10/23 16:51:02, 5] smbd/filename.c:148(unix_convert) unix_convert called on file "aaa/*" [2009/10/23 16:51:02, 10] smbd/statcache.c:235(stat_cache_lookup) stat_cache_lookup: lookup failed for name [AAA/*] [2009/10/23 16:51:02, 10] smbd/statcache.c:274(stat_cache_lookup) stat_cache_lookup: lookup succeeded for name [AAA] -> [aaa] [2009/10/23 16:51:02, 5] smbd/filename.c:303(unix_convert) unix_convert begin: name = aaa/*, dirpath = aaa, start = * [2009/10/23 16:51:02, 10] smbd/mangle_hash2.c:239(is_mangled) is_mangled * ? [2009/10/23 16:51:02, 10] smbd/mangle_hash2.c:178(is_mangled_component) is_mangled_component * (len 1) ? [2009/10/23 16:51:02, 10] smbd/mangle_hash2.c:239(is_mangled) is_mangled * ? [2009/10/23 16:51:02, 10] smbd/mangle_hash2.c:178(is_mangled_component) is_mangled_component * (len 1) ? [2009/10/23 16:51:02, 5] smbd/filename.c:564(unix_convert) New file * [2009/10/23 16:51:02, 5] smbd/trans2.c:2014(call_trans2findfirst) dir=aaa, mask = * [2009/10/23 16:51:02, 5] smbd/dir.c:394(dptr_create) dptr_create dir=aaa [2009/10/23 16:51:02, 3] smbd/dir.c:512(dptr_create) creating new dirptr 256 for path aaa, expect_close = 1 [2009/10/23 16:51:02, 4] smbd/trans2.c:2081(call_trans2findfirst) dptr_num is 256, wcard = *, attr = 22 [2009/10/23 16:51:02, 8] smbd/trans2.c:2089(call_trans2findfirst) dirpath= dontdescend=<> [2009/10/23 16:51:02, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb809c4e8 now at offset 0 [2009/10/23 16:51:02, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa/. [2009/10/23 16:51:02, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa/. [2009/10/23 16:51:02, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning d [2009/10/23 16:51:02, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning d [2009/10/23 16:51:02, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:18:29 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 2 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 3, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[1]: pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x60080, mid = 0x0, type= 0x0, gen_id = 32, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 5] smbd/trans2.c:1445(get_lanman2_dir_entry) get_lanman2_dir_entry: found aaa/. fname=. [2009/10/23 16:51:02, 10] smbd/trans2.c:1649(get_lanman2_dir_entry) get_lanman2_dir_entry: SMB_FIND_FILE_DIRECTORY_INFO [2009/10/23 16:51:02, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb809c4e8 now at offset -2147483648 [2009/10/23 16:51:02, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa/.. [2009/10/23 16:51:02, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa/.. [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa/.. [2009/10/23 16:51:02, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 4294967295 for file aaa/.. [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1001 gid 0 (root) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1000 uid 0 (root) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1000 uid 0 (root) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1001 gid 0 (root) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 [2009/10/23 16:51:02, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning rd [2009/10/23 16:51:02, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning rd [2009/10/23 16:51:02, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:04:41 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 3 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 1, uid = 30006, flags = 0, file_id 832:352565:0 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[1]: UNUSED pid = 8808, share_access = 0x7, private_options = 0x0, access_mask = 0x1f01ff, mid = 0x0, type= 0x40, gen_id = 5680, uid = 0, flags = 0, file_id 832:352565:0 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[2]: UNUSED pid = 8808, share_access = 0x7, private_options = 0x0, access_mask = 0x1f01ff, mid = 0x0, type= 0x40, gen_id = 4672, uid = 0, flags = 0, file_id 832:352565:0 [2009/10/23 16:51:02, 5] smbd/trans2.c:1445(get_lanman2_dir_entry) get_lanman2_dir_entry: found aaa/.. fname=.. [2009/10/23 16:51:02, 10] smbd/trans2.c:1649(get_lanman2_dir_entry) get_lanman2_dir_entry: SMB_FIND_FILE_DIRECTORY_INFO [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa/bbb [2009/10/23 16:51:02, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 43 for file aaa/bbb [2009/10/23 16:51:02, 10] smbd/posix_acls.c:544(create_pai_val_v2) create_pai_val_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:390(get_pai_owner_type) get_pai_owner_type: uid = 30006 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Default ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2969(merge_default_aces) merge_default_aces: Merging zero access ACE 2 onto ACE 5. [2009/10/23 16:51:02, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb809c4e8 now at offset 4096 [2009/10/23 16:51:02, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa/bbb [2009/10/23 16:51:02, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa/bbb [2009/10/23 16:51:02, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning d [2009/10/23 16:51:02, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning d [2009/10/23 16:51:02, 10] locking/locking.c:891(fetch_share_mode_unlocked) fetch_share_mode_unlocked: no share_mode record around (file not open) [2009/10/23 16:51:02, 5] smbd/trans2.c:1445(get_lanman2_dir_entry) get_lanman2_dir_entry: found aaa/bbb fname=bbb [2009/10/23 16:51:02, 10] smbd/trans2.c:1649(get_lanman2_dir_entry) get_lanman2_dir_entry: SMB_FIND_FILE_DIRECTORY_INFO [2009/10/23 16:51:02, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb809c4e8 now at offset -1 [2009/10/23 16:51:02, 5] smbd/trans2.c:2145(call_trans2findfirst) call_trans2findfirst - (2) closing dptr_num 256 [2009/10/23 16:51:02, 4] smbd/dir.c:243(dptr_close_internal) closing dptr key 256 [2009/10/23 16:51:02, 9] smbd/trans2.c:820(send_trans2_replies) t2_rep: params_sent_thistime = 10, data_sent_thistime = 208, useable_space = 131010 [2009/10/23 16:51:02, 9] smbd/trans2.c:822(send_trans2_replies) t2_rep: params_to_send = 10, data_to_send = 208, paramsize = 10, datasize = 208 [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=276 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=9985 smt_wct=10 smb_vwv[ 0]= 10 (0xA) smb_vwv[ 1]= 208 (0xD0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 10 (0xA) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 208 (0xD0) smb_vwv[ 7]= 68 (0x44) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=221 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 FD FF 03 00 01 00 00 00 88 00 00 00 44 00 00 ........ .....D.. [0010] 00 00 00 00 00 80 C0 80 4F E3 53 CA 01 00 D8 C9 ........ O.S..... [0020] 36 EE 53 CA 01 80 C0 80 4F E3 53 CA 01 80 C0 80 6.S..... O.S..... [0030] 4F E3 53 CA 01 00 00 00 00 00 00 00 00 00 00 00 O.S..... ........ [0040] 00 00 00 00 00 10 00 00 00 02 00 00 00 2E 00 00 ........ ........ [0050] 00 44 00 00 00 00 00 00 00 80 FA F9 61 E1 53 CA .D...... ....a.S. [0060] 01 00 D8 C9 36 EE 53 CA 01 80 FA F9 61 E1 53 CA ....6.S. ....a.S. [0070] 01 80 FA F9 61 E1 53 CA 01 00 00 00 00 00 00 00 ....a.S. ........ [0080] 00 00 00 00 00 00 00 00 00 11 00 00 00 04 00 00 ........ ........ [0090] 00 2E 00 2E 00 48 00 00 00 00 00 00 00 00 FD B6 .....H.. ........ [00A0] 4D E3 53 CA 01 00 D8 C9 36 EE 53 CA 01 00 FD B6 M.S..... 6.S..... [00B0] 4D E3 53 CA 01 00 FD B6 4D E3 53 CA 01 00 00 00 M.S..... M.S..... [00C0] 00 00 00 00 00 00 00 00 00 00 00 00 00 10 00 00 ........ ........ [00D0] 00 06 00 00 00 62 00 62 00 62 00 00 00 .....b.b .b... [2009/10/23 16:51:02, 4] smbd/trans2.c:2189(call_trans2findfirst) SMBtrans2 mask=* directory=aaa dirtype=22 numentries=3 [2009/10/23 16:51:02, 10] smbd/mangle_hash2.c:613(hash2_name_to_8_3) hash2_name_to_8_3: * -> 0A877AA5 -> _2X68P~X (cache=1) [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 102 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x66 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 183 of length 106 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=102 smb_com=0xa2 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10049 smt_wct=24 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]= 4096 (0x1000) smb_vwv[ 3]= 4096 (0x1000) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=32768 (0x8000) smb_vwv[ 8]= 1536 (0x600) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 1792 (0x700) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 256 (0x100) smb_vwv[18]= 0 (0x0) smb_vwv[19]= 0 (0x0) smb_vwv[20]= 8192 (0x2000) smb_vwv[21]= 512 (0x200) smb_vwv[22]= 0 (0x0) smb_vwv[23]= 0 (0x0) smb_bcc=19 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 61 00 61 00 61 00 5C 00 62 00 62 00 62 .\.a.a.a .\.b.b.b [0010] 00 00 00 ... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBntcreateX (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 10] smbd/nttrans.c:483(reply_ntcreate_and_X) reply_ntcreate_and_X: flags = 0x10, access_mask = 0x60080 file_attributes = 0x0, share_access = 0x7, create_disposition = 0x1 create_options = 0x200000 root_dir_fid = 0x0, fname = aaa/bbb [2009/10/23 16:51:02, 10] smbd/open.c:3366(create_file_default) create_file: access_mask = 0x60080 file_attributes = 0x0, share_access = 0x7, create_disposition = 0x1 create_options = 0x200000 oplock_request = 0x0 root_dir_fid = 0x0, ea_list = 0x(nil), sd = 0x(nil), create_file_flags = 0x1, fname = aaa/bbb [2009/10/23 16:51:02, 5] smbd/filename.c:148(unix_convert) unix_convert called on file "aaa/bbb" [2009/10/23 16:51:02, 10] smbd/statcache.c:274(stat_cache_lookup) stat_cache_lookup: lookup succeeded for name [AAA/BBB] -> [aaa/bbb] [2009/10/23 16:51:02, 10] smbd/open.c:2896(create_file_unixpath) create_file_unixpath: access_mask = 0x60080 file_attributes = 0x0, share_access = 0x7, create_disposition = 0x1 create_options = 0x200000 oplock_request = 0x0 ea_list = 0x(nil), sd = 0x(nil), fname = aaa/bbb [2009/10/23 16:51:02, 5] smbd/files.c:103(file_new) allocated file structure 528, fnum = 4624 (4 used) [2009/10/23 16:51:02, 2] smbd/dosmode.c:83(unix_mode) unix_mode(aaa/bbb) inheriting from aaa [2009/10/23 16:51:02, 2] smbd/dosmode.c:92(unix_mode) unix_mode(aaa/bbb) inherit mode 42700 [2009/10/23 16:51:02, 3] smbd/dosmode.c:135(unix_mode) unix_mode(aaa/bbb) returning 0600 [2009/10/23 16:51:02, 10] smbd/open.c:1475(open_file_ntcreate) open_file_ntcreate: fname=aaa/bbb, dos_attrs=0x0 access_mask=0x60080 share_access=0x7 create_disposition = 0x1 create_options=0x200000 unix mode=0600 oplock_request=0 [2009/10/23 16:51:02, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa/bbb [2009/10/23 16:51:02, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa/bbb [2009/10/23 16:51:02, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning d [2009/10/23 16:51:02, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning d [2009/10/23 16:51:02, 10] smbd/open.c:1653(open_file_ntcreate) open_file_ntcreate: fname=aaa/bbb, after mapping access_mask=0x60080 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:100(db_tdb_fetch_locked) Locking key 32080000000000006325 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:129(db_tdb_fetch_locked) Allocated locked data 0x0xb80a5ce8 [2009/10/23 16:51:02, 10] smbd/open.c:980(delay_for_oplocks) delay_for_oplocks: oplock type 0x10 on file [2009/10/23 16:51:02, 10] smbd/open.c:980(delay_for_oplocks) delay_for_oplocks: oplock type 0x10 on file [2009/10/23 16:51:02, 4] smbd/open.c:1913(open_file_ntcreate) calling open_file with flags=0x0 flags2=0x0 mode=0600, access_mask = 0x60080, open_access_mask = 0x60080 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa/bbb [2009/10/23 16:51:02, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 43 for file aaa/bbb [2009/10/23 16:51:02, 10] smbd/posix_acls.c:544(create_pai_val_v2) create_pai_val_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:390(get_pai_owner_type) get_pai_owner_type: uid = 30006 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Default ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2969(merge_default_aces) merge_default_aces: Merging zero access ACE 2 onto ACE 5. [2009/10/23 16:51:02, 10] smbd/open.c:113(check_open_rights) check_open_rights: file aaa/bbb requesting 0x60080 returning 0x60000 (NT_STATUS_OK) [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr) Unlocking key 32080000000000006325 [2009/10/23 16:51:02, 5] smbd/files.c:484(file_free) freed files structure 4624 (3 used) [2009/10/23 16:51:02, 5] smbd/open.c:2391(open_directory) open_directory: opening directory aaa/bbb, access_mask = 0x60080, share_access = 0x7 create_options = 0x200000, create_disposition = 0x1, file_attributes = 0x0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa/bbb [2009/10/23 16:51:02, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 43 for file aaa/bbb [2009/10/23 16:51:02, 10] smbd/posix_acls.c:544(create_pai_val_v2) create_pai_val_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:390(get_pai_owner_type) get_pai_owner_type: uid = 30006 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Default ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2969(merge_default_aces) merge_default_aces: Merging zero access ACE 2 onto ACE 5. [2009/10/23 16:51:02, 10] smbd/open.c:113(check_open_rights) check_open_rights: file aaa/bbb requesting 0x60080 returning 0x60000 (NT_STATUS_OK) [2009/10/23 16:51:02, 5] smbd/files.c:103(file_new) allocated file structure 529, fnum = 4625 (4 used) [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:100(db_tdb_fetch_locked) Locking key 32080000000000006325 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:129(db_tdb_fetch_locked) Allocated locked data 0x0xb80aa838 [2009/10/23 16:51:02, 10] locking/locking.c:716(unparse_share_modes) unparse_share_modes: del: 0, owrt: Fri Oct 23 15:18:26 2009 CEST cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num: 1 [2009/10/23 16:51:02, 10] locking/locking.c:518(print_share_mode_table) print_share_mode_table: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x60080, mid = 0x0, type= 0x0, gen_id = 34, uid = 30006, flags = 0, file_id 832:352563:0 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr) Unlocking key 32080000000000006325 [2009/10/23 16:51:02, 10] smbd/open.c:3201(create_file_unixpath) create_file_unixpath: info=1 [2009/10/23 16:51:02, 10] smbd/open.c:3496(create_file_default) create_file: info=1 [2009/10/23 16:51:02, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa/bbb [2009/10/23 16:51:02, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa/bbb [2009/10/23 16:51:02, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning d [2009/10/23 16:51:02, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning d [2009/10/23 16:51:02, 5] smbd/nttrans.c:650(reply_ntcreate_and_X) reply_ntcreate_and_X: fnum = 4625, open name = aaa/bbb [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 72 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x48 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 184 of length 76 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=72 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10113 smt_wct=15 smb_vwv[ 0]= 4 (0x4) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 2 (0x2) smb_vwv[ 3]= 8 (0x8) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 4 (0x4) smb_vwv[10]= 68 (0x44) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 7 (0x7) smb_bcc=7 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 11 12 EE 03 ....... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBtrans2 (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 3] smbd/trans2.c:3876(call_trans2qfilepathinfo) call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 1006 [2009/10/23 16:51:02, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:18:26 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 1 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x60080, mid = 0x0, type= 0x0, gen_id = 34, uid = 30006, flags = 0, file_id 832:352563:0 [2009/10/23 16:51:02, 3] smbd/trans2.c:4066(call_trans2qfilepathinfo) call_trans2qfilepathinfo aaa/bbb (fnum = 4625) level=1006 call=7 total_data=0 [2009/10/23 16:51:02, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa/bbb [2009/10/23 16:51:02, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa/bbb [2009/10/23 16:51:02, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning d [2009/10/23 16:51:02, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning d [2009/10/23 16:51:02, 10] smbd/trans2.c:4434(call_trans2qfilepathinfo) call_trans2qfilepathinfo: SMB_FILE_INTERNAL_INFORMATION [2009/10/23 16:51:02, 9] smbd/trans2.c:820(send_trans2_replies) t2_rep: params_sent_thistime = 2, data_sent_thistime = 8, useable_space = 131010 [2009/10/23 16:51:02, 9] smbd/trans2.c:822(send_trans2_replies) t2_rep: params_to_send = 2, data_to_send = 8, paramsize = 2, datasize = 8 [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=68 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10113 smt_wct=10 smb_vwv[ 0]= 2 (0x2) smb_vwv[ 1]= 8 (0x8) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 2 (0x2) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 8 (0x8) smb_vwv[ 7]= 60 (0x3C) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=13 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 00 00 63 25 35 00 32 08 00 00 .....c%5 .2... [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 84 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x54 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 185 of length 88 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=84 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10177 smt_wct=19 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 2048 (0x800) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 2048 (0x800) smb_vwv[10]= 0 (0x0) smb_vwv[11]=19456 (0x4C00) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_vwv[18]= 6 (0x6) smb_bcc=11 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 11 12 00 00 03 00 00 00 ........ ... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBnttrans (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 10] smbd/nttrans.c:2697(reply_nttrans) num_setup=0, param_total=8, this_param=8, max_param=4, data_total=0, this_data=0, max_data=0, param_offset=76, data_offset=0 [2009/10/23 16:51:02, 3] smbd/nttrans.c:1663(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc: file = aaa/bbb, info_wanted = 0x3 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3315(posix_fget_nt_acl) posix_fget_nt_acl: called for file aaa/bbb [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa/bbb [2009/10/23 16:51:02, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 43 for file aaa/bbb [2009/10/23 16:51:02, 10] smbd/posix_acls.c:544(create_pai_val_v2) create_pai_val_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:390(get_pai_owner_type) get_pai_owner_type: uid = 30006 [2009/10/23 16:51:02, 3] smbd/nttrans.c:1697(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc: sd_size = 76. [2009/10/23 16:51:02, 10] smbd/nttrans.c:1700(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc for file aaa/bbb [2009/10/23 16:51:02, 1] ../librpc/ndr/ndr.c:214(ndr_print_debug) psd: struct security_descriptor revision : SECURITY_DESCRIPTOR_REVISION_1 (1) type : 0x9000 (36864) 0: SEC_DESC_OWNER_DEFAULTED 0: SEC_DESC_GROUP_DEFAULTED 0: SEC_DESC_DACL_PRESENT 0: SEC_DESC_DACL_DEFAULTED 0: SEC_DESC_SACL_PRESENT 0: SEC_DESC_SACL_DEFAULTED 0: SEC_DESC_DACL_TRUSTED 0: SEC_DESC_SERVER_SECURITY 0: SEC_DESC_DACL_AUTO_INHERIT_REQ 0: SEC_DESC_SACL_AUTO_INHERIT_REQ 0: SEC_DESC_DACL_AUTO_INHERITED 0: SEC_DESC_SACL_AUTO_INHERITED 1: SEC_DESC_DACL_PROTECTED 0: SEC_DESC_SACL_PROTECTED 0: SEC_DESC_RM_CONTROL_VALID 1: SEC_DESC_SELF_RELATIVE owner_sid : * owner_sid : S-1-5-21-3308023661-3915791984-1724325443-61012 group_sid : * group_sid : S-1-5-21-3308023661-3915791984-1724325443-513 sacl : NULL dacl : NULL [2009/10/23 16:51:02, 9] smbd/nttrans.c:219(send_nt_replies) nt_rep: params_sent_thistime = 4, data_sent_thistime = 0, useable_space = 130994 [2009/10/23 16:51:02, 9] smbd/nttrans.c:221(send_nt_replies) nt_rep: params_to_send = 4, data_to_send = 0, paramsize = 4, datasize = 0 [2009/10/23 16:51:02, 3] smbd/error.c:60(error_packet_set) error packet at smbd/nttrans.c(226) cmd=160 (SMBnttrans) NT_STATUS_BUFFER_TOO_SMALL [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=78 smb_com=0xa0 smb_rcls=35 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10177 smt_wct=18 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 1024 (0x400) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=18944 (0x4A00) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_bcc=7 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 4C 00 00 00 ...L... [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 84 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x54 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 186 of length 88 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=84 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10241 smt_wct=19 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 2048 (0x800) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=19456 (0x4C00) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 2048 (0x800) smb_vwv[10]= 0 (0x0) smb_vwv[11]=19456 (0x4C00) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_vwv[18]= 6 (0x6) smb_bcc=11 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 11 12 00 00 03 00 00 00 ........ ... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBnttrans (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 10] smbd/nttrans.c:2697(reply_nttrans) num_setup=0, param_total=8, this_param=8, max_param=4, data_total=0, this_data=0, max_data=76, param_offset=76, data_offset=0 [2009/10/23 16:51:02, 3] smbd/nttrans.c:1663(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc: file = aaa/bbb, info_wanted = 0x3 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3315(posix_fget_nt_acl) posix_fget_nt_acl: called for file aaa/bbb [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa/bbb [2009/10/23 16:51:02, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 43 for file aaa/bbb [2009/10/23 16:51:02, 10] smbd/posix_acls.c:544(create_pai_val_v2) create_pai_val_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:390(get_pai_owner_type) get_pai_owner_type: uid = 30006 [2009/10/23 16:51:02, 3] smbd/nttrans.c:1697(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc: sd_size = 76. [2009/10/23 16:51:02, 10] smbd/nttrans.c:1700(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc for file aaa/bbb [2009/10/23 16:51:02, 1] ../librpc/ndr/ndr.c:214(ndr_print_debug) psd: struct security_descriptor revision : SECURITY_DESCRIPTOR_REVISION_1 (1) type : 0x9000 (36864) 0: SEC_DESC_OWNER_DEFAULTED 0: SEC_DESC_GROUP_DEFAULTED 0: SEC_DESC_DACL_PRESENT 0: SEC_DESC_DACL_DEFAULTED 0: SEC_DESC_SACL_PRESENT 0: SEC_DESC_SACL_DEFAULTED 0: SEC_DESC_DACL_TRUSTED 0: SEC_DESC_SERVER_SECURITY 0: SEC_DESC_DACL_AUTO_INHERIT_REQ 0: SEC_DESC_SACL_AUTO_INHERIT_REQ 0: SEC_DESC_DACL_AUTO_INHERITED 0: SEC_DESC_SACL_AUTO_INHERITED 1: SEC_DESC_DACL_PROTECTED 0: SEC_DESC_SACL_PROTECTED 0: SEC_DESC_RM_CONTROL_VALID 1: SEC_DESC_SELF_RELATIVE owner_sid : * owner_sid : S-1-5-21-3308023661-3915791984-1724325443-61012 group_sid : * group_sid : S-1-5-21-3308023661-3915791984-1724325443-513 sacl : NULL dacl : NULL [2009/10/23 16:51:02, 9] smbd/nttrans.c:219(send_nt_replies) nt_rep: params_sent_thistime = 4, data_sent_thistime = 76, useable_space = 130994 [2009/10/23 16:51:02, 9] smbd/nttrans.c:221(send_nt_replies) nt_rep: params_to_send = 4, data_to_send = 76, paramsize = 4, datasize = 76 [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=154 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10241 smt_wct=18 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 1024 (0x400) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]=19456 (0x4C00) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=18944 (0x4A00) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]=19456 (0x4C00) smb_vwv[12]= 0 (0x0) smb_vwv[13]=19968 (0x4E00) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_bcc=83 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 4C 00 00 00 01 00 00 90 14 00 00 00 30 ...L.... .......0 [0010] 00 00 00 00 00 00 00 00 00 00 00 01 05 00 00 00 ........ ........ [0020] 00 00 05 15 00 00 00 6D 6F 2C C5 70 3E 66 E9 43 .......m o,.p>f.C [0030] 1E C7 66 54 EE 00 00 01 05 00 00 00 00 00 05 15 ..fT.... ........ [0040] 00 00 00 6D 6F 2C C5 70 3E 66 E9 43 1E C7 66 01 ...mo,.p >f.C..f. [0050] 02 00 00 ... [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 102 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x66 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 187 of length 106 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=102 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10305 smt_wct=15 smb_vwv[ 0]= 34 (0x22) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 10 (0xA) smb_vwv[ 3]=16384 (0x4000) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 34 (0x22) smb_vwv[10]= 68 (0x44) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 1 (0x1) smb_bcc=37 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 16 00 56 05 06 00 01 01 00 00 00 00 5C .....V.. .......\ [0010] 00 61 00 61 00 61 00 5C 00 62 00 62 00 62 00 5C .a.a.a.\ .b.b.b.\ [0020] 00 2A 00 00 00 .*... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBtrans2 (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 3] smbd/trans2.c:1927(call_trans2findfirst) call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=0, close_if_end = 1 requires_resume_key = 1 level = 0x101, max_data_bytes = 16384 [2009/10/23 16:51:02, 5] smbd/filename.c:148(unix_convert) unix_convert called on file "aaa/bbb/*" [2009/10/23 16:51:02, 10] smbd/statcache.c:235(stat_cache_lookup) stat_cache_lookup: lookup failed for name [AAA/BBB/*] [2009/10/23 16:51:02, 10] smbd/statcache.c:274(stat_cache_lookup) stat_cache_lookup: lookup succeeded for name [AAA/BBB] -> [aaa/bbb] [2009/10/23 16:51:02, 5] smbd/filename.c:303(unix_convert) unix_convert begin: name = aaa/bbb/*, dirpath = aaa/bbb, start = * [2009/10/23 16:51:02, 10] smbd/mangle_hash2.c:239(is_mangled) is_mangled * ? [2009/10/23 16:51:02, 10] smbd/mangle_hash2.c:178(is_mangled_component) is_mangled_component * (len 1) ? [2009/10/23 16:51:02, 10] smbd/mangle_hash2.c:239(is_mangled) is_mangled * ? [2009/10/23 16:51:02, 10] smbd/mangle_hash2.c:178(is_mangled_component) is_mangled_component * (len 1) ? [2009/10/23 16:51:02, 5] smbd/filename.c:564(unix_convert) New file * [2009/10/23 16:51:02, 5] smbd/trans2.c:2014(call_trans2findfirst) dir=aaa/bbb, mask = * [2009/10/23 16:51:02, 5] smbd/dir.c:394(dptr_create) dptr_create dir=aaa/bbb [2009/10/23 16:51:02, 3] smbd/dir.c:512(dptr_create) creating new dirptr 256 for path aaa/bbb, expect_close = 1 [2009/10/23 16:51:02, 4] smbd/trans2.c:2081(call_trans2findfirst) dptr_num is 256, wcard = *, attr = 22 [2009/10/23 16:51:02, 8] smbd/trans2.c:2089(call_trans2findfirst) dirpath= dontdescend=<> [2009/10/23 16:51:02, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb80b4528 now at offset 0 [2009/10/23 16:51:02, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa/bbb/. [2009/10/23 16:51:02, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa/bbb/. [2009/10/23 16:51:02, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning d [2009/10/23 16:51:02, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning d [2009/10/23 16:51:02, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:18:26 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 1 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x60080, mid = 0x0, type= 0x0, gen_id = 34, uid = 30006, flags = 0, file_id 832:352563:0 [2009/10/23 16:51:02, 5] smbd/trans2.c:1445(get_lanman2_dir_entry) get_lanman2_dir_entry: found aaa/bbb/. fname=. [2009/10/23 16:51:02, 10] smbd/trans2.c:1649(get_lanman2_dir_entry) get_lanman2_dir_entry: SMB_FIND_FILE_DIRECTORY_INFO [2009/10/23 16:51:02, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb80b4528 now at offset -2147483648 [2009/10/23 16:51:02, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa/bbb/.. [2009/10/23 16:51:02, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa/bbb/.. [2009/10/23 16:51:02, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning d [2009/10/23 16:51:02, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning d [2009/10/23 16:51:02, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:18:29 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 2 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 3, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[1]: pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x60080, mid = 0x0, type= 0x0, gen_id = 32, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 5] smbd/trans2.c:1445(get_lanman2_dir_entry) get_lanman2_dir_entry: found aaa/bbb/.. fname=.. [2009/10/23 16:51:02, 10] smbd/trans2.c:1649(get_lanman2_dir_entry) get_lanman2_dir_entry: SMB_FIND_FILE_DIRECTORY_INFO [2009/10/23 16:51:02, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb80b4528 now at offset -1 [2009/10/23 16:51:02, 5] smbd/trans2.c:2145(call_trans2findfirst) call_trans2findfirst - (2) closing dptr_num 256 [2009/10/23 16:51:02, 4] smbd/dir.c:243(dptr_close_internal) closing dptr key 256 [2009/10/23 16:51:02, 9] smbd/trans2.c:820(send_trans2_replies) t2_rep: params_sent_thistime = 10, data_sent_thistime = 136, useable_space = 131010 [2009/10/23 16:51:02, 9] smbd/trans2.c:822(send_trans2_replies) t2_rep: params_to_send = 10, data_to_send = 136, paramsize = 10, datasize = 136 [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=204 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10305 smt_wct=10 smb_vwv[ 0]= 10 (0xA) smb_vwv[ 1]= 136 (0x88) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 10 (0xA) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 136 (0x88) smb_vwv[ 7]= 68 (0x44) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=149 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 FD FF 02 00 01 00 00 00 44 00 00 00 44 00 00 ........ .D...D.. [0010] 00 00 00 00 00 00 FD B6 4D E3 53 CA 01 00 D8 C9 ........ M.S..... [0020] 36 EE 53 CA 01 00 FD B6 4D E3 53 CA 01 00 FD B6 6.S..... M.S..... [0030] 4D E3 53 CA 01 00 00 00 00 00 00 00 00 00 00 00 M.S..... ........ [0040] 00 00 00 00 00 10 00 00 00 02 00 00 00 2E 00 00 ........ ........ [0050] 00 44 00 00 00 00 00 00 00 80 C0 80 4F E3 53 CA .D...... ....O.S. [0060] 01 00 4F 59 3D F0 53 CA 01 80 C0 80 4F E3 53 CA ..OY=.S. ....O.S. [0070] 01 80 C0 80 4F E3 53 CA 01 00 00 00 00 00 00 00 ....O.S. ........ [0080] 00 00 00 00 00 00 00 00 00 10 00 00 00 04 00 00 ........ ........ [0090] 00 2E 00 2E 00 ..... [2009/10/23 16:51:02, 4] smbd/trans2.c:2189(call_trans2findfirst) SMBtrans2 mask=* directory=aaa/bbb dirtype=22 numentries=2 [2009/10/23 16:51:02, 10] smbd/mangle_hash2.c:613(hash2_name_to_8_3) hash2_name_to_8_3: * -> 0A877AA5 -> _2X68P~X (cache=1) [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 300 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x12c [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 188 of length 304 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=300 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10369 smt_wct=19 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 2048 (0x800) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]=55296 (0xD800) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 2048 (0x800) smb_vwv[10]= 0 (0x0) smb_vwv[11]=19456 (0x4C00) smb_vwv[12]= 0 (0x0) smb_vwv[13]=55296 (0xD800) smb_vwv[14]= 0 (0x0) smb_vwv[15]=21504 (0x5400) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_vwv[18]= 3 (0x3) smb_bcc=227 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 11 12 00 00 04 00 00 80 01 00 04 8D A0 ........ ........ [0010] 00 00 00 BC 00 00 00 00 00 00 00 14 00 00 00 02 ........ ........ [0020] 00 8C 00 05 00 00 00 00 10 24 00 00 00 10 00 01 ........ .$...... [0030] 05 00 00 00 00 00 05 15 00 00 00 6D 6F 2C C5 70 ........ ...mo,.p [0040] 3E 66 E9 43 1E C7 66 01 02 00 00 00 1B 14 00 00 >f.C..f. ........ [0050] 00 10 00 01 01 00 00 00 00 00 03 01 00 00 00 00 ........ ........ [0060] 10 24 00 FF 01 1F 00 01 05 00 00 00 00 00 05 15 .$...... ........ [0070] 00 00 00 6D 6F 2C C5 70 3E 66 E9 43 1E C7 66 54 ...mo,.p >f.C..fT [0080] EE 00 00 00 1B 14 00 FF 01 1F 00 01 01 00 00 00 ........ ........ [0090] 00 00 03 00 00 00 00 00 13 14 00 00 00 10 00 01 ........ ........ [00A0] 01 00 00 00 00 00 01 00 00 00 00 01 05 00 00 00 ........ ........ [00B0] 00 00 05 15 00 00 00 6D 6F 2C C5 70 3E 66 E9 43 .......m o,.p>f.C [00C0] 1E C7 66 54 EE 00 00 01 05 00 00 00 00 00 05 15 ..fT.... ........ [00D0] 00 00 00 6D 6F 2C C5 70 3E 66 E9 43 1E C7 66 01 ...mo,.p >f.C..f. [00E0] 02 00 00 ... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBnttrans (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 10] smbd/nttrans.c:2697(reply_nttrans) num_setup=0, param_total=8, this_param=8, max_param=0, data_total=216, this_data=216, max_data=0, param_offset=76, data_offset=84 [2009/10/23 16:51:02, 3] smbd/nttrans.c:1775(call_nt_transact_set_security_desc) call_nt_transact_set_security_desc: file = aaa/bbb, sent 0x80000004 [2009/10/23 16:51:02, 10] smbd/nttrans.c:785(set_sd) set_sd for file aaa/bbb [2009/10/23 16:51:02, 1] ../librpc/ndr/ndr.c:214(ndr_print_debug) psd: struct security_descriptor revision : SECURITY_DESCRIPTOR_REVISION_1 (1) type : 0x8d04 (36100) 0: SEC_DESC_OWNER_DEFAULTED 0: SEC_DESC_GROUP_DEFAULTED 1: SEC_DESC_DACL_PRESENT 0: SEC_DESC_DACL_DEFAULTED 0: SEC_DESC_SACL_PRESENT 0: SEC_DESC_SACL_DEFAULTED 0: SEC_DESC_DACL_TRUSTED 0: SEC_DESC_SERVER_SECURITY 1: SEC_DESC_DACL_AUTO_INHERIT_REQ 0: SEC_DESC_SACL_AUTO_INHERIT_REQ 1: SEC_DESC_DACL_AUTO_INHERITED 1: SEC_DESC_SACL_AUTO_INHERITED 0: SEC_DESC_DACL_PROTECTED 0: SEC_DESC_SACL_PROTECTED 0: SEC_DESC_RM_CONTROL_VALID 1: SEC_DESC_SELF_RELATIVE owner_sid : * owner_sid : S-1-5-21-3308023661-3915791984-1724325443-61012 group_sid : * group_sid : S-1-5-21-3308023661-3915791984-1724325443-513 sacl : NULL dacl : * dacl: struct security_acl revision : SECURITY_ACL_REVISION_NT4 (2) size : 0x008c (140) num_aces : 0x00000005 (5) aces: ARRAY(5) aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x10 (16) 0: SEC_ACE_FLAG_OBJECT_INHERIT 0: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 1: SEC_ACE_FLAG_INHERITED_ACE 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0024 (36) access_mask : 0x00100000 (1048576) object : union security_ace_object_ctr(case 0) trustee : S-1-5-21-3308023661-3915791984-1724325443-513 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x1b (27) 1: SEC_ACE_FLAG_OBJECT_INHERIT 1: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 1: SEC_ACE_FLAG_INHERIT_ONLY 1: SEC_ACE_FLAG_INHERITED_ACE 0x0b: SEC_ACE_FLAG_VALID_INHERIT (11) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0014 (20) access_mask : 0x00100000 (1048576) object : union security_ace_object_ctr(case 0) trustee : S-1-3-1 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x10 (16) 0: SEC_ACE_FLAG_OBJECT_INHERIT 0: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 1: SEC_ACE_FLAG_INHERITED_ACE 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0024 (36) access_mask : 0x001f01ff (2032127) object : union security_ace_object_ctr(case 0) trustee : S-1-5-21-3308023661-3915791984-1724325443-61012 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x1b (27) 1: SEC_ACE_FLAG_OBJECT_INHERIT 1: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 1: SEC_ACE_FLAG_INHERIT_ONLY 1: SEC_ACE_FLAG_INHERITED_ACE 0x0b: SEC_ACE_FLAG_VALID_INHERIT (11) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0014 (20) access_mask : 0x001f01ff (2032127) object : union security_ace_object_ctr(case 0) trustee : S-1-3-0 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x13 (19) 1: SEC_ACE_FLAG_OBJECT_INHERIT 1: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 1: SEC_ACE_FLAG_INHERITED_ACE 0x03: SEC_ACE_FLAG_VALID_INHERIT (3) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0014 (20) access_mask : 0x00100000 (1048576) object : union security_ace_object_ctr(case 0) trustee : S-1-1-0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3668(set_nt_acl) set_nt_acl: called for file aaa/bbb [2009/10/23 16:51:02, 5] smbd/posix_acls.c:1166(unpack_nt_owners) unpack_nt_owners: validating owner_sids. [2009/10/23 16:51:02, 5] smbd/posix_acls.c:1213(unpack_nt_owners) unpack_nt_owners: owner_sids validated. [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1795(create_canon_ace_lists) create_canon_ace_lists: adding file ACL: canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x10 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1737(create_canon_ace_lists) create_canon_ace_lists: adding dir ACL: canon_ace index 0. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x1b perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1795(create_canon_ace_lists) create_canon_ace_lists: adding file ACL: canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x10 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1737(create_canon_ace_lists) create_canon_ace_lists: adding dir ACL: canon_ace index 0. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x1b perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1737(create_canon_ace_lists) create_canon_ace_lists: adding dir ACL: canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x13 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1795(create_canon_ace_lists) create_canon_ace_lists: adding file ACL: canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x13 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1481(check_owning_objs) check_owning_objs: ACL had owning user/group entries. [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1481(check_owning_objs) check_owning_objs: ACL had owning user/group entries. [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: file ace - before merge canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x10 perms --- canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x10 perms rwx canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x13 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: dir ace - before merge canon_ace index 0. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x1b perms --- canon_ace index 1. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x1b perms rwx canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x13 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: file ace - before deny canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x10 perms --- canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x10 perms rwx canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x13 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: dir ace - before deny canon_ace index 0. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x1b perms --- canon_ace index 1. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x1b perms rwx canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x13 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: file ace - before valid canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x10 perms --- canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x10 perms rwx canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x13 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: dir ace - before valid canon_ace index 0. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x1b perms --- canon_ace index 1. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x1b perms rwx canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x13 perms --- [2009/10/23 16:51:02, 3] smbd/dosmode.c:135(unix_mode) unix_mode(aaa/bbb) returning 0600 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: file ace - return canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x10 perms --- canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x10 perms rwx canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x13 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: dir ace - return canon_ace index 0. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x1b perms --- canon_ace index 1. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x1b perms rwx canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x13 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2609(set_canon_ace_list) set_canon_ace_list: setting ACL: canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x10 perms --- canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x10 perms rwx canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x13 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2709(set_canon_ace_list) canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x10 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2709(set_canon_ace_list) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x10 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2709(set_canon_ace_list) canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x13 perms --- [2009/10/23 16:51:02, 10] modules/vfs_posixacl.c:89(posixacl_sys_acl_set_file) Calling acl_set_file: aaa/bbb, 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2609(set_canon_ace_list) set_canon_ace_list: setting ACL: canon_ace index 0. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x1b perms --- canon_ace index 1. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x1b perms rwx canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x13 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2709(set_canon_ace_list) canon_ace index 0. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x1b perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2709(set_canon_ace_list) canon_ace index 1. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x1b perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2709(set_canon_ace_list) canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x13 perms --- [2009/10/23 16:51:02, 10] modules/vfs_posixacl.c:89(posixacl_sys_acl_set_file) Calling acl_set_file: aaa/bbb, 1 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:193(create_pai_buf_v2) create_pai_buf_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:161(get_entry_val) get_entry_val: gid = 50001 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:158(get_entry_val) get_entry_val: uid = 30006 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:165(get_entry_val) get_entry_val: world ace [2009/10/23 16:51:02, 10] smbd/posix_acls.c:161(get_entry_val) get_entry_val: gid = 50001 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:158(get_entry_val) get_entry_val: uid = 30006 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:165(get_entry_val) get_entry_val: world ace [2009/10/23 16:51:02, 10] smbd/posix_acls.c:267(store_inheritance_attributes) store_inheritance_attribute: type 0x8d04 for file aaa/bbb [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=71 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10369 smt_wct=18 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_bcc=0 [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=71 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10369 smt_wct=18 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_bcc=0 [2009/10/23 16:51:02, 10] smbd/notify_inotify.c:162(inotify_dispatch) inotify_dispatch called with mask=40000004, name=[bbb] [2009/10/23 16:51:02, 10] smbd/notify_inotify.c:194(inotify_dispatch) inotify_dispatch: ne.action = 3, ne.path = bbb [2009/10/23 16:51:02, 10] smbd/notify_inotify.c:112(filter_match) filter_match: e->mask=40000004, w->mask=210003c6, w->filter=17 [2009/10/23 16:51:02, 10] smbd/notify_internal.c:287(sys_notify_callback) sys_notify_callback called with action=3, for bbb [2009/10/23 16:51:02, 10] smbd/notify.c:191(notify_callback) notify_callback called for aaa 0000 offset: 00000000 0004 action: 00000003 0008 namelen: 00000006 000c name: b.b.b... [2009/10/23 16:51:02, 9] smbd/nttrans.c:219(send_nt_replies) nt_rep: params_sent_thistime = 18, data_sent_thistime = 0, useable_space = 130994 [2009/10/23 16:51:02, 9] smbd/nttrans.c:221(send_nt_replies) nt_rep: params_to_send = 18, data_to_send = 0, paramsize = 18, datasize = 0 [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=92 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=1730 smt_wct=18 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 4608 (0x1200) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 4608 (0x1200) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=18944 (0x4A00) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_bcc=21 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 00 00 00 00 03 00 00 00 06 00 00 00 62 ........ .......b [0010] 00 62 00 62 00 .b.b. [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 84 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x54 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 189 of length 88 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=84 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10434 smt_wct=23 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 8192 (0x2000) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]=21504 (0x5400) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 1024 (0x400) smb_vwv[18]= 4 (0x4) smb_vwv[19]= 3 (0x3) smb_vwv[20]= 0 (0x0) smb_vwv[21]= 4594 (0x11F2) smb_vwv[22]= 1 (0x1) smb_bcc=3 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 ... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBnttrans (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 10] smbd/nttrans.c:2697(reply_nttrans) num_setup=8, param_total=0, this_param=0, max_param=32, data_total=0, this_data=0, max_data=0, param_offset=84, data_offset=0 [2009/10/23 16:51:02, 10] smbd/nttrans.c:2769(reply_nttrans) reply_nttrans: state->setup_count = 8 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 03 00 00 00 F2 11 01 00 ........ [2009/10/23 16:51:02, 3] smbd/nttrans.c:1488(call_nt_transact_notify_change) call_nt_transact_notify_change [2009/10/23 16:51:02, 3] smbd/nttrans.c:1505(call_nt_transact_notify_change) call_nt_transact_notify_change: notify change called on aaa, filter = FILE_NAME|DIR_NAME, recursive = 1 [2009/10/23 16:51:02, 10] smbd/notify.c:241(change_notify_add_request) change_notify_add_request: Adding request for aaa: max_param = 32 [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 41 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x29 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 190 of length 45 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=41 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=65279 smb_uid=101 smb_mid=10497 smt_wct=3 smb_vwv[ 0]= 4625 (0x1211) smb_vwv[ 1]=65535 (0xFFFF) smb_vwv[ 2]=65535 (0xFFFF) smb_bcc=0 [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBclose (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 3] smbd/reply.c:4446(reply_close) close directory fnum=4625 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:100(db_tdb_fetch_locked) Locking key 32080000000000006325 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:129(db_tdb_fetch_locked) Allocated locked data 0x0xb80ba4b8 [2009/10/23 16:51:02, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:18:26 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 1 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x60080, mid = 0x0, type= 0x0, gen_id = 34, uid = 30006, flags = 0, file_id 832:352563:0 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr) Unlocking key 32080000000000006325 [2009/10/23 16:51:02, 5] smbd/files.c:484(file_free) freed files structure 4625 (3 used) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=35 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=65279 smb_uid=101 smb_mid=10497 smt_wct=0 smb_bcc=0 [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 300 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x12c [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 191 of length 304 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=300 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10561 smt_wct=19 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 2048 (0x800) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]=55296 (0xD800) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 2048 (0x800) smb_vwv[10]= 0 (0x0) smb_vwv[11]=19456 (0x4C00) smb_vwv[12]= 0 (0x0) smb_vwv[13]=55296 (0xD800) smb_vwv[14]= 0 (0x0) smb_vwv[15]=21504 (0x5400) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_vwv[18]= 3 (0x3) smb_bcc=227 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 0F 12 00 00 04 00 00 80 01 00 04 9D A0 ........ ........ [0010] 00 00 00 BC 00 00 00 00 00 00 00 14 00 00 00 02 ........ ........ [0020] 00 8C 00 05 00 00 00 00 00 24 00 FF 01 1F 00 01 ........ .$...... [0030] 05 00 00 00 00 00 05 15 00 00 00 6D 6F 2C C5 70 ........ ...mo,.p [0040] 3E 66 E9 43 1E C7 66 54 EE 00 00 00 0B 14 00 00 >f.C..fT ........ [0050] 00 10 00 01 01 00 00 00 00 00 03 01 00 00 00 00 ........ ........ [0060] 0B 14 00 FF 01 1F 00 01 01 00 00 00 00 00 03 00 ........ ........ [0070] 00 00 00 00 00 24 00 00 00 10 00 01 05 00 00 00 .....$.. ........ [0080] 00 00 05 15 00 00 00 6D 6F 2C C5 70 3E 66 E9 43 .......m o,.p>f.C [0090] 1E C7 66 01 02 00 00 00 03 14 00 00 00 10 00 01 ..f..... ........ [00A0] 01 00 00 00 00 00 01 00 00 00 00 01 05 00 00 00 ........ ........ [00B0] 00 00 05 15 00 00 00 6D 6F 2C C5 70 3E 66 E9 43 .......m o,.p>f.C [00C0] 1E C7 66 54 EE 00 00 01 05 00 00 00 00 00 05 15 ..fT.... ........ [00D0] 00 00 00 6D 6F 2C C5 70 3E 66 E9 43 1E C7 66 01 ...mo,.p >f.C..f. [00E0] 02 00 00 ... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBnttrans (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 10] smbd/nttrans.c:2697(reply_nttrans) num_setup=0, param_total=8, this_param=8, max_param=0, data_total=216, this_data=216, max_data=0, param_offset=76, data_offset=84 [2009/10/23 16:51:02, 3] smbd/nttrans.c:1775(call_nt_transact_set_security_desc) call_nt_transact_set_security_desc: file = aaa, sent 0x80000004 [2009/10/23 16:51:02, 10] smbd/nttrans.c:785(set_sd) set_sd for file aaa [2009/10/23 16:51:02, 1] ../librpc/ndr/ndr.c:214(ndr_print_debug) psd: struct security_descriptor revision : SECURITY_DESCRIPTOR_REVISION_1 (1) type : 0x9d04 (40196) 0: SEC_DESC_OWNER_DEFAULTED 0: SEC_DESC_GROUP_DEFAULTED 1: SEC_DESC_DACL_PRESENT 0: SEC_DESC_DACL_DEFAULTED 0: SEC_DESC_SACL_PRESENT 0: SEC_DESC_SACL_DEFAULTED 0: SEC_DESC_DACL_TRUSTED 0: SEC_DESC_SERVER_SECURITY 1: SEC_DESC_DACL_AUTO_INHERIT_REQ 0: SEC_DESC_SACL_AUTO_INHERIT_REQ 1: SEC_DESC_DACL_AUTO_INHERITED 1: SEC_DESC_SACL_AUTO_INHERITED 1: SEC_DESC_DACL_PROTECTED 0: SEC_DESC_SACL_PROTECTED 0: SEC_DESC_RM_CONTROL_VALID 1: SEC_DESC_SELF_RELATIVE owner_sid : * owner_sid : S-1-5-21-3308023661-3915791984-1724325443-61012 group_sid : * group_sid : S-1-5-21-3308023661-3915791984-1724325443-513 sacl : NULL dacl : * dacl: struct security_acl revision : SECURITY_ACL_REVISION_NT4 (2) size : 0x008c (140) num_aces : 0x00000005 (5) aces: ARRAY(5) aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x00 (0) 0: SEC_ACE_FLAG_OBJECT_INHERIT 0: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0024 (36) access_mask : 0x001f01ff (2032127) object : union security_ace_object_ctr(case 0) trustee : S-1-5-21-3308023661-3915791984-1724325443-61012 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x0b (11) 1: SEC_ACE_FLAG_OBJECT_INHERIT 1: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 1: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x0b: SEC_ACE_FLAG_VALID_INHERIT (11) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0014 (20) access_mask : 0x00100000 (1048576) object : union security_ace_object_ctr(case 0) trustee : S-1-3-1 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x0b (11) 1: SEC_ACE_FLAG_OBJECT_INHERIT 1: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 1: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x0b: SEC_ACE_FLAG_VALID_INHERIT (11) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0014 (20) access_mask : 0x001f01ff (2032127) object : union security_ace_object_ctr(case 0) trustee : S-1-3-0 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x00 (0) 0: SEC_ACE_FLAG_OBJECT_INHERIT 0: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0024 (36) access_mask : 0x00100000 (1048576) object : union security_ace_object_ctr(case 0) trustee : S-1-5-21-3308023661-3915791984-1724325443-513 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x03 (3) 1: SEC_ACE_FLAG_OBJECT_INHERIT 1: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x03: SEC_ACE_FLAG_VALID_INHERIT (3) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0014 (20) access_mask : 0x00100000 (1048576) object : union security_ace_object_ctr(case 0) trustee : S-1-1-0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3668(set_nt_acl) set_nt_acl: called for file aaa [2009/10/23 16:51:02, 5] smbd/posix_acls.c:1166(unpack_nt_owners) unpack_nt_owners: validating owner_sids. [2009/10/23 16:51:02, 5] smbd/posix_acls.c:1213(unpack_nt_owners) unpack_nt_owners: owner_sids validated. [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1795(create_canon_ace_lists) create_canon_ace_lists: adding file ACL: canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1737(create_canon_ace_lists) create_canon_ace_lists: adding dir ACL: canon_ace index 0. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0xb perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1737(create_canon_ace_lists) create_canon_ace_lists: adding dir ACL: canon_ace index 0. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0xb perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1795(create_canon_ace_lists) create_canon_ace_lists: adding file ACL: canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1737(create_canon_ace_lists) create_canon_ace_lists: adding dir ACL: canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x3 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1795(create_canon_ace_lists) create_canon_ace_lists: adding file ACL: canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x3 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1481(check_owning_objs) check_owning_objs: ACL had owning user/group entries. [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1481(check_owning_objs) check_owning_objs: ACL had owning user/group entries. [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: file ace - before merge canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x3 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: dir ace - before merge canon_ace index 0. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0xb perms --- canon_ace index 1. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0xb perms rwx canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x3 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: file ace - before deny canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x3 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: dir ace - before deny canon_ace index 0. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0xb perms --- canon_ace index 1. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0xb perms rwx canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x3 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: file ace - before valid canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x3 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: dir ace - before valid canon_ace index 0. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0xb perms --- canon_ace index 1. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0xb perms rwx canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x3 perms --- [2009/10/23 16:51:02, 3] smbd/dosmode.c:135(unix_mode) unix_mode(aaa) returning 0600 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: file ace - return canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x3 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: dir ace - return canon_ace index 0. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0xb perms --- canon_ace index 1. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0xb perms rwx canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x3 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2609(set_canon_ace_list) set_canon_ace_list: setting ACL: canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x3 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2709(set_canon_ace_list) canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2709(set_canon_ace_list) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2709(set_canon_ace_list) canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x3 perms --- [2009/10/23 16:51:02, 10] modules/vfs_posixacl.c:89(posixacl_sys_acl_set_file) Calling acl_set_file: aaa, 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2609(set_canon_ace_list) set_canon_ace_list: setting ACL: canon_ace index 0. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0xb perms --- canon_ace index 1. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0xb perms rwx canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x3 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2709(set_canon_ace_list) canon_ace index 0. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0xb perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2709(set_canon_ace_list) canon_ace index 1. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0xb perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2709(set_canon_ace_list) canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x3 perms --- [2009/10/23 16:51:02, 10] modules/vfs_posixacl.c:89(posixacl_sys_acl_set_file) Calling acl_set_file: aaa, 1 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:193(create_pai_buf_v2) create_pai_buf_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:158(get_entry_val) get_entry_val: uid = 30006 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:161(get_entry_val) get_entry_val: gid = 50001 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:165(get_entry_val) get_entry_val: world ace [2009/10/23 16:51:02, 10] smbd/posix_acls.c:161(get_entry_val) get_entry_val: gid = 50001 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:158(get_entry_val) get_entry_val: uid = 30006 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:165(get_entry_val) get_entry_val: world ace [2009/10/23 16:51:02, 10] smbd/posix_acls.c:267(store_inheritance_attributes) store_inheritance_attribute: type 0x9d04 for file aaa [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=71 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10561 smt_wct=18 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_bcc=0 [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=71 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10561 smt_wct=18 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_bcc=0 [2009/10/23 16:51:02, 10] smbd/notify_inotify.c:162(inotify_dispatch) inotify_dispatch called with mask=40000004, name=[aaa] [2009/10/23 16:51:02, 10] smbd/notify_inotify.c:194(inotify_dispatch) inotify_dispatch: ne.action = 3, ne.path = aaa [2009/10/23 16:51:02, 10] smbd/notify_inotify.c:112(filter_match) filter_match: e->mask=40000004, w->mask=210003c6, w->filter=17 [2009/10/23 16:51:02, 10] smbd/notify_internal.c:287(sys_notify_callback) sys_notify_callback called with action=3, for aaa [2009/10/23 16:51:02, 10] smbd/notify.c:191(notify_callback) notify_callback called for . 0000 offset: 00000000 0004 action: 00000003 0008 namelen: 00000006 000c name: a.a.a... [2009/10/23 16:51:02, 9] smbd/nttrans.c:219(send_nt_replies) nt_rep: params_sent_thistime = 18, data_sent_thistime = 0, useable_space = 130994 [2009/10/23 16:51:02, 9] smbd/nttrans.c:221(send_nt_replies) nt_rep: params_to_send = 18, data_to_send = 0, paramsize = 18, datasize = 0 [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=92 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=1088 smt_wct=18 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 4608 (0x1200) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 4608 (0x1200) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=18944 (0x4A00) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_bcc=21 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 00 00 00 00 03 00 00 00 06 00 00 00 61 ........ .......a [0010] 00 61 00 61 00 .a.a. [2009/10/23 16:51:02, 10] smbd/notify_inotify.c:162(inotify_dispatch) inotify_dispatch called with mask=40000004, name=[] [2009/10/23 16:51:02, 10] smbd/notify_inotify.c:194(inotify_dispatch) inotify_dispatch: ne.action = 3, ne.path =  [2009/10/23 16:51:02, 10] smbd/notify_inotify.c:112(filter_match) filter_match: e->mask=40000004, w->mask=210003c6, w->filter=17 [2009/10/23 16:51:02, 10] smbd/notify_internal.c:287(sys_notify_callback) sys_notify_callback called with action=3, for  [2009/10/23 16:51:02, 10] smbd/notify.c:191(notify_callback) notify_callback called for aaa 0000 offset: 00000000 0004 action: 00000003 0008 namelen: 00000002 000c name: .... [2009/10/23 16:51:02, 9] smbd/nttrans.c:219(send_nt_replies) nt_rep: params_sent_thistime = 14, data_sent_thistime = 0, useable_space = 130994 [2009/10/23 16:51:02, 9] smbd/nttrans.c:221(send_nt_replies) nt_rep: params_to_send = 14, data_to_send = 0, paramsize = 14, datasize = 0 [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=88 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10434 smt_wct=18 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 3584 (0xE00) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 3584 (0xE00) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=18944 (0x4A00) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_bcc=17 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 00 00 00 00 03 00 00 00 02 00 00 00 01 ........ ........ [0010] 00 . [2009/10/23 16:51:02, 10] smbd/notify_inotify.c:162(inotify_dispatch) inotify_dispatch called with mask=40000004, name=[aaa] [2009/10/23 16:51:02, 10] smbd/notify_inotify.c:194(inotify_dispatch) inotify_dispatch: ne.action = 3, ne.path = aaa [2009/10/23 16:51:02, 10] smbd/notify_inotify.c:112(filter_match) filter_match: e->mask=40000004, w->mask=210003c6, w->filter=17 [2009/10/23 16:51:02, 10] smbd/notify_internal.c:287(sys_notify_callback) sys_notify_callback called with action=3, for aaa [2009/10/23 16:51:02, 10] smbd/notify.c:191(notify_callback) notify_callback called for . [2009/10/23 16:51:02, 10] smbd/notify_inotify.c:162(inotify_dispatch) inotify_dispatch called with mask=40000004, name=[] [2009/10/23 16:51:02, 10] smbd/notify_inotify.c:194(inotify_dispatch) inotify_dispatch: ne.action = 3, ne.path =  [2009/10/23 16:51:02, 10] smbd/notify_inotify.c:112(filter_match) filter_match: e->mask=40000004, w->mask=210003c6, w->filter=17 [2009/10/23 16:51:02, 10] smbd/notify_internal.c:287(sys_notify_callback) sys_notify_callback called with action=3, for  [2009/10/23 16:51:02, 10] smbd/notify.c:191(notify_callback) notify_callback called for aaa [2009/10/23 16:51:02, 10] smbd/notify_inotify.c:162(inotify_dispatch) inotify_dispatch called with mask=40000004, name=[aaa] [2009/10/23 16:51:02, 10] smbd/notify_inotify.c:194(inotify_dispatch) inotify_dispatch: ne.action = 3, ne.path = aaa [2009/10/23 16:51:02, 10] smbd/notify_inotify.c:112(filter_match) filter_match: e->mask=40000004, w->mask=210003c6, w->filter=17 [2009/10/23 16:51:02, 10] smbd/notify_internal.c:287(sys_notify_callback) sys_notify_callback called with action=3, for aaa [2009/10/23 16:51:02, 10] smbd/notify.c:191(notify_callback) notify_callback called for . [2009/10/23 16:51:02, 10] smbd/notify_inotify.c:162(inotify_dispatch) inotify_dispatch called with mask=40000004, name=[] [2009/10/23 16:51:02, 10] smbd/notify_inotify.c:194(inotify_dispatch) inotify_dispatch: ne.action = 3, ne.path = È [2009/10/23 16:51:02, 10] smbd/notify_inotify.c:112(filter_match) filter_match: e->mask=40000004, w->mask=210003c6, w->filter=17 [2009/10/23 16:51:02, 10] smbd/notify_internal.c:287(sys_notify_callback) sys_notify_callback called with action=3, for È [2009/10/23 16:51:02, 10] smbd/notify.c:191(notify_callback) notify_callback called for aaa [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 41 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x29 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 192 of length 45 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=41 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=65279 smb_uid=101 smb_mid=10626 smt_wct=3 smb_vwv[ 0]= 4623 (0x120F) smb_vwv[ 1]=65535 (0xFFFF) smb_vwv[ 2]=65535 (0xFFFF) smb_bcc=0 [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBclose (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 3] smbd/reply.c:4446(reply_close) close directory fnum=4623 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:100(db_tdb_fetch_locked) Locking key 32080000000000006225 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:129(db_tdb_fetch_locked) Allocated locked data 0x0xb80a3af0 [2009/10/23 16:51:02, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:18:29 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 2 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 3, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[1]: pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x60080, mid = 0x0, type= 0x0, gen_id = 32, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] locking/locking.c:716(unparse_share_modes) unparse_share_modes: del: 0, owrt: Fri Oct 23 15:18:29 2009 CEST cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num: 2 [2009/10/23 16:51:02, 10] locking/locking.c:518(print_share_mode_table) print_share_mode_table: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 3, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] locking/locking.c:518(print_share_mode_table) print_share_mode_table: share_mode_entry[1]: UNUSED pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x60080, mid = 0x0, type= 0x40, gen_id = 32, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr) Unlocking key 32080000000000006225 [2009/10/23 16:51:02, 5] smbd/files.c:484(file_free) freed files structure 4623 (2 used) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=35 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=65279 smb_uid=101 smb_mid=10626 smt_wct=0 smb_bcc=0 [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 84 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x54 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 193 of length 88 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=84 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10688 smt_wct=23 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 8192 (0x2000) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]=21504 (0x5400) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 1024 (0x400) smb_vwv[18]= 4 (0x4) smb_vwv[19]= 3 (0x3) smb_vwv[20]= 0 (0x0) smb_vwv[21]= 4592 (0x11F0) smb_vwv[22]= 1 (0x1) smb_bcc=3 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 ... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBnttrans (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 10] smbd/nttrans.c:2697(reply_nttrans) num_setup=8, param_total=0, this_param=0, max_param=32, data_total=0, this_data=0, max_data=0, param_offset=84, data_offset=0 [2009/10/23 16:51:02, 10] smbd/nttrans.c:2769(reply_nttrans) reply_nttrans: state->setup_count = 8 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 03 00 00 00 F0 11 01 00 ........ [2009/10/23 16:51:02, 3] smbd/nttrans.c:1488(call_nt_transact_notify_change) call_nt_transact_notify_change [2009/10/23 16:51:02, 3] smbd/nttrans.c:1505(call_nt_transact_notify_change) call_nt_transact_notify_change: notify change called on ., filter = FILE_NAME|DIR_NAME, recursive = 1 0000 offset: 00000000 0004 action: 00000003 0008 namelen: 00000006 000c name: a.a.a... [2009/10/23 16:51:02, 9] smbd/nttrans.c:219(send_nt_replies) nt_rep: params_sent_thistime = 18, data_sent_thistime = 0, useable_space = 130994 [2009/10/23 16:51:02, 9] smbd/nttrans.c:221(send_nt_replies) nt_rep: params_to_send = 18, data_to_send = 0, paramsize = 18, datasize = 0 [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=92 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10688 smt_wct=18 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 4608 (0x1200) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 4608 (0x1200) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=18944 (0x4A00) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_bcc=21 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 00 00 00 00 03 00 00 00 06 00 00 00 61 ........ .......a [0010] 00 61 00 61 00 .a.a. [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 84 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x54 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 194 of length 88 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=84 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10754 smt_wct=23 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 8192 (0x2000) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]=21504 (0x5400) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 1024 (0x400) smb_vwv[18]= 4 (0x4) smb_vwv[19]= 3 (0x3) smb_vwv[20]= 0 (0x0) smb_vwv[21]= 4594 (0x11F2) smb_vwv[22]= 1 (0x1) smb_bcc=3 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 ... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBnttrans (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 10] smbd/nttrans.c:2697(reply_nttrans) num_setup=8, param_total=0, this_param=0, max_param=32, data_total=0, this_data=0, max_data=0, param_offset=84, data_offset=0 [2009/10/23 16:51:02, 10] smbd/nttrans.c:2769(reply_nttrans) reply_nttrans: state->setup_count = 8 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 03 00 00 00 F2 11 01 00 ........ [2009/10/23 16:51:02, 3] smbd/nttrans.c:1488(call_nt_transact_notify_change) call_nt_transact_notify_change [2009/10/23 16:51:02, 3] smbd/nttrans.c:1505(call_nt_transact_notify_change) call_nt_transact_notify_change: notify change called on aaa, filter = FILE_NAME|DIR_NAME, recursive = 1 0000 offset: 0000000e 0004 action: 00000003 0008 namelen: 00000002 000c name: .... [2009/10/23 16:51:02, 3] lib/charcnv.c:635(convert_string_allocate) convert_string_allocate: Conversion error: Illegal multibyte sequence(È) 000e offset: 00000000 0012 action: 00000003 0016 namelen: 00000002 001a name: _... [2009/10/23 16:51:02, 9] smbd/nttrans.c:219(send_nt_replies) nt_rep: params_sent_thistime = 28, data_sent_thistime = 0, useable_space = 130994 [2009/10/23 16:51:02, 9] smbd/nttrans.c:221(send_nt_replies) nt_rep: params_to_send = 28, data_to_send = 0, paramsize = 28, datasize = 0 [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=102 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10754 smt_wct=18 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 7168 (0x1C00) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 7168 (0x1C00) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=18944 (0x4A00) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_bcc=31 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 0E 00 00 00 03 00 00 00 02 00 00 00 01 ........ ........ [0010] 00 00 00 00 00 03 00 00 00 02 00 00 00 5F 00 ........ ....._. [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 94 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x5e [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 195 of length 98 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=94 smb_com=0xa2 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10816 smt_wct=24 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]= 2048 (0x800) smb_vwv[ 3]= 4096 (0x1000) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=32768 (0x8000) smb_vwv[ 8]= 512 (0x200) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 1792 (0x700) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 256 (0x100) smb_vwv[18]= 0 (0x0) smb_vwv[19]= 0 (0x0) smb_vwv[20]= 8192 (0x2000) smb_vwv[21]= 512 (0x200) smb_vwv[22]= 0 (0x0) smb_vwv[23]= 0 (0x0) smb_bcc=11 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 61 00 61 00 61 00 00 00 .\.a.a.a ... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBntcreateX (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 10] smbd/nttrans.c:483(reply_ntcreate_and_X) reply_ntcreate_and_X: flags = 0x10, access_mask = 0x20080 file_attributes = 0x0, share_access = 0x7, create_disposition = 0x1 create_options = 0x200000 root_dir_fid = 0x0, fname = aaa [2009/10/23 16:51:02, 10] smbd/open.c:3366(create_file_default) create_file: access_mask = 0x20080 file_attributes = 0x0, share_access = 0x7, create_disposition = 0x1 create_options = 0x200000 oplock_request = 0x0 root_dir_fid = 0x0, ea_list = 0x(nil), sd = 0x(nil), create_file_flags = 0x1, fname = aaa [2009/10/23 16:51:02, 5] smbd/filename.c:148(unix_convert) unix_convert called on file "aaa" [2009/10/23 16:51:02, 10] smbd/statcache.c:274(stat_cache_lookup) stat_cache_lookup: lookup succeeded for name [AAA] -> [aaa] [2009/10/23 16:51:02, 10] smbd/open.c:2896(create_file_unixpath) create_file_unixpath: access_mask = 0x20080 file_attributes = 0x0, share_access = 0x7, create_disposition = 0x1 create_options = 0x200000 oplock_request = 0x0 ea_list = 0x(nil), sd = 0x(nil), fname = aaa [2009/10/23 16:51:02, 5] smbd/files.c:103(file_new) allocated file structure 530, fnum = 4626 (3 used) [2009/10/23 16:51:02, 2] smbd/dosmode.c:83(unix_mode) unix_mode(aaa) inheriting from . [2009/10/23 16:51:02, 2] smbd/dosmode.c:92(unix_mode) unix_mode(aaa) inherit mode 40755 [2009/10/23 16:51:02, 3] smbd/dosmode.c:135(unix_mode) unix_mode(aaa) returning 0644 [2009/10/23 16:51:02, 10] smbd/open.c:1475(open_file_ntcreate) open_file_ntcreate: fname=aaa, dos_attrs=0x0 access_mask=0x20080 share_access=0x7 create_disposition = 0x1 create_options=0x200000 unix mode=0644 oplock_request=0 [2009/10/23 16:51:02, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa [2009/10/23 16:51:02, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa [2009/10/23 16:51:02, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning d [2009/10/23 16:51:02, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning d [2009/10/23 16:51:02, 10] smbd/open.c:1653(open_file_ntcreate) open_file_ntcreate: fname=aaa, after mapping access_mask=0x20080 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:100(db_tdb_fetch_locked) Locking key 32080000000000006225 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:129(db_tdb_fetch_locked) Allocated locked data 0x0xb80a3c80 [2009/10/23 16:51:02, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:18:29 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 2 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 3, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[1]: UNUSED pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x60080, mid = 0x0, type= 0x40, gen_id = 32, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] smbd/open.c:980(delay_for_oplocks) delay_for_oplocks: oplock type 0x0 on file [2009/10/23 16:51:02, 10] smbd/open.c:617(share_conflict) share_conflict: entry->access_mask = 0x100081, entry->share_access = 0x7, entry->private_options = 0x1 [2009/10/23 16:51:02, 10] smbd/open.c:620(share_conflict) share_conflict: access_mask = 0x20080, share_access = 0x7 [2009/10/23 16:51:02, 10] smbd/open.c:640(share_conflict) share_conflict: No conflict due to access_mask = 0x20080 [2009/10/23 16:51:02, 10] smbd/open.c:980(delay_for_oplocks) delay_for_oplocks: oplock type 0x0 on file [2009/10/23 16:51:02, 4] smbd/open.c:1913(open_file_ntcreate) calling open_file with flags=0x0 flags2=0x0 mode=0644, access_mask = 0x20080, open_access_mask = 0x20080 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 43 for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:544(create_pai_val_v2) create_pai_val_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:390(get_pai_owner_type) get_pai_owner_type: uid = 30006 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Default ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2969(merge_default_aces) merge_default_aces: Merging zero access ACE 2 onto ACE 5. [2009/10/23 16:51:02, 10] smbd/open.c:113(check_open_rights) check_open_rights: file aaa requesting 0x20080 returning 0x20000 (NT_STATUS_OK) [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr) Unlocking key 32080000000000006225 [2009/10/23 16:51:02, 5] smbd/files.c:484(file_free) freed files structure 4626 (2 used) [2009/10/23 16:51:02, 5] smbd/open.c:2391(open_directory) open_directory: opening directory aaa, access_mask = 0x20080, share_access = 0x7 create_options = 0x200000, create_disposition = 0x1, file_attributes = 0x0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 43 for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:544(create_pai_val_v2) create_pai_val_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:390(get_pai_owner_type) get_pai_owner_type: uid = 30006 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Default ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2969(merge_default_aces) merge_default_aces: Merging zero access ACE 2 onto ACE 5. [2009/10/23 16:51:02, 10] smbd/open.c:113(check_open_rights) check_open_rights: file aaa requesting 0x20080 returning 0x20000 (NT_STATUS_OK) [2009/10/23 16:51:02, 5] smbd/files.c:103(file_new) allocated file structure 531, fnum = 4627 (3 used) [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:100(db_tdb_fetch_locked) Locking key 32080000000000006225 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:129(db_tdb_fetch_locked) Allocated locked data 0x0xb80aa4f8 [2009/10/23 16:51:02, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:18:29 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 2 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 3, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[1]: UNUSED pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x60080, mid = 0x0, type= 0x40, gen_id = 32, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] smbd/open.c:617(share_conflict) share_conflict: entry->access_mask = 0x100081, entry->share_access = 0x7, entry->private_options = 0x1 [2009/10/23 16:51:02, 10] smbd/open.c:620(share_conflict) share_conflict: access_mask = 0x20080, share_access = 0x7 [2009/10/23 16:51:02, 10] smbd/open.c:640(share_conflict) share_conflict: No conflict due to access_mask = 0x20080 [2009/10/23 16:51:02, 10] locking/locking.c:716(unparse_share_modes) unparse_share_modes: del: 0, owrt: Fri Oct 23 15:18:29 2009 CEST cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num: 2 [2009/10/23 16:51:02, 10] locking/locking.c:518(print_share_mode_table) print_share_mode_table: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 3, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] locking/locking.c:518(print_share_mode_table) print_share_mode_table: share_mode_entry[1]: pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x20080, mid = 0x0, type= 0x0, gen_id = 36, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr) Unlocking key 32080000000000006225 [2009/10/23 16:51:02, 10] smbd/open.c:3201(create_file_unixpath) create_file_unixpath: info=1 [2009/10/23 16:51:02, 10] smbd/open.c:3496(create_file_default) create_file: info=1 [2009/10/23 16:51:02, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa [2009/10/23 16:51:02, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa [2009/10/23 16:51:02, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning d [2009/10/23 16:51:02, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning d [2009/10/23 16:51:02, 5] smbd/nttrans.c:650(reply_ntcreate_and_X) reply_ntcreate_and_X: fnum = 4627, open name = aaa [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 84 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x54 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 196 of length 88 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=84 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10882 smt_wct=23 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 8192 (0x2000) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]=21504 (0x5400) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 1024 (0x400) smb_vwv[18]= 4 (0x4) smb_vwv[19]= 3 (0x3) smb_vwv[20]= 0 (0x0) smb_vwv[21]= 4592 (0x11F0) smb_vwv[22]= 1 (0x1) smb_bcc=3 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 ... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBnttrans (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 10] smbd/nttrans.c:2697(reply_nttrans) num_setup=8, param_total=0, this_param=0, max_param=32, data_total=0, this_data=0, max_data=0, param_offset=84, data_offset=0 [2009/10/23 16:51:02, 10] smbd/nttrans.c:2769(reply_nttrans) reply_nttrans: state->setup_count = 8 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 03 00 00 00 F0 11 01 00 ........ [2009/10/23 16:51:02, 3] smbd/nttrans.c:1488(call_nt_transact_notify_change) call_nt_transact_notify_change [2009/10/23 16:51:02, 3] smbd/nttrans.c:1505(call_nt_transact_notify_change) call_nt_transact_notify_change: notify change called on ., filter = FILE_NAME|DIR_NAME, recursive = 1 [2009/10/23 16:51:02, 10] smbd/notify.c:241(change_notify_add_request) change_notify_add_request: Adding request for .: max_param = 32 [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 84 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x54 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 197 of length 88 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=84 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=10944 smt_wct=23 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 8192 (0x2000) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]=21504 (0x5400) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 1024 (0x400) smb_vwv[18]= 4 (0x4) smb_vwv[19]= 3 (0x3) smb_vwv[20]= 0 (0x0) smb_vwv[21]= 4594 (0x11F2) smb_vwv[22]= 1 (0x1) smb_bcc=3 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 ... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBnttrans (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 10] smbd/nttrans.c:2697(reply_nttrans) num_setup=8, param_total=0, this_param=0, max_param=32, data_total=0, this_data=0, max_data=0, param_offset=84, data_offset=0 [2009/10/23 16:51:02, 10] smbd/nttrans.c:2769(reply_nttrans) reply_nttrans: state->setup_count = 8 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 03 00 00 00 F2 11 01 00 ........ [2009/10/23 16:51:02, 3] smbd/nttrans.c:1488(call_nt_transact_notify_change) call_nt_transact_notify_change [2009/10/23 16:51:02, 3] smbd/nttrans.c:1505(call_nt_transact_notify_change) call_nt_transact_notify_change: notify change called on aaa, filter = FILE_NAME|DIR_NAME, recursive = 1 [2009/10/23 16:51:02, 10] smbd/notify.c:241(change_notify_add_request) change_notify_add_request: Adding request for aaa: max_param = 32 [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 84 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x54 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 198 of length 88 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=84 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=11009 smt_wct=19 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 2048 (0x800) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 2048 (0x800) smb_vwv[10]= 0 (0x0) smb_vwv[11]=19456 (0x4C00) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_vwv[18]= 6 (0x6) smb_bcc=11 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 13 12 00 00 04 00 00 00 ........ ... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBnttrans (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 10] smbd/nttrans.c:2697(reply_nttrans) num_setup=0, param_total=8, this_param=8, max_param=4, data_total=0, this_data=0, max_data=0, param_offset=76, data_offset=0 [2009/10/23 16:51:02, 3] smbd/nttrans.c:1663(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc: file = aaa, info_wanted = 0x4 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3315(posix_fget_nt_acl) posix_fget_nt_acl: called for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 43 for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:544(create_pai_val_v2) create_pai_val_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:390(get_pai_owner_type) get_pai_owner_type: uid = 30006 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Default ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2969(merge_default_aces) merge_default_aces: Merging zero access ACE 2 onto ACE 5. [2009/10/23 16:51:02, 3] smbd/nttrans.c:1697(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc: sd_size = 160. [2009/10/23 16:51:02, 10] smbd/nttrans.c:1700(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc for file aaa [2009/10/23 16:51:02, 1] ../librpc/ndr/ndr.c:214(ndr_print_debug) psd: struct security_descriptor revision : SECURITY_DESCRIPTOR_REVISION_1 (1) type : 0x9004 (36868) 0: SEC_DESC_OWNER_DEFAULTED 0: SEC_DESC_GROUP_DEFAULTED 1: SEC_DESC_DACL_PRESENT 0: SEC_DESC_DACL_DEFAULTED 0: SEC_DESC_SACL_PRESENT 0: SEC_DESC_SACL_DEFAULTED 0: SEC_DESC_DACL_TRUSTED 0: SEC_DESC_SERVER_SECURITY 0: SEC_DESC_DACL_AUTO_INHERIT_REQ 0: SEC_DESC_SACL_AUTO_INHERIT_REQ 0: SEC_DESC_DACL_AUTO_INHERITED 0: SEC_DESC_SACL_AUTO_INHERITED 1: SEC_DESC_DACL_PROTECTED 0: SEC_DESC_SACL_PROTECTED 0: SEC_DESC_RM_CONTROL_VALID 1: SEC_DESC_SELF_RELATIVE owner_sid : NULL group_sid : NULL sacl : NULL dacl : * dacl: struct security_acl revision : SECURITY_ACL_REVISION_NT4 (2) size : 0x008c (140) num_aces : 0x00000005 (5) aces: ARRAY(5) aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x03 (3) 1: SEC_ACE_FLAG_OBJECT_INHERIT 1: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x03: SEC_ACE_FLAG_VALID_INHERIT (3) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0014 (20) access_mask : 0x00000000 (0) object : union security_ace_object_ctr(case 0) trustee : S-1-1-0 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x00 (0) 0: SEC_ACE_FLAG_OBJECT_INHERIT 0: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0024 (36) access_mask : 0x001f01ff (2032127) object : union security_ace_object_ctr(case 0) trustee : S-1-5-21-3308023661-3915791984-1724325443-61012 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x00 (0) 0: SEC_ACE_FLAG_OBJECT_INHERIT 0: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0024 (36) access_mask : 0x00000000 (0) object : union security_ace_object_ctr(case 0) trustee : S-1-5-21-3308023661-3915791984-1724325443-513 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x0b (11) 1: SEC_ACE_FLAG_OBJECT_INHERIT 1: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 1: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x0b: SEC_ACE_FLAG_VALID_INHERIT (11) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0014 (20) access_mask : 0x001f01ff (2032127) object : union security_ace_object_ctr(case 0) trustee : S-1-3-0 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x0b (11) 1: SEC_ACE_FLAG_OBJECT_INHERIT 1: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 1: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x0b: SEC_ACE_FLAG_VALID_INHERIT (11) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0014 (20) access_mask : 0x00000000 (0) object : union security_ace_object_ctr(case 0) trustee : S-1-3-1 [2009/10/23 16:51:02, 9] smbd/nttrans.c:219(send_nt_replies) nt_rep: params_sent_thistime = 4, data_sent_thistime = 0, useable_space = 130994 [2009/10/23 16:51:02, 9] smbd/nttrans.c:221(send_nt_replies) nt_rep: params_to_send = 4, data_to_send = 0, paramsize = 4, datasize = 0 [2009/10/23 16:51:02, 3] smbd/error.c:60(error_packet_set) error packet at smbd/nttrans.c(226) cmd=160 (SMBnttrans) NT_STATUS_BUFFER_TOO_SMALL [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=78 smb_com=0xa0 smb_rcls=35 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=11009 smt_wct=18 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 1024 (0x400) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=18944 (0x4A00) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_bcc=7 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 A0 00 00 00 ....... [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 5] smbd/uid.c:368(change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 84 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x54 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 199 of length 88 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=84 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=11073 smt_wct=19 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 2048 (0x800) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=40960 (0xA000) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 2048 (0x800) smb_vwv[10]= 0 (0x0) smb_vwv[11]=19456 (0x4C00) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_vwv[18]= 6 (0x6) smb_bcc=11 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 13 12 00 00 04 00 00 00 ........ ... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBnttrans (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 5] auth/token_util.c:528(debug_nt_user_token) NT user token of user S-1-5-21-3308023661-3915791984-1724325443-61012 contains 12 SIDs SID[ 0]: S-1-5-21-3308023661-3915791984-1724325443-61012 SID[ 1]: S-1-5-21-3308023661-3915791984-1724325443-513 SID[ 2]: S-1-1-0 SID[ 3]: S-1-5-2 SID[ 4]: S-1-5-11 SID[ 5]: S-1-5-21-3308023661-3915791984-1724325443-101275 SID[ 6]: S-1-5-21-3308023661-3915791984-1724325443-512 SID[ 7]: S-1-5-32-544 SID[ 8]: S-1-22-1-30006 SID[ 9]: S-1-22-2-50001 SID[ 10]: S-1-22-2-50137 SID[ 11]: S-1-22-2-50231 SE_PRIV 0xff0 0x0 0x0 0x0 [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 30006 Primary group is 50001 and contains 3 supplementary groups Group[ 0]: 50001 Group[ 1]: 50137 Group[ 2]: 50231 [2009/10/23 16:51:02, 5] smbd/uid.c:353(change_to_user) change_to_user uid=(0,30006) gid=(0,50001) [2009/10/23 16:51:02, 10] smbd/nttrans.c:2697(reply_nttrans) num_setup=0, param_total=8, this_param=8, max_param=4, data_total=0, this_data=0, max_data=160, param_offset=76, data_offset=0 [2009/10/23 16:51:02, 3] smbd/nttrans.c:1663(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc: file = aaa, info_wanted = 0x4 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3315(posix_fget_nt_acl) posix_fget_nt_acl: called for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 43 for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:544(create_pai_val_v2) create_pai_val_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:390(get_pai_owner_type) get_pai_owner_type: uid = 30006 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Default ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2969(merge_default_aces) merge_default_aces: Merging zero access ACE 2 onto ACE 5. [2009/10/23 16:51:02, 3] smbd/nttrans.c:1697(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc: sd_size = 160. [2009/10/23 16:51:02, 10] smbd/nttrans.c:1700(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc for file aaa [2009/10/23 16:51:02, 1] ../librpc/ndr/ndr.c:214(ndr_print_debug) psd: struct security_descriptor revision : SECURITY_DESCRIPTOR_REVISION_1 (1) type : 0x9004 (36868) 0: SEC_DESC_OWNER_DEFAULTED 0: SEC_DESC_GROUP_DEFAULTED 1: SEC_DESC_DACL_PRESENT 0: SEC_DESC_DACL_DEFAULTED 0: SEC_DESC_SACL_PRESENT 0: SEC_DESC_SACL_DEFAULTED 0: SEC_DESC_DACL_TRUSTED 0: SEC_DESC_SERVER_SECURITY 0: SEC_DESC_DACL_AUTO_INHERIT_REQ 0: SEC_DESC_SACL_AUTO_INHERIT_REQ 0: SEC_DESC_DACL_AUTO_INHERITED 0: SEC_DESC_SACL_AUTO_INHERITED 1: SEC_DESC_DACL_PROTECTED 0: SEC_DESC_SACL_PROTECTED 0: SEC_DESC_RM_CONTROL_VALID 1: SEC_DESC_SELF_RELATIVE owner_sid : NULL group_sid : NULL sacl : NULL dacl : * dacl: struct security_acl revision : SECURITY_ACL_REVISION_NT4 (2) size : 0x008c (140) num_aces : 0x00000005 (5) aces: ARRAY(5) aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x03 (3) 1: SEC_ACE_FLAG_OBJECT_INHERIT 1: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x03: SEC_ACE_FLAG_VALID_INHERIT (3) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0014 (20) access_mask : 0x00000000 (0) object : union security_ace_object_ctr(case 0) trustee : S-1-1-0 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x00 (0) 0: SEC_ACE_FLAG_OBJECT_INHERIT 0: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0024 (36) access_mask : 0x001f01ff (2032127) object : union security_ace_object_ctr(case 0) trustee : S-1-5-21-3308023661-3915791984-1724325443-61012 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x00 (0) 0: SEC_ACE_FLAG_OBJECT_INHERIT 0: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0024 (36) access_mask : 0x00000000 (0) object : union security_ace_object_ctr(case 0) trustee : S-1-5-21-3308023661-3915791984-1724325443-513 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x0b (11) 1: SEC_ACE_FLAG_OBJECT_INHERIT 1: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 1: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x0b: SEC_ACE_FLAG_VALID_INHERIT (11) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0014 (20) access_mask : 0x001f01ff (2032127) object : union security_ace_object_ctr(case 0) trustee : S-1-3-0 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x0b (11) 1: SEC_ACE_FLAG_OBJECT_INHERIT 1: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 1: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x0b: SEC_ACE_FLAG_VALID_INHERIT (11) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0014 (20) access_mask : 0x00000000 (0) object : union security_ace_object_ctr(case 0) trustee : S-1-3-1 [2009/10/23 16:51:02, 9] smbd/nttrans.c:219(send_nt_replies) nt_rep: params_sent_thistime = 4, data_sent_thistime = 160, useable_space = 130994 [2009/10/23 16:51:02, 9] smbd/nttrans.c:221(send_nt_replies) nt_rep: params_to_send = 4, data_to_send = 160, paramsize = 4, datasize = 160 [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=238 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=11073 smt_wct=18 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 1024 (0x400) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]=40960 (0xA000) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=18944 (0x4A00) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]=40960 (0xA000) smb_vwv[12]= 0 (0x0) smb_vwv[13]=19968 (0x4E00) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_bcc=167 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 A0 00 00 00 01 00 04 90 00 00 00 00 00 ........ ........ [0010] 00 00 00 00 00 00 00 14 00 00 00 02 00 8C 00 05 ........ ........ [0020] 00 00 00 00 03 14 00 00 00 00 00 01 01 00 00 00 ........ ........ [0030] 00 00 01 00 00 00 00 00 00 24 00 FF 01 1F 00 01 ........ .$...... [0040] 05 00 00 00 00 00 05 15 00 00 00 6D 6F 2C C5 70 ........ ...mo,.p [0050] 3E 66 E9 43 1E C7 66 54 EE 00 00 00 00 24 00 00 >f.C..fT .....$.. [0060] 00 00 00 01 05 00 00 00 00 00 05 15 00 00 00 6D ........ .......m [0070] 6F 2C C5 70 3E 66 E9 43 1E C7 66 01 02 00 00 00 o,.p>f.C ..f..... [0080] 0B 14 00 FF 01 1F 00 01 01 00 00 00 00 00 03 00 ........ ........ [0090] 00 00 00 00 0B 14 00 00 00 00 00 01 01 00 00 00 ........ ........ [00A0] 00 00 03 01 00 00 00 ....... [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 41 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x29 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 200 of length 45 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=41 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=65279 smb_uid=101 smb_mid=11137 smt_wct=3 smb_vwv[ 0]= 4627 (0x1213) smb_vwv[ 1]=65535 (0xFFFF) smb_vwv[ 2]=65535 (0xFFFF) smb_bcc=0 [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBclose (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 3] smbd/reply.c:4446(reply_close) close directory fnum=4627 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:100(db_tdb_fetch_locked) Locking key 32080000000000006225 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:129(db_tdb_fetch_locked) Allocated locked data 0x0xb80ba4b8 [2009/10/23 16:51:02, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:18:29 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 2 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 3, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[1]: pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x20080, mid = 0x0, type= 0x0, gen_id = 36, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] locking/locking.c:716(unparse_share_modes) unparse_share_modes: del: 0, owrt: Fri Oct 23 15:18:29 2009 CEST cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num: 2 [2009/10/23 16:51:02, 10] locking/locking.c:518(print_share_mode_table) print_share_mode_table: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 3, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] locking/locking.c:518(print_share_mode_table) print_share_mode_table: share_mode_entry[1]: UNUSED pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x20080, mid = 0x0, type= 0x40, gen_id = 36, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr) Unlocking key 32080000000000006225 [2009/10/23 16:51:02, 5] smbd/files.c:484(file_free) freed files structure 4627 (2 used) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=35 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=65279 smb_uid=101 smb_mid=11137 smt_wct=0 smb_bcc=0 [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 94 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x5e [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 201 of length 98 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=94 smb_com=0xa2 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=11201 smt_wct=24 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]= 2048 (0x800) smb_vwv[ 3]= 4096 (0x1000) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=32768 (0x8000) smb_vwv[ 8]= 512 (0x200) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 1792 (0x700) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 256 (0x100) smb_vwv[18]= 0 (0x0) smb_vwv[19]= 0 (0x0) smb_vwv[20]= 8192 (0x2000) smb_vwv[21]= 512 (0x200) smb_vwv[22]= 0 (0x0) smb_vwv[23]= 0 (0x0) smb_bcc=11 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 61 00 61 00 61 00 00 00 .\.a.a.a ... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBntcreateX (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 10] smbd/nttrans.c:483(reply_ntcreate_and_X) reply_ntcreate_and_X: flags = 0x10, access_mask = 0x20080 file_attributes = 0x0, share_access = 0x7, create_disposition = 0x1 create_options = 0x200000 root_dir_fid = 0x0, fname = aaa [2009/10/23 16:51:02, 10] smbd/open.c:3366(create_file_default) create_file: access_mask = 0x20080 file_attributes = 0x0, share_access = 0x7, create_disposition = 0x1 create_options = 0x200000 oplock_request = 0x0 root_dir_fid = 0x0, ea_list = 0x(nil), sd = 0x(nil), create_file_flags = 0x1, fname = aaa [2009/10/23 16:51:02, 5] smbd/filename.c:148(unix_convert) unix_convert called on file "aaa" [2009/10/23 16:51:02, 10] smbd/statcache.c:274(stat_cache_lookup) stat_cache_lookup: lookup succeeded for name [AAA] -> [aaa] [2009/10/23 16:51:02, 10] smbd/open.c:2896(create_file_unixpath) create_file_unixpath: access_mask = 0x20080 file_attributes = 0x0, share_access = 0x7, create_disposition = 0x1 create_options = 0x200000 oplock_request = 0x0 ea_list = 0x(nil), sd = 0x(nil), fname = aaa [2009/10/23 16:51:02, 5] smbd/files.c:103(file_new) allocated file structure 532, fnum = 4628 (3 used) [2009/10/23 16:51:02, 2] smbd/dosmode.c:83(unix_mode) unix_mode(aaa) inheriting from . [2009/10/23 16:51:02, 2] smbd/dosmode.c:92(unix_mode) unix_mode(aaa) inherit mode 40755 [2009/10/23 16:51:02, 3] smbd/dosmode.c:135(unix_mode) unix_mode(aaa) returning 0644 [2009/10/23 16:51:02, 10] smbd/open.c:1475(open_file_ntcreate) open_file_ntcreate: fname=aaa, dos_attrs=0x0 access_mask=0x20080 share_access=0x7 create_disposition = 0x1 create_options=0x200000 unix mode=0644 oplock_request=0 [2009/10/23 16:51:02, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa [2009/10/23 16:51:02, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa [2009/10/23 16:51:02, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning d [2009/10/23 16:51:02, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning d [2009/10/23 16:51:02, 10] smbd/open.c:1653(open_file_ntcreate) open_file_ntcreate: fname=aaa, after mapping access_mask=0x20080 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:100(db_tdb_fetch_locked) Locking key 32080000000000006225 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:129(db_tdb_fetch_locked) Allocated locked data 0x0xb80ba648 [2009/10/23 16:51:02, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:18:29 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 2 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 3, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[1]: UNUSED pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x20080, mid = 0x0, type= 0x40, gen_id = 36, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] smbd/open.c:980(delay_for_oplocks) delay_for_oplocks: oplock type 0x0 on file [2009/10/23 16:51:02, 10] smbd/open.c:617(share_conflict) share_conflict: entry->access_mask = 0x100081, entry->share_access = 0x7, entry->private_options = 0x1 [2009/10/23 16:51:02, 10] smbd/open.c:620(share_conflict) share_conflict: access_mask = 0x20080, share_access = 0x7 [2009/10/23 16:51:02, 10] smbd/open.c:640(share_conflict) share_conflict: No conflict due to access_mask = 0x20080 [2009/10/23 16:51:02, 10] smbd/open.c:980(delay_for_oplocks) delay_for_oplocks: oplock type 0x0 on file [2009/10/23 16:51:02, 4] smbd/open.c:1913(open_file_ntcreate) calling open_file with flags=0x0 flags2=0x0 mode=0644, access_mask = 0x20080, open_access_mask = 0x20080 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 43 for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:544(create_pai_val_v2) create_pai_val_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:390(get_pai_owner_type) get_pai_owner_type: uid = 30006 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Default ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2969(merge_default_aces) merge_default_aces: Merging zero access ACE 2 onto ACE 5. [2009/10/23 16:51:02, 10] smbd/open.c:113(check_open_rights) check_open_rights: file aaa requesting 0x20080 returning 0x20000 (NT_STATUS_OK) [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr) Unlocking key 32080000000000006225 [2009/10/23 16:51:02, 5] smbd/files.c:484(file_free) freed files structure 4628 (2 used) [2009/10/23 16:51:02, 5] smbd/open.c:2391(open_directory) open_directory: opening directory aaa, access_mask = 0x20080, share_access = 0x7 create_options = 0x200000, create_disposition = 0x1, file_attributes = 0x0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 43 for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:544(create_pai_val_v2) create_pai_val_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:390(get_pai_owner_type) get_pai_owner_type: uid = 30006 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Default ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2969(merge_default_aces) merge_default_aces: Merging zero access ACE 2 onto ACE 5. [2009/10/23 16:51:02, 10] smbd/open.c:113(check_open_rights) check_open_rights: file aaa requesting 0x20080 returning 0x20000 (NT_STATUS_OK) [2009/10/23 16:51:02, 5] smbd/files.c:103(file_new) allocated file structure 533, fnum = 4629 (3 used) [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:100(db_tdb_fetch_locked) Locking key 32080000000000006225 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:129(db_tdb_fetch_locked) Allocated locked data 0x0xb80aa4f8 [2009/10/23 16:51:02, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:18:29 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 2 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 3, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[1]: UNUSED pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x20080, mid = 0x0, type= 0x40, gen_id = 36, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] smbd/open.c:617(share_conflict) share_conflict: entry->access_mask = 0x100081, entry->share_access = 0x7, entry->private_options = 0x1 [2009/10/23 16:51:02, 10] smbd/open.c:620(share_conflict) share_conflict: access_mask = 0x20080, share_access = 0x7 [2009/10/23 16:51:02, 10] smbd/open.c:640(share_conflict) share_conflict: No conflict due to access_mask = 0x20080 [2009/10/23 16:51:02, 10] locking/locking.c:716(unparse_share_modes) unparse_share_modes: del: 0, owrt: Fri Oct 23 15:18:29 2009 CEST cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num: 2 [2009/10/23 16:51:02, 10] locking/locking.c:518(print_share_mode_table) print_share_mode_table: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 3, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] locking/locking.c:518(print_share_mode_table) print_share_mode_table: share_mode_entry[1]: pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x20080, mid = 0x0, type= 0x0, gen_id = 38, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr) Unlocking key 32080000000000006225 [2009/10/23 16:51:02, 10] smbd/open.c:3201(create_file_unixpath) create_file_unixpath: info=1 [2009/10/23 16:51:02, 10] smbd/open.c:3496(create_file_default) create_file: info=1 [2009/10/23 16:51:02, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa [2009/10/23 16:51:02, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa [2009/10/23 16:51:02, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning d [2009/10/23 16:51:02, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning d [2009/10/23 16:51:02, 5] smbd/nttrans.c:650(reply_ntcreate_and_X) reply_ntcreate_and_X: fnum = 4629, open name = aaa [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 78 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x4e [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 202 of length 82 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=78 smb_com=0x75 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=0 smb_pid=65279 smb_uid=101 smb_mid=11267 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 78 (0x4E) smb_vwv[ 2]= 8 (0x8) smb_vwv[ 3]= 1 (0x1) smb_bcc=35 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 5C 00 41 00 4C 00 45 00 4B 00 54 00 4F .\.\.A.L .E.K.T.O [0010] 00 5C 00 49 00 50 00 43 00 24 00 00 00 3F 3F 3F .\.I.P.C .$...??? [0020] 3F 3F 00 ??. [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBtconX (pid 8994) conn 0x0 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 5] smbd/uid.c:368(change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2009/10/23 16:51:02, 4] smbd/reply.c:675(reply_tcon_and_X) Client requested device type [?????] for share [IPC$] [2009/10/23 16:51:02, 5] smbd/service.c:1202(make_connection) making a connection to 'normal' service ipc$ [2009/10/23 16:51:02, 3] lib/access.c:389(check_access) check_access: no hostnames in host allow/deny list. [2009/10/23 16:51:02, 2] lib/access.c:406(check_access) Allowed connection from (193.174.7.213) [2009/10/23 16:51:02, 10] smbd/share_access.c:234(user_ok_token) user_ok_token: share IPC$ is ok for unix user brot [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 10] lib/gencache.c:208(gencache_get) Returning expired cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:49:42 2009 [2009/10/23 16:51:02, 10] passdb/pdb_ldap.c:3854(ldapsam_get_account_policy_from_ldap) ldapsam_get_account_policy_from_ldap [2009/10/23 16:51:02, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [sambaDomainName=WZB,ou=accounts,dc=wzb,dc=eu], filter => [(objectclass=*)], scope => [0] [2009/10/23 16:51:02, 10] lib/smbldap.c:676(smb_ldap_setup_conn) smb_ldap_setup_connection: ldapi://%2fvar%2frun%2fslapd%2fldapi/ [2009/10/23 16:51:02, 2] lib/smbldap.c:856(smbldap_open_connection) smbldap_open_connection: connection opened [2009/10/23 16:51:02, 10] lib/smbldap.c:1021(smbldap_connect_system) ldap_connect_system: Binding to ldap server ldapi://%2fvar%2frun%2fslapd%2fldapi/ as "cn=root,dc=wzb,dc=eu" [2009/10/23 16:51:02, 3] lib/smbldap.c:1067(smbldap_connect_system) ldap_connect_system: successful connection to the LDAP server ldap_connect_system: LDAP server does support paged results [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Added timed event "smbldap_idle_fn": 0xb80ad920 [2009/10/23 16:51:02, 4] lib/smbldap.c:1143(smbldap_open) The LDAP server is successfully connected [2009/10/23 16:51:02, 10] lib/account_pol.c:396(cache_account_policy_set) cache_account_policy_set: updating account pol cache [2009/10/23 16:51:02, 10] lib/gencache.c:131(gencache_set) Adding cache entry with key = ACCT_POL/password history; value = 0 and timeout = Fri Oct 23 16:52:02 2009 (60 seconds ahead) [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:572(pdb_set_username) pdb_set_username: setting username brot, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:595(pdb_set_domain) pdb_set_domain: setting domain WZB, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:618(pdb_set_nt_username) pdb_set_nt_username: setting nt username brot, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:641(pdb_set_fullname) pdb_set_full_name: setting full name Bernd das Brot, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:734(pdb_set_homedir) pdb_set_homedir: setting home dir \\selene\wzb, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:710(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive M:, was NULL [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:664(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:687(pdb_set_profile_path) pdb_set_profile_path: setting profile path , was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:777(pdb_set_workstations) pdb_set_workstations: setting workstations , was [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:501(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:02, 10] passdb/pdb_compat.c:72(pdb_set_user_sid_from_rid) pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 from rid 61012 [2009/10/23 16:51:02, 5] lib/username.c:133(Get_Pwnam_alloc) Finding user brot [2009/10/23 16:51:02, 5] lib/username.c:77(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is brot [2009/10/23 16:51:02, 5] lib/username.c:110(Get_Pwnam_internals) Get_Pwnam_internals did find user [brot]! [2009/10/23 16:51:02, 10] smbd/service.c:162(set_conn_connectpath) set_conn_connectpath: service IPC$, connectpath = /tmp [2009/10/23 16:51:02, 3] smbd/service.c:807(make_connection_snum) Connect path is '/tmp' for service [IPC$] [2009/10/23 16:51:02, 10] lib/util_seaccess.c:58(se_map_generic) se_map_generic(): mapped mask 0x10000000 to 0x001f01ff [2009/10/23 16:51:02, 3] smbd/vfs.c:95(vfs_init_default) Initialising default vfs hooks [2009/10/23 16:51:02, 3] smbd/vfs.c:129(vfs_init_custom) Initialising custom vfs hooks from [/[Default VFS]/] [2009/10/23 16:51:02, 10] smbd/vfs.c:47(vfs_find_backend_entry) vfs_find_backend_entry called for /[Default VFS]/ Successfully loaded vfs module [/[Default VFS]/] with the new modules system [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #0 (type 0, layer 0) Making operation type 0 opaque [module /[Default VFS]/] Accepting operation type 0 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #1 (type 1, layer 0) Making operation type 1 opaque [module /[Default VFS]/] Accepting operation type 1 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #2 (type 2, layer 0) Making operation type 2 opaque [module /[Default VFS]/] Accepting operation type 2 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #3 (type 3, layer 0) Making operation type 3 opaque [module /[Default VFS]/] Accepting operation type 3 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #4 (type 4, layer 0) Making operation type 4 opaque [module /[Default VFS]/] Accepting operation type 4 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #5 (type 5, layer 0) Making operation type 5 opaque [module /[Default VFS]/] Accepting operation type 5 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #6 (type 6, layer 0) Making operation type 6 opaque [module /[Default VFS]/] Accepting operation type 6 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #7 (type 7, layer 0) Making operation type 7 opaque [module /[Default VFS]/] Accepting operation type 7 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #8 (type 8, layer 0) Making operation type 8 opaque [module /[Default VFS]/] Accepting operation type 8 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #9 (type 9, layer 0) Making operation type 9 opaque [module /[Default VFS]/] Accepting operation type 9 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #10 (type 10, layer 0) Making operation type 10 opaque [module /[Default VFS]/] Accepting operation type 10 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #11 (type 11, layer 0) Making operation type 11 opaque [module /[Default VFS]/] Accepting operation type 11 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #12 (type 12, layer 0) Making operation type 12 opaque [module /[Default VFS]/] Accepting operation type 12 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #13 (type 13, layer 0) Making operation type 13 opaque [module /[Default VFS]/] Accepting operation type 13 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #14 (type 14, layer 0) Making operation type 14 opaque [module /[Default VFS]/] Accepting operation type 14 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #15 (type 15, layer 0) Making operation type 15 opaque [module /[Default VFS]/] Accepting operation type 15 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #16 (type 16, layer 0) Making operation type 16 opaque [module /[Default VFS]/] Accepting operation type 16 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #17 (type 17, layer 0) Making operation type 17 opaque [module /[Default VFS]/] Accepting operation type 17 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #18 (type 18, layer 0) Making operation type 18 opaque [module /[Default VFS]/] Accepting operation type 18 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #19 (type 19, layer 0) Making operation type 19 opaque [module /[Default VFS]/] Accepting operation type 19 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #20 (type 20, layer 0) Making operation type 20 opaque [module /[Default VFS]/] Accepting operation type 20 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #21 (type 21, layer 0) Making operation type 21 opaque [module /[Default VFS]/] Accepting operation type 21 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #22 (type 22, layer 0) Making operation type 22 opaque [module /[Default VFS]/] Accepting operation type 22 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #23 (type 23, layer 0) Making operation type 23 opaque [module /[Default VFS]/] Accepting operation type 23 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #24 (type 24, layer 0) Making operation type 24 opaque [module /[Default VFS]/] Accepting operation type 24 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #25 (type 25, layer 0) Making operation type 25 opaque [module /[Default VFS]/] Accepting operation type 25 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #26 (type 26, layer 0) Making operation type 26 opaque [module /[Default VFS]/] Accepting operation type 26 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #27 (type 27, layer 0) Making operation type 27 opaque [module /[Default VFS]/] Accepting operation type 27 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #28 (type 28, layer 0) Making operation type 28 opaque [module /[Default VFS]/] Accepting operation type 28 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #29 (type 29, layer 0) Making operation type 29 opaque [module /[Default VFS]/] Accepting operation type 29 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #30 (type 30, layer 0) Making operation type 30 opaque [module /[Default VFS]/] Accepting operation type 30 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #31 (type 31, layer 0) Making operation type 31 opaque [module /[Default VFS]/] Accepting operation type 31 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #32 (type 32, layer 0) Making operation type 32 opaque [module /[Default VFS]/] Accepting operation type 32 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #33 (type 33, layer 0) Making operation type 33 opaque [module /[Default VFS]/] Accepting operation type 33 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #34 (type 34, layer 0) Making operation type 34 opaque [module /[Default VFS]/] Accepting operation type 34 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #35 (type 35, layer 0) Making operation type 35 opaque [module /[Default VFS]/] Accepting operation type 35 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #36 (type 36, layer 0) Making operation type 36 opaque [module /[Default VFS]/] Accepting operation type 36 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #37 (type 37, layer 0) Making operation type 37 opaque [module /[Default VFS]/] Accepting operation type 37 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #38 (type 38, layer 0) Making operation type 38 opaque [module /[Default VFS]/] Accepting operation type 38 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #39 (type 39, layer 0) Making operation type 39 opaque [module /[Default VFS]/] Accepting operation type 39 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #40 (type 40, layer 0) Making operation type 40 opaque [module /[Default VFS]/] Accepting operation type 40 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #41 (type 41, layer 0) Making operation type 41 opaque [module /[Default VFS]/] Accepting operation type 41 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #42 (type 42, layer 0) Making operation type 42 opaque [module /[Default VFS]/] Accepting operation type 42 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #43 (type 43, layer 0) Making operation type 43 opaque [module /[Default VFS]/] Accepting operation type 43 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #44 (type 44, layer 0) Making operation type 44 opaque [module /[Default VFS]/] Accepting operation type 44 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #45 (type 45, layer 0) Making operation type 45 opaque [module /[Default VFS]/] Accepting operation type 45 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #46 (type 46, layer 0) Making operation type 46 opaque [module /[Default VFS]/] Accepting operation type 46 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #47 (type 47, layer 0) Making operation type 47 opaque [module /[Default VFS]/] Accepting operation type 47 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #48 (type 48, layer 0) Making operation type 48 opaque [module /[Default VFS]/] Accepting operation type 48 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #49 (type 49, layer 0) Making operation type 49 opaque [module /[Default VFS]/] Accepting operation type 49 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #50 (type 50, layer 0) Making operation type 50 opaque [module /[Default VFS]/] Accepting operation type 50 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #51 (type 51, layer 0) Making operation type 51 opaque [module /[Default VFS]/] Accepting operation type 51 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #52 (type 52, layer 0) Making operation type 52 opaque [module /[Default VFS]/] Accepting operation type 52 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #53 (type 53, layer 0) Making operation type 53 opaque [module /[Default VFS]/] Accepting operation type 53 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #54 (type 54, layer 0) Making operation type 54 opaque [module /[Default VFS]/] Accepting operation type 54 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #55 (type 55, layer 0) Making operation type 55 opaque [module /[Default VFS]/] Accepting operation type 55 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #56 (type 56, layer 0) Making operation type 56 opaque [module /[Default VFS]/] Accepting operation type 56 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #57 (type 57, layer 0) Making operation type 57 opaque [module /[Default VFS]/] Accepting operation type 57 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #58 (type 58, layer 0) Making operation type 58 opaque [module /[Default VFS]/] Accepting operation type 58 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #59 (type 59, layer 0) Making operation type 59 opaque [module /[Default VFS]/] Accepting operation type 59 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #60 (type 60, layer 0) Making operation type 60 opaque [module /[Default VFS]/] Accepting operation type 60 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #61 (type 61, layer 0) Making operation type 61 opaque [module /[Default VFS]/] Accepting operation type 61 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #62 (type 62, layer 0) Making operation type 62 opaque [module /[Default VFS]/] Accepting operation type 62 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #63 (type 63, layer 0) Making operation type 63 opaque [module /[Default VFS]/] Accepting operation type 63 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #64 (type 64, layer 0) Making operation type 64 opaque [module /[Default VFS]/] Accepting operation type 64 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #65 (type 65, layer 0) Making operation type 65 opaque [module /[Default VFS]/] Accepting operation type 65 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #66 (type 66, layer 0) Making operation type 66 opaque [module /[Default VFS]/] Accepting operation type 66 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #67 (type 67, layer 0) Making operation type 67 opaque [module /[Default VFS]/] Accepting operation type 67 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #68 (type 68, layer 0) Making operation type 68 opaque [module /[Default VFS]/] Accepting operation type 68 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #69 (type 69, layer 0) Making operation type 69 opaque [module /[Default VFS]/] Accepting operation type 69 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #70 (type 70, layer 0) Making operation type 70 opaque [module /[Default VFS]/] Accepting operation type 70 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #71 (type 71, layer 0) Making operation type 71 opaque [module /[Default VFS]/] Accepting operation type 71 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #72 (type 72, layer 0) Making operation type 72 opaque [module /[Default VFS]/] Accepting operation type 72 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #73 (type 73, layer 0) Making operation type 73 opaque [module /[Default VFS]/] Accepting operation type 73 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #74 (type 74, layer 0) Making operation type 74 opaque [module /[Default VFS]/] Accepting operation type 74 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #75 (type 75, layer 0) Making operation type 75 opaque [module /[Default VFS]/] Accepting operation type 75 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #76 (type 76, layer 0) Making operation type 76 opaque [module /[Default VFS]/] Accepting operation type 76 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #77 (type 77, layer 0) Making operation type 77 opaque [module /[Default VFS]/] Accepting operation type 77 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #78 (type 78, layer 0) Making operation type 78 opaque [module /[Default VFS]/] Accepting operation type 78 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #79 (type 79, layer 0) Making operation type 79 opaque [module /[Default VFS]/] Accepting operation type 79 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #80 (type 80, layer 0) Making operation type 80 opaque [module /[Default VFS]/] Accepting operation type 80 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #81 (type 81, layer 0) Making operation type 81 opaque [module /[Default VFS]/] Accepting operation type 81 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #82 (type 82, layer 0) Making operation type 82 opaque [module /[Default VFS]/] Accepting operation type 82 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #83 (type 83, layer 0) Making operation type 83 opaque [module /[Default VFS]/] Accepting operation type 83 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #84 (type 84, layer 0) Making operation type 84 opaque [module /[Default VFS]/] Accepting operation type 84 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #85 (type 85, layer 0) Making operation type 85 opaque [module /[Default VFS]/] Accepting operation type 85 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #86 (type 86, layer 0) Making operation type 86 opaque [module /[Default VFS]/] Accepting operation type 86 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #87 (type 87, layer 0) Making operation type 87 opaque [module /[Default VFS]/] Accepting operation type 87 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #88 (type 88, layer 0) Making operation type 88 opaque [module /[Default VFS]/] Accepting operation type 88 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #89 (type 89, layer 0) Making operation type 89 opaque [module /[Default VFS]/] Accepting operation type 89 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #90 (type 90, layer 0) Making operation type 90 opaque [module /[Default VFS]/] Accepting operation type 90 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #91 (type 91, layer 0) Making operation type 91 opaque [module /[Default VFS]/] Accepting operation type 91 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #92 (type 92, layer 0) Making operation type 92 opaque [module /[Default VFS]/] Accepting operation type 92 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #93 (type 93, layer 0) Making operation type 93 opaque [module /[Default VFS]/] Accepting operation type 93 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #94 (type 94, layer 0) Making operation type 94 opaque [module /[Default VFS]/] Accepting operation type 94 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #95 (type 95, layer 0) Making operation type 95 opaque [module /[Default VFS]/] Accepting operation type 95 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #96 (type 96, layer 0) Making operation type 96 opaque [module /[Default VFS]/] Accepting operation type 96 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #97 (type 97, layer 0) Making operation type 97 opaque [module /[Default VFS]/] Accepting operation type 97 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #98 (type 98, layer 0) Making operation type 98 opaque [module /[Default VFS]/] Accepting operation type 98 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #99 (type 99, layer 0) Making operation type 99 opaque [module /[Default VFS]/] Accepting operation type 99 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #100 (type 100, layer 0) Making operation type 100 opaque [module /[Default VFS]/] Accepting operation type 100 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #101 (type 101, layer 0) Making operation type 101 opaque [module /[Default VFS]/] Accepting operation type 101 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #102 (type 102, layer 0) Making operation type 102 opaque [module /[Default VFS]/] Accepting operation type 102 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #103 (type 103, layer 0) Making operation type 103 opaque [module /[Default VFS]/] Accepting operation type 103 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #104 (type 104, layer 0) Making operation type 104 opaque [module /[Default VFS]/] Accepting operation type 104 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #105 (type 105, layer 0) Making operation type 105 opaque [module /[Default VFS]/] Accepting operation type 105 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #106 (type 106, layer 0) Making operation type 106 opaque [module /[Default VFS]/] Accepting operation type 106 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #107 (type 107, layer 0) Making operation type 107 opaque [module /[Default VFS]/] Accepting operation type 107 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #108 (type 108, layer 0) Making operation type 108 opaque [module /[Default VFS]/] Accepting operation type 108 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #109 (type 109, layer 0) Making operation type 109 opaque [module /[Default VFS]/] Accepting operation type 109 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/vfs.c:192(vfs_init_custom) Checking operation #110 (type 110, layer 0) Making operation type 110 opaque [module /[Default VFS]/] Accepting operation type 110 from module /[Default VFS]/ [2009/10/23 16:51:02, 5] smbd/connection.c:142(claim_connection) claiming [IPC$] [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:100(db_tdb_fetch_locked) Locking key 22230000FFFFFFFF0100 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:129(db_tdb_fetch_locked) Allocated locked data 0x0xb80bb018 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr) Unlocking key 22230000FFFFFFFF0100 [2009/10/23 16:51:02, 10] smbd/share_access.c:234(user_ok_token) user_ok_token: share IPC$ is ok for unix user brot [2009/10/23 16:51:02, 10] smbd/share_access.c:279(is_share_read_only_for_token) is_share_read_only_for_user: share IPC$ is read-only for unix user brot [2009/10/23 16:51:02, 10] lib/util_seaccess.c:58(se_map_generic) se_map_generic(): mapped mask 0x10000000 to 0x001f01ff [2009/10/23 16:51:02, 3] lib/util_sid.c:228(string_to_sid) string_to_sid: Sid @admins does not start with 'S-'. [2009/10/23 16:51:02, 5] smbd/password.c:407(user_in_netgroup) looking for user brot of domain in netgroup admins [2009/10/23 16:51:02, 5] smbd/password.c:423(user_in_netgroup) looking for user brot of domain in netgroup admins [2009/10/23 16:51:02, 10] passdb/lookup_sid.c:69(lookup_name) lookup_name: WZB\admins => WZB (domain), admins (name) [2009/10/23 16:51:02, 10] passdb/lookup_sid.c:70(lookup_name) lookup_name: flags = 0x077 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(objectClass=sambaGroupMapping)(|(displayName=admins)(cn=admins)))], scope => [2] [2009/10/23 16:51:02, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) init_group_from_ldap: Entry found for group: 50000 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:572(pdb_set_username) pdb_set_username: setting username brot, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:595(pdb_set_domain) pdb_set_domain: setting domain WZB, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:618(pdb_set_nt_username) pdb_set_nt_username: setting nt username brot, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:641(pdb_set_fullname) pdb_set_full_name: setting full name Bernd das Brot, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:734(pdb_set_homedir) pdb_set_homedir: setting home dir \\selene\wzb, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:710(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive M:, was NULL [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:664(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:687(pdb_set_profile_path) pdb_set_profile_path: setting profile path , was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:777(pdb_set_workstations) pdb_set_workstations: setting workstations , was [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(0) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:501(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:02, 10] passdb/pdb_compat.c:72(pdb_set_user_sid_from_rid) pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 from rid 61012 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 5] auth/token_util.c:528(debug_nt_user_token) NT user token of user S-1-5-21-3308023661-3915791984-1724325443-61012 contains 12 SIDs SID[ 0]: S-1-5-21-3308023661-3915791984-1724325443-61012 SID[ 1]: S-1-5-21-3308023661-3915791984-1724325443-513 SID[ 2]: S-1-1-0 SID[ 3]: S-1-5-2 SID[ 4]: S-1-5-11 SID[ 5]: S-1-5-21-3308023661-3915791984-1724325443-101275 SID[ 6]: S-1-5-21-3308023661-3915791984-1724325443-512 SID[ 7]: S-1-5-32-544 SID[ 8]: S-1-22-1-30006 SID[ 9]: S-1-22-2-50001 SID[ 10]: S-1-22-2-50137 SID[ 11]: S-1-22-2-50231 SE_PRIV 0xff0 0x0 0x0 0x0 [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 30006 Primary group is 50001 and contains 3 supplementary groups Group[ 0]: 50001 Group[ 1]: 50137 Group[ 2]: 50231 [2009/10/23 16:51:02, 5] smbd/uid.c:353(change_to_user) change_to_user uid=(0,30006) gid=(0,50001) [2009/10/23 16:51:02, 3] smbd/service.c:1047(make_connection_snum) wzb-v-07a0165-0 (193.174.7.213) connect to service IPC$ initially as user brot (uid=30006, gid=50001) (pid 8994) [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 5] smbd/uid.c:368(change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2009/10/23 16:51:02, 3] smbd/reply.c:754(reply_tcon_and_X) tconX service=IPC$ [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 84 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x54 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 203 of length 88 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=84 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=11329 smt_wct=19 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 2048 (0x800) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 2048 (0x800) smb_vwv[10]= 0 (0x0) smb_vwv[11]=19456 (0x4C00) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_vwv[18]= 6 (0x6) smb_bcc=11 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 15 12 00 00 04 00 00 00 ........ ... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBnttrans (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 5] auth/token_util.c:528(debug_nt_user_token) NT user token of user S-1-5-21-3308023661-3915791984-1724325443-61012 contains 12 SIDs SID[ 0]: S-1-5-21-3308023661-3915791984-1724325443-61012 SID[ 1]: S-1-5-21-3308023661-3915791984-1724325443-513 SID[ 2]: S-1-1-0 SID[ 3]: S-1-5-2 SID[ 4]: S-1-5-11 SID[ 5]: S-1-5-21-3308023661-3915791984-1724325443-101275 SID[ 6]: S-1-5-21-3308023661-3915791984-1724325443-512 SID[ 7]: S-1-5-32-544 SID[ 8]: S-1-22-1-30006 SID[ 9]: S-1-22-2-50001 SID[ 10]: S-1-22-2-50137 SID[ 11]: S-1-22-2-50231 SE_PRIV 0xff0 0x0 0x0 0x0 [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 30006 Primary group is 50001 and contains 3 supplementary groups Group[ 0]: 50001 Group[ 1]: 50137 Group[ 2]: 50231 [2009/10/23 16:51:02, 5] smbd/uid.c:353(change_to_user) change_to_user uid=(0,30006) gid=(0,50001) [2009/10/23 16:51:02, 10] smbd/nttrans.c:2697(reply_nttrans) num_setup=0, param_total=8, this_param=8, max_param=4, data_total=0, this_data=0, max_data=0, param_offset=76, data_offset=0 [2009/10/23 16:51:02, 3] smbd/nttrans.c:1663(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc: file = aaa, info_wanted = 0x4 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3315(posix_fget_nt_acl) posix_fget_nt_acl: called for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 43 for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:544(create_pai_val_v2) create_pai_val_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:390(get_pai_owner_type) get_pai_owner_type: uid = 30006 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Default ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2969(merge_default_aces) merge_default_aces: Merging zero access ACE 2 onto ACE 5. [2009/10/23 16:51:02, 3] smbd/nttrans.c:1697(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc: sd_size = 160. [2009/10/23 16:51:02, 10] smbd/nttrans.c:1700(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc for file aaa [2009/10/23 16:51:02, 1] ../librpc/ndr/ndr.c:214(ndr_print_debug) psd: struct security_descriptor revision : SECURITY_DESCRIPTOR_REVISION_1 (1) type : 0x9004 (36868) 0: SEC_DESC_OWNER_DEFAULTED 0: SEC_DESC_GROUP_DEFAULTED 1: SEC_DESC_DACL_PRESENT 0: SEC_DESC_DACL_DEFAULTED 0: SEC_DESC_SACL_PRESENT 0: SEC_DESC_SACL_DEFAULTED 0: SEC_DESC_DACL_TRUSTED 0: SEC_DESC_SERVER_SECURITY 0: SEC_DESC_DACL_AUTO_INHERIT_REQ 0: SEC_DESC_SACL_AUTO_INHERIT_REQ 0: SEC_DESC_DACL_AUTO_INHERITED 0: SEC_DESC_SACL_AUTO_INHERITED 1: SEC_DESC_DACL_PROTECTED 0: SEC_DESC_SACL_PROTECTED 0: SEC_DESC_RM_CONTROL_VALID 1: SEC_DESC_SELF_RELATIVE owner_sid : NULL group_sid : NULL sacl : NULL dacl : * dacl: struct security_acl revision : SECURITY_ACL_REVISION_NT4 (2) size : 0x008c (140) num_aces : 0x00000005 (5) aces: ARRAY(5) aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x03 (3) 1: SEC_ACE_FLAG_OBJECT_INHERIT 1: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x03: SEC_ACE_FLAG_VALID_INHERIT (3) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0014 (20) access_mask : 0x00000000 (0) object : union security_ace_object_ctr(case 0) trustee : S-1-1-0 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x00 (0) 0: SEC_ACE_FLAG_OBJECT_INHERIT 0: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0024 (36) access_mask : 0x001f01ff (2032127) object : union security_ace_object_ctr(case 0) trustee : S-1-5-21-3308023661-3915791984-1724325443-61012 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x00 (0) 0: SEC_ACE_FLAG_OBJECT_INHERIT 0: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0024 (36) access_mask : 0x00000000 (0) object : union security_ace_object_ctr(case 0) trustee : S-1-5-21-3308023661-3915791984-1724325443-513 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x0b (11) 1: SEC_ACE_FLAG_OBJECT_INHERIT 1: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 1: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x0b: SEC_ACE_FLAG_VALID_INHERIT (11) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0014 (20) access_mask : 0x001f01ff (2032127) object : union security_ace_object_ctr(case 0) trustee : S-1-3-0 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x0b (11) 1: SEC_ACE_FLAG_OBJECT_INHERIT 1: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 1: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x0b: SEC_ACE_FLAG_VALID_INHERIT (11) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0014 (20) access_mask : 0x00000000 (0) object : union security_ace_object_ctr(case 0) trustee : S-1-3-1 [2009/10/23 16:51:02, 9] smbd/nttrans.c:219(send_nt_replies) nt_rep: params_sent_thistime = 4, data_sent_thistime = 0, useable_space = 130994 [2009/10/23 16:51:02, 9] smbd/nttrans.c:221(send_nt_replies) nt_rep: params_to_send = 4, data_to_send = 0, paramsize = 4, datasize = 0 [2009/10/23 16:51:02, 3] smbd/error.c:60(error_packet_set) error packet at smbd/nttrans.c(226) cmd=160 (SMBnttrans) NT_STATUS_BUFFER_TOO_SMALL [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=78 smb_com=0xa0 smb_rcls=35 smb_reh=0 smb_err=49152 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=11329 smt_wct=18 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 1024 (0x400) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=18944 (0x4A00) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_bcc=7 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 A0 00 00 00 ....... [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 100 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x64 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 204 of length 104 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=100 smb_com=0xa2 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=11395 smt_wct=24 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]= 3584 (0xE00) smb_vwv[ 3]= 5632 (0x1600) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=40704 (0x9F00) smb_vwv[ 8]= 513 (0x201) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 768 (0x300) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 256 (0x100) smb_vwv[18]= 0 (0x0) smb_vwv[19]=16384 (0x4000) smb_vwv[20]= 0 (0x0) smb_vwv[21]= 512 (0x200) smb_vwv[22]= 0 (0x0) smb_vwv[23]= 768 (0x300) smb_bcc=17 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 6C 00 73 00 61 00 72 00 70 00 63 00 00 .\.l.s.a .r.p.c.. [0010] 00 . [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBntcreateX (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 5] auth/token_util.c:528(debug_nt_user_token) NT user token of user S-1-5-21-3308023661-3915791984-1724325443-61012 contains 12 SIDs SID[ 0]: S-1-5-21-3308023661-3915791984-1724325443-61012 SID[ 1]: S-1-5-21-3308023661-3915791984-1724325443-513 SID[ 2]: S-1-1-0 SID[ 3]: S-1-5-2 SID[ 4]: S-1-5-11 SID[ 5]: S-1-5-21-3308023661-3915791984-1724325443-101275 SID[ 6]: S-1-5-21-3308023661-3915791984-1724325443-512 SID[ 7]: S-1-5-32-544 SID[ 8]: S-1-22-1-30006 SID[ 9]: S-1-22-2-50001 SID[ 10]: S-1-22-2-50137 SID[ 11]: S-1-22-2-50231 SE_PRIV 0xff0 0x0 0x0 0x0 [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 30006 Primary group is 50001 and contains 3 supplementary groups Group[ 0]: 50001 Group[ 1]: 50137 Group[ 2]: 50231 [2009/10/23 16:51:02, 5] smbd/uid.c:353(change_to_user) change_to_user uid=(0,30006) gid=(0,50001) [2009/10/23 16:51:02, 4] smbd/vfs.c:753(vfs_ChDir) vfs_ChDir to /tmp [2009/10/23 16:51:02, 10] smbd/nttrans.c:483(reply_ntcreate_and_X) reply_ntcreate_and_X: flags = 0x16, access_mask = 0x2019f file_attributes = 0x0, share_access = 0x3, create_disposition = 0x1 create_options = 0x40 root_dir_fid = 0x0, fname = lsarpc [2009/10/23 16:51:02, 4] smbd/nttrans.c:315(nt_open_pipe) nt_open_pipe: Opening pipe \lsarpc. [2009/10/23 16:51:02, 5] smbd/files.c:103(file_new) allocated file structure 534, fnum = 4630 (4 used) [2009/10/23 16:51:02, 4] rpc_server/srv_pipe_hnd.c:99(make_internal_rpc_pipe_p) Create pipe requested \lsarpc [2009/10/23 16:51:02, 10] rpc_server/srv_lsa_hnd.c:85(init_pipe_handle_list) init_pipe_handles: created handle list for pipe \lsarpc [2009/10/23 16:51:02, 10] rpc_server/srv_lsa_hnd.c:102(init_pipe_handle_list) init_pipe_handles: pipe_handles ref count = 1 for pipe \lsarpc [2009/10/23 16:51:02, 5] lib/username.c:133(Get_Pwnam_alloc) Finding user brot [2009/10/23 16:51:02, 5] lib/username.c:77(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is brot [2009/10/23 16:51:02, 5] lib/username.c:110(Get_Pwnam_internals) Get_Pwnam_internals did find user [brot]! [2009/10/23 16:51:02, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=50001))], scope => [2] [2009/10/23 16:51:02, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) init_group_from_ldap: Entry found for group: 50001 [2009/10/23 16:51:02, 10] passdb/lookup_sid.c:961(lookup_sid) lookup_sid called for SID 'S-1-5-21-3308023661-3915791984-1724325443-513' [2009/10/23 16:51:02, 10] passdb/lookup_sid.c:716(check_dom_sid_to_level) Accepting SID S-1-5-21-3308023661-3915791984-1724325443 in level 1 [2009/10/23 16:51:02, 10] passdb/lookup_sid.c:476(lookup_rids) lookup_rids called for domain sid 'S-1-5-21-3308023661-3915791984-1724325443' [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 5] passdb/pdb_interface.c:1513(lookup_global_sam_rid) lookup_global_sam_rid: looking up RID 513. [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:02, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(sambaSID=S-1-5-21-3308023661-3915791984-1724325443-513)(objectclass=sambaSamAccount))], scope => [2] [2009/10/23 16:51:02, 4] passdb/pdb_ldap.c:1613(ldapsam_getsampwsid) ldapsam_getsampwsid: Unable to locate SID [S-1-5-21-3308023661-3915791984-1724325443-513] count=0 [2009/10/23 16:51:02, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-21-3308023661-3915791984-1724325443-513))], scope => [2] [2009/10/23 16:51:02, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) init_group_from_ldap: Entry found for group: 50001 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 5] passdb/pdb_interface.c:1635(pdb_default_lookup_rids) lookup_rids: Domain Users:2 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 10] passdb/lookup_sid.c:996(lookup_sid) Sid S-1-5-21-3308023661-3915791984-1724325443-513 -> WZB\Domain Users(2) [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:572(pdb_set_username) pdb_set_username: setting username brot, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:595(pdb_set_domain) pdb_set_domain: setting domain WZB, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:618(pdb_set_nt_username) pdb_set_nt_username: setting nt username brot, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:641(pdb_set_fullname) pdb_set_full_name: setting full name Bernd das Brot, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:734(pdb_set_homedir) pdb_set_homedir: setting home dir \\selene\wzb, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:710(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive M:, was NULL [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:664(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:687(pdb_set_profile_path) pdb_set_profile_path: setting profile path , was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:777(pdb_set_workstations) pdb_set_workstations: setting workstations , was [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:501(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:02, 10] passdb/pdb_compat.c:72(pdb_set_user_sid_from_rid) pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 from rid 61012 [2009/10/23 16:51:02, 4] rpc_server/srv_pipe_hnd.c:161(make_internal_rpc_pipe_p) Created internal pipe \lsarpc (pipes_open=0) [2009/10/23 16:51:02, 5] smbd/nttrans.c:404(do_ntcreate_pipe_open) do_ntcreate_pipe_open: open pipe = \lsarpc [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 84 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x54 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 205 of length 88 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=84 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=11457 smt_wct=19 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 2048 (0x800) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=40960 (0xA000) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 2048 (0x800) smb_vwv[10]= 0 (0x0) smb_vwv[11]=19456 (0x4C00) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_vwv[18]= 6 (0x6) smb_bcc=11 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 15 12 00 00 04 00 00 00 ........ ... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBnttrans (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 5] auth/token_util.c:528(debug_nt_user_token) NT user token of user S-1-5-21-3308023661-3915791984-1724325443-61012 contains 12 SIDs SID[ 0]: S-1-5-21-3308023661-3915791984-1724325443-61012 SID[ 1]: S-1-5-21-3308023661-3915791984-1724325443-513 SID[ 2]: S-1-1-0 SID[ 3]: S-1-5-2 SID[ 4]: S-1-5-11 SID[ 5]: S-1-5-21-3308023661-3915791984-1724325443-101275 SID[ 6]: S-1-5-21-3308023661-3915791984-1724325443-512 SID[ 7]: S-1-5-32-544 SID[ 8]: S-1-22-1-30006 SID[ 9]: S-1-22-2-50001 SID[ 10]: S-1-22-2-50137 SID[ 11]: S-1-22-2-50231 SE_PRIV 0xff0 0x0 0x0 0x0 [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 30006 Primary group is 50001 and contains 3 supplementary groups Group[ 0]: 50001 Group[ 1]: 50137 Group[ 2]: 50231 [2009/10/23 16:51:02, 5] smbd/uid.c:353(change_to_user) change_to_user uid=(0,30006) gid=(0,50001) [2009/10/23 16:51:02, 4] smbd/vfs.c:753(vfs_ChDir) vfs_ChDir to /backup/small [2009/10/23 16:51:02, 10] smbd/nttrans.c:2697(reply_nttrans) num_setup=0, param_total=8, this_param=8, max_param=4, data_total=0, this_data=0, max_data=160, param_offset=76, data_offset=0 [2009/10/23 16:51:02, 3] smbd/nttrans.c:1663(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc: file = aaa, info_wanted = 0x4 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3315(posix_fget_nt_acl) posix_fget_nt_acl: called for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 43 for file aaa [2009/10/23 16:51:02, 10] smbd/posix_acls.c:544(create_pai_val_v2) create_pai_val_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:390(get_pai_owner_type) get_pai_owner_type: uid = 30006 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Default ace entries before arrange : [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:02, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:02, 10] smbd/posix_acls.c:2969(merge_default_aces) merge_default_aces: Merging zero access ACE 2 onto ACE 5. [2009/10/23 16:51:02, 3] smbd/nttrans.c:1697(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc: sd_size = 160. [2009/10/23 16:51:02, 10] smbd/nttrans.c:1700(call_nt_transact_query_security_desc) call_nt_transact_query_security_desc for file aaa [2009/10/23 16:51:02, 1] ../librpc/ndr/ndr.c:214(ndr_print_debug) psd: struct security_descriptor revision : SECURITY_DESCRIPTOR_REVISION_1 (1) type : 0x9004 (36868) 0: SEC_DESC_OWNER_DEFAULTED 0: SEC_DESC_GROUP_DEFAULTED 1: SEC_DESC_DACL_PRESENT 0: SEC_DESC_DACL_DEFAULTED 0: SEC_DESC_SACL_PRESENT 0: SEC_DESC_SACL_DEFAULTED 0: SEC_DESC_DACL_TRUSTED 0: SEC_DESC_SERVER_SECURITY 0: SEC_DESC_DACL_AUTO_INHERIT_REQ 0: SEC_DESC_SACL_AUTO_INHERIT_REQ 0: SEC_DESC_DACL_AUTO_INHERITED 0: SEC_DESC_SACL_AUTO_INHERITED 1: SEC_DESC_DACL_PROTECTED 0: SEC_DESC_SACL_PROTECTED 0: SEC_DESC_RM_CONTROL_VALID 1: SEC_DESC_SELF_RELATIVE owner_sid : NULL group_sid : NULL sacl : NULL dacl : * dacl: struct security_acl revision : SECURITY_ACL_REVISION_NT4 (2) size : 0x008c (140) num_aces : 0x00000005 (5) aces: ARRAY(5) aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x03 (3) 1: SEC_ACE_FLAG_OBJECT_INHERIT 1: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x03: SEC_ACE_FLAG_VALID_INHERIT (3) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0014 (20) access_mask : 0x00000000 (0) object : union security_ace_object_ctr(case 0) trustee : S-1-1-0 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x00 (0) 0: SEC_ACE_FLAG_OBJECT_INHERIT 0: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0024 (36) access_mask : 0x001f01ff (2032127) object : union security_ace_object_ctr(case 0) trustee : S-1-5-21-3308023661-3915791984-1724325443-61012 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x00 (0) 0: SEC_ACE_FLAG_OBJECT_INHERIT 0: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0024 (36) access_mask : 0x00000000 (0) object : union security_ace_object_ctr(case 0) trustee : S-1-5-21-3308023661-3915791984-1724325443-513 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x0b (11) 1: SEC_ACE_FLAG_OBJECT_INHERIT 1: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 1: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x0b: SEC_ACE_FLAG_VALID_INHERIT (11) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0014 (20) access_mask : 0x001f01ff (2032127) object : union security_ace_object_ctr(case 0) trustee : S-1-3-0 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x0b (11) 1: SEC_ACE_FLAG_OBJECT_INHERIT 1: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 1: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x0b: SEC_ACE_FLAG_VALID_INHERIT (11) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0014 (20) access_mask : 0x00000000 (0) object : union security_ace_object_ctr(case 0) trustee : S-1-3-1 [2009/10/23 16:51:02, 9] smbd/nttrans.c:219(send_nt_replies) nt_rep: params_sent_thistime = 4, data_sent_thistime = 160, useable_space = 130994 [2009/10/23 16:51:02, 9] smbd/nttrans.c:221(send_nt_replies) nt_rep: params_to_send = 4, data_to_send = 160, paramsize = 4, datasize = 160 [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=238 smb_com=0xa0 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=11457 smt_wct=18 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 1024 (0x400) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]=40960 (0xA000) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=18944 (0x4A00) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]=40960 (0xA000) smb_vwv[12]= 0 (0x0) smb_vwv[13]=19968 (0x4E00) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_bcc=167 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 A0 00 00 00 01 00 04 90 00 00 00 00 00 ........ ........ [0010] 00 00 00 00 00 00 00 14 00 00 00 02 00 8C 00 05 ........ ........ [0020] 00 00 00 00 03 14 00 00 00 00 00 01 01 00 00 00 ........ ........ [0030] 00 00 01 00 00 00 00 00 00 24 00 FF 01 1F 00 01 ........ .$...... [0040] 05 00 00 00 00 00 05 15 00 00 00 6D 6F 2C C5 70 ........ ...mo,.p [0050] 3E 66 E9 43 1E C7 66 54 EE 00 00 00 00 24 00 00 >f.C..fT .....$.. [0060] 00 00 00 01 05 00 00 00 00 00 05 15 00 00 00 6D ........ .......m [0070] 6F 2C C5 70 3E 66 E9 43 1E C7 66 01 02 00 00 00 o,.p>f.C ..f..... [0080] 0B 14 00 FF 01 1F 00 01 01 00 00 00 00 00 03 00 ........ ........ [0090] 00 00 00 00 0B 14 00 00 00 00 00 01 01 00 00 00 ........ ........ [00A0] 00 00 03 01 00 00 00 ....... [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 136 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x88 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 206 of length 140 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=136 smb_com=0x2f smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=65279 smb_uid=101 smb_mid=11523 smt_wct=14 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]= 4630 (0x1216) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]=65535 (0xFFFF) smb_vwv[ 6]=65535 (0xFFFF) smb_vwv[ 7]= 8 (0x8) smb_vwv[ 8]= 72 (0x48) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 72 (0x48) smb_vwv[11]= 64 (0x40) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_bcc=73 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] EE 05 00 0B 03 10 00 00 00 48 00 00 00 01 00 00 ........ .H...... [0010] 00 B8 10 B8 10 00 00 00 00 01 00 00 00 00 00 01 ........ ........ [0020] 00 78 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 .xW4.4.. ....#Eg. [0030] AB 00 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 ......]. ........ [0040] 00 2B 10 48 60 02 00 00 00 .+.H`... . [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBwriteX (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 5] auth/token_util.c:528(debug_nt_user_token) NT user token of user S-1-5-21-3308023661-3915791984-1724325443-61012 contains 12 SIDs SID[ 0]: S-1-5-21-3308023661-3915791984-1724325443-61012 SID[ 1]: S-1-5-21-3308023661-3915791984-1724325443-513 SID[ 2]: S-1-1-0 SID[ 3]: S-1-5-2 SID[ 4]: S-1-5-11 SID[ 5]: S-1-5-21-3308023661-3915791984-1724325443-101275 SID[ 6]: S-1-5-21-3308023661-3915791984-1724325443-512 SID[ 7]: S-1-5-32-544 SID[ 8]: S-1-22-1-30006 SID[ 9]: S-1-22-2-50001 SID[ 10]: S-1-22-2-50137 SID[ 11]: S-1-22-2-50231 SE_PRIV 0xff0 0x0 0x0 0x0 [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 30006 Primary group is 50001 and contains 3 supplementary groups Group[ 0]: 50001 Group[ 1]: 50137 Group[ 2]: 50231 [2009/10/23 16:51:02, 5] smbd/uid.c:353(change_to_user) change_to_user uid=(0,30006) gid=(0,50001) [2009/10/23 16:51:02, 4] smbd/vfs.c:753(vfs_ChDir) vfs_ChDir to /tmp [2009/10/23 16:51:02, 6] smbd/pipes.c:271(reply_pipe_write_and_X) reply_pipe_write_and_X: 1216 name: lsarpc len: 72 [2009/10/23 16:51:02, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 72 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 72 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 72 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 72, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 56 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 56 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0b 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 00000001 [2009/10/23 16:51:02, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 11, flags = 3 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 56 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 56, incoming data = 56 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 11 [2009/10/23 16:51:02, 5] rpc_server/srv_pipe.c:1558(api_pipe_bind_req) api_pipe_bind_req: decode request. 1558 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_rb [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_bba 0000 max_tsize: 10b8 0002 max_rsize: 10b8 0004 assoc_gid: 00000000 0008 num_contexts: 01 000c context_id : 0000 000e num_transfer_syntaxes: 01 [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 00000f smb_io_rpc_iface [2009/10/23 16:51:02, 7] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_uuid uuid 0010 data : 12345778 0014 data : 1234 0016 data : abcd 0018 data : ef 00 001a data : 01 23 45 67 89 ab 0020 version: 00000000 [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 000024 smb_io_rpc_iface [2009/10/23 16:51:02, 7] rpc_parse/parse_prs.c:88(prs_debug) 000024 smb_io_uuid uuid 0024 data : 8a885d04 0028 data : 1ceb 002a data : 11c9 002c data : 9f e8 002e data : 08 00 2b 10 48 60 0034 version: 00000002 [2009/10/23 16:51:02, 3] rpc_server/srv_pipe.c:1584(api_pipe_bind_req) api_pipe_bind_req: \PIPE\lsarpc -> \PIPE\lsarpc [2009/10/23 16:51:02, 5] rpc_server/srv_pipe.c:1628(api_pipe_bind_req) api_pipe_bind_req: make response. 1628 [2009/10/23 16:51:02, 3] rpc_server/srv_pipe.c:960(check_bind_req) check_bind_req for \lsarpc checking lsarpc [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_ba [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_bba 0000 max_tsize: 10b8 0002 max_rsize: 10b8 0004 assoc_gid: 000053f0 [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 000008 smb_io_rpc_addr_str 0008 len: 000d 000a str: \PIPE\lsarpc. [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 000017 smb_io_rpc_results 0018 num_results: 01 001c result : 0000 001e reason : 0000 [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 000020 smb_io_rpc_iface [2009/10/23 16:51:02, 7] rpc_parse/parse_prs.c:88(prs_debug) 000020 smb_io_uuid uuid 0020 data : 8a885d04 0024 data : 1ceb 0026 data : 11c9 0028 data : 9f e8 002a data : 08 00 2b 10 48 60 0030 version: 00000002 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000001 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 56 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80ba5b8 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80ba5b8 [2009/10/23 16:51:02, 3] smbd/pipes.c:325(pipe_write_andx_done) writeX-IPC nwritten=72 [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 41 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x29 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 207 of length 45 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=41 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=65279 smb_uid=101 smb_mid=11585 smt_wct=3 smb_vwv[ 0]= 4629 (0x1215) smb_vwv[ 1]=65535 (0xFFFF) smb_vwv[ 2]=65535 (0xFFFF) smb_bcc=0 [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBclose (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 5] auth/token_util.c:528(debug_nt_user_token) NT user token of user S-1-5-21-3308023661-3915791984-1724325443-61012 contains 12 SIDs SID[ 0]: S-1-5-21-3308023661-3915791984-1724325443-61012 SID[ 1]: S-1-5-21-3308023661-3915791984-1724325443-513 SID[ 2]: S-1-1-0 SID[ 3]: S-1-5-2 SID[ 4]: S-1-5-11 SID[ 5]: S-1-5-21-3308023661-3915791984-1724325443-101275 SID[ 6]: S-1-5-21-3308023661-3915791984-1724325443-512 SID[ 7]: S-1-5-32-544 SID[ 8]: S-1-22-1-30006 SID[ 9]: S-1-22-2-50001 SID[ 10]: S-1-22-2-50137 SID[ 11]: S-1-22-2-50231 SE_PRIV 0xff0 0x0 0x0 0x0 [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 30006 Primary group is 50001 and contains 3 supplementary groups Group[ 0]: 50001 Group[ 1]: 50137 Group[ 2]: 50231 [2009/10/23 16:51:02, 5] smbd/uid.c:353(change_to_user) change_to_user uid=(0,30006) gid=(0,50001) [2009/10/23 16:51:02, 4] smbd/vfs.c:753(vfs_ChDir) vfs_ChDir to /backup/small [2009/10/23 16:51:02, 3] smbd/reply.c:4446(reply_close) close directory fnum=4629 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:100(db_tdb_fetch_locked) Locking key 32080000000000006225 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:129(db_tdb_fetch_locked) Allocated locked data 0x0xb80c4578 [2009/10/23 16:51:02, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:18:29 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 2 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 3, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[1]: pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x20080, mid = 0x0, type= 0x0, gen_id = 38, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] locking/locking.c:716(unparse_share_modes) unparse_share_modes: del: 0, owrt: Fri Oct 23 15:18:29 2009 CEST cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num: 2 [2009/10/23 16:51:02, 10] locking/locking.c:518(print_share_mode_table) print_share_mode_table: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 3, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] locking/locking.c:518(print_share_mode_table) print_share_mode_table: share_mode_entry[1]: UNUSED pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x20080, mid = 0x0, type= 0x40, gen_id = 38, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:02, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr) Unlocking key 32080000000000006225 [2009/10/23 16:51:02, 5] smbd/files.c:484(file_free) freed files structure 4629 (3 used) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=35 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=65279 smb_uid=101 smb_mid=11585 smt_wct=0 smb_bcc=0 [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 59 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x3b [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 208 of length 63 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=59 smb_com=0x2e smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=65279 smb_uid=101 smb_mid=11651 smt_wct=12 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]= 4630 (0x1216) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 1024 (0x400) smb_vwv[ 7]=65535 (0xFFFF) smb_vwv[ 8]=65535 (0xFFFF) smb_vwv[ 9]= 1024 (0x400) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_bcc=0 [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBreadX (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 5] auth/token_util.c:528(debug_nt_user_token) NT user token of user S-1-5-21-3308023661-3915791984-1724325443-61012 contains 12 SIDs SID[ 0]: S-1-5-21-3308023661-3915791984-1724325443-61012 SID[ 1]: S-1-5-21-3308023661-3915791984-1724325443-513 SID[ 2]: S-1-1-0 SID[ 3]: S-1-5-2 SID[ 4]: S-1-5-11 SID[ 5]: S-1-5-21-3308023661-3915791984-1724325443-101275 SID[ 6]: S-1-5-21-3308023661-3915791984-1724325443-512 SID[ 7]: S-1-5-32-544 SID[ 8]: S-1-22-1-30006 SID[ 9]: S-1-22-2-50001 SID[ 10]: S-1-22-2-50137 SID[ 11]: S-1-22-2-50231 SE_PRIV 0xff0 0x0 0x0 0x0 [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 30006 Primary group is 50001 and contains 3 supplementary groups Group[ 0]: 50001 Group[ 1]: 50137 Group[ 2]: 50231 [2009/10/23 16:51:02, 5] smbd/uid.c:353(change_to_user) change_to_user uid=(0,30006) gid=(0,50001) [2009/10/23 16:51:02, 4] smbd/vfs.c:753(vfs_ChDir) vfs_ChDir to /tmp [2009/10/23 16:51:02, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \lsarpc len: 1024 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:842(read_from_internal_pipe) read_from_pipe: \lsarpc: current_pdu_len = 68, current_pdu_sent = 0 returning 68 bytes. [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80c4a28 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80c4a28 [2009/10/23 16:51:02, 3] smbd/pipes.c:430(pipe_read_andx_done) readX-IPC min=1024 max=1024 nread=68 [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 100 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x64 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 209 of length 104 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=100 smb_com=0xa2 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=11715 smt_wct=24 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]= 3584 (0xE00) smb_vwv[ 3]= 5632 (0x1600) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=40704 (0x9F00) smb_vwv[ 8]= 513 (0x201) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 768 (0x300) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 256 (0x100) smb_vwv[18]= 0 (0x0) smb_vwv[19]=16384 (0x4000) smb_vwv[20]= 0 (0x0) smb_vwv[21]= 512 (0x200) smb_vwv[22]= 0 (0x0) smb_vwv[23]= 768 (0x300) smb_bcc=17 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 6C 00 73 00 61 00 72 00 70 00 63 00 00 .\.l.s.a .r.p.c.. [0010] 00 . [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBntcreateX (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 10] smbd/nttrans.c:483(reply_ntcreate_and_X) reply_ntcreate_and_X: flags = 0x16, access_mask = 0x2019f file_attributes = 0x0, share_access = 0x3, create_disposition = 0x1 create_options = 0x40 root_dir_fid = 0x0, fname = lsarpc [2009/10/23 16:51:02, 4] smbd/nttrans.c:315(nt_open_pipe) nt_open_pipe: Opening pipe \lsarpc. [2009/10/23 16:51:02, 5] smbd/files.c:103(file_new) allocated file structure 535, fnum = 4631 (4 used) [2009/10/23 16:51:02, 4] rpc_server/srv_pipe_hnd.c:99(make_internal_rpc_pipe_p) Create pipe requested \lsarpc [2009/10/23 16:51:02, 10] rpc_server/srv_lsa_hnd.c:102(init_pipe_handle_list) init_pipe_handles: pipe_handles ref count = 2 for pipe \lsarpc [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:572(pdb_set_username) pdb_set_username: setting username brot, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:595(pdb_set_domain) pdb_set_domain: setting domain WZB, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:618(pdb_set_nt_username) pdb_set_nt_username: setting nt username brot, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:641(pdb_set_fullname) pdb_set_full_name: setting full name Bernd das Brot, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:734(pdb_set_homedir) pdb_set_homedir: setting home dir \\selene\wzb, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:710(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive M:, was NULL [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:664(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:687(pdb_set_profile_path) pdb_set_profile_path: setting profile path , was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:777(pdb_set_workstations) pdb_set_workstations: setting workstations , was [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:501(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:02, 10] passdb/pdb_compat.c:72(pdb_set_user_sid_from_rid) pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 from rid 61012 [2009/10/23 16:51:02, 4] rpc_server/srv_pipe_hnd.c:161(make_internal_rpc_pipe_p) Created internal pipe \lsarpc (pipes_open=0) [2009/10/23 16:51:02, 5] smbd/nttrans.c:404(do_ntcreate_pipe_open) do_ntcreate_pipe_open: open pipe = \lsarpc [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 180 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0xb4 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 210 of length 184 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=180 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=11777 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 96 (0x60) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 96 (0x60) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4630 (0x1216) smb_bcc=113 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 60 00 00 00 01 00 00 ........ .`...... [0020] 00 48 00 00 00 00 00 2C 00 00 00 02 00 09 00 00 .H....., ........ [0030] 00 00 00 00 00 09 00 00 00 5C 00 5C 00 61 00 6C ........ .\.\.a.l [0040] 00 65 00 6B 00 74 00 6F 00 00 00 C9 11 18 00 00 .e.k.t.o ........ [0050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0060] 00 04 00 02 00 0C 00 00 00 02 00 01 00 00 08 00 ........ ........ [0070] 00 . [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=96 params=0 setup=2 [2009/10/23 16:51:02, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:02, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:02, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:02, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "lsarpc" (pnum 1216) [2009/10/23 16:51:02, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb809cd40 max_trans_reply: 1024 [2009/10/23 16:51:02, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 96 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 96 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 96 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 96, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 80 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 80 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0060 000a auth_len : 0000 000c call_id : 00000001 [2009/10/23 16:51:02, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 80 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 80, incoming data = 80 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000048 0004 context_id: 0000 0006 opnum : 002c [2009/10/23 16:51:02, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 72 [2009/10/23 16:51:02, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\lsarpc [2009/10/23 16:51:02, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \lsarpc op 0x2c - api_rpcTNP: rpc command: LSA_OPENPOLICY2 [2009/10/23 16:51:02, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[44].fn == 0xb7b1ba20 [2009/10/23 16:51:02, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_OpenPolicy2: struct lsa_OpenPolicy2 in: struct lsa_OpenPolicy2 system_name : * system_name : '\\alekto' attr : * attr: struct lsa_ObjectAttribute len : 0x00000018 (24) root_dir : NULL object_name : NULL attributes : 0x00000000 (0) sec_desc : NULL sec_qos : * sec_qos: struct lsa_QosInfo len : 0x0000000c (12) impersonation_level : 0x0002 (2) context_mode : 0x01 (1) effective_only : 0x00 (0) access_mask : 0x00000800 (2048) 0: LSA_POLICY_VIEW_LOCAL_INFORMATION 0: LSA_POLICY_VIEW_AUDIT_INFORMATION 0: LSA_POLICY_GET_PRIVATE_INFORMATION 0: LSA_POLICY_TRUST_ADMIN 0: LSA_POLICY_CREATE_ACCOUNT 0: LSA_POLICY_CREATE_SECRET 0: LSA_POLICY_CREATE_PRIVILEGE 0: LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS 0: LSA_POLICY_SET_AUDIT_REQUIREMENTS 0: LSA_POLICY_AUDIT_LOG_ADMIN 0: LSA_POLICY_SERVER_ADMIN 1: LSA_POLICY_LOOKUP_NAMES 0: LSA_POLICY_NOTIFICATION [2009/10/23 16:51:02, 4] rpc_server/srv_samr_nt.c:219(access_check_object) _lsa_OpenPolicy2: access GRANTED (requested: 0x00000800, granted: 0x00000800) [2009/10/23 16:51:02, 4] rpc_server/srv_lsa_hnd.c:160(create_policy_hnd) Opened policy hnd[1] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 E1 4A D6 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:02, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_OpenPolicy2: struct lsa_OpenPolicy2 out: struct lsa_OpenPolicy2 handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000008-0000-0000-e14a-d6c222230000 result : NT_STATUS_OK [2009/10/23 16:51:02, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \lsarpc successfully [2009/10/23 16:51:02, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 1052 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 80 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80c66a0 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80c66a0 [2009/10/23 16:51:02, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \lsarpc len: 1024 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \lsarpc: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 24. [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000001 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b2058 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b2058 [2009/10/23 16:51:02, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..48] (align 0) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=11777 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 30 00 00 00 01 00 00 ........ .0...... [0010] 00 18 00 00 00 00 00 00 00 00 00 00 00 08 00 00 ........ ........ [0020] 00 00 00 00 00 E1 4A D6 C2 22 23 00 00 00 00 00 ......J. ."#..... [0030] 00 . [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 136 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x88 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 211 of length 140 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=136 smb_com=0x2f smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=65279 smb_uid=101 smb_mid=11843 smt_wct=14 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]= 4631 (0x1217) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]=65535 (0xFFFF) smb_vwv[ 6]=65535 (0xFFFF) smb_vwv[ 7]= 8 (0x8) smb_vwv[ 8]= 72 (0x48) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 72 (0x48) smb_vwv[11]= 64 (0x40) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_bcc=73 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] EE 05 00 0B 03 10 00 00 00 48 00 00 00 02 00 00 ........ .H...... [0010] 00 B8 10 B8 10 F0 53 00 00 01 00 00 00 00 00 01 ......S. ........ [0020] 00 78 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 .xW4.4.. ....#Eg. [0030] AB 00 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 ......]. ........ [0040] 00 2B 10 48 60 02 00 00 00 .+.H`... . [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBwriteX (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 6] smbd/pipes.c:271(reply_pipe_write_and_X) reply_pipe_write_and_X: 1217 name: lsarpc len: 72 [2009/10/23 16:51:02, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 72 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 72 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 72 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 72, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 56 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 56 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0b 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 00000002 [2009/10/23 16:51:02, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 11, flags = 3 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 56 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 56, incoming data = 56 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 11 [2009/10/23 16:51:02, 5] rpc_server/srv_pipe.c:1558(api_pipe_bind_req) api_pipe_bind_req: decode request. 1558 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_rb [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_bba 0000 max_tsize: 10b8 0002 max_rsize: 10b8 0004 assoc_gid: 000053f0 0008 num_contexts: 01 000c context_id : 0000 000e num_transfer_syntaxes: 01 [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 00000f smb_io_rpc_iface [2009/10/23 16:51:02, 7] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_uuid uuid 0010 data : 12345778 0014 data : 1234 0016 data : abcd 0018 data : ef 00 001a data : 01 23 45 67 89 ab 0020 version: 00000000 [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 000024 smb_io_rpc_iface [2009/10/23 16:51:02, 7] rpc_parse/parse_prs.c:88(prs_debug) 000024 smb_io_uuid uuid 0024 data : 8a885d04 0028 data : 1ceb 002a data : 11c9 002c data : 9f e8 002e data : 08 00 2b 10 48 60 0034 version: 00000002 [2009/10/23 16:51:02, 3] rpc_server/srv_pipe.c:1584(api_pipe_bind_req) api_pipe_bind_req: \PIPE\lsarpc -> \PIPE\lsarpc [2009/10/23 16:51:02, 5] rpc_server/srv_pipe.c:1628(api_pipe_bind_req) api_pipe_bind_req: make response. 1628 [2009/10/23 16:51:02, 3] rpc_server/srv_pipe.c:960(check_bind_req) check_bind_req for \lsarpc checking lsarpc [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_ba [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_bba 0000 max_tsize: 10b8 0002 max_rsize: 10b8 0004 assoc_gid: 000053f0 [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 000008 smb_io_rpc_addr_str 0008 len: 000d 000a str: \PIPE\lsarpc. [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 000017 smb_io_rpc_results 0018 num_results: 01 001c result : 0000 001e reason : 0000 [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 000020 smb_io_rpc_iface [2009/10/23 16:51:02, 7] rpc_parse/parse_prs.c:88(prs_debug) 000020 smb_io_uuid uuid 0020 data : 8a885d04 0024 data : 1ceb 0026 data : 11c9 0028 data : 9f e8 002a data : 08 00 2b 10 48 60 0030 version: 00000002 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000002 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 56 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80c65e0 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80c65e0 [2009/10/23 16:51:02, 3] smbd/pipes.c:325(pipe_write_andx_done) writeX-IPC nwritten=72 [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 236 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0xec [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 212 of length 240 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=236 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=11905 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 152 (0x98) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 152 (0x98) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4630 (0x1216) smb_bcc=169 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 98 00 00 00 03 00 00 ........ ........ [0020] 00 80 00 00 00 00 00 39 00 00 00 00 00 08 00 00 .......9 ........ [0030] 00 00 00 00 00 E1 4A D6 C2 22 23 00 00 02 00 00 ......J. ."#..... [0040] 00 00 00 02 00 02 00 00 00 04 00 02 00 08 00 02 ........ ........ [0050] 00 05 00 00 00 01 05 00 00 00 00 00 05 15 00 00 ........ ........ [0060] 00 6D 6F 2C C5 70 3E 66 E9 43 1E C7 66 54 EE 00 .mo,.p>f .C..fT.. [0070] 00 05 00 00 00 01 05 00 00 00 00 00 05 15 00 00 ........ ........ [0080] 00 6D 6F 2C C5 70 3E 66 E9 43 1E C7 66 01 02 00 .mo,.p>f .C..f... [0090] 00 00 00 00 00 00 00 00 00 01 00 01 19 00 00 00 ........ ........ [00A0] 00 00 00 00 00 02 00 00 00 ........ . [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=152 params=0 setup=2 [2009/10/23 16:51:02, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:02, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:02, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:02, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "lsarpc" (pnum 1216) [2009/10/23 16:51:02, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb809cd40 max_trans_reply: 1024 [2009/10/23 16:51:02, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 152 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 152 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 152 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 152, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 136 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 136 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0098 000a auth_len : 0000 000c call_id : 00000003 [2009/10/23 16:51:02, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 136 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 136, incoming data = 136 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000080 0004 context_id: 0000 0006 opnum : 0039 [2009/10/23 16:51:02, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:02, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\lsarpc [2009/10/23 16:51:02, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \lsarpc op 0x39 - api_rpcTNP: rpc command: LSA_LOOKUPSIDS2 [2009/10/23 16:51:02, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[57].fn == 0xb7b19e70 [2009/10/23 16:51:02, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_LookupSids2: struct lsa_LookupSids2 in: struct lsa_LookupSids2 handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000008-0000-0000-e14a-d6c222230000 sids : * sids: struct lsa_SidArray num_sids : 0x00000002 (2) sids : * sids: ARRAY(2) sids: struct lsa_SidPtr sid : * sid : S-1-5-21-3308023661-3915791984-1724325443-61012 sids: struct lsa_SidPtr sid : * sid : S-1-5-21-3308023661-3915791984-1724325443-513 names : * names: struct lsa_TransNameArray2 count : 0x00000000 (0) names : NULL level : 0x0001 (1) count : * count : 0x00000000 (0) unknown1 : 0x00000000 (0) unknown2 : 0x00000002 (2) [2009/10/23 16:51:02, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 E1 4A D6 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:02, 10] passdb/lookup_sid.c:716(check_dom_sid_to_level) Accepting SID S-1-5-21-3308023661-3915791984-1724325443 in level 1 [2009/10/23 16:51:02, 10] passdb/lookup_sid.c:716(check_dom_sid_to_level) Accepting SID S-1-5-21-3308023661-3915791984-1724325443 in level 1 [2009/10/23 16:51:02, 10] passdb/lookup_sid.c:476(lookup_rids) lookup_rids called for domain sid 'S-1-5-21-3308023661-3915791984-1724325443' [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 5] passdb/pdb_interface.c:1513(lookup_global_sam_rid) lookup_global_sam_rid: looking up RID 61012. [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:02, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 5] lib/username.c:133(Get_Pwnam_alloc) Finding user brot [2009/10/23 16:51:02, 5] lib/username.c:77(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is brot [2009/10/23 16:51:02, 5] lib/username.c:110(Get_Pwnam_internals) Get_Pwnam_internals did find user [brot]! [2009/10/23 16:51:02, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=50001))], scope => [2] [2009/10/23 16:51:02, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) init_group_from_ldap: Entry found for group: 50001 [2009/10/23 16:51:02, 10] passdb/lookup_sid.c:961(lookup_sid) lookup_sid called for SID 'S-1-5-21-3308023661-3915791984-1724325443-513' [2009/10/23 16:51:02, 10] passdb/lookup_sid.c:716(check_dom_sid_to_level) Accepting SID S-1-5-21-3308023661-3915791984-1724325443 in level 1 [2009/10/23 16:51:02, 10] passdb/lookup_sid.c:476(lookup_rids) lookup_rids called for domain sid 'S-1-5-21-3308023661-3915791984-1724325443' [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2009/10/23 16:51:02, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 2 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 5] passdb/pdb_interface.c:1513(lookup_global_sam_rid) lookup_global_sam_rid: looking up RID 513. [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 4 [2009/10/23 16:51:02, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 3 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 4 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(sambaSID=S-1-5-21-3308023661-3915791984-1724325443-513)(objectclass=sambaSamAccount))], scope => [2] [2009/10/23 16:51:02, 4] passdb/pdb_ldap.c:1613(ldapsam_getsampwsid) ldapsam_getsampwsid: Unable to locate SID [S-1-5-21-3308023661-3915791984-1724325443-513] count=0 [2009/10/23 16:51:02, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-21-3308023661-3915791984-1724325443-513))], scope => [2] [2009/10/23 16:51:02, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) init_group_from_ldap: Entry found for group: 50001 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 3 [2009/10/23 16:51:02, 5] passdb/pdb_interface.c:1635(pdb_default_lookup_rids) lookup_rids: Domain Users:2 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:02, 10] passdb/lookup_sid.c:996(lookup_sid) Sid S-1-5-21-3308023661-3915791984-1724325443-513 -> WZB\Domain Users(2) [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2009/10/23 16:51:02, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 2 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:572(pdb_set_username) pdb_set_username: setting username brot, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:595(pdb_set_domain) pdb_set_domain: setting domain WZB, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:618(pdb_set_nt_username) pdb_set_nt_username: setting nt username brot, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:641(pdb_set_fullname) pdb_set_full_name: setting full name Bernd das Brot, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:734(pdb_set_homedir) pdb_set_homedir: setting home dir \\selene\wzb, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:710(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive M:, was NULL [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:664(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:687(pdb_set_profile_path) pdb_set_profile_path: setting profile path , was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:777(pdb_set_workstations) pdb_set_workstations: setting workstations , was [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2009/10/23 16:51:02, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 2 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:501(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:02, 10] passdb/pdb_compat.c:72(pdb_set_user_sid_from_rid) pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 from rid 61012 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 5] passdb/pdb_interface.c:1635(pdb_default_lookup_rids) lookup_rids: brot:1 [2009/10/23 16:51:02, 5] passdb/pdb_interface.c:1513(lookup_global_sam_rid) lookup_global_sam_rid: looking up RID 513. [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:02, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(sambaSID=S-1-5-21-3308023661-3915791984-1724325443-513)(objectclass=sambaSamAccount))], scope => [2] [2009/10/23 16:51:02, 4] passdb/pdb_ldap.c:1613(ldapsam_getsampwsid) ldapsam_getsampwsid: Unable to locate SID [S-1-5-21-3308023661-3915791984-1724325443-513] count=0 [2009/10/23 16:51:02, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-21-3308023661-3915791984-1724325443-513))], scope => [2] [2009/10/23 16:51:02, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) init_group_from_ldap: Entry found for group: 50001 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 5] passdb/pdb_interface.c:1635(pdb_default_lookup_rids) lookup_rids: Domain Users:2 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 10] rpc_server/srv_lsa_nt.c:779(_lsa_lookup_sids_internal) num_sids 2, mapped_count 2, status NT_STATUS_OK [2009/10/23 16:51:02, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_LookupSids2: struct lsa_LookupSids2 out: struct lsa_LookupSids2 domains : * domains : * domains: struct lsa_RefDomainList count : 0x00000001 (1) domains : * domains: ARRAY(1) domains: struct lsa_DomainInfo name: struct lsa_StringLarge length : 0x0000 (0) size : 0x0000 (0) string : * string : 'WZB' sid : * sid : S-1-5-21-3308023661-3915791984-1724325443 max_size : 0x00000020 (32) names : * names: struct lsa_TransNameArray2 count : 0x00000002 (2) names : * names: ARRAY(2) names: struct lsa_TranslatedName2 sid_type : SID_NAME_USER (1) name: struct lsa_String length : 0x2d33 (11571) size : 0x3135 (12597) string : * string : 'brot' sid_index : 0x00000000 (0) unknown : 0x00000000 (0) names: struct lsa_TranslatedName2 sid_type : SID_NAME_DOM_GRP (2) name: struct lsa_String length : 0x6d61 (28001) size : 0x6162 (24930) string : * string : 'Domain Users' sid_index : 0x00000000 (0) unknown : 0x00000000 (0) count : * count : 0x00000002 (2) result : NT_STATUS_OK [2009/10/23 16:51:02, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \lsarpc successfully [2009/10/23 16:51:02, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 2890 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 136 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80c8758 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80c8758 [2009/10/23 16:51:02, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \lsarpc len: 1024 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \lsarpc: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 196. [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 00dc 000a auth_len : 0000 000c call_id : 00000003 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 000000c4 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b4e18 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b4e18 [2009/10/23 16:51:02, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..220] (align 0) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=276 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=11905 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 220 (0xDC) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 220 (0xDC) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=221 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 DC 00 00 00 03 00 00 ........ ........ [0010] 00 C4 00 00 00 00 00 00 00 00 00 02 00 01 00 00 ........ ........ [0020] 00 04 00 02 00 20 00 00 00 01 00 00 00 06 00 08 ..... .. ........ [0030] 00 08 00 02 00 0C 00 02 00 04 00 00 00 00 00 00 ........ ........ [0040] 00 03 00 00 00 57 00 5A 00 42 00 00 00 04 00 00 .....W.Z .B...... [0050] 00 01 04 00 00 00 00 00 05 15 00 00 00 6D 6F 2C ........ .....mo, [0060] C5 70 3E 66 E9 43 1E C7 66 02 00 00 00 10 00 02 .p>f.C.. f....... [0070] 00 02 00 00 00 01 00 00 00 08 00 08 00 14 00 02 ........ ........ [0080] 00 00 00 00 00 00 00 00 00 02 00 00 00 18 00 18 ........ ........ [0090] 00 18 00 02 00 00 00 00 00 00 00 00 00 04 00 00 ........ ........ [00A0] 00 00 00 00 00 04 00 00 00 62 00 72 00 6F 00 74 ........ .b.r.o.t [00B0] 00 0C 00 00 00 00 00 00 00 0C 00 00 00 44 00 6F ........ .....D.o [00C0] 00 6D 00 61 00 69 00 6E 00 20 00 55 00 73 00 65 .m.a.i.n . .U.s.e [00D0] 00 72 00 73 00 02 00 00 00 00 00 00 00 .r.s.... ..... [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 59 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x3b [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 213 of length 63 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=59 smb_com=0x2e smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=65279 smb_uid=101 smb_mid=11971 smt_wct=12 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]= 4631 (0x1217) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 1024 (0x400) smb_vwv[ 7]=65535 (0xFFFF) smb_vwv[ 8]=65535 (0xFFFF) smb_vwv[ 9]= 1024 (0x400) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_bcc=0 [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBreadX (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \lsarpc len: 1024 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:842(read_from_internal_pipe) read_from_pipe: \lsarpc: current_pdu_len = 68, current_pdu_sent = 0 returning 68 bytes. [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80c8a48 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80c8a48 [2009/10/23 16:51:02, 3] smbd/pipes.c:430(pipe_read_andx_done) readX-IPC min=1024 max=1024 nread=68 [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 136 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x88 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 214 of length 140 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=136 smb_com=0x2f smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=65279 smb_uid=101 smb_mid=12033 smt_wct=14 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]= 4630 (0x1216) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]=65535 (0xFFFF) smb_vwv[ 6]=65535 (0xFFFF) smb_vwv[ 7]= 8 (0x8) smb_vwv[ 8]= 72 (0x48) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 72 (0x48) smb_vwv[11]= 64 (0x40) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_bcc=73 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] EE 05 00 0E 03 10 00 00 00 48 00 00 00 04 00 00 ........ .H...... [0010] 00 B8 10 B8 10 F0 53 00 00 01 00 00 00 01 00 01 ......S. ........ [0020] 00 6A 28 19 39 0C B1 D0 11 9B A8 00 C0 4F D9 2E .j(.9... .....O.. [0030] F5 00 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 ......]. ........ [0040] 00 2B 10 48 60 02 00 00 00 .+.H`... . [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBwriteX (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 6] smbd/pipes.c:271(reply_pipe_write_and_X) reply_pipe_write_and_X: 1216 name: lsarpc len: 72 [2009/10/23 16:51:02, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 72 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 72 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 72 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 72, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 56 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 56 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0e 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 00000004 [2009/10/23 16:51:02, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 14, flags = 3 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 56 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 56, incoming data = 56 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 14 [2009/10/23 16:51:02, 5] rpc_server/srv_pipe.c:1840(api_pipe_alter_context) api_pipe_alter_context: decode request. 1840 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_rb [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_bba 0000 max_tsize: 10b8 0002 max_rsize: 10b8 0004 assoc_gid: 000053f0 0008 num_contexts: 01 000c context_id : 0001 000e num_transfer_syntaxes: 01 [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 00000f smb_io_rpc_iface [2009/10/23 16:51:02, 7] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_uuid uuid 0010 data : 3919286a 0014 data : b10c 0016 data : 11d0 0018 data : 9b a8 001a data : 00 c0 4f d9 2e f5 0020 version: 00000000 [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 000024 smb_io_rpc_iface [2009/10/23 16:51:02, 7] rpc_parse/parse_prs.c:88(prs_debug) 000024 smb_io_uuid uuid 0024 data : 8a885d04 0028 data : 1ceb 002a data : 11c9 002c data : 9f e8 002e data : 08 00 2b 10 48 60 0034 version: 00000002 [2009/10/23 16:51:02, 5] rpc_server/srv_pipe.c:1854(api_pipe_alter_context) api_pipe_alter_context: make response. 1854 [2009/10/23 16:51:02, 3] rpc_server/srv_pipe.c:960(check_bind_req) check_bind_req for \lsarpc checking lsarpc checking winreg checking initshutdown checking dssetup [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_ba [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_bba 0000 max_tsize: 10b8 0002 max_rsize: 10b8 0004 assoc_gid: 000053f0 [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 000008 smb_io_rpc_addr_str 0008 len: 0001 000a str: . [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 00000b smb_io_rpc_results 000c num_results: 01 0010 result : 0000 0012 reason : 0000 [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 000014 smb_io_rpc_iface [2009/10/23 16:51:02, 7] rpc_parse/parse_prs.c:88(prs_debug) 000014 smb_io_uuid uuid 0014 data : 8a885d04 0018 data : 1ceb 001a data : 11c9 001c data : 9f e8 001e data : 08 00 2b 10 48 60 0024 version: 00000002 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0f 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0038 000a auth_len : 0000 000c call_id : 00000004 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 56 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80ca670 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80ca670 [2009/10/23 16:51:02, 3] smbd/pipes.c:325(pipe_write_andx_done) writeX-IPC nwritten=72 [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 180 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0xb4 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 215 of length 184 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=180 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=12099 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 96 (0x60) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 96 (0x60) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4631 (0x1217) smb_bcc=113 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 60 00 00 00 02 00 00 ........ .`...... [0020] 00 48 00 00 00 00 00 2C 00 00 00 02 00 09 00 00 .H....., ........ [0030] 00 00 00 00 00 09 00 00 00 5C 00 5C 00 61 00 6C ........ .\.\.a.l [0040] 00 65 00 6B 00 74 00 6F 00 00 00 C9 11 18 00 00 .e.k.t.o ........ [0050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0060] 00 04 00 02 00 0C 00 00 00 02 00 01 00 00 08 00 ........ ........ [0070] 00 . [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=96 params=0 setup=2 [2009/10/23 16:51:02, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:02, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:02, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:02, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "lsarpc" (pnum 1217) [2009/10/23 16:51:02, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b3250 max_trans_reply: 1024 [2009/10/23 16:51:02, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 96 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 96 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 96 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 96, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 80 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 80 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0060 000a auth_len : 0000 000c call_id : 00000002 [2009/10/23 16:51:02, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 80 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 80, incoming data = 80 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000048 0004 context_id: 0000 0006 opnum : 002c [2009/10/23 16:51:02, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 72 [2009/10/23 16:51:02, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\lsarpc [2009/10/23 16:51:02, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \lsarpc op 0x2c - api_rpcTNP: rpc command: LSA_OPENPOLICY2 [2009/10/23 16:51:02, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[44].fn == 0xb7b1ba20 [2009/10/23 16:51:02, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_OpenPolicy2: struct lsa_OpenPolicy2 in: struct lsa_OpenPolicy2 system_name : * system_name : '\\alekto' attr : * attr: struct lsa_ObjectAttribute len : 0x00000018 (24) root_dir : NULL object_name : NULL attributes : 0x00000000 (0) sec_desc : NULL sec_qos : * sec_qos: struct lsa_QosInfo len : 0x0000000c (12) impersonation_level : 0x0002 (2) context_mode : 0x01 (1) effective_only : 0x00 (0) access_mask : 0x00000800 (2048) 0: LSA_POLICY_VIEW_LOCAL_INFORMATION 0: LSA_POLICY_VIEW_AUDIT_INFORMATION 0: LSA_POLICY_GET_PRIVATE_INFORMATION 0: LSA_POLICY_TRUST_ADMIN 0: LSA_POLICY_CREATE_ACCOUNT 0: LSA_POLICY_CREATE_SECRET 0: LSA_POLICY_CREATE_PRIVILEGE 0: LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS 0: LSA_POLICY_SET_AUDIT_REQUIREMENTS 0: LSA_POLICY_AUDIT_LOG_ADMIN 0: LSA_POLICY_SERVER_ADMIN 1: LSA_POLICY_LOOKUP_NAMES 0: LSA_POLICY_NOTIFICATION [2009/10/23 16:51:02, 4] rpc_server/srv_samr_nt.c:219(access_check_object) _lsa_OpenPolicy2: access GRANTED (requested: 0x00000800, granted: 0x00000800) [2009/10/23 16:51:02, 4] rpc_server/srv_lsa_hnd.c:160(create_policy_hnd) Opened policy hnd[2] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 E1 4A D6 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:02, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_OpenPolicy2: struct lsa_OpenPolicy2 out: struct lsa_OpenPolicy2 handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-e14a-d6c222230000 result : NT_STATUS_OK [2009/10/23 16:51:02, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \lsarpc successfully [2009/10/23 16:51:02, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 1052 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 80 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80cc778 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80cc778 [2009/10/23 16:51:02, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \lsarpc len: 1024 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \lsarpc: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 24. [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000002 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:02, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..48] (align 0) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=12099 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 30 00 00 00 02 00 00 ........ .0...... [0010] 00 18 00 00 00 00 00 00 00 00 00 00 00 09 00 00 ........ ........ [0020] 00 00 00 00 00 E1 4A D6 C2 22 23 00 00 00 00 00 ......J. ."#..... [0030] 00 . [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 59 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x3b [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 216 of length 63 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=59 smb_com=0x2e smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=65279 smb_uid=101 smb_mid=12161 smt_wct=12 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]= 4630 (0x1216) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 1024 (0x400) smb_vwv[ 7]=65535 (0xFFFF) smb_vwv[ 8]=65535 (0xFFFF) smb_vwv[ 9]= 1024 (0x400) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_bcc=0 [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBreadX (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \lsarpc len: 1024 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:842(read_from_internal_pipe) read_from_pipe: \lsarpc: current_pdu_len = 56, current_pdu_sent = 0 returning 56 bytes. [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80ccad8 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80ccad8 [2009/10/23 16:51:02, 3] smbd/pipes.c:430(pipe_read_andx_done) readX-IPC min=1024 max=1024 nread=56 [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 200 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0xc8 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 217 of length 204 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=200 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=12227 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 116 (0x74) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 116 (0x74) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4631 (0x1217) smb_bcc=133 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 74 00 00 00 05 00 00 ........ .t...... [0020] 00 5C 00 00 00 00 00 39 00 00 00 00 00 09 00 00 .\.....9 ........ [0030] 00 00 00 00 00 E1 4A D6 C2 22 23 00 00 01 00 00 ......J. ."#..... [0040] 00 00 00 02 00 01 00 00 00 04 00 02 00 05 00 00 ........ ........ [0050] 00 01 05 00 00 00 00 00 05 15 00 00 00 6D 6F 2C ........ .....mo, [0060] C5 70 3E 66 E9 43 1E C7 66 54 EE 00 00 00 00 00 .p>f.C.. fT...... [0070] 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 00 ........ ........ [0080] 00 02 00 00 00 ..... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=116 params=0 setup=2 [2009/10/23 16:51:02, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:02, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:02, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:02, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "lsarpc" (pnum 1217) [2009/10/23 16:51:02, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b3250 max_trans_reply: 1024 [2009/10/23 16:51:02, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 116 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 116 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 116 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 116, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 100 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 100 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0074 000a auth_len : 0000 000c call_id : 00000005 [2009/10/23 16:51:02, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 100 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 100, incoming data = 100 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 0000005c 0004 context_id: 0000 0006 opnum : 0039 [2009/10/23 16:51:02, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:02, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\lsarpc [2009/10/23 16:51:02, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \lsarpc op 0x39 - api_rpcTNP: rpc command: LSA_LOOKUPSIDS2 [2009/10/23 16:51:02, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[57].fn == 0xb7b19e70 [2009/10/23 16:51:02, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_LookupSids2: struct lsa_LookupSids2 in: struct lsa_LookupSids2 handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-e14a-d6c222230000 sids : * sids: struct lsa_SidArray num_sids : 0x00000001 (1) sids : * sids: ARRAY(1) sids: struct lsa_SidPtr sid : * sid : S-1-5-21-3308023661-3915791984-1724325443-61012 names : * names: struct lsa_TransNameArray2 count : 0x00000000 (0) names : NULL level : 0x0001 (1) count : * count : 0x00000000 (0) unknown1 : 0x00000000 (0) unknown2 : 0x00000002 (2) [2009/10/23 16:51:02, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 E1 4A D6 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:02, 10] passdb/lookup_sid.c:716(check_dom_sid_to_level) Accepting SID S-1-5-21-3308023661-3915791984-1724325443 in level 1 [2009/10/23 16:51:02, 10] passdb/lookup_sid.c:476(lookup_rids) lookup_rids called for domain sid 'S-1-5-21-3308023661-3915791984-1724325443' [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 5] passdb/pdb_interface.c:1513(lookup_global_sam_rid) lookup_global_sam_rid: looking up RID 61012. [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:02, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2009/10/23 16:51:02, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 2 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:572(pdb_set_username) pdb_set_username: setting username brot, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:595(pdb_set_domain) pdb_set_domain: setting domain WZB, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:618(pdb_set_nt_username) pdb_set_nt_username: setting nt username brot, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:641(pdb_set_fullname) pdb_set_full_name: setting full name Bernd das Brot, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:734(pdb_set_homedir) pdb_set_homedir: setting home dir \\selene\wzb, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:710(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive M:, was NULL [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:664(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:687(pdb_set_profile_path) pdb_set_profile_path: setting profile path , was [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:777(pdb_set_workstations) pdb_set_workstations: setting workstations , was [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2009/10/23 16:51:02, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 2 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2009/10/23 16:51:02, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:02, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:02, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:02, 10] passdb/pdb_get_set.c:501(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:02, 10] passdb/pdb_compat.c:72(pdb_set_user_sid_from_rid) pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 from rid 61012 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:02, 5] passdb/pdb_interface.c:1635(pdb_default_lookup_rids) lookup_rids: brot:1 [2009/10/23 16:51:02, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:02, 10] rpc_server/srv_lsa_nt.c:779(_lsa_lookup_sids_internal) num_sids 1, mapped_count 1, status NT_STATUS_OK [2009/10/23 16:51:02, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_LookupSids2: struct lsa_LookupSids2 out: struct lsa_LookupSids2 domains : * domains : * domains: struct lsa_RefDomainList count : 0x00000001 (1) domains : * domains: ARRAY(1) domains: struct lsa_DomainInfo name: struct lsa_StringLarge length : 0x0000 (0) size : 0x0000 (0) string : * string : 'WZB' sid : * sid : S-1-5-21-3308023661-3915791984-1724325443 max_size : 0x00000020 (32) names : * names: struct lsa_TransNameArray2 count : 0x00000001 (1) names : * names: ARRAY(1) names: struct lsa_TranslatedName2 sid_type : SID_NAME_USER (1) name: struct lsa_String length : 0x312f (12591) size : 0x2f30 (12080) string : * string : 'brot' sid_index : 0x00000000 (0) unknown : 0x00000000 (0) count : * count : 0x00000001 (1) result : NT_STATUS_OK [2009/10/23 16:51:02, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \lsarpc successfully [2009/10/23 16:51:02, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 2833 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 100 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80ce7f0 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80ce7f0 [2009/10/23 16:51:02, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \lsarpc len: 1024 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \lsarpc: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 140. [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 00a4 000a auth_len : 0000 000c call_id : 00000005 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 0000008c 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80ab548 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80ab548 [2009/10/23 16:51:02, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..164] (align 0) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=220 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=12227 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 164 (0xA4) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 164 (0xA4) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=165 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 A4 00 00 00 05 00 00 ........ ........ [0010] 00 8C 00 00 00 00 00 00 00 00 00 02 00 01 00 00 ........ ........ [0020] 00 04 00 02 00 20 00 00 00 01 00 00 00 06 00 08 ..... .. ........ [0030] 00 08 00 02 00 0C 00 02 00 04 00 00 00 00 00 00 ........ ........ [0040] 00 03 00 00 00 57 00 5A 00 42 00 00 00 04 00 00 .....W.Z .B...... [0050] 00 01 04 00 00 00 00 00 05 15 00 00 00 6D 6F 2C ........ .....mo, [0060] C5 70 3E 66 E9 43 1E C7 66 01 00 00 00 10 00 02 .p>f.C.. f....... [0070] 00 01 00 00 00 01 00 00 00 08 00 08 00 14 00 02 ........ ........ [0080] 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00 00 ........ ........ [0090] 00 04 00 00 00 62 00 72 00 6F 00 74 00 01 00 00 .....b.r .o.t.... [00A0] 00 00 00 00 00 ..... [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 110 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x6e [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 218 of length 114 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=110 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=12289 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 26 (0x1A) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 26 (0x1A) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4630 (0x1216) smb_bcc=43 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 1A 00 00 00 04 00 00 ........ ........ [0020] 00 02 00 00 00 01 00 00 00 01 00 ........ ... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=26 params=0 setup=2 [2009/10/23 16:51:02, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:02, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:02, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:02, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "lsarpc" (pnum 1216) [2009/10/23 16:51:02, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb809cd40 max_trans_reply: 1024 [2009/10/23 16:51:02, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 26 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 26 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 26 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 26, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 10 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 10 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 001a 000a auth_len : 0000 000c call_id : 00000004 [2009/10/23 16:51:02, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 10 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 10, incoming data = 10 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000002 0004 context_id: 0001 0006 opnum : 0000 [2009/10/23 16:51:02, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 48 [2009/10/23 16:51:02, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\lsarpc [2009/10/23 16:51:02, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \lsarpc op 0x0 - api_rpcTNP: rpc command: DSSETUP_DSROLEGETPRIMARYDOMAININFORMATION [2009/10/23 16:51:02, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[0].fn == 0xb7b2cc50 [2009/10/23 16:51:02, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) dssetup_DsRoleGetPrimaryDomainInformation: struct dssetup_DsRoleGetPrimaryDomainInformation in: struct dssetup_DsRoleGetPrimaryDomainInformation level : DS_ROLE_BASIC_INFORMATION (1) [2009/10/23 16:51:02, 10] rpc_server/srv_dssetup_nt.c:40(fill_dsrole_dominfo_basic) fill_dsrole_dominfo_basic: enter [2009/10/23 16:51:02, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) dssetup_DsRoleGetPrimaryDomainInformation: struct dssetup_DsRoleGetPrimaryDomainInformation out: struct dssetup_DsRoleGetPrimaryDomainInformation info : * info : union dssetup_DsRoleInfo(case 1) basic: struct dssetup_DsRolePrimaryDomInfoBasic role : DS_ROLE_BACKUP_DC (4) flags : 0x00000000 (0) 0: DS_ROLE_PRIMARY_DS_RUNNING 0: DS_ROLE_PRIMARY_DS_MIXED_MODE 0: DS_ROLE_UPGRADE_IN_PROGRESS 0: DS_ROLE_PRIMARY_DOMAIN_GUID_PRESENT domain : * domain : 'WZB' dns_domain : NULL forest : NULL domain_guid : 00000000-0000-0000-0000-000000000000 result : WERR_OK [2009/10/23 16:51:02, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \lsarpc successfully [2009/10/23 16:51:02, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 36 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 10 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80ce740 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80ce740 [2009/10/23 16:51:02, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \lsarpc len: 1024 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \lsarpc: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 68. [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 005c 000a auth_len : 0000 000c call_id : 00000004 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000044 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b4e18 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b4e18 [2009/10/23 16:51:02, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..92] (align 0) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=148 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=12289 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 92 (0x5C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 92 (0x5C) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=93 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 5C 00 00 00 04 00 00 ........ .\...... [0010] 00 44 00 00 00 00 00 00 00 00 00 02 00 01 00 00 .D...... ........ [0020] 00 04 00 00 00 00 00 00 00 04 00 02 00 00 00 00 ........ ........ [0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0040] 00 00 00 00 00 04 00 00 00 00 00 00 00 04 00 00 ........ ........ [0050] 00 57 00 5A 00 42 00 00 00 00 00 00 00 .W.Z.B.. ..... [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 136 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x88 [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 219 of length 140 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=136 smb_com=0x2f smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=65279 smb_uid=101 smb_mid=12355 smt_wct=14 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]= 4631 (0x1217) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]=65535 (0xFFFF) smb_vwv[ 6]=65535 (0xFFFF) smb_vwv[ 7]= 8 (0x8) smb_vwv[ 8]= 72 (0x48) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 72 (0x48) smb_vwv[11]= 64 (0x40) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_bcc=73 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] EE 05 00 0E 03 10 00 00 00 48 00 00 00 06 00 00 ........ .H...... [0010] 00 B8 10 B8 10 F0 53 00 00 01 00 00 00 01 00 01 ......S. ........ [0020] 00 6A 28 19 39 0C B1 D0 11 9B A8 00 C0 4F D9 2E .j(.9... .....O.. [0030] F5 00 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 ......]. ........ [0040] 00 2B 10 48 60 02 00 00 00 .+.H`... . [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBwriteX (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 6] smbd/pipes.c:271(reply_pipe_write_and_X) reply_pipe_write_and_X: 1217 name: lsarpc len: 72 [2009/10/23 16:51:02, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 72 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 72 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 72 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 72, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 56 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 56 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0e 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 00000006 [2009/10/23 16:51:02, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 14, flags = 3 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 56 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 56, incoming data = 56 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 14 [2009/10/23 16:51:02, 5] rpc_server/srv_pipe.c:1840(api_pipe_alter_context) api_pipe_alter_context: decode request. 1840 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_rb [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_bba 0000 max_tsize: 10b8 0002 max_rsize: 10b8 0004 assoc_gid: 000053f0 0008 num_contexts: 01 000c context_id : 0001 000e num_transfer_syntaxes: 01 [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 00000f smb_io_rpc_iface [2009/10/23 16:51:02, 7] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_uuid uuid 0010 data : 3919286a 0014 data : b10c 0016 data : 11d0 0018 data : 9b a8 001a data : 00 c0 4f d9 2e f5 0020 version: 00000000 [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 000024 smb_io_rpc_iface [2009/10/23 16:51:02, 7] rpc_parse/parse_prs.c:88(prs_debug) 000024 smb_io_uuid uuid 0024 data : 8a885d04 0028 data : 1ceb 002a data : 11c9 002c data : 9f e8 002e data : 08 00 2b 10 48 60 0034 version: 00000002 [2009/10/23 16:51:02, 5] rpc_server/srv_pipe.c:1854(api_pipe_alter_context) api_pipe_alter_context: make response. 1854 [2009/10/23 16:51:02, 3] rpc_server/srv_pipe.c:960(check_bind_req) check_bind_req for \lsarpc checking lsarpc checking winreg checking initshutdown checking dssetup [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_ba [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_bba 0000 max_tsize: 10b8 0002 max_rsize: 10b8 0004 assoc_gid: 000053f0 [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 000008 smb_io_rpc_addr_str 0008 len: 0001 000a str: . [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 00000b smb_io_rpc_results 000c num_results: 01 0010 result : 0000 0012 reason : 0000 [2009/10/23 16:51:02, 6] rpc_parse/parse_prs.c:88(prs_debug) 000014 smb_io_rpc_iface [2009/10/23 16:51:02, 7] rpc_parse/parse_prs.c:88(prs_debug) 000014 smb_io_uuid uuid 0014 data : 8a885d04 0018 data : 1ceb 001a data : 11c9 001c data : 9f e8 001e data : 08 00 2b 10 48 60 0024 version: 00000002 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0f 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0038 000a auth_len : 0000 000c call_id : 00000006 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 56 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80ce700 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80ce700 [2009/10/23 16:51:02, 3] smbd/pipes.c:325(pipe_write_andx_done) writeX-IPC nwritten=72 [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 59 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x3b [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 220 of length 63 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=59 smb_com=0x2e smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=65279 smb_uid=101 smb_mid=12419 smt_wct=12 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]= 4631 (0x1217) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 1024 (0x400) smb_vwv[ 7]=65535 (0xFFFF) smb_vwv[ 8]=65535 (0xFFFF) smb_vwv[ 9]= 1024 (0x400) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_bcc=0 [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBreadX (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \lsarpc len: 1024 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:842(read_from_internal_pipe) read_from_pipe: \lsarpc: current_pdu_len = 56, current_pdu_sent = 0 returning 56 bytes. [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80d0b68 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80d0b68 [2009/10/23 16:51:02, 3] smbd/pipes.c:430(pipe_read_andx_done) readX-IPC min=1024 max=1024 nread=56 [2009/10/23 16:51:02, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 110 [2009/10/23 16:51:02, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x6e [2009/10/23 16:51:02, 3] smbd/process.c:1459(process_smb) Transaction 221 of length 114 (0 toread) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=110 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=12483 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 26 (0x1A) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 26 (0x1A) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4631 (0x1217) smb_bcc=43 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 1A 00 00 00 06 00 00 ........ ........ [0020] 00 02 00 00 00 01 00 00 00 01 00 ........ ... [2009/10/23 16:51:02, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:02, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:02, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=26 params=0 setup=2 [2009/10/23 16:51:02, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:02, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:02, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:02, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "lsarpc" (pnum 1217) [2009/10/23 16:51:02, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b3250 max_trans_reply: 1024 [2009/10/23 16:51:02, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 26 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 26 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 26 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 26, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 10 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 10 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 001a 000a auth_len : 0000 000c call_id : 00000006 [2009/10/23 16:51:02, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 10 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 10, incoming data = 10 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000002 0004 context_id: 0001 0006 opnum : 0000 [2009/10/23 16:51:02, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 48 [2009/10/23 16:51:02, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\lsarpc [2009/10/23 16:51:02, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \lsarpc op 0x0 - api_rpcTNP: rpc command: DSSETUP_DSROLEGETPRIMARYDOMAININFORMATION [2009/10/23 16:51:02, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[0].fn == 0xb7b2cc50 [2009/10/23 16:51:02, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) dssetup_DsRoleGetPrimaryDomainInformation: struct dssetup_DsRoleGetPrimaryDomainInformation in: struct dssetup_DsRoleGetPrimaryDomainInformation level : DS_ROLE_BASIC_INFORMATION (1) [2009/10/23 16:51:02, 10] rpc_server/srv_dssetup_nt.c:40(fill_dsrole_dominfo_basic) fill_dsrole_dominfo_basic: enter [2009/10/23 16:51:02, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) dssetup_DsRoleGetPrimaryDomainInformation: struct dssetup_DsRoleGetPrimaryDomainInformation out: struct dssetup_DsRoleGetPrimaryDomainInformation info : * info : union dssetup_DsRoleInfo(case 1) basic: struct dssetup_DsRolePrimaryDomInfoBasic role : DS_ROLE_BACKUP_DC (4) flags : 0x00000000 (0) 0: DS_ROLE_PRIMARY_DS_RUNNING 0: DS_ROLE_PRIMARY_DS_MIXED_MODE 0: DS_ROLE_UPGRADE_IN_PROGRESS 0: DS_ROLE_PRIMARY_DOMAIN_GUID_PRESENT domain : * domain : 'WZB' dns_domain : NULL forest : NULL domain_guid : 00000000-0000-0000-0000-000000000000 result : WERR_OK [2009/10/23 16:51:02, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \lsarpc successfully [2009/10/23 16:51:02, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 36 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 10 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80d27d0 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80d27d0 [2009/10/23 16:51:02, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \lsarpc len: 1024 [2009/10/23 16:51:02, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \lsarpc: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 68. [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 005c 000a auth_len : 0000 000c call_id : 00000006 [2009/10/23 16:51:02, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000044 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:02, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:02, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..92] (align 0) [2009/10/23 16:51:02, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:02, 5] lib/util.c:642(show_msg) size=148 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=12483 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 92 (0x5C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 92 (0x5C) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=93 [2009/10/23 16:51:02, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 5C 00 00 00 06 00 00 ........ .\...... [0010] 00 44 00 00 00 00 00 00 00 00 00 02 00 01 00 00 .D...... ........ [0020] 00 04 00 00 00 00 00 00 00 04 00 02 00 00 00 00 ........ ........ [0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0040] 00 00 00 00 00 04 00 00 00 00 00 00 00 04 00 00 ........ ........ [0050] 00 57 00 5A 00 42 00 00 00 00 00 00 00 .W.Z.B.. ..... [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 96 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x60 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 222 of length 100 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=96 smb_com=0xa2 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=12547 smt_wct=24 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]= 2560 (0xA00) smb_vwv[ 3]= 5632 (0x1600) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=40704 (0x9F00) smb_vwv[ 8]= 513 (0x201) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 768 (0x300) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 256 (0x100) smb_vwv[18]= 0 (0x0) smb_vwv[19]=16384 (0x4000) smb_vwv[20]= 0 (0x0) smb_vwv[21]= 512 (0x200) smb_vwv[22]= 0 (0x0) smb_vwv[23]= 768 (0x300) smb_bcc=13 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 73 00 61 00 6D 00 72 00 00 00 .\.s.a.m .r... [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBntcreateX (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 10] smbd/nttrans.c:483(reply_ntcreate_and_X) reply_ntcreate_and_X: flags = 0x16, access_mask = 0x2019f file_attributes = 0x0, share_access = 0x3, create_disposition = 0x1 create_options = 0x40 root_dir_fid = 0x0, fname = samr [2009/10/23 16:51:03, 4] smbd/nttrans.c:315(nt_open_pipe) nt_open_pipe: Opening pipe \samr. [2009/10/23 16:51:03, 5] smbd/files.c:103(file_new) allocated file structure 536, fnum = 4632 (5 used) [2009/10/23 16:51:03, 4] rpc_server/srv_pipe_hnd.c:99(make_internal_rpc_pipe_p) Create pipe requested \samr [2009/10/23 16:51:03, 10] rpc_server/srv_lsa_hnd.c:102(init_pipe_handle_list) init_pipe_handles: pipe_handles ref count = 3 for pipe \samr [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:572(pdb_set_username) pdb_set_username: setting username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:595(pdb_set_domain) pdb_set_domain: setting domain WZB, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:618(pdb_set_nt_username) pdb_set_nt_username: setting nt username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:641(pdb_set_fullname) pdb_set_full_name: setting full name Bernd das Brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:734(pdb_set_homedir) pdb_set_homedir: setting home dir \\selene\wzb, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:710(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive M:, was NULL [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:664(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:687(pdb_set_profile_path) pdb_set_profile_path: setting profile path , was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:777(pdb_set_workstations) pdb_set_workstations: setting workstations , was [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:501(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 10] passdb/pdb_compat.c:72(pdb_set_user_sid_from_rid) pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 from rid 61012 [2009/10/23 16:51:03, 4] rpc_server/srv_pipe_hnd.c:161(make_internal_rpc_pipe_p) Created internal pipe \samr (pipes_open=0) [2009/10/23 16:51:03, 5] smbd/nttrans.c:404(do_ntcreate_pipe_open) do_ntcreate_pipe_open: open pipe = \samr [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 136 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x88 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 223 of length 140 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=136 smb_com=0x2f smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=65279 smb_uid=101 smb_mid=12611 smt_wct=14 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]= 4632 (0x1218) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]=65535 (0xFFFF) smb_vwv[ 6]=65535 (0xFFFF) smb_vwv[ 7]= 8 (0x8) smb_vwv[ 8]= 72 (0x48) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 72 (0x48) smb_vwv[11]= 64 (0x40) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_bcc=73 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] EE 05 00 0B 03 10 00 00 00 48 00 00 00 01 00 00 ........ .H...... [0010] 00 B8 10 B8 10 00 00 00 00 01 00 00 00 00 00 01 ........ ........ [0020] 00 78 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 .xW4.4.. ....#Eg. [0030] AC 01 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 ......]. ........ [0040] 00 2B 10 48 60 02 00 00 00 .+.H`... . [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBwriteX (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 6] smbd/pipes.c:271(reply_pipe_write_and_X) reply_pipe_write_and_X: 1218 name: samr len: 72 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 72 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 72 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 72 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 72, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 56 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 56 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0b 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 00000001 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 11, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 56 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 56, incoming data = 56 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 11 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:1558(api_pipe_bind_req) api_pipe_bind_req: decode request. 1558 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_rb [2009/10/23 16:51:03, 6] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_bba 0000 max_tsize: 10b8 0002 max_rsize: 10b8 0004 assoc_gid: 00000000 0008 num_contexts: 01 000c context_id : 0000 000e num_transfer_syntaxes: 01 [2009/10/23 16:51:03, 6] rpc_parse/parse_prs.c:88(prs_debug) 00000f smb_io_rpc_iface [2009/10/23 16:51:03, 7] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_uuid uuid 0010 data : 12345778 0014 data : 1234 0016 data : abcd 0018 data : ef 00 001a data : 01 23 45 67 89 ac 0020 version: 00000001 [2009/10/23 16:51:03, 6] rpc_parse/parse_prs.c:88(prs_debug) 000024 smb_io_rpc_iface [2009/10/23 16:51:03, 7] rpc_parse/parse_prs.c:88(prs_debug) 000024 smb_io_uuid uuid 0024 data : 8a885d04 0028 data : 1ceb 002a data : 11c9 002c data : 9f e8 002e data : 08 00 2b 10 48 60 0034 version: 00000002 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe.c:1584(api_pipe_bind_req) api_pipe_bind_req: \PIPE\samr -> \PIPE\samr [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:1628(api_pipe_bind_req) api_pipe_bind_req: make response. 1628 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe.c:960(check_bind_req) check_bind_req for \samr checking lsarpc checking winreg checking initshutdown checking dssetup checking wkssvc checking svcctl checking ntsvcs checking netlogon checking netdfs checking srvsvc checking spoolss checking eventlog checking samr [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_ba [2009/10/23 16:51:03, 6] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_bba 0000 max_tsize: 10b8 0002 max_rsize: 10b8 0004 assoc_gid: 000053f0 [2009/10/23 16:51:03, 6] rpc_parse/parse_prs.c:88(prs_debug) 000008 smb_io_rpc_addr_str 0008 len: 000b 000a str: \PIPE\samr. [2009/10/23 16:51:03, 6] rpc_parse/parse_prs.c:88(prs_debug) 000015 smb_io_rpc_results 0018 num_results: 01 001c result : 0000 001e reason : 0000 [2009/10/23 16:51:03, 6] rpc_parse/parse_prs.c:88(prs_debug) 000020 smb_io_rpc_iface [2009/10/23 16:51:03, 7] rpc_parse/parse_prs.c:88(prs_debug) 000020 smb_io_uuid uuid 0020 data : 8a885d04 0024 data : 1ceb 0026 data : 11c9 0028 data : 9f e8 002a data : 08 00 2b 10 48 60 0030 version: 00000002 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000001 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 56 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80d2790 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80d2790 [2009/10/23 16:51:03, 3] smbd/pipes.c:325(pipe_write_andx_done) writeX-IPC nwritten=72 [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 59 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x3b [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 224 of length 63 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=59 smb_com=0x2e smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=65279 smb_uid=101 smb_mid=12675 smt_wct=12 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]= 4632 (0x1218) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 1024 (0x400) smb_vwv[ 7]=65535 (0xFFFF) smb_vwv[ 8]=65535 (0xFFFF) smb_vwv[ 9]= 1024 (0x400) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_bcc=0 [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBreadX (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:842(read_from_internal_pipe) read_from_pipe: \samr: current_pdu_len = 68, current_pdu_sent = 0 returning 68 bytes. [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80d4bf8 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80d4bf8 [2009/10/23 16:51:03, 3] smbd/pipes.c:430(pipe_read_andx_done) readX-IPC min=1024 max=1024 nread=68 [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 164 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0xa4 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 225 of length 168 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=164 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=12739 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 80 (0x50) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 80 (0x50) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4632 (0x1218) smb_bcc=97 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 50 00 00 00 01 00 00 ........ .P...... [0020] 00 38 00 00 00 00 00 40 00 00 00 02 00 09 00 00 .8.....@ ........ [0030] 00 00 00 00 00 09 00 00 00 5C 00 5C 00 61 00 6C ........ .\.\.a.l [0040] 00 65 00 6B 00 74 00 6F 00 00 00 C9 11 30 00 00 .e.k.t.o .....0.. [0050] 00 01 00 00 00 01 00 00 00 03 00 00 00 00 00 00 ........ ........ [0060] 00 . [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=80 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1218) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b0a18 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 80 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 80 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 80 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 80, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 64 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 64 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0050 000a auth_len : 0000 000c call_id : 00000001 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 64 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 64, incoming data = 64 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000038 0004 context_id: 0000 0006 opnum : 0040 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 70 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x40 - api_rpcTNP: rpc command: SAMR_CONNECT5 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[64].fn == 0xb7ba40f0 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_Connect5: struct samr_Connect5 in: struct samr_Connect5 system_name : * system_name : '\\alekto' access_mask : 0x00000030 (48) 0: SAMR_ACCESS_CONNECT_TO_SERVER 0: SAMR_ACCESS_SHUTDOWN_SERVER 0: SAMR_ACCESS_INITIALIZE_SERVER 0: SAMR_ACCESS_CREATE_DOMAIN 1: SAMR_ACCESS_ENUM_DOMAINS 1: SAMR_ACCESS_LOOKUP_DOMAIN level_in : 0x00000001 (1) info_in : * info_in : union samr_ConnectInfo(case 1) info1: struct samr_ConnectInfo1 client_version : SAMR_CONNECT_AFTER_W2K (3) unknown2 : 0x00000000 (0) [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:3976(_samr_Connect2) _samr_Connect5: 3976 [2009/10/23 16:51:03, 4] rpc_server/srv_samr_nt.c:219(access_check_object) _samr_Connect5: access GRANTED (requested: 0x00000030, granted: 0x00000030) [2009/10/23 16:51:03, 10] rpc_server/srv_samr_nt.c:395(get_samr_info_by_sid) get_samr_info_by_sid: created new info for sid (NULL) [2009/10/23 16:51:03, 10] rpc_server/srv_samr_nt.c:400(get_samr_info_by_sid) get_samr_info_by_sid: created new info for NULL sid. [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:160(create_policy_hnd) Opened policy hnd[3] [0000] 00 00 00 00 0A 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:4007(_samr_Connect2) _samr_Connect5: 4007 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_Connect5: struct samr_Connect5 out: struct samr_Connect5 level_out : * level_out : 0x00000001 (1) info_out : * info_out : union samr_ConnectInfo(case 1) info1: struct samr_ConnectInfo1 client_version : SAMR_CONNECT_AFTER_W2K (3) unknown2 : 0x00000000 (0) connect_handle : * connect_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000a-0000-0000-e14a-d7c222230000 result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 984 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 64 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80d68c0 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80d68c0 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 40. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0040 000a auth_len : 0000 000c call_id : 00000001 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000028 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80ab548 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80ab548 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..64] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=120 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=12739 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 64 (0x40) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 64 (0x40) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=65 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 40 00 00 00 01 00 00 ........ .@...... [0010] 00 28 00 00 00 00 00 00 00 01 00 00 00 01 00 00 .(...... ........ [0020] 00 03 00 00 00 00 00 00 00 00 00 00 00 0A 00 00 ........ ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 00 00 00 ......J. ."#..... [0040] 00 . [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 96 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x60 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 226 of length 100 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=96 smb_com=0xa2 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=12801 smt_wct=24 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]= 2560 (0xA00) smb_vwv[ 3]= 5632 (0x1600) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]=40704 (0x9F00) smb_vwv[ 8]= 513 (0x201) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 768 (0x300) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 256 (0x100) smb_vwv[18]= 0 (0x0) smb_vwv[19]=16384 (0x4000) smb_vwv[20]= 0 (0x0) smb_vwv[21]= 512 (0x200) smb_vwv[22]= 0 (0x0) smb_vwv[23]= 768 (0x300) smb_bcc=13 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 73 00 61 00 6D 00 72 00 00 00 .\.s.a.m .r... [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBntcreateX (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 10] smbd/nttrans.c:483(reply_ntcreate_and_X) reply_ntcreate_and_X: flags = 0x16, access_mask = 0x2019f file_attributes = 0x0, share_access = 0x3, create_disposition = 0x1 create_options = 0x40 root_dir_fid = 0x0, fname = samr [2009/10/23 16:51:03, 4] smbd/nttrans.c:315(nt_open_pipe) nt_open_pipe: Opening pipe \samr. [2009/10/23 16:51:03, 5] smbd/files.c:103(file_new) allocated file structure 537, fnum = 4633 (6 used) [2009/10/23 16:51:03, 4] rpc_server/srv_pipe_hnd.c:99(make_internal_rpc_pipe_p) Create pipe requested \samr [2009/10/23 16:51:03, 10] rpc_server/srv_lsa_hnd.c:102(init_pipe_handle_list) init_pipe_handles: pipe_handles ref count = 4 for pipe \samr [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:572(pdb_set_username) pdb_set_username: setting username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:595(pdb_set_domain) pdb_set_domain: setting domain WZB, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:618(pdb_set_nt_username) pdb_set_nt_username: setting nt username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:641(pdb_set_fullname) pdb_set_full_name: setting full name Bernd das Brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:734(pdb_set_homedir) pdb_set_homedir: setting home dir \\selene\wzb, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:710(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive M:, was NULL [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:664(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:687(pdb_set_profile_path) pdb_set_profile_path: setting profile path , was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:777(pdb_set_workstations) pdb_set_workstations: setting workstations , was [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:501(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 10] passdb/pdb_compat.c:72(pdb_set_user_sid_from_rid) pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 from rid 61012 [2009/10/23 16:51:03, 4] rpc_server/srv_pipe_hnd.c:161(make_internal_rpc_pipe_p) Created internal pipe \samr (pipes_open=0) [2009/10/23 16:51:03, 5] smbd/nttrans.c:404(do_ntcreate_pipe_open) do_ntcreate_pipe_open: open pipe = \samr [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 136 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x88 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 227 of length 140 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=136 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=12867 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 52 (0x34) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 52 (0x34) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4632 (0x1218) smb_bcc=69 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 34 00 00 00 03 00 00 ........ .4...... [0020] 00 1C 00 00 00 00 00 06 00 00 00 00 00 0A 00 00 ........ ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 00 00 00 ......J. ."#..... [0040] 00 00 20 00 00 .. .. [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=52 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1218) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b0a18 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 52 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 52 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 52 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 52, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 36 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 36 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0034 000a auth_len : 0000 000c call_id : 00000003 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 36 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 36, incoming data = 36 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 0000001c 0004 context_id: 0000 0006 opnum : 0006 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x6 - api_rpcTNP: rpc command: SAMR_ENUMDOMAINS [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[6].fn == 0xb7babfa0 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_EnumDomains: struct samr_EnumDomains in: struct samr_EnumDomains connect_handle : * connect_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000a-0000-0000-e14a-d7c222230000 resume_handle : * resume_handle : 0x00000000 (0) buf_size : 0x00002000 (8192) [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 0A 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:231(access_check_samr_function) _samr_EnumDomains: access check ((granted: 0x00000030; required: 0x00000010) [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_EnumDomains: struct samr_EnumDomains out: struct samr_EnumDomains resume_handle : * resume_handle : 0x00000000 (0) sam : * sam : * sam: struct samr_SamArray count : 0x00000002 (2) entries : * entries: ARRAY(2) entries: struct samr_SamEntry idx : 0x00000000 (0) name: struct lsa_String length : 0x0006 (6) size : 0x0006 (6) string : * string : 'WZB' entries: struct samr_SamEntry idx : 0x00000001 (1) name: struct lsa_String length : 0x000e (14) size : 0x000e (14) string : * string : 'Builtin' num_entries : * num_entries : 0x00000002 (2) result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 32 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 36 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80d6890 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80d6890 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 100. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 007c 000a auth_len : 0000 000c call_id : 00000003 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000064 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b4e18 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b4e18 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..124] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=180 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=12867 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 124 (0x7C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 124 (0x7C) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=125 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 7C 00 00 00 03 00 00 ........ .|...... [0010] 00 64 00 00 00 00 00 00 00 00 00 00 00 00 00 02 .d...... ........ [0020] 00 02 00 00 00 04 00 02 00 02 00 00 00 00 00 00 ........ ........ [0030] 00 06 00 06 00 08 00 02 00 01 00 00 00 0E 00 0E ........ ........ [0040] 00 0C 00 02 00 03 00 00 00 00 00 00 00 03 00 00 ........ ........ [0050] 00 57 00 5A 00 42 00 00 00 07 00 00 00 00 00 00 .W.Z.B.. ........ [0060] 00 07 00 00 00 42 00 75 00 69 00 6C 00 74 00 69 .....B.u .i.l.t.i [0070] 00 6E 00 00 00 02 00 00 00 00 00 00 00 .n...... ..... [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 136 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x88 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 228 of length 140 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=136 smb_com=0x2f smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=65279 smb_uid=101 smb_mid=12929 smt_wct=14 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]= 4633 (0x1219) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]=65535 (0xFFFF) smb_vwv[ 6]=65535 (0xFFFF) smb_vwv[ 7]= 8 (0x8) smb_vwv[ 8]= 72 (0x48) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 72 (0x48) smb_vwv[11]= 64 (0x40) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_bcc=73 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] EE 05 00 0B 03 10 00 00 00 48 00 00 00 02 00 00 ........ .H...... [0010] 00 B8 10 B8 10 F0 53 00 00 01 00 00 00 00 00 01 ......S. ........ [0020] 00 78 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 .xW4.4.. ....#Eg. [0030] AC 01 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 ......]. ........ [0040] 00 2B 10 48 60 02 00 00 00 .+.H`... . [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBwriteX (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 6] smbd/pipes.c:271(reply_pipe_write_and_X) reply_pipe_write_and_X: 1219 name: samr len: 72 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 72 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 72 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 72 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 72, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 56 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 56 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0b 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 00000002 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 11, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 56 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 56, incoming data = 56 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 11 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:1558(api_pipe_bind_req) api_pipe_bind_req: decode request. 1558 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_rb [2009/10/23 16:51:03, 6] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_bba 0000 max_tsize: 10b8 0002 max_rsize: 10b8 0004 assoc_gid: 000053f0 0008 num_contexts: 01 000c context_id : 0000 000e num_transfer_syntaxes: 01 [2009/10/23 16:51:03, 6] rpc_parse/parse_prs.c:88(prs_debug) 00000f smb_io_rpc_iface [2009/10/23 16:51:03, 7] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_uuid uuid 0010 data : 12345778 0014 data : 1234 0016 data : abcd 0018 data : ef 00 001a data : 01 23 45 67 89 ac 0020 version: 00000001 [2009/10/23 16:51:03, 6] rpc_parse/parse_prs.c:88(prs_debug) 000024 smb_io_rpc_iface [2009/10/23 16:51:03, 7] rpc_parse/parse_prs.c:88(prs_debug) 000024 smb_io_uuid uuid 0024 data : 8a885d04 0028 data : 1ceb 002a data : 11c9 002c data : 9f e8 002e data : 08 00 2b 10 48 60 0034 version: 00000002 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe.c:1584(api_pipe_bind_req) api_pipe_bind_req: \PIPE\samr -> \PIPE\samr [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:1628(api_pipe_bind_req) api_pipe_bind_req: make response. 1628 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe.c:960(check_bind_req) check_bind_req for \samr checking lsarpc checking winreg checking initshutdown checking dssetup checking wkssvc checking svcctl checking ntsvcs checking netlogon checking netdfs checking srvsvc checking spoolss checking eventlog checking samr [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_ba [2009/10/23 16:51:03, 6] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_bba 0000 max_tsize: 10b8 0002 max_rsize: 10b8 0004 assoc_gid: 000053f0 [2009/10/23 16:51:03, 6] rpc_parse/parse_prs.c:88(prs_debug) 000008 smb_io_rpc_addr_str 0008 len: 000b 000a str: \PIPE\samr. [2009/10/23 16:51:03, 6] rpc_parse/parse_prs.c:88(prs_debug) 000015 smb_io_rpc_results 0018 num_results: 01 001c result : 0000 001e reason : 0000 [2009/10/23 16:51:03, 6] rpc_parse/parse_prs.c:88(prs_debug) 000020 smb_io_rpc_iface [2009/10/23 16:51:03, 7] rpc_parse/parse_prs.c:88(prs_debug) 000020 smb_io_uuid uuid 0020 data : 8a885d04 0024 data : 1ceb 0026 data : 11c9 0028 data : 9f e8 002a data : 08 00 2b 10 48 60 0030 version: 00000002 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000002 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 56 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80d6820 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80d6820 [2009/10/23 16:51:03, 3] smbd/pipes.c:325(pipe_write_andx_done) writeX-IPC nwritten=72 [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 154 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x9a [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 229 of length 158 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=154 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=12995 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 70 (0x46) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 70 (0x46) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4632 (0x1218) smb_bcc=87 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 46 00 00 00 04 00 00 ........ .F...... [0020] 00 2E 00 00 00 00 00 05 00 00 00 00 00 0A 00 00 ........ ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 06 00 06 ......J. ."#..... [0040] 00 00 00 02 00 03 00 00 00 00 00 00 00 03 00 00 ........ ........ [0050] 00 57 00 5A 00 42 00 .W.Z.B. [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=70 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1218) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b0a18 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 70 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 70 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 70 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 70, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 54 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 54 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0046 000a auth_len : 0000 000c call_id : 00000004 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 54 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 54, incoming data = 54 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 0000002e 0004 context_id: 0000 0006 opnum : 0005 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x5 - api_rpcTNP: rpc command: SAMR_LOOKUPDOMAIN [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[5].fn == 0xb7bac210 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_LookupDomain: struct samr_LookupDomain in: struct samr_LookupDomain connect_handle : * connect_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000a-0000-0000-e14a-d7c222230000 domain_name : * domain_name: struct lsa_String length : 0x0006 (6) size : 0x0006 (6) string : * string : 'WZB' [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 0A 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:231(access_check_samr_function) _samr_LookupDomain: access check ((granted: 0x00000030; required: 0x00000020) [2009/10/23 16:51:03, 2] rpc_server/srv_samr_nt.c:4118(_samr_LookupDomain) Returning domain sid for domain WZB -> S-1-5-21-3308023661-3915791984-1724325443 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_LookupDomain: struct samr_LookupDomain out: struct samr_LookupDomain sid : * sid : * sid : S-1-5-21-3308023661-3915791984-1724325443 result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 68 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 54 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80d88f8 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80d88f8 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 36. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 003c 000a auth_len : 0000 000c call_id : 00000004 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000024 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..60] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=116 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=12995 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 60 (0x3C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 60 (0x3C) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=61 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 3C 00 00 00 04 00 00 ........ .<...... [0010] 00 24 00 00 00 00 00 00 00 00 00 02 00 04 00 00 .$...... ........ [0020] 00 01 04 00 00 00 00 00 05 15 00 00 00 6D 6F 2C ........ .....mo, [0030] C5 70 3E 66 E9 43 1E C7 66 00 00 00 00 .p>f.C.. f.... [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 59 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x3b [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 230 of length 63 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=59 smb_com=0x2e smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=65279 smb_uid=101 smb_mid=13057 smt_wct=12 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]=57054 (0xDEDE) smb_vwv[ 2]= 4633 (0x1219) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 1024 (0x400) smb_vwv[ 6]= 1024 (0x400) smb_vwv[ 7]=65535 (0xFFFF) smb_vwv[ 8]=65535 (0xFFFF) smb_vwv[ 9]= 1024 (0x400) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_bcc=0 [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBreadX (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:842(read_from_internal_pipe) read_from_pipe: \samr: current_pdu_len = 68, current_pdu_sent = 0 returning 68 bytes. [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80d8c88 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80d8c88 [2009/10/23 16:51:03, 3] smbd/pipes.c:430(pipe_read_andx_done) readX-IPC min=1024 max=1024 nread=68 [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 160 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0xa0 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 231 of length 164 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=160 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13123 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 76 (0x4C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 76 (0x4C) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4632 (0x1218) smb_bcc=93 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 4C 00 00 00 05 00 00 ........ .L...... [0020] 00 34 00 00 00 00 00 07 00 00 00 00 00 0A 00 00 .4...... ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 00 02 00 ......J. ."#..... [0040] 00 04 00 00 00 01 04 00 00 00 00 00 05 15 00 00 ........ ........ [0050] 00 6D 6F 2C C5 70 3E 66 E9 43 1E C7 66 .mo,.p>f .C..f [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=76 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1218) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b0a18 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 76 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 76 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 76 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 76, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 60 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 60 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 004c 000a auth_len : 0000 000c call_id : 00000005 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 60 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 60, incoming data = 60 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000034 0004 context_id: 0000 0006 opnum : 0007 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x7 - api_rpcTNP: rpc command: SAMR_OPENDOMAIN [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[7].fn == 0xb7babd70 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_OpenDomain: struct samr_OpenDomain in: struct samr_OpenDomain connect_handle : * connect_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000a-0000-0000-e14a-d7c222230000 access_mask : 0x00000200 (512) 0: SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 0: SAMR_DOMAIN_ACCESS_SET_INFO_1 0: SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 0: SAMR_DOMAIN_ACCESS_SET_INFO_2 0: SAMR_DOMAIN_ACCESS_CREATE_USER 0: SAMR_DOMAIN_ACCESS_CREATE_GROUP 0: SAMR_DOMAIN_ACCESS_CREATE_ALIAS 0: SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS 0: SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS 1: SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT 0: SAMR_DOMAIN_ACCESS_SET_INFO_3 sid : * sid : S-1-5-21-3308023661-3915791984-1724325443 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 0A 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 4] rpc_server/srv_samr_nt.c:186(access_check_object) access_check_object: user rights access mask [0x3f0] [2009/10/23 16:51:03, 4] rpc_server/srv_samr_nt.c:219(access_check_object) _samr_OpenDomain: access GRANTED (requested: 0x00000000, granted: 0x000003f0) [2009/10/23 16:51:03, 10] rpc_server/srv_samr_nt.c:395(get_samr_info_by_sid) get_samr_info_by_sid: created new info for sid S-1-5-21-3308023661-3915791984-1724325443 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:160(create_policy_hnd) Opened policy hnd[4] [0000] 00 00 00 00 0B 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:662(_samr_OpenDomain) _samr_OpenDomain: 662 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_OpenDomain: struct samr_OpenDomain out: struct samr_OpenDomain domain_handle : * domain_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000b-0000-0000-e14a-d7c222230000 result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 984 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 60 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da988 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da988 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 24. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000005 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..48] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13123 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 30 00 00 00 05 00 00 ........ .0...... [0010] 00 18 00 00 00 00 00 00 00 00 00 00 00 0B 00 00 ........ ........ [0020] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 00 00 00 ......J. ."#..... [0030] 00 . [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 164 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0xa4 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 232 of length 168 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=164 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13185 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 80 (0x50) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 80 (0x50) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4633 (0x1219) smb_bcc=97 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 50 00 00 00 02 00 00 ........ .P...... [0020] 00 38 00 00 00 00 00 40 00 00 00 02 00 09 00 00 .8.....@ ........ [0030] 00 00 00 00 00 09 00 00 00 5C 00 5C 00 61 00 6C ........ .\.\.a.l [0040] 00 65 00 6B 00 74 00 6F 00 00 00 C9 11 30 00 00 .e.k.t.o .....0.. [0050] 00 01 00 00 00 01 00 00 00 03 00 00 00 00 00 00 ........ ........ [0060] 00 . [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=80 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1219) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b15b8 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 80 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 80 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 80 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 80, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 64 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 64 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0050 000a auth_len : 0000 000c call_id : 00000002 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 64 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 64, incoming data = 64 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000038 0004 context_id: 0000 0006 opnum : 0040 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 70 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x40 - api_rpcTNP: rpc command: SAMR_CONNECT5 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[64].fn == 0xb7ba40f0 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_Connect5: struct samr_Connect5 in: struct samr_Connect5 system_name : * system_name : '\\alekto' access_mask : 0x00000030 (48) 0: SAMR_ACCESS_CONNECT_TO_SERVER 0: SAMR_ACCESS_SHUTDOWN_SERVER 0: SAMR_ACCESS_INITIALIZE_SERVER 0: SAMR_ACCESS_CREATE_DOMAIN 1: SAMR_ACCESS_ENUM_DOMAINS 1: SAMR_ACCESS_LOOKUP_DOMAIN level_in : 0x00000001 (1) info_in : * info_in : union samr_ConnectInfo(case 1) info1: struct samr_ConnectInfo1 client_version : SAMR_CONNECT_AFTER_W2K (3) unknown2 : 0x00000000 (0) [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:3976(_samr_Connect2) _samr_Connect5: 3976 [2009/10/23 16:51:03, 4] rpc_server/srv_samr_nt.c:219(access_check_object) _samr_Connect5: access GRANTED (requested: 0x00000030, granted: 0x00000030) [2009/10/23 16:51:03, 10] rpc_server/srv_samr_nt.c:395(get_samr_info_by_sid) get_samr_info_by_sid: created new info for sid (NULL) [2009/10/23 16:51:03, 10] rpc_server/srv_samr_nt.c:400(get_samr_info_by_sid) get_samr_info_by_sid: created new info for NULL sid. [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:160(create_policy_hnd) Opened policy hnd[5] [0000] 00 00 00 00 0C 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:4007(_samr_Connect2) _samr_Connect5: 4007 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_Connect5: struct samr_Connect5 out: struct samr_Connect5 level_out : * level_out : 0x00000001 (1) info_out : * info_out : union samr_ConnectInfo(case 1) info1: struct samr_ConnectInfo1 client_version : SAMR_CONNECT_AFTER_W2K (3) unknown2 : 0x00000000 (0) connect_handle : * connect_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000c-0000-0000-e14a-d7c222230000 result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 984 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 64 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da950 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da950 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 40. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0040 000a auth_len : 0000 000c call_id : 00000002 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000028 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b4e18 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b4e18 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..64] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=120 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13185 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 64 (0x40) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 64 (0x40) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=65 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 40 00 00 00 02 00 00 ........ .@...... [0010] 00 28 00 00 00 00 00 00 00 01 00 00 00 01 00 00 .(...... ........ [0020] 00 03 00 00 00 00 00 00 00 00 00 00 00 0C 00 00 ........ ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 00 00 00 ......J. ."#..... [0040] 00 . [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 148 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x94 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 233 of length 152 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=148 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13251 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 64 (0x40) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 64 (0x40) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4632 (0x1218) smb_bcc=81 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 40 00 00 00 06 00 00 ........ .@...... [0020] 00 28 00 00 00 00 00 07 00 00 00 00 00 0A 00 00 .(...... ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 80 02 00 ......J. ."#..... [0040] 00 01 00 00 00 01 01 00 00 00 00 00 05 20 00 00 ........ ..... .. [0050] 00 . [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=64 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1218) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b0a18 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 64 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 64 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 64 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 64, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 48 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 48 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0040 000a auth_len : 0000 000c call_id : 00000006 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 48 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 48, incoming data = 48 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000028 0004 context_id: 0000 0006 opnum : 0007 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x7 - api_rpcTNP: rpc command: SAMR_OPENDOMAIN [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[7].fn == 0xb7babd70 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_OpenDomain: struct samr_OpenDomain in: struct samr_OpenDomain connect_handle : * connect_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000a-0000-0000-e14a-d7c222230000 access_mask : 0x00000280 (640) 0: SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 0: SAMR_DOMAIN_ACCESS_SET_INFO_1 0: SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 0: SAMR_DOMAIN_ACCESS_SET_INFO_2 0: SAMR_DOMAIN_ACCESS_CREATE_USER 0: SAMR_DOMAIN_ACCESS_CREATE_GROUP 0: SAMR_DOMAIN_ACCESS_CREATE_ALIAS 1: SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS 0: SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS 1: SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT 0: SAMR_DOMAIN_ACCESS_SET_INFO_3 sid : * sid : S-1-5-32 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[2] [0000] 00 00 00 00 0A 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 4] rpc_server/srv_samr_nt.c:186(access_check_object) access_check_object: user rights access mask [0x3f0] [2009/10/23 16:51:03, 4] rpc_server/srv_samr_nt.c:219(access_check_object) _samr_OpenDomain: access GRANTED (requested: 0x00000000, granted: 0x000003f0) [2009/10/23 16:51:03, 10] rpc_server/srv_samr_nt.c:395(get_samr_info_by_sid) get_samr_info_by_sid: created new info for sid S-1-5-32 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:160(create_policy_hnd) Opened policy hnd[6] [0000] 00 00 00 00 0D 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:662(_samr_OpenDomain) _samr_OpenDomain: 662 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_OpenDomain: struct samr_OpenDomain out: struct samr_OpenDomain domain_handle : * domain_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000d-0000-0000-e14a-d7c222230000 result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 984 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 48 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da930 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da930 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 24. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000006 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b4e18 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b4e18 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..48] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13251 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 30 00 00 00 06 00 00 ........ .0...... [0010] 00 18 00 00 00 00 00 00 00 00 00 00 00 0D 00 00 ........ ........ [0020] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 00 00 00 ......J. ."#..... [0030] 00 . [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 136 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x88 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 234 of length 140 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=136 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13313 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 52 (0x34) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 52 (0x34) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4633 (0x1219) smb_bcc=69 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 34 00 00 00 07 00 00 ........ .4...... [0020] 00 1C 00 00 00 00 00 06 00 00 00 00 00 0C 00 00 ........ ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 00 00 00 ......J. ."#..... [0040] 00 00 20 00 00 .. .. [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=52 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1219) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b15b8 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 52 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 52 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 52 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 52, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 36 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 36 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0034 000a auth_len : 0000 000c call_id : 00000007 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 36 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 36, incoming data = 36 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 0000001c 0004 context_id: 0000 0006 opnum : 0006 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x6 - api_rpcTNP: rpc command: SAMR_ENUMDOMAINS [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[6].fn == 0xb7babfa0 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_EnumDomains: struct samr_EnumDomains in: struct samr_EnumDomains connect_handle : * connect_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000c-0000-0000-e14a-d7c222230000 resume_handle : * resume_handle : 0x00000000 (0) buf_size : 0x00002000 (8192) [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[1] [0000] 00 00 00 00 0C 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:231(access_check_samr_function) _samr_EnumDomains: access check ((granted: 0x00000030; required: 0x00000010) [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_EnumDomains: struct samr_EnumDomains out: struct samr_EnumDomains resume_handle : * resume_handle : 0x00000000 (0) sam : * sam : * sam: struct samr_SamArray count : 0x00000002 (2) entries : * entries: ARRAY(2) entries: struct samr_SamEntry idx : 0x00000000 (0) name: struct lsa_String length : 0x0006 (6) size : 0x0006 (6) string : * string : 'WZB' entries: struct samr_SamEntry idx : 0x00000001 (1) name: struct lsa_String length : 0x000e (14) size : 0x000e (14) string : * string : 'Builtin' num_entries : * num_entries : 0x00000002 (2) result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 32 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 36 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da920 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da920 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 100. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 007c 000a auth_len : 0000 000c call_id : 00000007 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000064 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..124] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=180 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13313 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 124 (0x7C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 124 (0x7C) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=125 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 7C 00 00 00 07 00 00 ........ .|...... [0010] 00 64 00 00 00 00 00 00 00 00 00 00 00 00 00 02 .d...... ........ [0020] 00 02 00 00 00 04 00 02 00 02 00 00 00 00 00 00 ........ ........ [0030] 00 06 00 06 00 08 00 02 00 01 00 00 00 0E 00 0E ........ ........ [0040] 00 0C 00 02 00 03 00 00 00 00 00 00 00 03 00 00 ........ ........ [0050] 00 57 00 5A 00 42 00 00 00 07 00 00 00 00 00 00 .W.Z.B.. ........ [0060] 00 07 00 00 00 42 00 75 00 69 00 6C 00 74 00 69 .....B.u .i.l.t.i [0070] 00 6E 00 00 00 02 00 00 00 00 00 00 00 .n...... ..... [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 172 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0xac [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 235 of length 176 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=172 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13379 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 88 (0x58) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 88 (0x58) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4632 (0x1218) smb_bcc=105 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 58 00 00 00 08 00 00 ........ .X...... [0020] 00 40 00 00 00 00 00 11 00 00 00 00 00 0B 00 00 .@...... ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 01 00 00 ......J. ."#..... [0040] 00 E8 03 00 00 00 00 00 00 01 00 00 00 08 00 0A ........ ........ [0050] 00 00 00 02 00 05 00 00 00 00 00 00 00 04 00 00 ........ ........ [0060] 00 62 00 72 00 6F 00 74 00 .b.r.o.t . [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=88 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1218) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b0a18 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 88 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 88 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 88 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 88, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 72 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 72 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0058 000a auth_len : 0000 000c call_id : 00000008 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 72 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 72, incoming data = 72 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000040 0004 context_id: 0000 0006 opnum : 0011 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x11 - api_rpcTNP: rpc command: SAMR_LOOKUPNAMES [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[17].fn == 0xb7baa640 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_LookupNames: struct samr_LookupNames in: struct samr_LookupNames domain_handle : * domain_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000b-0000-0000-e14a-d7c222230000 num_names : 0x00000001 (1) names: ARRAY(1) names: struct lsa_String length : 0x0008 (8) size : 0x0008 (8) string : * string : 'brot' [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:1816(_samr_LookupNames) _samr_LookupNames: 1816 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[2] [0000] 00 00 00 00 0B 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:231(access_check_samr_function) _samr_LookupNames: access check ((granted: 0x000003f0; required: 0000000000) [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:1841(_samr_LookupNames) _samr_LookupNames: looking name on SID S-1-5-21-3308023661-3915791984-1724325443 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(uid=brot)(objectclass=sambaSamAccount))], scope => [2] [2009/10/23 16:51:03, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: brot [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:572(pdb_set_username) pdb_set_username: setting username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:595(pdb_set_domain) pdb_set_domain: setting domain WZB, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:618(pdb_set_nt_username) pdb_set_nt_username: setting nt username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:514(pdb_set_user_sid_from_string) pdb_set_user_sid_from_string: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:501(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:641(pdb_set_fullname) pdb_set_full_name: setting full name Bernd das Brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:710(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive M:, was NULL [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:734(pdb_set_homedir) pdb_set_homedir: setting home dir \\selene\wzb, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:664(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2009/10/23 16:51:03, 10] lib/smbldap.c:310(smbldap_talloc_single_attribute) attribute sambaProfilePath does not exist [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:687(pdb_set_profile_path) pdb_set_profile_path: setting profile path , was [2009/10/23 16:51:03, 10] lib/smbldap.c:310(smbldap_talloc_single_attribute) attribute description does not exist [2009/10/23 16:51:03, 10] lib/smbldap.c:310(smbldap_talloc_single_attribute) attribute sambaUserWorkstations does not exist [2009/10/23 16:51:03, 10] lib/smbldap.c:310(smbldap_talloc_single_attribute) attribute sambaMungedDial does not exist [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] lib/smbldap.c:310(smbldap_talloc_single_attribute) attribute sambaLogonHours does not exist [2009/10/23 16:51:03, 7] passdb/login_cache.c:86(login_cache_read) Looking up login cache for user brot [2009/10/23 16:51:03, 7] passdb/login_cache.c:100(login_cache_read) No cache entry found [2009/10/23 16:51:03, 9] passdb/pdb_ldap.c:1054(init_sam_from_ldap) No cache entry, bad count = 0, bad time = 0 [2009/10/23 16:51:03, 5] lib/username.c:133(Get_Pwnam_alloc) Finding user brot [2009/10/23 16:51:03, 5] lib/username.c:77(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is brot [2009/10/23 16:51:03, 5] lib/username.c:110(Get_Pwnam_internals) Get_Pwnam_internals did find user [brot]! [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=50001))], scope => [2] [2009/10/23 16:51:03, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) init_group_from_ldap: Entry found for group: 50001 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:961(lookup_sid) lookup_sid called for SID 'S-1-5-21-3308023661-3915791984-1724325443-513' [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:716(check_dom_sid_to_level) Accepting SID S-1-5-21-3308023661-3915791984-1724325443 in level 1 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:476(lookup_rids) lookup_rids called for domain sid 'S-1-5-21-3308023661-3915791984-1724325443' [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] passdb/pdb_interface.c:1513(lookup_global_sam_rid) lookup_global_sam_rid: looking up RID 513. [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(sambaSID=S-1-5-21-3308023661-3915791984-1724325443-513)(objectclass=sambaSamAccount))], scope => [2] [2009/10/23 16:51:03, 4] passdb/pdb_ldap.c:1613(ldapsam_getsampwsid) ldapsam_getsampwsid: Unable to locate SID [S-1-5-21-3308023661-3915791984-1724325443-513] count=0 [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-21-3308023661-3915791984-1724325443-513))], scope => [2] [2009/10/23 16:51:03, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) init_group_from_ldap: Entry found for group: 50001 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] passdb/pdb_interface.c:1635(pdb_default_lookup_rids) lookup_rids: Domain Users:2 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:996(lookup_sid) Sid S-1-5-21-3308023661-3915791984-1724325443-513 -> WZB\Domain Users(2) [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:572(pdb_set_username) pdb_set_username: setting username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:595(pdb_set_domain) pdb_set_domain: setting domain WZB, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:618(pdb_set_nt_username) pdb_set_nt_username: setting nt username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:641(pdb_set_fullname) pdb_set_full_name: setting full name Bernd das Brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:734(pdb_set_homedir) pdb_set_homedir: setting home dir \\selene\wzb, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:710(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive M:, was NULL [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:664(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:687(pdb_set_profile_path) pdb_set_profile_path: setting profile path , was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:777(pdb_set_workstations) pdb_set_workstations: setting workstations , was [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:501(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 10] passdb/pdb_compat.c:72(pdb_set_user_sid_from_rid) pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 from rid 61012 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:1883(_samr_LookupNames) _samr_LookupNames: 1883 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_LookupNames: struct samr_LookupNames out: struct samr_LookupNames rids : * rids: struct samr_Ids count : 0x00000001 (1) ids : * ids: ARRAY(1) ids : 0x0000ee54 (61012) types : * types: struct samr_Ids count : 0x00000001 (1) ids : * ids: ARRAY(1) ids : 0x00000001 (1) result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 8 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 72 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da960 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da960 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 36. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 003c 000a auth_len : 0000 000c call_id : 00000008 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000024 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..60] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=116 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13379 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 60 (0x3C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 60 (0x3C) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=61 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 3C 00 00 00 08 00 00 ........ .<...... [0010] 00 24 00 00 00 00 00 00 00 01 00 00 00 00 00 02 .$...... ........ [0020] 00 01 00 00 00 54 EE 00 00 01 00 00 00 04 00 02 .....T.. ........ [0030] 00 01 00 00 00 01 00 00 00 00 00 00 00 ........ ..... [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 154 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x9a [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 236 of length 158 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=154 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13441 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 70 (0x46) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 70 (0x46) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4633 (0x1219) smb_bcc=87 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 46 00 00 00 09 00 00 ........ .F...... [0020] 00 2E 00 00 00 00 00 05 00 00 00 00 00 0C 00 00 ........ ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 06 00 06 ......J. ."#..... [0040] 00 00 00 02 00 03 00 00 00 00 00 00 00 03 00 00 ........ ........ [0050] 00 57 00 5A 00 42 00 .W.Z.B. [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=70 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1219) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b15b8 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 70 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 70 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 70 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 70, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 54 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 54 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0046 000a auth_len : 0000 000c call_id : 00000009 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 54 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 54, incoming data = 54 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 0000002e 0004 context_id: 0000 0006 opnum : 0005 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x5 - api_rpcTNP: rpc command: SAMR_LOOKUPDOMAIN [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[5].fn == 0xb7bac210 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_LookupDomain: struct samr_LookupDomain in: struct samr_LookupDomain connect_handle : * connect_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000c-0000-0000-e14a-d7c222230000 domain_name : * domain_name: struct lsa_String length : 0x0006 (6) size : 0x0006 (6) string : * string : 'WZB' [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[1] [0000] 00 00 00 00 0C 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:231(access_check_samr_function) _samr_LookupDomain: access check ((granted: 0x00000030; required: 0x00000020) [2009/10/23 16:51:03, 2] rpc_server/srv_samr_nt.c:4118(_samr_LookupDomain) Returning domain sid for domain WZB -> S-1-5-21-3308023661-3915791984-1724325443 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_LookupDomain: struct samr_LookupDomain out: struct samr_LookupDomain sid : * sid : * sid : S-1-5-21-3308023661-3915791984-1724325443 result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 68 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 54 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da940 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da940 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 36. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 003c 000a auth_len : 0000 000c call_id : 00000009 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000024 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b4e18 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b4e18 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..60] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=116 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13441 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 60 (0x3C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 60 (0x3C) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=61 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 3C 00 00 00 09 00 00 ........ .<...... [0010] 00 24 00 00 00 00 00 00 00 00 00 02 00 04 00 00 .$...... ........ [0020] 00 01 04 00 00 00 00 00 05 15 00 00 00 6D 6F 2C ........ .....mo, [0030] C5 70 3E 66 E9 43 1E C7 66 00 00 00 00 .p>f.C.. f.... [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 136 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x88 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 237 of length 140 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=136 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13507 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 52 (0x34) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 52 (0x34) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4632 (0x1218) smb_bcc=69 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 34 00 00 00 0A 00 00 ........ .4...... [0020] 00 1C 00 00 00 00 00 22 00 00 00 00 00 0B 00 00 ......." ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 1B 01 02 ......J. ."#..... [0040] 00 54 EE 00 00 .T... [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=52 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1218) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b0a18 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 52 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 52 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 52 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 52, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 36 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 36 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0034 000a auth_len : 0000 000c call_id : 0000000a [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 36 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 36, incoming data = 36 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 0000001c 0004 context_id: 0000 0006 opnum : 0022 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x22 - api_rpcTNP: rpc command: SAMR_OPENUSER [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[34].fn == 0xb7ba8270 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_OpenUser: struct samr_OpenUser in: struct samr_OpenUser domain_handle : * domain_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000b-0000-0000-e14a-d7c222230000 access_mask : 0x0002011b (131355) 1: SAMR_USER_ACCESS_GET_NAME_ETC 1: SAMR_USER_ACCESS_GET_LOCALE 0: SAMR_USER_ACCESS_SET_LOC_COM 1: SAMR_USER_ACCESS_GET_LOGONINFO 1: SAMR_USER_ACCESS_GET_ATTRIBUTES 0: SAMR_USER_ACCESS_SET_ATTRIBUTES 0: SAMR_USER_ACCESS_CHANGE_PASSWORD 0: SAMR_USER_ACCESS_SET_PASSWORD 1: SAMR_USER_ACCESS_GET_GROUPS 0: SAMR_USER_ACCESS_GET_GROUP_MEMBERSHIP 0: SAMR_USER_ACCESS_CHANGE_GROUP_MEMBERSHIP rid : 0x0000ee54 (61012) [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[2] [0000] 00 00 00 00 0B 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:231(access_check_samr_function) _samr_OpenUser: access check ((granted: 0x000003f0; required: 0x00000200) [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] lib/username.c:133(Get_Pwnam_alloc) Finding user brot [2009/10/23 16:51:03, 5] lib/username.c:77(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is brot [2009/10/23 16:51:03, 5] lib/username.c:110(Get_Pwnam_internals) Get_Pwnam_internals did find user [brot]! [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=50001))], scope => [2] [2009/10/23 16:51:03, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) init_group_from_ldap: Entry found for group: 50001 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:961(lookup_sid) lookup_sid called for SID 'S-1-5-21-3308023661-3915791984-1724325443-513' [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:716(check_dom_sid_to_level) Accepting SID S-1-5-21-3308023661-3915791984-1724325443 in level 1 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:476(lookup_rids) lookup_rids called for domain sid 'S-1-5-21-3308023661-3915791984-1724325443' [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] passdb/pdb_interface.c:1513(lookup_global_sam_rid) lookup_global_sam_rid: looking up RID 513. [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(sambaSID=S-1-5-21-3308023661-3915791984-1724325443-513)(objectclass=sambaSamAccount))], scope => [2] [2009/10/23 16:51:03, 4] passdb/pdb_ldap.c:1613(ldapsam_getsampwsid) ldapsam_getsampwsid: Unable to locate SID [S-1-5-21-3308023661-3915791984-1724325443-513] count=0 [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-21-3308023661-3915791984-1724325443-513))], scope => [2] [2009/10/23 16:51:03, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) init_group_from_ldap: Entry found for group: 50001 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] passdb/pdb_interface.c:1635(pdb_default_lookup_rids) lookup_rids: Domain Users:2 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:996(lookup_sid) Sid S-1-5-21-3308023661-3915791984-1724325443-513 -> WZB\Domain Users(2) [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:572(pdb_set_username) pdb_set_username: setting username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:595(pdb_set_domain) pdb_set_domain: setting domain WZB, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:618(pdb_set_nt_username) pdb_set_nt_username: setting nt username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:641(pdb_set_fullname) pdb_set_full_name: setting full name Bernd das Brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:734(pdb_set_homedir) pdb_set_homedir: setting home dir \\selene\wzb, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:710(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive M:, was NULL [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:664(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:687(pdb_set_profile_path) pdb_set_profile_path: setting profile path , was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:777(pdb_set_workstations) pdb_set_workstations: setting workstations , was [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:501(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 10] passdb/pdb_compat.c:72(pdb_set_user_sid_from_rid) pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 from rid 61012 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_samr_nt.c:2411(_samr_OpenUser) _samr_OpenUser: adding add user rights to handle for user brot [2009/10/23 16:51:03, 4] rpc_server/srv_samr_nt.c:186(access_check_object) access_check_object: user rights access mask [0xd04e4] [2009/10/23 16:51:03, 4] rpc_server/srv_samr_nt.c:219(access_check_object) _samr_OpenUser: access GRANTED (requested: 0x0002011b, granted: 0x000f05ff) [2009/10/23 16:51:03, 10] rpc_server/srv_samr_nt.c:395(get_samr_info_by_sid) get_samr_info_by_sid: created new info for sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:160(create_policy_hnd) Opened policy hnd[7] [0000] 00 00 00 00 0E 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_OpenUser: struct samr_OpenUser out: struct samr_OpenUser user_handle : * user_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000e-0000-0000-e14a-d7c222230000 result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 1216 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 36 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da920 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da920 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 24. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 0000000a [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b4e18 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b4e18 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..48] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13507 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 30 00 00 00 0A 00 00 ........ .0...... [0010] 00 18 00 00 00 00 00 00 00 00 00 00 00 0E 00 00 ........ ........ [0020] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 00 00 00 ......J. ."#..... [0030] 00 . [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 160 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0xa0 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 238 of length 164 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=160 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13569 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 76 (0x4C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 76 (0x4C) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4633 (0x1219) smb_bcc=93 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 4C 00 00 00 0B 00 00 ........ .L...... [0020] 00 34 00 00 00 00 00 07 00 00 00 00 00 0C 00 00 .4...... ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 00 02 00 ......J. ."#..... [0040] 00 04 00 00 00 01 04 00 00 00 00 00 05 15 00 00 ........ ........ [0050] 00 6D 6F 2C C5 70 3E 66 E9 43 1E C7 66 .mo,.p>f .C..f [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=76 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1219) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b15b8 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 76 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 76 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 76 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 76, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 60 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 60 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 004c 000a auth_len : 0000 000c call_id : 0000000b [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 60 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 60, incoming data = 60 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000034 0004 context_id: 0000 0006 opnum : 0007 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x7 - api_rpcTNP: rpc command: SAMR_OPENDOMAIN [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[7].fn == 0xb7babd70 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_OpenDomain: struct samr_OpenDomain in: struct samr_OpenDomain connect_handle : * connect_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000c-0000-0000-e14a-d7c222230000 access_mask : 0x00000200 (512) 0: SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 0: SAMR_DOMAIN_ACCESS_SET_INFO_1 0: SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 0: SAMR_DOMAIN_ACCESS_SET_INFO_2 0: SAMR_DOMAIN_ACCESS_CREATE_USER 0: SAMR_DOMAIN_ACCESS_CREATE_GROUP 0: SAMR_DOMAIN_ACCESS_CREATE_ALIAS 0: SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS 0: SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS 1: SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT 0: SAMR_DOMAIN_ACCESS_SET_INFO_3 sid : * sid : S-1-5-21-3308023661-3915791984-1724325443 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[2] [0000] 00 00 00 00 0C 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 4] rpc_server/srv_samr_nt.c:186(access_check_object) access_check_object: user rights access mask [0x3f0] [2009/10/23 16:51:03, 4] rpc_server/srv_samr_nt.c:219(access_check_object) _samr_OpenDomain: access GRANTED (requested: 0x00000000, granted: 0x000003f0) [2009/10/23 16:51:03, 10] rpc_server/srv_samr_nt.c:395(get_samr_info_by_sid) get_samr_info_by_sid: created new info for sid S-1-5-21-3308023661-3915791984-1724325443 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:160(create_policy_hnd) Opened policy hnd[8] [0000] 00 00 00 00 0F 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:662(_samr_OpenDomain) _samr_OpenDomain: 662 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_OpenDomain: struct samr_OpenDomain out: struct samr_OpenDomain domain_handle : * domain_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000f-0000-0000-e14a-d7c222230000 result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 984 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 60 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da950 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da950 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 24. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 0000000b [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b4e18 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b4e18 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..48] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13569 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 30 00 00 00 0B 00 00 ........ .0...... [0010] 00 18 00 00 00 00 00 00 00 00 00 00 00 0F 00 00 ........ ........ [0020] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 00 00 00 ......J. ."#..... [0030] 00 . [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 130 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x82 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 239 of length 134 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=130 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13635 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 46 (0x2E) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 46 (0x2E) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4632 (0x1218) smb_bcc=63 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 2E 00 00 00 0C 00 00 ........ ........ [0020] 00 16 00 00 00 00 00 24 00 00 00 00 00 0E 00 00 .......$ ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 15 00 ......J. ."#.... [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=46 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1218) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b0a18 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 46 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 46 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 46 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 46, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 30 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 30 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002e 000a auth_len : 0000 000c call_id : 0000000c [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 30 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 30, incoming data = 30 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000016 0004 context_id: 0000 0006 opnum : 0024 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x24 - api_rpcTNP: rpc command: SAMR_QUERYUSERINFO [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[36].fn == 0xb7ba7e30 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_QueryUserInfo: struct samr_QueryUserInfo in: struct samr_QueryUserInfo user_handle : * user_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000e-0000-0000-e14a-d7c222230000 level : 0x0015 (21) [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[1] [0000] 00 00 00 00 0E 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:231(access_check_samr_function) _samr_QueryUserInfo: access check ((granted: 0x000f05ff; required: 0x00000010) [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:3132(_samr_QueryUserInfo) _samr_QueryUserInfo: sid:S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:3139(_samr_QueryUserInfo) _samr_QueryUserInfo: user info level: 21 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:572(pdb_set_username) pdb_set_username: setting username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:595(pdb_set_domain) pdb_set_domain: setting domain WZB, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:618(pdb_set_nt_username) pdb_set_nt_username: setting nt username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:641(pdb_set_fullname) pdb_set_full_name: setting full name Bernd das Brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:734(pdb_set_homedir) pdb_set_homedir: setting home dir \\selene\wzb, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:710(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive M:, was NULL [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:664(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:687(pdb_set_profile_path) pdb_set_profile_path: setting profile path , was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:777(pdb_set_workstations) pdb_set_workstations: setting workstations , was [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:501(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 10] passdb/pdb_compat.c:72(pdb_set_user_sid_from_rid) pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 from rid 61012 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] rpc_server/srv_samr_nt.c:3155(_samr_QueryUserInfo) User:[brot] [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] lib/username.c:133(Get_Pwnam_alloc) Finding user brot [2009/10/23 16:51:03, 5] lib/username.c:77(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is brot [2009/10/23 16:51:03, 5] lib/username.c:110(Get_Pwnam_internals) Get_Pwnam_internals did find user [brot]! [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=50001))], scope => [2] [2009/10/23 16:51:03, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) init_group_from_ldap: Entry found for group: 50001 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:961(lookup_sid) lookup_sid called for SID 'S-1-5-21-3308023661-3915791984-1724325443-513' [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:716(check_dom_sid_to_level) Accepting SID S-1-5-21-3308023661-3915791984-1724325443 in level 1 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:476(lookup_rids) lookup_rids called for domain sid 'S-1-5-21-3308023661-3915791984-1724325443' [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] passdb/pdb_interface.c:1513(lookup_global_sam_rid) lookup_global_sam_rid: looking up RID 513. [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(sambaSID=S-1-5-21-3308023661-3915791984-1724325443-513)(objectclass=sambaSamAccount))], scope => [2] [2009/10/23 16:51:03, 4] passdb/pdb_ldap.c:1613(ldapsam_getsampwsid) ldapsam_getsampwsid: Unable to locate SID [S-1-5-21-3308023661-3915791984-1724325443-513] count=0 [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-21-3308023661-3915791984-1724325443-513))], scope => [2] [2009/10/23 16:51:03, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) init_group_from_ldap: Entry found for group: 50001 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] passdb/pdb_interface.c:1635(pdb_default_lookup_rids) lookup_rids: Domain Users:2 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:996(lookup_sid) Sid S-1-5-21-3308023661-3915791984-1724325443-513 -> WZB\Domain Users(2) [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning expired cache entry: key = ACCT_POL/minimum password age, value = 0 , timeout = Fri Oct 23 16:49:42 2009 [2009/10/23 16:51:03, 10] passdb/pdb_ldap.c:3854(ldapsam_get_account_policy_from_ldap) ldapsam_get_account_policy_from_ldap [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [sambaDomainName=WZB,ou=accounts,dc=wzb,dc=eu], filter => [(objectclass=*)], scope => [0] [2009/10/23 16:51:03, 10] lib/account_pol.c:396(cache_account_policy_set) cache_account_policy_set: updating account pol cache [2009/10/23 16:51:03, 10] lib/gencache.c:131(gencache_set) Adding cache entry with key = ACCT_POL/minimum password age; value = 0 and timeout = Fri Oct 23 16:52:03 2009 (60 seconds ahead) [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:3232(_samr_QueryUserInfo) _samr_QueryUserInfo: 3232 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_QueryUserInfo: struct samr_QueryUserInfo out: struct samr_QueryUserInfo info : * info : * info : union samr_UserInfo(case 21) info21: struct samr_UserInfo21 last_logon : Fri Oct 23 16:04:33 2009 CEST last_logoff : Fri Oct 23 16:02:36 2009 CEST last_password_change : Fri Jul 31 08:42:56 2009 CEST acct_expiry : NTTIME(0) allow_password_change : Fri Jul 31 08:42:56 2009 CEST force_password_change : Tue Jan 19 04:14:07 2038 CET account_name: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : 'brot' full_name: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : 'Bernd das Brot' home_directory: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : '\\selene\wzb' home_drive: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : 'M:' logon_script: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : 'login.cmd' profile_path: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : '' description: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : '' workstations: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : '' comment: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : '' parameters: struct lsa_BinaryString length : 0x0000 (0) size : 0x0000 (0) array : * array: ARRAY(0) lm_owf_password: struct lsa_BinaryString length : 0x0000 (0) size : 0x0000 (0) array : NULL nt_owf_password: struct lsa_BinaryString length : 0x0000 (0) size : 0x0000 (0) array : NULL unknown3: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : NULL buf_count : 0x00000000 (0) buffer : NULL rid : 0x0000ee54 (61012) primary_gid : 0x00000201 (513) acct_flags : 0x00000210 (528) 0: ACB_DISABLED 0: ACB_HOMDIRREQ 0: ACB_PWNOTREQ 0: ACB_TEMPDUP 1: ACB_NORMAL 0: ACB_MNS 0: ACB_DOMTRUST 0: ACB_WSTRUST 0: ACB_SVRTRUST 1: ACB_PWNOEXP 0: ACB_AUTOLOCK 0: ACB_ENC_TXT_PWD_ALLOWED 0: ACB_SMARTCARD_REQUIRED 0: ACB_TRUSTED_FOR_DELEGATION 0: ACB_NOT_DELEGATED 0: ACB_USE_DES_KEY_ONLY 0: ACB_DONT_REQUIRE_PREAUTH 0: ACB_PW_EXPIRED 0: ACB_NO_AUTH_DATA_REQD fields_present : 0x00ffffff (16777215) 1: SAMR_FIELD_ACCOUNT_NAME 1: SAMR_FIELD_FULL_NAME 1: SAMR_FIELD_RID 1: SAMR_FIELD_PRIMARY_GID 1: SAMR_FIELD_DESCRIPTION 1: SAMR_FIELD_COMMENT 1: SAMR_FIELD_HOME_DIRECTORY 1: SAMR_FIELD_HOME_DRIVE 1: SAMR_FIELD_LOGON_SCRIPT 1: SAMR_FIELD_PROFILE_PATH 1: SAMR_FIELD_WORKSTATIONS 1: SAMR_FIELD_LAST_LOGON 1: SAMR_FIELD_LAST_LOGOFF 1: SAMR_FIELD_LOGON_HOURS 1: SAMR_FIELD_BAD_PWD_COUNT 1: SAMR_FIELD_NUM_LOGONS 1: SAMR_FIELD_ALLOW_PWD_CHANGE 1: SAMR_FIELD_FORCE_PWD_CHANGE 1: SAMR_FIELD_LAST_PWD_CHANGE 1: SAMR_FIELD_ACCT_EXPIRY 1: SAMR_FIELD_ACCT_FLAGS 1: SAMR_FIELD_PARAMETERS 1: SAMR_FIELD_COUNTRY_CODE 1: SAMR_FIELD_CODE_PAGE 0: SAMR_FIELD_NT_PASSWORD_PRESENT 0: SAMR_FIELD_LM_PASSWORD_PRESENT 0: SAMR_FIELD_PRIVATE_DATA 0: SAMR_FIELD_EXPIRED_FLAG 0: SAMR_FIELD_SEC_DESC 0: SAMR_FIELD_OWF_PWD logon_hours: struct samr_LogonHours units_per_week : 0x00a8 (168) bits : * bits : ffffffffffffffffffffffffffffffffffffffffff bad_password_count : 0x0000 (0) logon_count : 0x0000 (0) country_code : 0x0000 (0) code_page : 0x0000 (0) lm_password_set : 0x00 (0) nt_password_set : 0x00 (0) password_expired : 0x00 (0) unknown4 : 0x00 (0) result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 954 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 30 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 448. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 01d8 000a auth_len : 0000 000c call_id : 0000000c [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 000001c0 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b2058 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b2058 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..472] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=528 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13635 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 472 (0x1D8) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 472 (0x1D8) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=473 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 D8 01 00 00 0C 00 00 ........ ........ [0010] 00 C0 01 00 00 00 00 00 00 00 00 02 00 15 00 00 ........ ........ [0020] 00 80 AE F9 BE E9 53 CA 01 00 E6 3C 79 E9 53 CA ......S. ... data=64 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1219) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b15b8 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 64 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 64 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 64 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 64, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 48 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 48 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0040 000a auth_len : 0000 000c call_id : 0000000d [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 48 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 48, incoming data = 48 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000028 0004 context_id: 0000 0006 opnum : 0007 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x7 - api_rpcTNP: rpc command: SAMR_OPENDOMAIN [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[7].fn == 0xb7babd70 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_OpenDomain: struct samr_OpenDomain in: struct samr_OpenDomain connect_handle : * connect_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000c-0000-0000-e14a-d7c222230000 access_mask : 0x00000280 (640) 0: SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 0: SAMR_DOMAIN_ACCESS_SET_INFO_1 0: SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 0: SAMR_DOMAIN_ACCESS_SET_INFO_2 0: SAMR_DOMAIN_ACCESS_CREATE_USER 0: SAMR_DOMAIN_ACCESS_CREATE_GROUP 0: SAMR_DOMAIN_ACCESS_CREATE_ALIAS 1: SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS 0: SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS 1: SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT 0: SAMR_DOMAIN_ACCESS_SET_INFO_3 sid : * sid : S-1-5-32 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[3] [0000] 00 00 00 00 0C 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 4] rpc_server/srv_samr_nt.c:186(access_check_object) access_check_object: user rights access mask [0x3f0] [2009/10/23 16:51:03, 4] rpc_server/srv_samr_nt.c:219(access_check_object) _samr_OpenDomain: access GRANTED (requested: 0x00000000, granted: 0x000003f0) [2009/10/23 16:51:03, 10] rpc_server/srv_samr_nt.c:395(get_samr_info_by_sid) get_samr_info_by_sid: created new info for sid S-1-5-32 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:160(create_policy_hnd) Opened policy hnd[9] [0000] 00 00 00 00 10 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:662(_samr_OpenDomain) _samr_OpenDomain: 662 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_OpenDomain: struct samr_OpenDomain out: struct samr_OpenDomain domain_handle : * domain_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000010-0000-0000-e14a-d7c222230000 result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 984 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 48 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da930 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da930 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 24. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 0000000d [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b2058 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b2058 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..48] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13697 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 30 00 00 00 0D 00 00 ........ .0...... [0010] 00 18 00 00 00 00 00 00 00 00 00 00 00 10 00 00 ........ ........ [0020] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 00 00 00 ......J. ."#..... [0030] 00 . [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 132 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x84 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 241 of length 136 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=132 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13763 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 48 (0x30) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4632 (0x1218) smb_bcc=65 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 30 00 00 00 0E 00 00 ........ .0...... [0020] 00 18 00 00 00 00 00 03 00 00 00 00 00 0E 00 00 ........ ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 04 00 00 ......J. ."#..... [0040] 00 . [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=48 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1218) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b0a18 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 48 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 48 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 48 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 48, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 32 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 32 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 0000000e [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 32 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 32, incoming data = 32 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000018 0004 context_id: 0000 0006 opnum : 0003 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x3 - api_rpcTNP: rpc command: SAMR_QUERYSECURITY [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[3].fn == 0xb7bac640 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_QuerySecurity: struct samr_QuerySecurity in: struct samr_QuerySecurity handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000e-0000-0000-e14a-d7c222230000 sec_info : 0x00000004 (4) 0: SECINFO_OWNER 0: SECINFO_GROUP 1: SECINFO_DACL 0: SECINFO_SACL 0: SECINFO_UNPROTECTED_SACL 0: SECINFO_UNPROTECTED_DACL 0: SECINFO_PROTECTED_SACL 0: SECINFO_PROTECTED_DACL [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[2] [0000] 00 00 00 00 0E 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 10] rpc_server/srv_samr_nt.c:872(_samr_QuerySecurity) _samr_QuerySecurity: querying security on SID: S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:231(access_check_samr_function) _samr_QuerySecurity: access check ((granted: 0x000f05ff; required: 0x00020000) [2009/10/23 16:51:03, 10] rpc_server/srv_samr_nt.c:903(_samr_QuerySecurity) _samr_QuerySecurity: querying security on Object with SID: S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:572(pdb_set_username) pdb_set_username: setting username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:595(pdb_set_domain) pdb_set_domain: setting domain WZB, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:618(pdb_set_nt_username) pdb_set_nt_username: setting nt username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:641(pdb_set_fullname) pdb_set_full_name: setting full name Bernd das Brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:734(pdb_set_homedir) pdb_set_homedir: setting home dir \\selene\wzb, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:710(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive M:, was NULL [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:664(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:687(pdb_set_profile_path) pdb_set_profile_path: setting profile path , was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:777(pdb_set_workstations) pdb_set_workstations: setting workstations , was [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:501(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 10] passdb/pdb_compat.c:72(pdb_set_user_sid_from_rid) pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 from rid 61012 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] rpc_server/srv_samr_nt.c:843(check_change_pw_access) User:[brot] [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_QuerySecurity: struct samr_QuerySecurity out: struct samr_QuerySecurity sdbuf : * sdbuf : * sdbuf: struct sec_desc_buf sd_size : 0x000000a8 (168) sd : * sd: struct security_descriptor revision : SECURITY_DESCRIPTOR_REVISION_1 (1) type : 0x8004 (32772) 0: SEC_DESC_OWNER_DEFAULTED 0: SEC_DESC_GROUP_DEFAULTED 1: SEC_DESC_DACL_PRESENT 0: SEC_DESC_DACL_DEFAULTED 0: SEC_DESC_SACL_PRESENT 0: SEC_DESC_SACL_DEFAULTED 0: SEC_DESC_DACL_TRUSTED 0: SEC_DESC_SERVER_SECURITY 0: SEC_DESC_DACL_AUTO_INHERIT_REQ 0: SEC_DESC_SACL_AUTO_INHERIT_REQ 0: SEC_DESC_DACL_AUTO_INHERITED 0: SEC_DESC_SACL_AUTO_INHERITED 0: SEC_DESC_DACL_PROTECTED 0: SEC_DESC_SACL_PROTECTED 0: SEC_DESC_RM_CONTROL_VALID 1: SEC_DESC_SELF_RELATIVE owner_sid : NULL group_sid : NULL sacl : NULL dacl : * dacl: struct security_acl revision : SECURITY_ACL_REVISION_NT4 (2) size : 0x0094 (148) num_aces : 0x00000005 (5) aces: ARRAY(5) aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x00 (0) 0: SEC_ACE_FLAG_OBJECT_INHERIT 0: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0014 (20) access_mask : 0x0002035b (131931) object : union security_ace_object_ctr(case 0) trustee : S-1-1-0 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x00 (0) 0: SEC_ACE_FLAG_OBJECT_INHERIT 0: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0018 (24) access_mask : 0x000f07ff (985087) object : union security_ace_object_ctr(case 0) trustee : S-1-5-32-544 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x00 (0) 0: SEC_ACE_FLAG_OBJECT_INHERIT 0: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0018 (24) access_mask : 0x000f07ff (985087) object : union security_ace_object_ctr(case 0) trustee : S-1-5-32-548 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x00 (0) 0: SEC_ACE_FLAG_OBJECT_INHERIT 0: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0024 (36) access_mask : 0x000f07ff (985087) object : union security_ace_object_ctr(case 0) trustee : S-1-5-21-3308023661-3915791984-1724325443-512 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x00 (0) 0: SEC_ACE_FLAG_OBJECT_INHERIT 0: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0024 (36) access_mask : 0x00020044 (131140) object : union security_ace_object_ctr(case 0) trustee : S-1-5-21-3308023661-3915791984-1724325443-61012 result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 1844 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 32 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 188. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 00d4 000a auth_len : 0000 000c call_id : 0000000e [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 000000bc 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b4e18 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b4e18 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..212] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=268 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13763 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 212 (0xD4) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 212 (0xD4) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=213 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 D4 00 00 00 0E 00 00 ........ ........ [0010] 00 BC 00 00 00 00 00 00 00 00 00 02 00 A8 00 00 ........ ........ [0020] 00 04 00 02 00 A8 00 00 00 01 00 04 80 00 00 00 ........ ........ [0030] 00 00 00 00 00 00 00 00 00 14 00 00 00 02 00 94 ........ ........ [0040] 00 05 00 00 00 00 00 14 00 5B 03 02 00 01 01 00 ........ .[...... [0050] 00 00 00 00 01 00 00 00 00 00 00 18 00 FF 07 0F ........ ........ [0060] 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 ........ . ... .. [0070] 00 00 00 18 00 FF 07 0F 00 01 02 00 00 00 00 00 ........ ........ [0080] 05 20 00 00 00 24 02 00 00 00 00 24 00 FF 07 0F . ...$.. ...$.... [0090] 00 01 05 00 00 00 00 00 05 15 00 00 00 6D 6F 2C ........ .....mo, [00A0] C5 70 3E 66 E9 43 1E C7 66 00 02 00 00 00 00 24 .p>f.C.. f......$ [00B0] 00 44 00 02 00 01 05 00 00 00 00 00 05 15 00 00 .D...... ........ [00C0] 00 6D 6F 2C C5 70 3E 66 E9 43 1E C7 66 54 EE 00 .mo,.p>f .C..fT.. [00D0] 00 00 00 00 00 ..... [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 172 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0xac [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 242 of length 176 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=172 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13825 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 88 (0x58) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 88 (0x58) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4633 (0x1219) smb_bcc=105 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 58 00 00 00 0F 00 00 ........ .X...... [0020] 00 40 00 00 00 00 00 11 00 00 00 00 00 0F 00 00 .@...... ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 01 00 00 ......J. ."#..... [0040] 00 E8 03 00 00 00 00 00 00 01 00 00 00 08 00 0A ........ ........ [0050] 00 00 00 02 00 05 00 00 00 00 00 00 00 04 00 00 ........ ........ [0060] 00 62 00 72 00 6F 00 74 00 .b.r.o.t . [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=88 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1219) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b15b8 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 88 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 88 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 88 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 88, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 72 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 72 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0058 000a auth_len : 0000 000c call_id : 0000000f [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 72 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 72, incoming data = 72 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000040 0004 context_id: 0000 0006 opnum : 0011 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x11 - api_rpcTNP: rpc command: SAMR_LOOKUPNAMES [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[17].fn == 0xb7baa640 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_LookupNames: struct samr_LookupNames in: struct samr_LookupNames domain_handle : * domain_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000f-0000-0000-e14a-d7c222230000 num_names : 0x00000001 (1) names: ARRAY(1) names: struct lsa_String length : 0x0008 (8) size : 0x0008 (8) string : * string : 'brot' [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:1816(_samr_LookupNames) _samr_LookupNames: 1816 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[1] [0000] 00 00 00 00 0F 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:231(access_check_samr_function) _samr_LookupNames: access check ((granted: 0x000003f0; required: 0000000000) [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:1841(_samr_LookupNames) _samr_LookupNames: looking name on SID S-1-5-21-3308023661-3915791984-1724325443 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(uid=brot)(objectclass=sambaSamAccount))], scope => [2] [2009/10/23 16:51:03, 2] passdb/pdb_ldap.c:571(init_sam_from_ldap) init_sam_from_ldap: Entry found for user: brot [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:572(pdb_set_username) pdb_set_username: setting username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:595(pdb_set_domain) pdb_set_domain: setting domain WZB, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:618(pdb_set_nt_username) pdb_set_nt_username: setting nt username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:514(pdb_set_user_sid_from_string) pdb_set_user_sid_from_string: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:501(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:641(pdb_set_fullname) pdb_set_full_name: setting full name Bernd das Brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:710(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive M:, was NULL [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:734(pdb_set_homedir) pdb_set_homedir: setting home dir \\selene\wzb, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:664(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2009/10/23 16:51:03, 10] lib/smbldap.c:310(smbldap_talloc_single_attribute) attribute sambaProfilePath does not exist [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:687(pdb_set_profile_path) pdb_set_profile_path: setting profile path , was [2009/10/23 16:51:03, 10] lib/smbldap.c:310(smbldap_talloc_single_attribute) attribute description does not exist [2009/10/23 16:51:03, 10] lib/smbldap.c:310(smbldap_talloc_single_attribute) attribute sambaUserWorkstations does not exist [2009/10/23 16:51:03, 10] lib/smbldap.c:310(smbldap_talloc_single_attribute) attribute sambaMungedDial does not exist [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] lib/smbldap.c:310(smbldap_talloc_single_attribute) attribute sambaLogonHours does not exist [2009/10/23 16:51:03, 7] passdb/login_cache.c:86(login_cache_read) Looking up login cache for user brot [2009/10/23 16:51:03, 7] passdb/login_cache.c:100(login_cache_read) No cache entry found [2009/10/23 16:51:03, 9] passdb/pdb_ldap.c:1054(init_sam_from_ldap) No cache entry, bad count = 0, bad time = 0 [2009/10/23 16:51:03, 5] lib/username.c:133(Get_Pwnam_alloc) Finding user brot [2009/10/23 16:51:03, 5] lib/username.c:77(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is brot [2009/10/23 16:51:03, 5] lib/username.c:110(Get_Pwnam_internals) Get_Pwnam_internals did find user [brot]! [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=50001))], scope => [2] [2009/10/23 16:51:03, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) init_group_from_ldap: Entry found for group: 50001 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:961(lookup_sid) lookup_sid called for SID 'S-1-5-21-3308023661-3915791984-1724325443-513' [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:716(check_dom_sid_to_level) Accepting SID S-1-5-21-3308023661-3915791984-1724325443 in level 1 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:476(lookup_rids) lookup_rids called for domain sid 'S-1-5-21-3308023661-3915791984-1724325443' [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] passdb/pdb_interface.c:1513(lookup_global_sam_rid) lookup_global_sam_rid: looking up RID 513. [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(sambaSID=S-1-5-21-3308023661-3915791984-1724325443-513)(objectclass=sambaSamAccount))], scope => [2] [2009/10/23 16:51:03, 4] passdb/pdb_ldap.c:1613(ldapsam_getsampwsid) ldapsam_getsampwsid: Unable to locate SID [S-1-5-21-3308023661-3915791984-1724325443-513] count=0 [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-21-3308023661-3915791984-1724325443-513))], scope => [2] [2009/10/23 16:51:03, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) init_group_from_ldap: Entry found for group: 50001 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] passdb/pdb_interface.c:1635(pdb_default_lookup_rids) lookup_rids: Domain Users:2 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:996(lookup_sid) Sid S-1-5-21-3308023661-3915791984-1724325443-513 -> WZB\Domain Users(2) [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:572(pdb_set_username) pdb_set_username: setting username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:595(pdb_set_domain) pdb_set_domain: setting domain WZB, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:618(pdb_set_nt_username) pdb_set_nt_username: setting nt username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:641(pdb_set_fullname) pdb_set_full_name: setting full name Bernd das Brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:734(pdb_set_homedir) pdb_set_homedir: setting home dir \\selene\wzb, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:710(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive M:, was NULL [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:664(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:687(pdb_set_profile_path) pdb_set_profile_path: setting profile path , was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:777(pdb_set_workstations) pdb_set_workstations: setting workstations , was [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:501(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 10] passdb/pdb_compat.c:72(pdb_set_user_sid_from_rid) pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 from rid 61012 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:1883(_samr_LookupNames) _samr_LookupNames: 1883 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_LookupNames: struct samr_LookupNames out: struct samr_LookupNames rids : * rids: struct samr_Ids count : 0x00000001 (1) ids : * ids: ARRAY(1) ids : 0x0000ee54 (61012) types : * types: struct samr_Ids count : 0x00000001 (1) ids : * ids: ARRAY(1) ids : 0x00000001 (1) result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 8 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 72 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da960 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da960 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 36. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 003c 000a auth_len : 0000 000c call_id : 0000000f [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000024 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..60] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=116 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13825 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 60 (0x3C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 60 (0x3C) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=61 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 3C 00 00 00 0F 00 00 ........ .<...... [0010] 00 24 00 00 00 00 00 00 00 01 00 00 00 00 00 02 .$...... ........ [0020] 00 01 00 00 00 54 EE 00 00 01 00 00 00 04 00 02 .....T.. ........ [0030] 00 01 00 00 00 01 00 00 00 00 00 00 00 ........ ..... [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 128 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x80 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 243 of length 132 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=128 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13891 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 44 (0x2C) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4632 (0x1218) smb_bcc=61 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 2C 00 00 00 10 00 00 ........ .,...... [0020] 00 14 00 00 00 00 00 27 00 00 00 00 00 0E 00 00 .......' ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 ......J. ."#.. [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=44 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1218) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b0a18 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 44, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 28 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 00000010 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 28, incoming data = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000014 0004 context_id: 0000 0006 opnum : 0027 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x27 - api_rpcTNP: rpc command: SAMR_GETGROUPSFORUSER [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[39].fn == 0xb7ba7800 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_GetGroupsForUser: struct samr_GetGroupsForUser in: struct samr_GetGroupsForUser user_handle : * user_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000e-0000-0000-e14a-d7c222230000 [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:3287(_samr_GetGroupsForUser) _samr_GetGroupsForUser: 3287 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[2] [0000] 00 00 00 00 0E 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:231(access_check_samr_function) _samr_GetGroupsForUser: access check ((granted: 0x000f05ff; required: 0x00000100) [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] lib/username.c:133(Get_Pwnam_alloc) Finding user brot [2009/10/23 16:51:03, 5] lib/username.c:77(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is brot [2009/10/23 16:51:03, 5] lib/username.c:110(Get_Pwnam_internals) Get_Pwnam_internals did find user [brot]! [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=50001))], scope => [2] [2009/10/23 16:51:03, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) init_group_from_ldap: Entry found for group: 50001 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:961(lookup_sid) lookup_sid called for SID 'S-1-5-21-3308023661-3915791984-1724325443-513' [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:716(check_dom_sid_to_level) Accepting SID S-1-5-21-3308023661-3915791984-1724325443 in level 1 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:476(lookup_rids) lookup_rids called for domain sid 'S-1-5-21-3308023661-3915791984-1724325443' [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] passdb/pdb_interface.c:1513(lookup_global_sam_rid) lookup_global_sam_rid: looking up RID 513. [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(sambaSID=S-1-5-21-3308023661-3915791984-1724325443-513)(objectclass=sambaSamAccount))], scope => [2] [2009/10/23 16:51:03, 4] passdb/pdb_ldap.c:1613(ldapsam_getsampwsid) ldapsam_getsampwsid: Unable to locate SID [S-1-5-21-3308023661-3915791984-1724325443-513] count=0 [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-21-3308023661-3915791984-1724325443-513))], scope => [2] [2009/10/23 16:51:03, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) init_group_from_ldap: Entry found for group: 50001 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] passdb/pdb_interface.c:1635(pdb_default_lookup_rids) lookup_rids: Domain Users:2 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:996(lookup_sid) Sid S-1-5-21-3308023661-3915791984-1724325443-513 -> WZB\Domain Users(2) [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:572(pdb_set_username) pdb_set_username: setting username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:595(pdb_set_domain) pdb_set_domain: setting domain WZB, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:618(pdb_set_nt_username) pdb_set_nt_username: setting nt username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:641(pdb_set_fullname) pdb_set_full_name: setting full name Bernd das Brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:734(pdb_set_homedir) pdb_set_homedir: setting home dir \\selene\wzb, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:710(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive M:, was NULL [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:664(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:687(pdb_set_profile_path) pdb_set_profile_path: setting profile path , was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:777(pdb_set_workstations) pdb_set_workstations: setting workstations , was [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:501(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 10] passdb/pdb_compat.c:72(pdb_set_user_sid_from_rid) pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 from rid 61012 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/system_smbd.c:122(sys_getgrouplist) sys_getgrouplist: user [brot] [2009/10/23 16:51:03, 5] lib/username.c:133(Get_Pwnam_alloc) Finding user brot [2009/10/23 16:51:03, 5] lib/username.c:77(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is brot [2009/10/23 16:51:03, 5] lib/username.c:110(Get_Pwnam_internals) Get_Pwnam_internals did find user [brot]! [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=50001))], scope => [2] [2009/10/23 16:51:03, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) init_group_from_ldap: Entry found for group: 50001 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:961(lookup_sid) lookup_sid called for SID 'S-1-5-21-3308023661-3915791984-1724325443-513' [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:716(check_dom_sid_to_level) Accepting SID S-1-5-21-3308023661-3915791984-1724325443 in level 1 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:476(lookup_rids) lookup_rids called for domain sid 'S-1-5-21-3308023661-3915791984-1724325443' [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] passdb/pdb_interface.c:1513(lookup_global_sam_rid) lookup_global_sam_rid: looking up RID 513. [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(sambaSID=S-1-5-21-3308023661-3915791984-1724325443-513)(objectclass=sambaSamAccount))], scope => [2] [2009/10/23 16:51:03, 4] passdb/pdb_ldap.c:1613(ldapsam_getsampwsid) ldapsam_getsampwsid: Unable to locate SID [S-1-5-21-3308023661-3915791984-1724325443-513] count=0 [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-21-3308023661-3915791984-1724325443-513))], scope => [2] [2009/10/23 16:51:03, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) init_group_from_ldap: Entry found for group: 50001 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] passdb/pdb_interface.c:1635(pdb_default_lookup_rids) lookup_rids: Domain Users:2 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:996(lookup_sid) Sid S-1-5-21-3308023661-3915791984-1724325443-513 -> WZB\Domain Users(2) [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:3381(_samr_GetGroupsForUser) _samr_GetGroupsForUser: 3381 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_GetGroupsForUser: struct samr_GetGroupsForUser out: struct samr_GetGroupsForUser rids : * rids : * rids: struct samr_RidWithAttributeArray count : 0x00000003 (3) rids : * rids: ARRAY(3) rids: struct samr_RidWithAttribute rid : 0x00000201 (513) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x00018b9b (101275) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x00000200 (512) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 755 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 28 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 44. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000010 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 0000002c 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..68] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=124 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13891 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 68 (0x44) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 68 (0x44) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=69 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 44 00 00 00 10 00 00 ........ .D...... [0010] 00 2C 00 00 00 00 00 00 00 00 00 02 00 03 00 00 .,...... ........ [0020] 00 04 00 02 00 03 00 00 00 01 02 00 00 07 00 00 ........ ........ [0030] 00 9B 8B 01 00 07 00 00 00 00 02 00 00 07 00 00 ........ ........ [0040] 00 00 00 00 00 ..... [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 136 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x88 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 244 of length 140 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=136 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13953 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 52 (0x34) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 52 (0x34) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4633 (0x1219) smb_bcc=69 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 34 00 00 00 11 00 00 ........ .4...... [0020] 00 1C 00 00 00 00 00 22 00 00 00 00 00 0F 00 00 ......." ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 1B 01 02 ......J. ."#..... [0040] 00 54 EE 00 00 .T... [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=52 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1219) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b15b8 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 52 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 52 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 52 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 52, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 36 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 36 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0034 000a auth_len : 0000 000c call_id : 00000011 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 36 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 36, incoming data = 36 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 0000001c 0004 context_id: 0000 0006 opnum : 0022 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x22 - api_rpcTNP: rpc command: SAMR_OPENUSER [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[34].fn == 0xb7ba8270 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_OpenUser: struct samr_OpenUser in: struct samr_OpenUser domain_handle : * domain_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000f-0000-0000-e14a-d7c222230000 access_mask : 0x0002011b (131355) 1: SAMR_USER_ACCESS_GET_NAME_ETC 1: SAMR_USER_ACCESS_GET_LOCALE 0: SAMR_USER_ACCESS_SET_LOC_COM 1: SAMR_USER_ACCESS_GET_LOGONINFO 1: SAMR_USER_ACCESS_GET_ATTRIBUTES 0: SAMR_USER_ACCESS_SET_ATTRIBUTES 0: SAMR_USER_ACCESS_CHANGE_PASSWORD 0: SAMR_USER_ACCESS_SET_PASSWORD 1: SAMR_USER_ACCESS_GET_GROUPS 0: SAMR_USER_ACCESS_GET_GROUP_MEMBERSHIP 0: SAMR_USER_ACCESS_CHANGE_GROUP_MEMBERSHIP rid : 0x0000ee54 (61012) [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[1] [0000] 00 00 00 00 0F 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:231(access_check_samr_function) _samr_OpenUser: access check ((granted: 0x000003f0; required: 0x00000200) [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:572(pdb_set_username) pdb_set_username: setting username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:595(pdb_set_domain) pdb_set_domain: setting domain WZB, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:618(pdb_set_nt_username) pdb_set_nt_username: setting nt username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:641(pdb_set_fullname) pdb_set_full_name: setting full name Bernd das Brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:734(pdb_set_homedir) pdb_set_homedir: setting home dir \\selene\wzb, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:710(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive M:, was NULL [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:664(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:687(pdb_set_profile_path) pdb_set_profile_path: setting profile path , was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:777(pdb_set_workstations) pdb_set_workstations: setting workstations , was [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:501(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 10] passdb/pdb_compat.c:72(pdb_set_user_sid_from_rid) pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 from rid 61012 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_samr_nt.c:2411(_samr_OpenUser) _samr_OpenUser: adding add user rights to handle for user brot [2009/10/23 16:51:03, 4] rpc_server/srv_samr_nt.c:186(access_check_object) access_check_object: user rights access mask [0xd04e4] [2009/10/23 16:51:03, 4] rpc_server/srv_samr_nt.c:219(access_check_object) _samr_OpenUser: access GRANTED (requested: 0x0002011b, granted: 0x000f05ff) [2009/10/23 16:51:03, 10] rpc_server/srv_samr_nt.c:395(get_samr_info_by_sid) get_samr_info_by_sid: created new info for sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:160(create_policy_hnd) Opened policy hnd[10] [0000] 00 00 00 00 11 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_OpenUser: struct samr_OpenUser out: struct samr_OpenUser user_handle : * user_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000011-0000-0000-e14a-d7c222230000 result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 1216 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 36 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da920 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da920 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 24. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000011 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..48] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=13953 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 30 00 00 00 11 00 00 ........ .0...... [0010] 00 18 00 00 00 00 00 00 00 00 00 00 00 11 00 00 ........ ........ [0020] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 00 00 00 ......J. ."#..... [0030] 00 . [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 284 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x11c [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 245 of length 288 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=284 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14019 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 200 (0xC8) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 200 (0xC8) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4632 (0x1218) smb_bcc=217 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 C8 00 00 00 12 00 00 ........ ........ [0020] 00 B0 00 00 00 00 00 10 00 00 00 00 00 0D 00 00 ........ ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 04 00 00 ......J. ."#..... [0040] 00 00 00 02 00 04 00 00 00 04 00 02 00 08 00 02 ........ ........ [0050] 00 0C 00 02 00 10 00 02 00 05 00 00 00 01 05 00 ........ ........ [0060] 00 00 00 00 05 15 00 00 00 6D 6F 2C C5 70 3E 66 ........ .mo,.p>f [0070] E9 43 1E C7 66 54 EE 00 00 05 00 00 00 01 05 00 .C..fT.. ........ [0080] 00 00 00 00 05 15 00 00 00 6D 6F 2C C5 70 3E 66 ........ .mo,.p>f [0090] E9 43 1E C7 66 01 02 00 00 05 00 00 00 01 05 00 .C..f... ........ [00A0] 00 00 00 00 05 15 00 00 00 6D 6F 2C C5 70 3E 66 ........ .mo,.p>f [00B0] E9 43 1E C7 66 9B 8B 01 00 05 00 00 00 01 05 00 .C..f... ........ [00C0] 00 00 00 00 05 15 00 00 00 6D 6F 2C C5 70 3E 66 ........ .mo,.p>f [00D0] E9 43 1E C7 66 00 02 00 00 .C..f... . [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=200 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1218) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b0a18 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 200 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 200 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 200 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 200, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 184 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 184 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 00c8 000a auth_len : 0000 000c call_id : 00000012 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 184 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 184, incoming data = 184 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 000000b0 0004 context_id: 0000 0006 opnum : 0010 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x10 - api_rpcTNP: rpc command: SAMR_GETALIASMEMBERSHIP [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[16].fn == 0xb7baa8a0 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_GetAliasMembership: struct samr_GetAliasMembership in: struct samr_GetAliasMembership domain_handle : * domain_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000d-0000-0000-e14a-d7c222230000 sids : * sids: struct lsa_SidArray num_sids : 0x00000004 (4) sids : * sids: ARRAY(4) sids: struct lsa_SidPtr sid : * sid : S-1-5-21-3308023661-3915791984-1724325443-61012 sids: struct lsa_SidPtr sid : * sid : S-1-5-21-3308023661-3915791984-1724325443-513 sids: struct lsa_SidPtr sid : * sid : S-1-5-21-3308023661-3915791984-1724325443-101275 sids: struct lsa_SidPtr sid : * sid : S-1-5-21-3308023661-3915791984-1724325443-512 [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:5341(_samr_GetAliasMembership) _samr_GetAliasMembership: 5341 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[4] [0000] 00 00 00 00 0D 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:231(access_check_samr_function) _samr_GetAliasMembership: access check ((granted: 0x000003f0; required: 0x00000080) [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:231(access_check_samr_function) _samr_GetAliasMembership: access check ((granted: 0x000003f0; required: 0x00000200) [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(|(objectclass=sambaGroupMapping)(sambaGroupType=4))(|(sambaSIDList=S-1-5-21-3308023661-3915791984-1724325443-61012)(sambaSIDList=S-1-5-21-3308023661-3915791984-1724325443-513)(sambaSIDList=S-1-5-21-3308023661-3915791984-1724325443-101275)(sambaSIDList=S-1-5-21-3308023661-3915791984-1724325443-512)))], scope => [2] [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_GetAliasMembership: struct samr_GetAliasMembership out: struct samr_GetAliasMembership rids : * rids: struct samr_Ids count : 0x00000000 (0) ids : NULL result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 1795 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 184 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80daa40 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80daa40 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 12. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0024 000a auth_len : 0000 000c call_id : 00000012 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 0000000c 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b2058 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b2058 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..36] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=92 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14019 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 36 (0x24) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 36 (0x24) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=37 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 24 00 00 00 12 00 00 ........ .$...... [0010] 00 0C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0020] 00 00 00 00 00 ..... [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 130 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x82 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 246 of length 134 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=130 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14081 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 46 (0x2E) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 46 (0x2E) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4633 (0x1219) smb_bcc=63 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 2E 00 00 00 13 00 00 ........ ........ [0020] 00 16 00 00 00 00 00 24 00 00 00 00 00 11 00 00 .......$ ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 15 00 ......J. ."#.... [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=46 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1219) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b15b8 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 46 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 46 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 46 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 46, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 30 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 30 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002e 000a auth_len : 0000 000c call_id : 00000013 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 30 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 30, incoming data = 30 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000016 0004 context_id: 0000 0006 opnum : 0024 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x24 - api_rpcTNP: rpc command: SAMR_QUERYUSERINFO [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[36].fn == 0xb7ba7e30 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_QueryUserInfo: struct samr_QueryUserInfo in: struct samr_QueryUserInfo user_handle : * user_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000011-0000-0000-e14a-d7c222230000 level : 0x0015 (21) [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 11 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:231(access_check_samr_function) _samr_QueryUserInfo: access check ((granted: 0x000f05ff; required: 0x00000010) [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:3132(_samr_QueryUserInfo) _samr_QueryUserInfo: sid:S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:3139(_samr_QueryUserInfo) _samr_QueryUserInfo: user info level: 21 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:572(pdb_set_username) pdb_set_username: setting username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:595(pdb_set_domain) pdb_set_domain: setting domain WZB, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:618(pdb_set_nt_username) pdb_set_nt_username: setting nt username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:641(pdb_set_fullname) pdb_set_full_name: setting full name Bernd das Brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:734(pdb_set_homedir) pdb_set_homedir: setting home dir \\selene\wzb, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:710(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive M:, was NULL [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:664(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:687(pdb_set_profile_path) pdb_set_profile_path: setting profile path , was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:777(pdb_set_workstations) pdb_set_workstations: setting workstations , was [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:501(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 10] passdb/pdb_compat.c:72(pdb_set_user_sid_from_rid) pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 from rid 61012 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] rpc_server/srv_samr_nt.c:3155(_samr_QueryUserInfo) User:[brot] [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] lib/username.c:133(Get_Pwnam_alloc) Finding user brot [2009/10/23 16:51:03, 5] lib/username.c:77(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is brot [2009/10/23 16:51:03, 5] lib/username.c:110(Get_Pwnam_internals) Get_Pwnam_internals did find user [brot]! [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=50001))], scope => [2] [2009/10/23 16:51:03, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) init_group_from_ldap: Entry found for group: 50001 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:961(lookup_sid) lookup_sid called for SID 'S-1-5-21-3308023661-3915791984-1724325443-513' [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:716(check_dom_sid_to_level) Accepting SID S-1-5-21-3308023661-3915791984-1724325443 in level 1 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:476(lookup_rids) lookup_rids called for domain sid 'S-1-5-21-3308023661-3915791984-1724325443' [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] passdb/pdb_interface.c:1513(lookup_global_sam_rid) lookup_global_sam_rid: looking up RID 513. [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(sambaSID=S-1-5-21-3308023661-3915791984-1724325443-513)(objectclass=sambaSamAccount))], scope => [2] [2009/10/23 16:51:03, 4] passdb/pdb_ldap.c:1613(ldapsam_getsampwsid) ldapsam_getsampwsid: Unable to locate SID [S-1-5-21-3308023661-3915791984-1724325443-513] count=0 [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-21-3308023661-3915791984-1724325443-513))], scope => [2] [2009/10/23 16:51:03, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) init_group_from_ldap: Entry found for group: 50001 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] passdb/pdb_interface.c:1635(pdb_default_lookup_rids) lookup_rids: Domain Users:2 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:996(lookup_sid) Sid S-1-5-21-3308023661-3915791984-1724325443-513 -> WZB\Domain Users(2) [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/minimum password age, value = 0 , timeout = Fri Oct 23 16:52:03 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:3232(_samr_QueryUserInfo) _samr_QueryUserInfo: 3232 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_QueryUserInfo: struct samr_QueryUserInfo out: struct samr_QueryUserInfo info : * info : * info : union samr_UserInfo(case 21) info21: struct samr_UserInfo21 last_logon : Fri Oct 23 16:04:33 2009 CEST last_logoff : Fri Oct 23 16:02:36 2009 CEST last_password_change : Fri Jul 31 08:42:56 2009 CEST acct_expiry : NTTIME(0) allow_password_change : Fri Jul 31 08:42:56 2009 CEST force_password_change : Tue Jan 19 04:14:07 2038 CET account_name: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : 'brot' full_name: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : 'Bernd das Brot' home_directory: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : '\\selene\wzb' home_drive: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : 'M:' logon_script: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : 'login.cmd' profile_path: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : '' description: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : '' workstations: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : '' comment: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : '' parameters: struct lsa_BinaryString length : 0x0000 (0) size : 0x0000 (0) array : * array: ARRAY(0) lm_owf_password: struct lsa_BinaryString length : 0x0000 (0) size : 0x0000 (0) array : NULL nt_owf_password: struct lsa_BinaryString length : 0x0000 (0) size : 0x0000 (0) array : NULL unknown3: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : NULL buf_count : 0x00000000 (0) buffer : NULL rid : 0x0000ee54 (61012) primary_gid : 0x00000201 (513) acct_flags : 0x00000210 (528) 0: ACB_DISABLED 0: ACB_HOMDIRREQ 0: ACB_PWNOTREQ 0: ACB_TEMPDUP 1: ACB_NORMAL 0: ACB_MNS 0: ACB_DOMTRUST 0: ACB_WSTRUST 0: ACB_SVRTRUST 1: ACB_PWNOEXP 0: ACB_AUTOLOCK 0: ACB_ENC_TXT_PWD_ALLOWED 0: ACB_SMARTCARD_REQUIRED 0: ACB_TRUSTED_FOR_DELEGATION 0: ACB_NOT_DELEGATED 0: ACB_USE_DES_KEY_ONLY 0: ACB_DONT_REQUIRE_PREAUTH 0: ACB_PW_EXPIRED 0: ACB_NO_AUTH_DATA_REQD fields_present : 0x00ffffff (16777215) 1: SAMR_FIELD_ACCOUNT_NAME 1: SAMR_FIELD_FULL_NAME 1: SAMR_FIELD_RID 1: SAMR_FIELD_PRIMARY_GID 1: SAMR_FIELD_DESCRIPTION 1: SAMR_FIELD_COMMENT 1: SAMR_FIELD_HOME_DIRECTORY 1: SAMR_FIELD_HOME_DRIVE 1: SAMR_FIELD_LOGON_SCRIPT 1: SAMR_FIELD_PROFILE_PATH 1: SAMR_FIELD_WORKSTATIONS 1: SAMR_FIELD_LAST_LOGON 1: SAMR_FIELD_LAST_LOGOFF 1: SAMR_FIELD_LOGON_HOURS 1: SAMR_FIELD_BAD_PWD_COUNT 1: SAMR_FIELD_NUM_LOGONS 1: SAMR_FIELD_ALLOW_PWD_CHANGE 1: SAMR_FIELD_FORCE_PWD_CHANGE 1: SAMR_FIELD_LAST_PWD_CHANGE 1: SAMR_FIELD_ACCT_EXPIRY 1: SAMR_FIELD_ACCT_FLAGS 1: SAMR_FIELD_PARAMETERS 1: SAMR_FIELD_COUNTRY_CODE 1: SAMR_FIELD_CODE_PAGE 0: SAMR_FIELD_NT_PASSWORD_PRESENT 0: SAMR_FIELD_LM_PASSWORD_PRESENT 0: SAMR_FIELD_PRIVATE_DATA 0: SAMR_FIELD_EXPIRED_FLAG 0: SAMR_FIELD_SEC_DESC 0: SAMR_FIELD_OWF_PWD logon_hours: struct samr_LogonHours units_per_week : 0x00a8 (168) bits : * bits : ffffffffffffffffffffffffffffffffffffffffff bad_password_count : 0x0000 (0) logon_count : 0x0000 (0) country_code : 0x0000 (0) code_page : 0x0000 (0) lm_password_set : 0x00 (0) nt_password_set : 0x00 (0) password_expired : 0x00 (0) unknown4 : 0x00 (0) result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 954 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 30 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 448. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 01d8 000a auth_len : 0000 000c call_id : 00000013 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 000001c0 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b2058 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b2058 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..472] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=528 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14081 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 472 (0x1D8) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 472 (0x1D8) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=473 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 D8 01 00 00 13 00 00 ........ ........ [0010] 00 C0 01 00 00 00 00 00 00 00 00 02 00 15 00 00 ........ ........ [0020] 00 80 AE F9 BE E9 53 CA 01 00 E6 3C 79 E9 53 CA ......S. ... data=44 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1218) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b0a18 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 44, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 28 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 00000014 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 28, incoming data = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000014 0004 context_id: 0000 0006 opnum : 0001 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x1 - api_rpcTNP: rpc command: SAMR_CLOSE [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[1].fn == 0xb7baca70 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_Close: struct samr_Close in: struct samr_Close handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000e-0000-0000-e14a-d7c222230000 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[3] [0000] 00 00 00 00 0E 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 3] rpc_server/srv_lsa_hnd.c:218(close_policy_hnd) Closed policy [2009/10/23 16:51:03, 10] rpc_server/srv_samr_nt.c:416(free_samr_cache) free_samr_cache: deleting cache for SID S-1-5-21-3308023661-3915791984-1724325443 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_Close: struct samr_Close out: struct samr_Close handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 28 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 24. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000014 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..48] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14147 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 30 00 00 00 14 00 00 ........ .0...... [0010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0030] 00 . [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 132 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x84 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 248 of length 136 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=132 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14209 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 48 (0x30) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4633 (0x1219) smb_bcc=65 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 30 00 00 00 15 00 00 ........ .0...... [0020] 00 18 00 00 00 00 00 03 00 00 00 00 00 11 00 00 ........ ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 04 00 00 ......J. ."#..... [0040] 00 . [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=48 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1219) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b15b8 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 48 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 48 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 48 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 48, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 32 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 32 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000015 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 32 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 32, incoming data = 32 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000018 0004 context_id: 0000 0006 opnum : 0003 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x3 - api_rpcTNP: rpc command: SAMR_QUERYSECURITY [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[3].fn == 0xb7bac640 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_QuerySecurity: struct samr_QuerySecurity in: struct samr_QuerySecurity handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000011-0000-0000-e14a-d7c222230000 sec_info : 0x00000004 (4) 0: SECINFO_OWNER 0: SECINFO_GROUP 1: SECINFO_DACL 0: SECINFO_SACL 0: SECINFO_UNPROTECTED_SACL 0: SECINFO_UNPROTECTED_DACL 0: SECINFO_PROTECTED_SACL 0: SECINFO_PROTECTED_DACL [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 11 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 10] rpc_server/srv_samr_nt.c:872(_samr_QuerySecurity) _samr_QuerySecurity: querying security on SID: S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:231(access_check_samr_function) _samr_QuerySecurity: access check ((granted: 0x000f05ff; required: 0x00020000) [2009/10/23 16:51:03, 10] rpc_server/srv_samr_nt.c:903(_samr_QuerySecurity) _samr_QuerySecurity: querying security on Object with SID: S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:572(pdb_set_username) pdb_set_username: setting username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:595(pdb_set_domain) pdb_set_domain: setting domain WZB, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:618(pdb_set_nt_username) pdb_set_nt_username: setting nt username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:641(pdb_set_fullname) pdb_set_full_name: setting full name Bernd das Brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:734(pdb_set_homedir) pdb_set_homedir: setting home dir \\selene\wzb, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:710(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive M:, was NULL [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:664(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:687(pdb_set_profile_path) pdb_set_profile_path: setting profile path , was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:777(pdb_set_workstations) pdb_set_workstations: setting workstations , was [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:501(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 10] passdb/pdb_compat.c:72(pdb_set_user_sid_from_rid) pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 from rid 61012 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] rpc_server/srv_samr_nt.c:843(check_change_pw_access) User:[brot] [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_QuerySecurity: struct samr_QuerySecurity out: struct samr_QuerySecurity sdbuf : * sdbuf : * sdbuf: struct sec_desc_buf sd_size : 0x000000a8 (168) sd : * sd: struct security_descriptor revision : SECURITY_DESCRIPTOR_REVISION_1 (1) type : 0x8004 (32772) 0: SEC_DESC_OWNER_DEFAULTED 0: SEC_DESC_GROUP_DEFAULTED 1: SEC_DESC_DACL_PRESENT 0: SEC_DESC_DACL_DEFAULTED 0: SEC_DESC_SACL_PRESENT 0: SEC_DESC_SACL_DEFAULTED 0: SEC_DESC_DACL_TRUSTED 0: SEC_DESC_SERVER_SECURITY 0: SEC_DESC_DACL_AUTO_INHERIT_REQ 0: SEC_DESC_SACL_AUTO_INHERIT_REQ 0: SEC_DESC_DACL_AUTO_INHERITED 0: SEC_DESC_SACL_AUTO_INHERITED 0: SEC_DESC_DACL_PROTECTED 0: SEC_DESC_SACL_PROTECTED 0: SEC_DESC_RM_CONTROL_VALID 1: SEC_DESC_SELF_RELATIVE owner_sid : NULL group_sid : NULL sacl : NULL dacl : * dacl: struct security_acl revision : SECURITY_ACL_REVISION_NT4 (2) size : 0x0094 (148) num_aces : 0x00000005 (5) aces: ARRAY(5) aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x00 (0) 0: SEC_ACE_FLAG_OBJECT_INHERIT 0: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0014 (20) access_mask : 0x0002035b (131931) object : union security_ace_object_ctr(case 0) trustee : S-1-1-0 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x00 (0) 0: SEC_ACE_FLAG_OBJECT_INHERIT 0: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0018 (24) access_mask : 0x000f07ff (985087) object : union security_ace_object_ctr(case 0) trustee : S-1-5-32-544 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x00 (0) 0: SEC_ACE_FLAG_OBJECT_INHERIT 0: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0018 (24) access_mask : 0x000f07ff (985087) object : union security_ace_object_ctr(case 0) trustee : S-1-5-32-548 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x00 (0) 0: SEC_ACE_FLAG_OBJECT_INHERIT 0: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0024 (36) access_mask : 0x000f07ff (985087) object : union security_ace_object_ctr(case 0) trustee : S-1-5-21-3308023661-3915791984-1724325443-512 aces: struct security_ace type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) flags : 0x00 (0) 0: SEC_ACE_FLAG_OBJECT_INHERIT 0: SEC_ACE_FLAG_CONTAINER_INHERIT 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT 0: SEC_ACE_FLAG_INHERIT_ONLY 0: SEC_ACE_FLAG_INHERITED_ACE 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS 0: SEC_ACE_FLAG_FAILED_ACCESS size : 0x0024 (36) access_mask : 0x00020044 (131140) object : union security_ace_object_ctr(case 0) trustee : S-1-5-21-3308023661-3915791984-1724325443-61012 result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 1844 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 32 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] smbd/uid.c:368(change_to_root_user) change_to_root_user: now uid=(0,0) gid=(0,0) [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 188. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 00d4 000a auth_len : 0000 000c call_id : 00000015 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 000000bc 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80ab548 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80ab548 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..212] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=268 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14209 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 212 (0xD4) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 212 (0xD4) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=213 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 D4 00 00 00 15 00 00 ........ ........ [0010] 00 BC 00 00 00 00 00 00 00 00 00 02 00 A8 00 00 ........ ........ [0020] 00 04 00 02 00 A8 00 00 00 01 00 04 80 00 00 00 ........ ........ [0030] 00 00 00 00 00 00 00 00 00 14 00 00 00 02 00 94 ........ ........ [0040] 00 05 00 00 00 00 00 14 00 5B 03 02 00 01 01 00 ........ .[...... [0050] 00 00 00 00 01 00 00 00 00 00 00 18 00 FF 07 0F ........ ........ [0060] 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 ........ . ... .. [0070] 00 00 00 18 00 FF 07 0F 00 01 02 00 00 00 00 00 ........ ........ [0080] 05 20 00 00 00 24 02 00 00 00 00 24 00 FF 07 0F . ...$.. ...$.... [0090] 00 01 05 00 00 00 00 00 05 15 00 00 00 6D 6F 2C ........ .....mo, [00A0] C5 70 3E 66 E9 43 1E C7 66 00 02 00 00 00 00 24 .p>f.C.. f......$ [00B0] 00 44 00 02 00 01 05 00 00 00 00 00 05 15 00 00 .D...... ........ [00C0] 00 6D 6F 2C C5 70 3E 66 E9 43 1E C7 66 54 EE 00 .mo,.p>f .C..fT.. [00D0] 00 00 00 00 00 ..... [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 128 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x80 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 249 of length 132 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=128 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14275 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 44 (0x2C) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4632 (0x1218) smb_bcc=61 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 2C 00 00 00 16 00 00 ........ .,...... [0020] 00 14 00 00 00 00 00 01 00 00 00 00 00 0B 00 00 ........ ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 ......J. ."#.. [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 5] auth/token_util.c:528(debug_nt_user_token) NT user token of user S-1-5-21-3308023661-3915791984-1724325443-61012 contains 12 SIDs SID[ 0]: S-1-5-21-3308023661-3915791984-1724325443-61012 SID[ 1]: S-1-5-21-3308023661-3915791984-1724325443-513 SID[ 2]: S-1-1-0 SID[ 3]: S-1-5-2 SID[ 4]: S-1-5-11 SID[ 5]: S-1-5-21-3308023661-3915791984-1724325443-101275 SID[ 6]: S-1-5-21-3308023661-3915791984-1724325443-512 SID[ 7]: S-1-5-32-544 SID[ 8]: S-1-22-1-30006 SID[ 9]: S-1-22-2-50001 SID[ 10]: S-1-22-2-50137 SID[ 11]: S-1-22-2-50231 SE_PRIV 0xff0 0x0 0x0 0x0 [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 30006 Primary group is 50001 and contains 3 supplementary groups Group[ 0]: 50001 Group[ 1]: 50137 Group[ 2]: 50231 [2009/10/23 16:51:03, 5] smbd/uid.c:353(change_to_user) change_to_user uid=(0,30006) gid=(0,50001) [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=44 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1218) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b0a18 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 44, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 28 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 00000016 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 28, incoming data = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000014 0004 context_id: 0000 0006 opnum : 0001 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x1 - api_rpcTNP: rpc command: SAMR_CLOSE [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[1].fn == 0xb7baca70 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_Close: struct samr_Close in: struct samr_Close handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000b-0000-0000-e14a-d7c222230000 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[5] [0000] 00 00 00 00 0B 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 3] rpc_server/srv_lsa_hnd.c:218(close_policy_hnd) Closed policy [2009/10/23 16:51:03, 10] rpc_server/srv_samr_nt.c:416(free_samr_cache) free_samr_cache: deleting cache for SID S-1-5-21-3308023661-3915791984-1724325443 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_Close: struct samr_Close out: struct samr_Close handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 28 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da980 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da980 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 24. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000016 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b2058 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b2058 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..48] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14275 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 30 00 00 00 16 00 00 ........ .0...... [0010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0030] 00 . [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 128 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x80 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 250 of length 132 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=128 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14337 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 44 (0x2C) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4633 (0x1219) smb_bcc=61 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 2C 00 00 00 17 00 00 ........ .,...... [0020] 00 14 00 00 00 00 00 27 00 00 00 00 00 11 00 00 .......' ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 ......J. ."#.. [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=44 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1219) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b15b8 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 44, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 28 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 00000017 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 28, incoming data = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000014 0004 context_id: 0000 0006 opnum : 0027 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x27 - api_rpcTNP: rpc command: SAMR_GETGROUPSFORUSER [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[39].fn == 0xb7ba7800 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_GetGroupsForUser: struct samr_GetGroupsForUser in: struct samr_GetGroupsForUser user_handle : * user_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000011-0000-0000-e14a-d7c222230000 [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:3287(_samr_GetGroupsForUser) _samr_GetGroupsForUser: 3287 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 11 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:231(access_check_samr_function) _samr_GetGroupsForUser: access check ((granted: 0x000f05ff; required: 0x00000100) [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:572(pdb_set_username) pdb_set_username: setting username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:595(pdb_set_domain) pdb_set_domain: setting domain WZB, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:618(pdb_set_nt_username) pdb_set_nt_username: setting nt username brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:641(pdb_set_fullname) pdb_set_full_name: setting full name Bernd das Brot, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:734(pdb_set_homedir) pdb_set_homedir: setting home dir \\selene\wzb, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:710(pdb_set_dir_drive) pdb_set_dir_drive: setting dir drive M:, was NULL [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:664(pdb_set_logon_script) pdb_set_logon_script: setting logon script login.cmd, was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:687(pdb_set_profile_path) pdb_set_profile_path: setting profile path , was [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:777(pdb_set_workstations) pdb_set_workstations: setting workstations , was [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/gencache.c:208(gencache_get) Returning valid cache entry: key = ACCT_POL/password history, value = 0 , timeout = Fri Oct 23 16:52:02 2009 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/pdb_get_set.c:501(pdb_set_user_sid) pdb_set_user_sid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 [2009/10/23 16:51:03, 10] passdb/pdb_compat.c:72(pdb_set_user_sid_from_rid) pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3308023661-3915791984-1724325443-61012 from rid 61012 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 10] lib/system_smbd.c:122(sys_getgrouplist) sys_getgrouplist: user [brot] [2009/10/23 16:51:03, 5] lib/username.c:133(Get_Pwnam_alloc) Finding user brot [2009/10/23 16:51:03, 5] lib/username.c:77(Get_Pwnam_internals) Trying _Get_Pwnam(), username as lowercase is brot [2009/10/23 16:51:03, 5] lib/username.c:110(Get_Pwnam_internals) Get_Pwnam_internals did find user [brot]! [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(objectClass=sambaGroupMapping)(gidNumber=50001))], scope => [2] [2009/10/23 16:51:03, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) init_group_from_ldap: Entry found for group: 50001 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:961(lookup_sid) lookup_sid called for SID 'S-1-5-21-3308023661-3915791984-1724325443-513' [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:716(check_dom_sid_to_level) Accepting SID S-1-5-21-3308023661-3915791984-1724325443 in level 1 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:476(lookup_rids) lookup_rids called for domain sid 'S-1-5-21-3308023661-3915791984-1724325443' [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] passdb/pdb_interface.c:1513(lookup_global_sam_rid) lookup_global_sam_rid: looking up RID 513. [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(sambaSID=S-1-5-21-3308023661-3915791984-1724325443-513)(objectclass=sambaSamAccount))], scope => [2] [2009/10/23 16:51:03, 4] passdb/pdb_ldap.c:1613(ldapsam_getsampwsid) ldapsam_getsampwsid: Unable to locate SID [S-1-5-21-3308023661-3915791984-1724325443-513] count=0 [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(objectClass=sambaGroupMapping)(sambaSID=S-1-5-21-3308023661-3915791984-1724325443-513))], scope => [2] [2009/10/23 16:51:03, 2] passdb/pdb_ldap.c:2353(init_group_from_ldap) init_group_from_ldap: Entry found for group: 50001 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2 [2009/10/23 16:51:03, 5] passdb/pdb_interface.c:1635(pdb_default_lookup_rids) lookup_rids: Domain Users:2 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 10] passdb/lookup_sid.c:996(lookup_sid) Sid S-1-5-21-3308023661-3915791984-1724325443-513 -> WZB\Domain Users(2) [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:3381(_samr_GetGroupsForUser) _samr_GetGroupsForUser: 3381 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_GetGroupsForUser: struct samr_GetGroupsForUser out: struct samr_GetGroupsForUser rids : * rids : * rids: struct samr_RidWithAttributeArray count : 0x00000003 (3) rids : * rids: ARRAY(3) rids: struct samr_RidWithAttribute rid : 0x00000201 (513) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x00018b9b (101275) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) rids: struct samr_RidWithAttribute rid : 0x00000200 (512) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 755 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 28 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 44. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000017 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 0000002c 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b2058 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b2058 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..68] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=124 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14337 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 68 (0x44) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 68 (0x44) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=69 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 44 00 00 00 17 00 00 ........ .D...... [0010] 00 2C 00 00 00 00 00 00 00 00 00 02 00 03 00 00 .,...... ........ [0020] 00 04 00 02 00 03 00 00 00 01 02 00 00 07 00 00 ........ ........ [0030] 00 9B 8B 01 00 07 00 00 00 00 02 00 00 07 00 00 ........ ........ [0040] 00 00 00 00 00 ..... [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 128 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x80 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 251 of length 132 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=128 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14403 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 44 (0x2C) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4632 (0x1218) smb_bcc=61 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 2C 00 00 00 18 00 00 ........ .,...... [0020] 00 14 00 00 00 00 00 01 00 00 00 00 00 0D 00 00 ........ ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 ......J. ."#.. [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=44 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1218) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b0a18 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 44, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 28 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 00000018 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 28, incoming data = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000014 0004 context_id: 0000 0006 opnum : 0001 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x1 - api_rpcTNP: rpc command: SAMR_CLOSE [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[1].fn == 0xb7baca70 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_Close: struct samr_Close in: struct samr_Close handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000d-0000-0000-e14a-d7c222230000 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[3] [0000] 00 00 00 00 0D 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 3] rpc_server/srv_lsa_hnd.c:218(close_policy_hnd) Closed policy [2009/10/23 16:51:03, 10] rpc_server/srv_samr_nt.c:416(free_samr_cache) free_samr_cache: deleting cache for SID S-1-5-32 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_Close: struct samr_Close out: struct samr_Close handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 28 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 24. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000018 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80ab548 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80ab548 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..48] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14403 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 30 00 00 00 18 00 00 ........ .0...... [0010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0030] 00 . [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 284 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x11c [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 252 of length 288 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=284 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14465 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 200 (0xC8) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 200 (0xC8) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4633 (0x1219) smb_bcc=217 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 C8 00 00 00 19 00 00 ........ ........ [0020] 00 B0 00 00 00 00 00 10 00 00 00 00 00 10 00 00 ........ ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 04 00 00 ......J. ."#..... [0040] 00 00 00 02 00 04 00 00 00 04 00 02 00 08 00 02 ........ ........ [0050] 00 0C 00 02 00 10 00 02 00 05 00 00 00 01 05 00 ........ ........ [0060] 00 00 00 00 05 15 00 00 00 6D 6F 2C C5 70 3E 66 ........ .mo,.p>f [0070] E9 43 1E C7 66 54 EE 00 00 05 00 00 00 01 05 00 .C..fT.. ........ [0080] 00 00 00 00 05 15 00 00 00 6D 6F 2C C5 70 3E 66 ........ .mo,.p>f [0090] E9 43 1E C7 66 01 02 00 00 05 00 00 00 01 05 00 .C..f... ........ [00A0] 00 00 00 00 05 15 00 00 00 6D 6F 2C C5 70 3E 66 ........ .mo,.p>f [00B0] E9 43 1E C7 66 9B 8B 01 00 05 00 00 00 01 05 00 .C..f... ........ [00C0] 00 00 00 00 05 15 00 00 00 6D 6F 2C C5 70 3E 66 ........ .mo,.p>f [00D0] E9 43 1E C7 66 00 02 00 00 .C..f... . [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=200 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1219) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b15b8 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 200 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 200 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 200 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 200, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 184 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 184 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 00c8 000a auth_len : 0000 000c call_id : 00000019 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 184 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 184, incoming data = 184 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 000000b0 0004 context_id: 0000 0006 opnum : 0010 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x10 - api_rpcTNP: rpc command: SAMR_GETALIASMEMBERSHIP [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[16].fn == 0xb7baa8a0 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_GetAliasMembership: struct samr_GetAliasMembership in: struct samr_GetAliasMembership domain_handle : * domain_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000010-0000-0000-e14a-d7c222230000 sids : * sids: struct lsa_SidArray num_sids : 0x00000004 (4) sids : * sids: ARRAY(4) sids: struct lsa_SidPtr sid : * sid : S-1-5-21-3308023661-3915791984-1724325443-61012 sids: struct lsa_SidPtr sid : * sid : S-1-5-21-3308023661-3915791984-1724325443-513 sids: struct lsa_SidPtr sid : * sid : S-1-5-21-3308023661-3915791984-1724325443-101275 sids: struct lsa_SidPtr sid : * sid : S-1-5-21-3308023661-3915791984-1724325443-512 [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:5341(_samr_GetAliasMembership) _samr_GetAliasMembership: 5341 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[1] [0000] 00 00 00 00 10 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:231(access_check_samr_function) _samr_GetAliasMembership: access check ((granted: 0x000003f0; required: 0x00000080) [2009/10/23 16:51:03, 5] rpc_server/srv_samr_nt.c:231(access_check_samr_function) _samr_GetAliasMembership: access check ((granted: 0x000003f0; required: 0x00000200) [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 5] lib/smbldap.c:1261(smbldap_search_ext) smbldap_search_ext: base => [ou=accounts,dc=wzb,dc=eu], filter => [(&(|(objectclass=sambaGroupMapping)(sambaGroupType=4))(|(sambaSIDList=S-1-5-21-3308023661-3915791984-1724325443-61012)(sambaSIDList=S-1-5-21-3308023661-3915791984-1724325443-513)(sambaSIDList=S-1-5-21-3308023661-3915791984-1724325443-101275)(sambaSIDList=S-1-5-21-3308023661-3915791984-1724325443-512)))], scope => [2] [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_GetAliasMembership: struct samr_GetAliasMembership out: struct samr_GetAliasMembership rids : * rids: struct samr_Ids count : 0x00000000 (0) ids : NULL result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 1795 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 184 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80daa40 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80daa40 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 12. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0024 000a auth_len : 0000 000c call_id : 00000019 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 0000000c 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..36] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=92 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14465 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 36 (0x24) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 36 (0x24) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=37 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 24 00 00 00 19 00 00 ........ .$...... [0010] 00 0C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0020] 00 00 00 00 00 ..... [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 128 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x80 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 253 of length 132 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=128 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14531 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 44 (0x2C) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4632 (0x1218) smb_bcc=61 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 2C 00 00 00 1A 00 00 ........ .,...... [0020] 00 14 00 00 00 00 00 01 00 00 00 00 00 0A 00 00 ........ ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 ......J. ."#.. [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=44 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1218) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b0a18 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 44, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 28 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 0000001a [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 28, incoming data = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000014 0004 context_id: 0000 0006 opnum : 0001 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x1 - api_rpcTNP: rpc command: SAMR_CLOSE [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[1].fn == 0xb7baca70 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_Close: struct samr_Close in: struct samr_Close handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000a-0000-0000-e14a-d7c222230000 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[4] [0000] 00 00 00 00 0A 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 3] rpc_server/srv_lsa_hnd.c:218(close_policy_hnd) Closed policy [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_Close: struct samr_Close out: struct samr_Close handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 28 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 24. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 0000001a [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b2058 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b2058 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..48] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14531 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 30 00 00 00 1A 00 00 ........ .0...... [0010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0030] 00 . [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 128 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x80 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 254 of length 132 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=128 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14593 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 44 (0x2C) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4633 (0x1219) smb_bcc=61 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 2C 00 00 00 1B 00 00 ........ .,...... [0020] 00 14 00 00 00 00 00 01 00 00 00 00 00 11 00 00 ........ ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 ......J. ."#.. [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=44 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1219) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b15b8 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 44, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 28 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 0000001b [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 28, incoming data = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000014 0004 context_id: 0000 0006 opnum : 0001 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x1 - api_rpcTNP: rpc command: SAMR_CLOSE [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[1].fn == 0xb7baca70 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_Close: struct samr_Close in: struct samr_Close handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000011-0000-0000-e14a-d7c222230000 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 11 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 3] rpc_server/srv_lsa_hnd.c:218(close_policy_hnd) Closed policy [2009/10/23 16:51:03, 10] rpc_server/srv_samr_nt.c:416(free_samr_cache) free_samr_cache: deleting cache for SID S-1-5-21-3308023661-3915791984-1724325443 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_Close: struct samr_Close out: struct samr_Close handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 28 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 24. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 0000001b [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80ab548 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80ab548 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..48] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14593 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 30 00 00 00 1B 00 00 ........ .0...... [0010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0030] 00 . [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 128 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x80 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 255 of length 132 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=128 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14659 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 44 (0x2C) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4630 (0x1216) smb_bcc=61 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 2C 00 00 00 07 00 00 ........ .,...... [0020] 00 14 00 00 00 00 00 00 00 00 00 00 00 08 00 00 ........ ........ [0030] 00 00 00 00 00 E1 4A D6 C2 22 23 00 00 ......J. ."#.. [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=44 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "lsarpc" (pnum 1216) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb809cd40 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 44, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 28 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 00000007 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 28, incoming data = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000014 0004 context_id: 0000 0006 opnum : 0000 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\lsarpc [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \lsarpc op 0x0 - api_rpcTNP: rpc command: LSA_CLOSE [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[0].fn == 0xb7b21780 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_Close: struct lsa_Close in: struct lsa_Close handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000008-0000-0000-e14a-d6c222230000 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[4] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 E1 4A D6 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[4] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 E1 4A D6 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 3] rpc_server/srv_lsa_hnd.c:218(close_policy_hnd) Closed policy [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_Close: struct lsa_Close out: struct lsa_Close handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \lsarpc successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 28 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \lsarpc len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \lsarpc: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 24. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000007 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..48] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14659 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 30 00 00 00 07 00 00 ........ .0...... [0010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0030] 00 . [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 128 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x80 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 256 of length 132 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=128 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14721 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 44 (0x2C) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4632 (0x1218) smb_bcc=61 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 2C 00 00 00 1C 00 00 ........ .,...... [0020] 00 14 00 00 00 00 00 01 00 00 00 00 00 0F 00 00 ........ ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 ......J. ."#.. [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=44 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1218) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b0a18 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 44, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 28 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 0000001c [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 28, incoming data = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000014 0004 context_id: 0000 0006 opnum : 0001 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x1 - api_rpcTNP: rpc command: SAMR_CLOSE [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[1].fn == 0xb7baca70 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_Close: struct samr_Close in: struct samr_Close handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000f-0000-0000-e14a-d7c222230000 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[1] [0000] 00 00 00 00 0F 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 3] rpc_server/srv_lsa_hnd.c:218(close_policy_hnd) Closed policy [2009/10/23 16:51:03, 10] rpc_server/srv_samr_nt.c:416(free_samr_cache) free_samr_cache: deleting cache for SID S-1-5-21-3308023661-3915791984-1724325443 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_Close: struct samr_Close out: struct samr_Close handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 28 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 24. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 0000001c [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b2058 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b2058 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..48] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14721 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 30 00 00 00 1C 00 00 ........ .0...... [0010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0030] 00 . [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 128 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x80 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 257 of length 132 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=128 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14785 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 44 (0x2C) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4632 (0x1218) smb_bcc=61 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 2C 00 00 00 1D 00 00 ........ .,...... [0020] 00 14 00 00 00 00 00 01 00 00 00 00 00 10 00 00 ........ ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 ......J. ."#.. [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=44 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1218) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b0a18 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 44, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 28 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 0000001d [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 28, incoming data = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000014 0004 context_id: 0000 0006 opnum : 0001 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x1 - api_rpcTNP: rpc command: SAMR_CLOSE [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[1].fn == 0xb7baca70 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_Close: struct samr_Close in: struct samr_Close handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000010-0000-0000-e14a-d7c222230000 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 10 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 3] rpc_server/srv_lsa_hnd.c:218(close_policy_hnd) Closed policy [2009/10/23 16:51:03, 10] rpc_server/srv_samr_nt.c:416(free_samr_cache) free_samr_cache: deleting cache for SID S-1-5-32 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:210(push_sec_ctx) push_sec_ctx(30006, 50001) : sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 3] smbd/uid.c:428(push_conn_ctx) push_conn_ctx(101) : conn_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 [2009/10/23 16:51:03, 5] auth/token_util.c:522(debug_nt_user_token) NT user token: (NULL) [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:418(pop_sec_ctx) pop_sec_ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_Close: struct samr_Close out: struct samr_Close handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 28 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 24. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 0000001d [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80ab548 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80ab548 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..48] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14785 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 30 00 00 00 1D 00 00 ........ .0...... [0010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0030] 00 . [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 128 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x80 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 258 of length 132 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=128 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14849 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 44 (0x2C) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4632 (0x1218) smb_bcc=61 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 2C 00 00 00 1E 00 00 ........ .,...... [0020] 00 14 00 00 00 00 00 01 00 00 00 00 00 0C 00 00 ........ ........ [0030] 00 00 00 00 00 E1 4A D7 C2 22 23 00 00 ......J. ."#.. [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=44 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "samr" (pnum 1218) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb80b0a18 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 44, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 28 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 0000001e [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 28, incoming data = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000014 0004 context_id: 0000 0006 opnum : 0001 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\samr [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \samr op 0x1 - api_rpcTNP: rpc command: SAMR_CLOSE [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[1].fn == 0xb7baca70 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_Close: struct samr_Close in: struct samr_Close handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000c-0000-0000-e14a-d7c222230000 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 0C 00 00 00 00 00 00 00 E1 4A D7 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 3] rpc_server/srv_lsa_hnd.c:218(close_policy_hnd) Closed policy [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) samr_Close: struct samr_Close out: struct samr_Close handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \samr successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 28 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \samr len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \samr: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 24. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 0000001e [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b3358 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..48] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=14849 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 30 00 00 00 1E 00 00 ........ .0...... [0010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0030] 00 . [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 41 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x29 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 259 of length 45 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=41 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=65279 smb_uid=101 smb_mid=14913 smt_wct=3 smb_vwv[ 0]= 4632 (0x1218) smb_vwv[ 1]=65535 (0xFFFF) smb_vwv[ 2]=65535 (0xFFFF) smb_bcc=0 [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBclose (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/reply.c:4456(reply_close) close fd=-1 fnum=4632 (numopen=4) [2009/10/23 16:51:03, 6] smbd/close.c:454(set_close_write_time) close_write_time: Thu Jan 1 00:59:59 1970 [2009/10/23 16:51:03, 5] smbd/files.c:484(file_free) freed files structure 4632 (5 used) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=35 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=65279 smb_uid=101 smb_mid=14913 smt_wct=0 smb_bcc=0 [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 41 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x29 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 260 of length 45 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=41 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=65279 smb_uid=101 smb_mid=14977 smt_wct=3 smb_vwv[ 0]= 4633 (0x1219) smb_vwv[ 1]=65535 (0xFFFF) smb_vwv[ 2]=65535 (0xFFFF) smb_bcc=0 [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBclose (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/reply.c:4456(reply_close) close fd=-1 fnum=4633 (numopen=3) [2009/10/23 16:51:03, 6] smbd/close.c:454(set_close_write_time) close_write_time: Thu Jan 1 00:59:59 1970 [2009/10/23 16:51:03, 5] smbd/files.c:484(file_free) freed files structure 4633 (4 used) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=35 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=65279 smb_uid=101 smb_mid=14977 smt_wct=0 smb_bcc=0 [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 128 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x80 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 261 of length 132 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=128 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=15041 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 44 (0x2C) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 84 (0x54) smb_vwv[11]= 44 (0x2C) smb_vwv[12]= 84 (0x54) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]= 4630 (0x1216) smb_bcc=61 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 00 .\.P.I.P .E.\.... [0010] 00 05 00 00 03 10 00 00 00 2C 00 00 00 08 00 00 ........ .,...... [0020] 00 14 00 00 00 00 00 00 00 00 00 00 00 09 00 00 ........ ........ [0030] 00 00 00 00 00 E1 4A D6 C2 22 23 00 00 ......J. ."#.. [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/ipc.c:536(handle_trans) trans <\PIPE\> data=44 params=0 setup=2 [2009/10/23 16:51:03, 5] smbd/ipc.c:569(handle_trans) calling named_pipe [2009/10/23 16:51:03, 3] smbd/ipc.c:487(named_pipe) named pipe command on <> name [2009/10/23 16:51:03, 5] smbd/ipc.c:410(api_fd_reply) api_fd_reply [2009/10/23 16:51:03, 3] smbd/ipc.c:451(api_fd_reply) Got API command 0x26 on pipe "lsarpc" (pnum 1216) [2009/10/23 16:51:03, 10] smbd/ipc.c:453(api_fd_reply) api_fd_reply: p:0xb809cd40 max_trans_reply: 1024 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:1188(np_write_send) np_write_send: len: 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 0, pdu_needed_len = 0, incoming data = 44 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:192(fill_rpc_header) fill_rpc_header: data_to_copy = 44, len_needed_to_complete_hdr = 16, receive_len = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 16 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 0, incoming data = 28 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002c 000a auth_len : 0000 000c call_id : 00000008 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe_hnd.c:288(unmarshall_rpc_header) unmarshall_rpc_header: using little-endian RPC [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:317(unmarshall_rpc_header) unmarshall_rpc_header: type = 0, flags = 3 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:762(write_to_internal_pipe) write_to_pipe: data_left = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:672(process_incoming_data) process_incoming_data: Start: pdu_received_len = 16, pdu_needed_len = 28, incoming data = 28 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:534(process_complete_pdu) process_complete_pdu: processing packet type 0 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr_req req 0000 alloc_hint: 00000014 0004 context_id: 0000 0006 opnum : 0000 [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2261(api_pipe_request) Requested \PIPE\\lsarpc [2009/10/23 16:51:03, 4] rpc_server/srv_pipe.c:2297(api_rpcTNP) api_rpcTNP: \lsarpc op 0x0 - api_rpcTNP: rpc command: LSA_CLOSE [2009/10/23 16:51:03, 6] rpc_server/srv_pipe.c:2327(api_rpcTNP) api_rpc_cmds[0].fn == 0xb7b21780 [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_Close: struct lsa_Close in: struct lsa_Close handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-e14a-d6c222230000 [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 E1 4A D6 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 4] rpc_server/srv_lsa_hnd.c:180(find_policy_by_hnd_internal) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 E1 4A D6 C2 ........ .....J.. [0010] 22 23 00 00 "#.. [2009/10/23 16:51:03, 3] rpc_server/srv_lsa_hnd.c:218(close_policy_hnd) Closed policy [2009/10/23 16:51:03, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_Close: struct lsa_Close out: struct lsa_Close handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : NT_STATUS_OK [2009/10/23 16:51:03, 5] rpc_server/srv_pipe.c:2362(api_rpcTNP) api_rpcTNP: called \lsarpc successfully [2009/10/23 16:51:03, 3] rpc_server/srv_pipe_hnd.c:343(free_pipe_context) free_pipe_context: destroying talloc pool of size 0 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:766(write_to_internal_pipe) write_to_pipe: data_used = 28 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80da910 [2009/10/23 16:51:03, 6] rpc_server/srv_pipe_hnd.c:802(read_from_internal_pipe) name: \lsarpc len: 1024 [2009/10/23 16:51:03, 10] rpc_server/srv_pipe_hnd.c:862(read_from_internal_pipe) read_from_pipe: \lsarpc: fault_state = 0 : data_sent_length = 0, prs_offset(&p->out_data.rdata) = 24. [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000008 [2009/10/23 16:51:03, 5] rpc_parse/parse_prs.c:88(prs_debug) 000010 smb_io_rpc_hdr_resp resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Schedule immediate event "tevent_req_trigger": 0xb80b2058 [2009/10/23 16:51:03, 10] lib/events.c:287(s3_event_debug) s3_event: Run immediate event "tevent_req_trigger": 0xb80b2058 [2009/10/23 16:51:03, 5] smbd/ipc.c:59(copy_trans_params_and_data) copy_trans_params_and_data: params[0..0] data[0..48] (align 0) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=1524 smb_uid=101 smb_mid=15041 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 05 00 02 03 10 00 00 00 30 00 00 00 08 00 00 ........ .0...... [0010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0030] 00 . [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 41 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x29 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 262 of length 45 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=41 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=65279 smb_uid=101 smb_mid=15105 smt_wct=3 smb_vwv[ 0]= 4630 (0x1216) smb_vwv[ 1]=65535 (0xFFFF) smb_vwv[ 2]=65535 (0xFFFF) smb_bcc=0 [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBclose (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/reply.c:4456(reply_close) close fd=-1 fnum=4630 (numopen=2) [2009/10/23 16:51:03, 6] smbd/close.c:454(set_close_write_time) close_write_time: Thu Jan 1 00:59:59 1970 [2009/10/23 16:51:03, 5] smbd/files.c:484(file_free) freed files structure 4630 (3 used) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=35 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=65279 smb_uid=101 smb_mid=15105 smt_wct=0 smb_bcc=0 [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 41 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x29 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 263 of length 45 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=41 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=1 smb_pid=65279 smb_uid=101 smb_mid=15169 smt_wct=3 smb_vwv[ 0]= 4631 (0x1217) smb_vwv[ 1]=65535 (0xFFFF) smb_vwv[ 2]=65535 (0xFFFF) smb_bcc=0 [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBclose (pid 8994) conn 0xb80371e0 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/reply.c:4456(reply_close) close fd=-1 fnum=4631 (numopen=1) [2009/10/23 16:51:03, 6] smbd/close.c:454(set_close_write_time) close_write_time: Thu Jan 1 00:59:59 1970 [2009/10/23 16:51:03, 10] rpc_server/srv_lsa_hnd.c:249(close_policy_by_pipe) close_policy_by_pipe: deleted handle list for pipe \lsarpc [2009/10/23 16:51:03, 5] smbd/files.c:484(file_free) freed files structure 4631 (2 used) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=35 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=1 smb_pid=65279 smb_uid=101 smb_mid=15169 smt_wct=0 smb_bcc=0 [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 94 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x5e [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 264 of length 98 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=94 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=15233 smt_wct=15 smb_vwv[ 0]= 26 (0x1A) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 10 (0xA) smb_vwv[ 3]=16384 (0x4000) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 26 (0x1A) smb_vwv[10]= 68 (0x44) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 1 (0x1) smb_bcc=29 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 16 00 56 05 06 00 04 01 00 00 00 00 5C .....V.. .......\ [0010] 00 61 00 61 00 61 00 5C 00 2A 00 00 00 .a.a.a.\ .*... [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans2 (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:03, 3] smbd/sec_ctx.c:310(set_sec_ctx) setting sec ctx (30006, 50001) - sec_ctx_stack_ndx = 0 [2009/10/23 16:51:03, 5] auth/token_util.c:528(debug_nt_user_token) NT user token of user S-1-5-21-3308023661-3915791984-1724325443-61012 contains 12 SIDs SID[ 0]: S-1-5-21-3308023661-3915791984-1724325443-61012 SID[ 1]: S-1-5-21-3308023661-3915791984-1724325443-513 SID[ 2]: S-1-1-0 SID[ 3]: S-1-5-2 SID[ 4]: S-1-5-11 SID[ 5]: S-1-5-21-3308023661-3915791984-1724325443-101275 SID[ 6]: S-1-5-21-3308023661-3915791984-1724325443-512 SID[ 7]: S-1-5-32-544 SID[ 8]: S-1-22-1-30006 SID[ 9]: S-1-22-2-50001 SID[ 10]: S-1-22-2-50137 SID[ 11]: S-1-22-2-50231 SE_PRIV 0xff0 0x0 0x0 0x0 [2009/10/23 16:51:03, 5] auth/token_util.c:548(debug_unix_user_token) UNIX token of user 30006 Primary group is 50001 and contains 3 supplementary groups Group[ 0]: 50001 Group[ 1]: 50137 Group[ 2]: 50231 [2009/10/23 16:51:03, 5] smbd/uid.c:353(change_to_user) change_to_user uid=(0,30006) gid=(0,50001) [2009/10/23 16:51:03, 4] smbd/vfs.c:753(vfs_ChDir) vfs_ChDir to /backup/small [2009/10/23 16:51:03, 3] smbd/trans2.c:1927(call_trans2findfirst) call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=0, close_if_end = 1 requires_resume_key = 1 level = 0x104, max_data_bytes = 16384 [2009/10/23 16:51:03, 5] smbd/filename.c:148(unix_convert) unix_convert called on file "aaa/*" [2009/10/23 16:51:03, 10] smbd/statcache.c:235(stat_cache_lookup) stat_cache_lookup: lookup failed for name [AAA/*] [2009/10/23 16:51:03, 10] smbd/statcache.c:274(stat_cache_lookup) stat_cache_lookup: lookup succeeded for name [AAA] -> [aaa] [2009/10/23 16:51:03, 5] smbd/filename.c:303(unix_convert) unix_convert begin: name = aaa/*, dirpath = aaa, start = * [2009/10/23 16:51:03, 10] smbd/mangle_hash2.c:239(is_mangled) is_mangled * ? [2009/10/23 16:51:03, 10] smbd/mangle_hash2.c:178(is_mangled_component) is_mangled_component * (len 1) ? [2009/10/23 16:51:03, 10] smbd/mangle_hash2.c:239(is_mangled) is_mangled * ? [2009/10/23 16:51:03, 10] smbd/mangle_hash2.c:178(is_mangled_component) is_mangled_component * (len 1) ? [2009/10/23 16:51:03, 5] smbd/filename.c:564(unix_convert) New file * [2009/10/23 16:51:03, 5] smbd/trans2.c:2014(call_trans2findfirst) dir=aaa, mask = * [2009/10/23 16:51:03, 5] smbd/dir.c:394(dptr_create) dptr_create dir=aaa [2009/10/23 16:51:03, 3] smbd/dir.c:512(dptr_create) creating new dirptr 256 for path aaa, expect_close = 1 [2009/10/23 16:51:03, 4] smbd/trans2.c:2081(call_trans2findfirst) dptr_num is 256, wcard = *, attr = 22 [2009/10/23 16:51:03, 8] smbd/trans2.c:2089(call_trans2findfirst) dirpath= dontdescend=<> [2009/10/23 16:51:03, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb80b4528 now at offset 0 [2009/10/23 16:51:03, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa/. [2009/10/23 16:51:03, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa/. [2009/10/23 16:51:03, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning d [2009/10/23 16:51:03, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning d [2009/10/23 16:51:03, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:18:29 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 2 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 3, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[1]: UNUSED pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x20080, mid = 0x0, type= 0x40, gen_id = 38, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:03, 5] smbd/trans2.c:1445(get_lanman2_dir_entry) get_lanman2_dir_entry: found aaa/. fname=. [2009/10/23 16:51:03, 10] smbd/trans2.c:1597(get_lanman2_dir_entry) get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO [2009/10/23 16:51:03, 10] smbd/trans2.c:204(get_ea_names_from_file) get_ea_list_from_file: ea_namelist size = 40 [2009/10/23 16:51:03, 10] smbd/trans2.c:314(get_ea_list_from_file) get_ea_list_from_file: total_len = 0 [2009/10/23 16:51:03, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb80b4528 now at offset -2147483648 [2009/10/23 16:51:03, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa/.. [2009/10/23 16:51:03, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa/.. [2009/10/23 16:51:03, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa/.. [2009/10/23 16:51:03, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 4294967295 for file aaa/.. [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1001 gid 0 (root) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1000 uid 0 (root) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:03, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1000 uid 0 (root) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1001 gid 0 (root) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 [2009/10/23 16:51:03, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning rd [2009/10/23 16:51:03, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning rd [2009/10/23 16:51:03, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:04:41 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 3 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 1, uid = 30006, flags = 0, file_id 832:352565:0 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[1]: UNUSED pid = 8808, share_access = 0x7, private_options = 0x0, access_mask = 0x1f01ff, mid = 0x0, type= 0x40, gen_id = 5680, uid = 0, flags = 0, file_id 832:352565:0 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[2]: UNUSED pid = 8808, share_access = 0x7, private_options = 0x0, access_mask = 0x1f01ff, mid = 0x0, type= 0x40, gen_id = 4672, uid = 0, flags = 0, file_id 832:352565:0 [2009/10/23 16:51:03, 5] smbd/trans2.c:1445(get_lanman2_dir_entry) get_lanman2_dir_entry: found aaa/.. fname=.. [2009/10/23 16:51:03, 10] smbd/trans2.c:1597(get_lanman2_dir_entry) get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO [2009/10/23 16:51:03, 10] smbd/trans2.c:204(get_ea_names_from_file) get_ea_list_from_file: ea_namelist size = 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa/bbb [2009/10/23 16:51:03, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 43 for file aaa/bbb [2009/10/23 16:51:03, 10] smbd/posix_acls.c:544(create_pai_val_v2) create_pai_val_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:395(get_pai_owner_type) get_pai_owner_type: gid = 50001 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:03, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Default ace entries before arrange : [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:03, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2969(merge_default_aces) merge_default_aces: Merging zero access ACE 2 onto ACE 5. [2009/10/23 16:51:03, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb80b4528 now at offset 4096 [2009/10/23 16:51:03, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa/bbb [2009/10/23 16:51:03, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa/bbb [2009/10/23 16:51:03, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning d [2009/10/23 16:51:03, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning d [2009/10/23 16:51:03, 10] locking/locking.c:891(fetch_share_mode_unlocked) fetch_share_mode_unlocked: no share_mode record around (file not open) [2009/10/23 16:51:03, 5] smbd/trans2.c:1445(get_lanman2_dir_entry) get_lanman2_dir_entry: found aaa/bbb fname=bbb [2009/10/23 16:51:03, 10] smbd/trans2.c:1597(get_lanman2_dir_entry) get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO [2009/10/23 16:51:03, 10] smbd/trans2.c:204(get_ea_names_from_file) get_ea_list_from_file: ea_namelist size = 40 [2009/10/23 16:51:03, 10] smbd/trans2.c:314(get_ea_list_from_file) get_ea_list_from_file: total_len = 0 [2009/10/23 16:51:03, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb80b4528 now at offset -1 [2009/10/23 16:51:03, 5] smbd/trans2.c:2145(call_trans2findfirst) call_trans2findfirst - (2) closing dptr_num 256 [2009/10/23 16:51:03, 4] smbd/dir.c:243(dptr_close_internal) closing dptr key 256 [2009/10/23 16:51:03, 9] smbd/trans2.c:820(send_trans2_replies) t2_rep: params_sent_thistime = 10, data_sent_thistime = 296, useable_space = 131010 [2009/10/23 16:51:03, 9] smbd/trans2.c:822(send_trans2_replies) t2_rep: params_to_send = 10, data_to_send = 296, paramsize = 10, datasize = 296 [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=364 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=15233 smt_wct=10 smb_vwv[ 0]= 10 (0xA) smb_vwv[ 1]= 296 (0x128) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 10 (0xA) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 296 (0x128) smb_vwv[ 7]= 68 (0x44) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=309 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 FD FF 03 00 01 00 00 00 C4 00 00 00 60 00 00 ........ .....`.. [0010] 00 00 00 00 00 80 C0 80 4F E3 53 CA 01 00 4F 59 ........ O.S...OY [0020] 3D F0 53 CA 01 80 C0 80 4F E3 53 CA 01 80 C0 80 =.S..... O.S..... [0030] 4F E3 53 CA 01 00 00 00 00 00 00 00 00 00 00 00 O.S..... ........ [0040] 00 00 00 00 00 10 00 00 00 02 00 00 00 00 00 00 ........ ........ [0050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0060] 00 00 00 00 00 00 00 00 00 00 00 2E 00 64 00 00 ........ .....d.. [0070] 00 00 00 00 00 80 FA F9 61 E1 53 CA 01 00 D8 C9 ........ a.S..... [0080] 36 EE 53 CA 01 80 FA F9 61 E1 53 CA 01 80 FA F9 6.S..... a.S..... [0090] 61 E1 53 CA 01 00 00 00 00 00 00 00 00 00 00 00 a.S..... ........ [00A0] 00 00 00 00 00 11 00 00 00 04 00 00 00 00 00 00 ........ ........ [00B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [00C0] 00 00 00 00 00 00 00 00 00 00 00 2E 00 2E 00 00 ........ ........ [00D0] 00 64 00 00 00 00 00 00 00 00 FD B6 4D E3 53 CA .d...... ....M.S. [00E0] 01 00 4F 59 3D F0 53 CA 01 00 FD B6 4D E3 53 CA ..OY=.S. ....M.S. [00F0] 01 00 FD B6 4D E3 53 CA 01 00 00 00 00 00 00 00 ....M.S. ........ [0100] 00 00 00 00 00 00 00 00 00 10 00 00 00 06 00 00 ........ ........ [0110] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0120] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 62 ........ .......b [0130] 00 62 00 62 00 .b.b. [2009/10/23 16:51:03, 4] smbd/trans2.c:2189(call_trans2findfirst) SMBtrans2 mask=* directory=aaa dirtype=22 numentries=3 [2009/10/23 16:51:03, 10] smbd/mangle_hash2.c:613(hash2_name_to_8_3) hash2_name_to_8_3: * -> 0A877AA5 -> _2X68P~X (cache=1) [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 76 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x4c [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 265 of length 80 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=76 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=15297 smt_wct=15 smb_vwv[ 0]= 8 (0x8) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 2 (0x2) smb_vwv[ 3]= 40 (0x28) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 8 (0x8) smb_vwv[10]= 68 (0x44) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 5 (0x5) smb_bcc=11 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 EC 03 00 00 00 00 00 00 ........ ... [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans2 (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/trans2.c:3952(call_trans2qfilepathinfo) call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 1004 [2009/10/23 16:51:03, 5] smbd/filename.c:148(unix_convert) unix_convert called on file "" [2009/10/23 16:51:03, 5] smbd/filename.c:181(unix_convert) conversion finished "" -> . [2009/10/23 16:51:03, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:04:41 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 3 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 1, uid = 30006, flags = 0, file_id 832:352565:0 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[1]: UNUSED pid = 8808, share_access = 0x7, private_options = 0x0, access_mask = 0x1f01ff, mid = 0x0, type= 0x40, gen_id = 5680, uid = 0, flags = 0, file_id 832:352565:0 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[2]: UNUSED pid = 8808, share_access = 0x7, private_options = 0x0, access_mask = 0x1f01ff, mid = 0x0, type= 0x40, gen_id = 4672, uid = 0, flags = 0, file_id 832:352565:0 [2009/10/23 16:51:03, 3] smbd/trans2.c:4066(call_trans2qfilepathinfo) call_trans2qfilepathinfo . (fnum = -1) level=1004 call=5 total_data=0 [2009/10/23 16:51:03, 8] smbd/dosmode.c:474(dos_mode) dos_mode: . [2009/10/23 16:51:03, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file . [2009/10/23 16:51:03, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file . [2009/10/23 16:51:03, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 4294967295 for file . [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1001 gid 0 (root) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1000 uid 0 (root) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:03, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1000 uid 0 (root) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1001 gid 0 (root) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 [2009/10/23 16:51:03, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning rd [2009/10/23 16:51:03, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning rd [2009/10/23 16:51:03, 10] smbd/trans2.c:4308(call_trans2qfilepathinfo) call_trans2qfilepathinfo: SMB_FILE_BASIC_INFORMATION [2009/10/23 16:51:03, 5] smbd/trans2.c:4318(call_trans2qfilepathinfo) SMB_QFBI - create: Fri Oct 23 15:04:41 2009 access: Fri Oct 23 16:36:32 2009 write: Fri Oct 23 15:04:41 2009 change: Fri Oct 23 15:04:41 2009 mode: 11 [2009/10/23 16:51:03, 9] smbd/trans2.c:820(send_trans2_replies) t2_rep: params_sent_thistime = 2, data_sent_thistime = 40, useable_space = 131010 [2009/10/23 16:51:03, 9] smbd/trans2.c:822(send_trans2_replies) t2_rep: params_to_send = 2, data_to_send = 40, paramsize = 2, datasize = 40 [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=100 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=15297 smt_wct=10 smb_vwv[ 0]= 2 (0x2) smb_vwv[ 1]= 40 (0x28) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 2 (0x2) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 40 (0x28) smb_vwv[ 7]= 60 (0x3C) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=45 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 00 00 80 FA F9 61 E1 53 CA 01 00 D8 C9 ........ a.S..... [0010] 36 EE 53 CA 01 80 FA F9 61 E1 53 CA 01 80 FA F9 6.S..... a.S..... [0020] 61 E1 53 CA 01 11 00 00 00 00 00 00 00 a.S..... ..... [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 90 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x5a [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 266 of length 94 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=90 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=15361 smt_wct=15 smb_vwv[ 0]= 22 (0x16) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 10 (0xA) smb_vwv[ 3]=16384 (0x4000) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 22 (0x16) smb_vwv[10]= 68 (0x44) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 1 (0x1) smb_bcc=25 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 16 00 56 05 07 00 04 01 00 00 00 00 5C .....V.. .......\ [0010] 00 61 00 61 00 61 00 00 00 .a.a.a.. . [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans2 (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/trans2.c:1927(call_trans2findfirst) call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=1, close_if_end = 1 requires_resume_key = 1 level = 0x104, max_data_bytes = 16384 [2009/10/23 16:51:03, 5] smbd/filename.c:148(unix_convert) unix_convert called on file "aaa" [2009/10/23 16:51:03, 10] smbd/statcache.c:274(stat_cache_lookup) stat_cache_lookup: lookup succeeded for name [AAA] -> [aaa] [2009/10/23 16:51:03, 5] smbd/trans2.c:2014(call_trans2findfirst) dir=./, mask = aaa [2009/10/23 16:51:03, 5] smbd/dir.c:394(dptr_create) dptr_create dir=./ [2009/10/23 16:51:03, 3] smbd/dir.c:512(dptr_create) creating new dirptr 256 for path ./, expect_close = 1 [2009/10/23 16:51:03, 4] smbd/trans2.c:2081(call_trans2findfirst) dptr_num is 256, wcard = aaa, attr = 22 [2009/10/23 16:51:03, 8] smbd/trans2.c:2089(call_trans2findfirst) dirpath=<./> dontdescend=<> [2009/10/23 16:51:03, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file .//aaa [2009/10/23 16:51:03, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 43 for file .//aaa [2009/10/23 16:51:03, 10] smbd/posix_acls.c:544(create_pai_val_v2) create_pai_val_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:390(get_pai_owner_type) get_pai_owner_type: uid = 30006 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:03, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Default ace entries before arrange : [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:03, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2969(merge_default_aces) merge_default_aces: Merging zero access ACE 2 onto ACE 5. [2009/10/23 16:51:03, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb80aa870 now at offset -1 [2009/10/23 16:51:03, 8] smbd/dosmode.c:474(dos_mode) dos_mode: ./aaa [2009/10/23 16:51:03, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file ./aaa [2009/10/23 16:51:03, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning d [2009/10/23 16:51:03, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning d [2009/10/23 16:51:03, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:18:29 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 2 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 3, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[1]: UNUSED pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x20080, mid = 0x0, type= 0x40, gen_id = 38, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:03, 5] smbd/trans2.c:1445(get_lanman2_dir_entry) get_lanman2_dir_entry: found ./aaa fname=aaa [2009/10/23 16:51:03, 10] smbd/trans2.c:1597(get_lanman2_dir_entry) get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO [2009/10/23 16:51:03, 10] smbd/trans2.c:204(get_ea_names_from_file) get_ea_list_from_file: ea_namelist size = 40 [2009/10/23 16:51:03, 10] smbd/trans2.c:314(get_ea_list_from_file) get_ea_list_from_file: total_len = 0 [2009/10/23 16:51:03, 5] smbd/trans2.c:2145(call_trans2findfirst) call_trans2findfirst - (2) closing dptr_num 256 [2009/10/23 16:51:03, 4] smbd/dir.c:243(dptr_close_internal) closing dptr key 256 [2009/10/23 16:51:03, 9] smbd/trans2.c:820(send_trans2_replies) t2_rep: params_sent_thistime = 10, data_sent_thistime = 100, useable_space = 131010 [2009/10/23 16:51:03, 9] smbd/trans2.c:822(send_trans2_replies) t2_rep: params_to_send = 10, data_to_send = 100, paramsize = 10, datasize = 100 [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=168 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=15361 smt_wct=10 smb_vwv[ 0]= 10 (0xA) smb_vwv[ 1]= 100 (0x64) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 10 (0xA) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 100 (0x64) smb_vwv[ 7]= 68 (0x44) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=113 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 FD FF 01 00 01 00 00 00 00 00 00 00 64 00 00 ........ .....d.. [0010] 00 00 00 00 00 80 C0 80 4F E3 53 CA 01 80 E5 F1 ........ O.S..... [0020] 3D F0 53 CA 01 80 C0 80 4F E3 53 CA 01 80 C0 80 =.S..... O.S..... [0030] 4F E3 53 CA 01 00 00 00 00 00 00 00 00 00 00 00 O.S..... ........ [0040] 00 00 00 00 00 10 00 00 00 06 00 00 00 00 00 00 ........ ........ [0050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0060] 00 00 00 00 00 00 00 00 00 00 00 61 00 61 00 61 ........ ...a.a.a [0070] 00 . [2009/10/23 16:51:03, 4] smbd/trans2.c:2189(call_trans2findfirst) SMBtrans2 mask=aaa directory=./ dirtype=22 numentries=1 [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 94 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x5e [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 267 of length 98 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=94 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=15425 smt_wct=15 smb_vwv[ 0]= 26 (0x1A) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 10 (0xA) smb_vwv[ 3]=16384 (0x4000) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 26 (0x1A) smb_vwv[10]= 68 (0x44) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 1 (0x1) smb_bcc=29 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 16 00 56 05 06 00 04 01 00 00 00 00 5C .....V.. .......\ [0010] 00 61 00 61 00 61 00 5C 00 2A 00 00 00 .a.a.a.\ .*... [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans2 (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/trans2.c:1927(call_trans2findfirst) call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=0, close_if_end = 1 requires_resume_key = 1 level = 0x104, max_data_bytes = 16384 [2009/10/23 16:51:03, 5] smbd/filename.c:148(unix_convert) unix_convert called on file "aaa/*" [2009/10/23 16:51:03, 10] smbd/statcache.c:235(stat_cache_lookup) stat_cache_lookup: lookup failed for name [AAA/*] [2009/10/23 16:51:03, 10] smbd/statcache.c:274(stat_cache_lookup) stat_cache_lookup: lookup succeeded for name [AAA] -> [aaa] [2009/10/23 16:51:03, 5] smbd/filename.c:303(unix_convert) unix_convert begin: name = aaa/*, dirpath = aaa, start = * [2009/10/23 16:51:03, 10] smbd/mangle_hash2.c:239(is_mangled) is_mangled * ? [2009/10/23 16:51:03, 10] smbd/mangle_hash2.c:178(is_mangled_component) is_mangled_component * (len 1) ? [2009/10/23 16:51:03, 10] smbd/mangle_hash2.c:239(is_mangled) is_mangled * ? [2009/10/23 16:51:03, 10] smbd/mangle_hash2.c:178(is_mangled_component) is_mangled_component * (len 1) ? [2009/10/23 16:51:03, 5] smbd/filename.c:564(unix_convert) New file * [2009/10/23 16:51:03, 5] smbd/trans2.c:2014(call_trans2findfirst) dir=aaa, mask = * [2009/10/23 16:51:03, 5] smbd/dir.c:394(dptr_create) dptr_create dir=aaa [2009/10/23 16:51:03, 3] smbd/dir.c:512(dptr_create) creating new dirptr 256 for path aaa, expect_close = 1 [2009/10/23 16:51:03, 4] smbd/trans2.c:2081(call_trans2findfirst) dptr_num is 256, wcard = *, attr = 22 [2009/10/23 16:51:03, 8] smbd/trans2.c:2089(call_trans2findfirst) dirpath= dontdescend=<> [2009/10/23 16:51:03, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb80aa870 now at offset 0 [2009/10/23 16:51:03, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa/. [2009/10/23 16:51:03, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa/. [2009/10/23 16:51:03, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning d [2009/10/23 16:51:03, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning d [2009/10/23 16:51:03, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:18:29 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 2 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 3, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[1]: UNUSED pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x20080, mid = 0x0, type= 0x40, gen_id = 38, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:03, 5] smbd/trans2.c:1445(get_lanman2_dir_entry) get_lanman2_dir_entry: found aaa/. fname=. [2009/10/23 16:51:03, 10] smbd/trans2.c:1597(get_lanman2_dir_entry) get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO [2009/10/23 16:51:03, 10] smbd/trans2.c:204(get_ea_names_from_file) get_ea_list_from_file: ea_namelist size = 40 [2009/10/23 16:51:03, 10] smbd/trans2.c:314(get_ea_list_from_file) get_ea_list_from_file: total_len = 0 [2009/10/23 16:51:03, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb80aa870 now at offset -2147483648 [2009/10/23 16:51:03, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa/.. [2009/10/23 16:51:03, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa/.. [2009/10/23 16:51:03, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa/.. [2009/10/23 16:51:03, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 4294967295 for file aaa/.. [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1001 gid 0 (root) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1000 uid 0 (root) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:03, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1000 uid 0 (root) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1001 gid 0 (root) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 [2009/10/23 16:51:03, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning rd [2009/10/23 16:51:03, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning rd [2009/10/23 16:51:03, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:04:41 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 3 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 1, uid = 30006, flags = 0, file_id 832:352565:0 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[1]: UNUSED pid = 8808, share_access = 0x7, private_options = 0x0, access_mask = 0x1f01ff, mid = 0x0, type= 0x40, gen_id = 5680, uid = 0, flags = 0, file_id 832:352565:0 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[2]: UNUSED pid = 8808, share_access = 0x7, private_options = 0x0, access_mask = 0x1f01ff, mid = 0x0, type= 0x40, gen_id = 4672, uid = 0, flags = 0, file_id 832:352565:0 [2009/10/23 16:51:03, 5] smbd/trans2.c:1445(get_lanman2_dir_entry) get_lanman2_dir_entry: found aaa/.. fname=.. [2009/10/23 16:51:03, 10] smbd/trans2.c:1597(get_lanman2_dir_entry) get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO [2009/10/23 16:51:03, 10] smbd/trans2.c:204(get_ea_names_from_file) get_ea_list_from_file: ea_namelist size = 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa/bbb [2009/10/23 16:51:03, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 43 for file aaa/bbb [2009/10/23 16:51:03, 10] smbd/posix_acls.c:544(create_pai_val_v2) create_pai_val_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:395(get_pai_owner_type) get_pai_owner_type: gid = 50001 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:03, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Default ace entries before arrange : [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:03, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2969(merge_default_aces) merge_default_aces: Merging zero access ACE 2 onto ACE 5. [2009/10/23 16:51:03, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb80aa870 now at offset 4096 [2009/10/23 16:51:03, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa/bbb [2009/10/23 16:51:03, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa/bbb [2009/10/23 16:51:03, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning d [2009/10/23 16:51:03, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning d [2009/10/23 16:51:03, 10] locking/locking.c:891(fetch_share_mode_unlocked) fetch_share_mode_unlocked: no share_mode record around (file not open) [2009/10/23 16:51:03, 5] smbd/trans2.c:1445(get_lanman2_dir_entry) get_lanman2_dir_entry: found aaa/bbb fname=bbb [2009/10/23 16:51:03, 10] smbd/trans2.c:1597(get_lanman2_dir_entry) get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO [2009/10/23 16:51:03, 10] smbd/trans2.c:204(get_ea_names_from_file) get_ea_list_from_file: ea_namelist size = 40 [2009/10/23 16:51:03, 10] smbd/trans2.c:314(get_ea_list_from_file) get_ea_list_from_file: total_len = 0 [2009/10/23 16:51:03, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb80aa870 now at offset -1 [2009/10/23 16:51:03, 5] smbd/trans2.c:2145(call_trans2findfirst) call_trans2findfirst - (2) closing dptr_num 256 [2009/10/23 16:51:03, 4] smbd/dir.c:243(dptr_close_internal) closing dptr key 256 [2009/10/23 16:51:03, 9] smbd/trans2.c:820(send_trans2_replies) t2_rep: params_sent_thistime = 10, data_sent_thistime = 296, useable_space = 131010 [2009/10/23 16:51:03, 9] smbd/trans2.c:822(send_trans2_replies) t2_rep: params_to_send = 10, data_to_send = 296, paramsize = 10, datasize = 296 [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=364 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=15425 smt_wct=10 smb_vwv[ 0]= 10 (0xA) smb_vwv[ 1]= 296 (0x128) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 10 (0xA) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 296 (0x128) smb_vwv[ 7]= 68 (0x44) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=309 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 FD FF 03 00 01 00 00 00 C4 00 00 00 60 00 00 ........ .....`.. [0010] 00 00 00 00 00 80 C0 80 4F E3 53 CA 01 80 E5 F1 ........ O.S..... [0020] 3D F0 53 CA 01 80 C0 80 4F E3 53 CA 01 80 C0 80 =.S..... O.S..... [0030] 4F E3 53 CA 01 00 00 00 00 00 00 00 00 00 00 00 O.S..... ........ [0040] 00 00 00 00 00 10 00 00 00 02 00 00 00 00 00 00 ........ ........ [0050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0060] 00 00 00 00 00 00 00 00 00 00 00 2E 00 64 00 00 ........ .....d.. [0070] 00 00 00 00 00 80 FA F9 61 E1 53 CA 01 00 D8 C9 ........ a.S..... [0080] 36 EE 53 CA 01 80 FA F9 61 E1 53 CA 01 80 FA F9 6.S..... a.S..... [0090] 61 E1 53 CA 01 00 00 00 00 00 00 00 00 00 00 00 a.S..... ........ [00A0] 00 00 00 00 00 11 00 00 00 04 00 00 00 00 00 00 ........ ........ [00B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [00C0] 00 00 00 00 00 00 00 00 00 00 00 2E 00 2E 00 00 ........ ........ [00D0] 00 64 00 00 00 00 00 00 00 00 FD B6 4D E3 53 CA .d...... ....M.S. [00E0] 01 00 4F 59 3D F0 53 CA 01 00 FD B6 4D E3 53 CA ..OY=.S. ....M.S. [00F0] 01 00 FD B6 4D E3 53 CA 01 00 00 00 00 00 00 00 ....M.S. ........ [0100] 00 00 00 00 00 00 00 00 00 10 00 00 00 06 00 00 ........ ........ [0110] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0120] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 62 ........ .......b [0130] 00 62 00 62 00 .b.b. [2009/10/23 16:51:03, 4] smbd/trans2.c:2189(call_trans2findfirst) SMBtrans2 mask=* directory=aaa dirtype=22 numentries=3 [2009/10/23 16:51:03, 10] smbd/mangle_hash2.c:613(hash2_name_to_8_3) hash2_name_to_8_3: * -> 0A877AA5 -> _2X68P~X (cache=1) [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 70 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x46 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 268 of length 74 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=70 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=15491 smt_wct=15 smb_vwv[ 0]= 2 (0x2) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 560 (0x230) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 2 (0x2) smb_vwv[10]= 68 (0x44) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 3 (0x3) smb_bcc=5 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 EF 03 ..... [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans2 (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/trans2.c:2599(call_trans2qfsinfo) call_trans2qfsinfo: level = 1007 [2009/10/23 16:51:03, 10] lib/sysquotas.c:431(sys_get_quota) sys_get_quota() uid(0, 30006) [2009/10/23 16:51:03, 10] lib/sysquotas_linux.c:319(sys_get_linux_gen_quota) sys_get_linux_gen_quota: path[/] bdev[/dev/sdd2] SMB_USER_QUOTA_TYPE uid[30006] [2009/10/23 16:51:03, 10] lib/sysquotas_linux.c:185(sys_get_linux_v2_quota) sys_get_linux_v2_quota: path[/] bdev[/dev/sdd2] SMB_USER_QUOTA_TYPE uid[30006] [2009/10/23 16:51:03, 10] lib/sysquotas_linux.c:51(sys_get_linux_v1_quota) sys_get_linux_v1_quota: path[/] bdev[/dev/sdd2] SMB_USER_QUOTA_TYPE uid[30006] [2009/10/23 16:51:03, 3] lib/sysquotas.c:453(sys_get_quota) sys_get_vfs_quota() failed for mntpath[/] bdev[/dev/sdd2] qtype[2] id[30006]: Invalid argument [2009/10/23 16:51:03, 10] lib/sysquotas.c:431(sys_get_quota) sys_get_quota() uid(0, 30006) [2009/10/23 16:51:03, 10] lib/sysquotas_linux.c:328(sys_get_linux_gen_quota) sys_get_linux_gen_quota: path[/] bdev[/dev/sdd2] SMB_GROUP_QUOTA_TYPE gid[50001] [2009/10/23 16:51:03, 10] lib/sysquotas_linux.c:194(sys_get_linux_v2_quota) sys_get_linux_v2_quota: path[/] bdev[/dev/sdd2] SMB_GROUP_QUOTA_TYPE gid[50001] [2009/10/23 16:51:03, 10] lib/sysquotas_linux.c:60(sys_get_linux_v1_quota) sys_get_linux_v1_quota: path[/] bdev[/dev/sdd2] SMB_GROUP_QUOTA_TYPE gid[50001] [2009/10/23 16:51:03, 3] lib/sysquotas.c:453(sys_get_quota) sys_get_vfs_quota() failed for mntpath[/] bdev[/dev/sdd2] qtype[4] id[50001]: Invalid argument [2009/10/23 16:51:03, 5] smbd/trans2.c:2797(call_trans2qfsinfo) call_trans2qfsinfo : SMB_QUERY_FS_FULL_SIZE_INFO bsize=1024, cSectorUnit=2, cBytesSector=512, cUnitTotal=34202568, cUnitAvail=11907104 [2009/10/23 16:51:03, 9] smbd/trans2.c:820(send_trans2_replies) t2_rep: params_sent_thistime = 0, data_sent_thistime = 32, useable_space = 131012 [2009/10/23 16:51:03, 9] smbd/trans2.c:822(send_trans2_replies) t2_rep: params_to_send = 0, data_to_send = 32, paramsize = 0, datasize = 32 [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=88 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=15491 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 32 (0x20) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 32 (0x20) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=33 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 C8 E3 09 02 00 00 00 00 20 B0 B5 00 00 00 00 ........ . ...... [0010] 00 20 B0 B5 00 00 00 00 00 02 00 00 00 00 02 00 . ...... ........ [0020] 00 . [2009/10/23 16:51:03, 4] smbd/trans2.c:3128(call_trans2qfsinfo) SMBtrans2 info_level = 1007 [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 86 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x56 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 269 of length 90 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=86 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=15555 smt_wct=15 smb_vwv[ 0]= 18 (0x12) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 10 (0xA) smb_vwv[ 3]=16384 (0x4000) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 18 (0x12) smb_vwv[10]= 68 (0x44) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 1 (0x1) smb_bcc=21 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 16 00 56 05 06 00 04 01 00 00 00 00 5C .....V.. .......\ [0010] 00 2A 00 00 00 .*... [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans2 (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/trans2.c:1927(call_trans2findfirst) call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=0, close_if_end = 1 requires_resume_key = 1 level = 0x104, max_data_bytes = 16384 [2009/10/23 16:51:03, 5] smbd/filename.c:148(unix_convert) unix_convert called on file "*" [2009/10/23 16:51:03, 10] smbd/statcache.c:235(stat_cache_lookup) stat_cache_lookup: lookup failed for name [*] [2009/10/23 16:51:03, 5] smbd/filename.c:303(unix_convert) unix_convert begin: name = *, dirpath = , start = * [2009/10/23 16:51:03, 10] smbd/mangle_hash2.c:239(is_mangled) is_mangled * ? [2009/10/23 16:51:03, 10] smbd/mangle_hash2.c:178(is_mangled_component) is_mangled_component * (len 1) ? [2009/10/23 16:51:03, 10] smbd/mangle_hash2.c:239(is_mangled) is_mangled * ? [2009/10/23 16:51:03, 10] smbd/mangle_hash2.c:178(is_mangled_component) is_mangled_component * (len 1) ? [2009/10/23 16:51:03, 5] smbd/filename.c:564(unix_convert) New file * [2009/10/23 16:51:03, 5] smbd/trans2.c:2014(call_trans2findfirst) dir=./, mask = * [2009/10/23 16:51:03, 5] smbd/dir.c:394(dptr_create) dptr_create dir=./ [2009/10/23 16:51:03, 3] smbd/dir.c:512(dptr_create) creating new dirptr 256 for path ./, expect_close = 1 [2009/10/23 16:51:03, 4] smbd/trans2.c:2081(call_trans2findfirst) dptr_num is 256, wcard = *, attr = 22 [2009/10/23 16:51:03, 8] smbd/trans2.c:2089(call_trans2findfirst) dirpath=<./> dontdescend=<> [2009/10/23 16:51:03, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb80ad4a8 now at offset 0 [2009/10/23 16:51:03, 8] smbd/dosmode.c:474(dos_mode) dos_mode: ./. [2009/10/23 16:51:03, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file ./. [2009/10/23 16:51:03, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file ./. [2009/10/23 16:51:03, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 4294967295 for file ./. [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1001 gid 0 (root) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1000 uid 0 (root) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:03, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1000 uid 0 (root) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1001 gid 0 (root) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 [2009/10/23 16:51:03, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning rd [2009/10/23 16:51:03, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning rd [2009/10/23 16:51:03, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:04:41 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 3 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 1, uid = 30006, flags = 0, file_id 832:352565:0 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[1]: UNUSED pid = 8808, share_access = 0x7, private_options = 0x0, access_mask = 0x1f01ff, mid = 0x0, type= 0x40, gen_id = 5680, uid = 0, flags = 0, file_id 832:352565:0 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[2]: UNUSED pid = 8808, share_access = 0x7, private_options = 0x0, access_mask = 0x1f01ff, mid = 0x0, type= 0x40, gen_id = 4672, uid = 0, flags = 0, file_id 832:352565:0 [2009/10/23 16:51:03, 5] smbd/trans2.c:1445(get_lanman2_dir_entry) get_lanman2_dir_entry: found ./. fname=. [2009/10/23 16:51:03, 10] smbd/trans2.c:1597(get_lanman2_dir_entry) get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO [2009/10/23 16:51:03, 10] smbd/trans2.c:204(get_ea_names_from_file) get_ea_list_from_file: ea_namelist size = 0 [2009/10/23 16:51:03, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb80ad4a8 now at offset -2147483648 [2009/10/23 16:51:03, 8] smbd/dosmode.c:474(dos_mode) dos_mode: ./.. [2009/10/23 16:51:03, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file ./.. [2009/10/23 16:51:03, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file ./.. [2009/10/23 16:51:03, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 4294967295 for file ./.. [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1001 gid 0 (root) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1000 uid 0 (root) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:03, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1000 uid 0 (root) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1001 gid 0 (root) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 [2009/10/23 16:51:03, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning rd [2009/10/23 16:51:03, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning rd [2009/10/23 16:51:03, 10] locking/locking.c:891(fetch_share_mode_unlocked) fetch_share_mode_unlocked: no share_mode record around (file not open) [2009/10/23 16:51:03, 5] smbd/trans2.c:1445(get_lanman2_dir_entry) get_lanman2_dir_entry: found ./.. fname=.. [2009/10/23 16:51:03, 10] smbd/trans2.c:1597(get_lanman2_dir_entry) get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO [2009/10/23 16:51:03, 10] smbd/trans2.c:204(get_ea_names_from_file) get_ea_list_from_file: ea_namelist size = 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file .//aaa [2009/10/23 16:51:03, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 43 for file .//aaa [2009/10/23 16:51:03, 10] smbd/posix_acls.c:544(create_pai_val_v2) create_pai_val_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:390(get_pai_owner_type) get_pai_owner_type: uid = 30006 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:03, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Default ace entries before arrange : [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:03, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2969(merge_default_aces) merge_default_aces: Merging zero access ACE 2 onto ACE 5. [2009/10/23 16:51:03, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb80ad4a8 now at offset 4096 [2009/10/23 16:51:03, 8] smbd/dosmode.c:474(dos_mode) dos_mode: ./aaa [2009/10/23 16:51:03, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file ./aaa [2009/10/23 16:51:03, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning d [2009/10/23 16:51:03, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning d [2009/10/23 16:51:03, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:18:29 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 2 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 3, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[1]: UNUSED pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x20080, mid = 0x0, type= 0x40, gen_id = 38, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:03, 5] smbd/trans2.c:1445(get_lanman2_dir_entry) get_lanman2_dir_entry: found ./aaa fname=aaa [2009/10/23 16:51:03, 10] smbd/trans2.c:1597(get_lanman2_dir_entry) get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO [2009/10/23 16:51:03, 10] smbd/trans2.c:204(get_ea_names_from_file) get_ea_list_from_file: ea_namelist size = 40 [2009/10/23 16:51:03, 10] smbd/trans2.c:314(get_ea_list_from_file) get_ea_list_from_file: total_len = 0 [2009/10/23 16:51:03, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb80ad4a8 now at offset -1 [2009/10/23 16:51:03, 5] smbd/trans2.c:2145(call_trans2findfirst) call_trans2findfirst - (2) closing dptr_num 256 [2009/10/23 16:51:03, 4] smbd/dir.c:243(dptr_close_internal) closing dptr key 256 [2009/10/23 16:51:03, 9] smbd/trans2.c:820(send_trans2_replies) t2_rep: params_sent_thistime = 10, data_sent_thistime = 296, useable_space = 131010 [2009/10/23 16:51:03, 9] smbd/trans2.c:822(send_trans2_replies) t2_rep: params_to_send = 10, data_to_send = 296, paramsize = 10, datasize = 296 [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=364 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=15555 smt_wct=10 smb_vwv[ 0]= 10 (0xA) smb_vwv[ 1]= 296 (0x128) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 10 (0xA) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 296 (0x128) smb_vwv[ 7]= 68 (0x44) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=309 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 FD FF 03 00 01 00 00 00 C4 00 00 00 60 00 00 ........ .....`.. [0010] 00 00 00 00 00 80 FA F9 61 E1 53 CA 01 00 D8 C9 ........ a.S..... [0020] 36 EE 53 CA 01 80 FA F9 61 E1 53 CA 01 80 FA F9 6.S..... a.S..... [0030] 61 E1 53 CA 01 00 00 00 00 00 00 00 00 00 00 00 a.S..... ........ [0040] 00 00 00 00 00 11 00 00 00 02 00 00 00 00 00 00 ........ ........ [0050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0060] 00 00 00 00 00 00 00 00 00 00 00 2E 00 64 00 00 ........ .....d.. [0070] 00 00 00 00 00 80 FF 8C 8A 0A 43 C9 01 00 CE 02 ........ ..C..... [0080] B9 E7 53 CA 01 80 FF 8C 8A 0A 43 C9 01 80 FF 8C ..S..... ..C..... [0090] 8A 0A 43 C9 01 00 00 00 00 00 00 00 00 00 00 00 ..C..... ........ [00A0] 00 00 00 00 00 11 00 00 00 04 00 00 00 00 00 00 ........ ........ [00B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [00C0] 00 00 00 00 00 00 00 00 00 00 00 2E 00 2E 00 00 ........ ........ [00D0] 00 64 00 00 00 00 00 00 00 80 C0 80 4F E3 53 CA .d...... ....O.S. [00E0] 01 80 E5 F1 3D F0 53 CA 01 80 C0 80 4F E3 53 CA ....=.S. ....O.S. [00F0] 01 80 C0 80 4F E3 53 CA 01 00 00 00 00 00 00 00 ....O.S. ........ [0100] 00 00 00 00 00 00 00 00 00 10 00 00 00 06 00 00 ........ ........ [0110] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0120] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 61 ........ .......a [0130] 00 61 00 61 00 .a.a. [2009/10/23 16:51:03, 4] smbd/trans2.c:2189(call_trans2findfirst) SMBtrans2 mask=* directory=./ dirtype=22 numentries=3 [2009/10/23 16:51:03, 10] smbd/mangle_hash2.c:613(hash2_name_to_8_3) hash2_name_to_8_3: * -> 0A877AA5 -> _2X68P~X (cache=1) [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 70 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x46 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 270 of length 74 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=70 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=15619 smt_wct=15 smb_vwv[ 0]= 2 (0x2) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 560 (0x230) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 2 (0x2) smb_vwv[10]= 68 (0x44) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 3 (0x3) smb_bcc=5 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 02 01 ..... [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans2 (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/trans2.c:2599(call_trans2qfsinfo) call_trans2qfsinfo: level = 258 [2009/10/23 16:51:03, 5] smbd/trans2.c:2735(call_trans2qfsinfo) call_trans2qfsinfo : SMB_QUERY_FS_VOLUME_INFO namelen = 4, vol=test serv=test [2009/10/23 16:51:03, 9] smbd/trans2.c:820(send_trans2_replies) t2_rep: params_sent_thistime = 0, data_sent_thistime = 26, useable_space = 131012 [2009/10/23 16:51:03, 9] smbd/trans2.c:822(send_trans2_replies) t2_rep: params_to_send = 0, data_to_send = 26, paramsize = 0, datasize = 26 [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=82 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=15619 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 26 (0x1A) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 26 (0x1A) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=27 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 00 00 00 00 00 00 D2 02 D5 08 08 00 00 ........ ........ [0010] 00 00 00 74 00 65 00 73 00 74 00 ...t.e.s .t. [2009/10/23 16:51:03, 4] smbd/trans2.c:3128(call_trans2qfsinfo) SMBtrans2 info_level = 258 [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 70 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x46 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 271 of length 74 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=70 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=15683 smt_wct=15 smb_vwv[ 0]= 2 (0x2) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 560 (0x230) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 2 (0x2) smb_vwv[10]= 68 (0x44) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 3 (0x3) smb_bcc=5 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 05 01 ..... [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans2 (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/trans2.c:2599(call_trans2qfsinfo) call_trans2qfsinfo: level = 261 [2009/10/23 16:51:03, 9] smbd/trans2.c:820(send_trans2_replies) t2_rep: params_sent_thistime = 0, data_sent_thistime = 20, useable_space = 131012 [2009/10/23 16:51:03, 9] smbd/trans2.c:822(send_trans2_replies) t2_rep: params_to_send = 0, data_to_send = 20, paramsize = 0, datasize = 20 [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=76 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=15683 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 20 (0x14) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 20 (0x14) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=21 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 2F 00 01 00 FF 00 00 00 08 00 00 00 4E 00 54 ./...... .....N.T [0010] 00 46 00 53 00 .F.S. [2009/10/23 16:51:03, 4] smbd/trans2.c:3128(call_trans2qfsinfo) SMBtrans2 info_level = 261 [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 70 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x46 [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 272 of length 74 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=70 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=15747 smt_wct=15 smb_vwv[ 0]= 2 (0x2) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 560 (0x230) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 2 (0x2) smb_vwv[10]= 68 (0x44) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 3 (0x3) smb_bcc=5 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 05 01 ..... [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans2 (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/trans2.c:2599(call_trans2qfsinfo) call_trans2qfsinfo: level = 261 [2009/10/23 16:51:03, 9] smbd/trans2.c:820(send_trans2_replies) t2_rep: params_sent_thistime = 0, data_sent_thistime = 20, useable_space = 131012 [2009/10/23 16:51:03, 9] smbd/trans2.c:822(send_trans2_replies) t2_rep: params_to_send = 0, data_to_send = 20, paramsize = 0, datasize = 20 [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=76 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=15747 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 20 (0x14) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 20 (0x14) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=21 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 2F 00 01 00 FF 00 00 00 08 00 00 00 4E 00 54 ./...... .....N.T [0010] 00 46 00 53 00 .F.S. [2009/10/23 16:51:03, 4] smbd/trans2.c:3128(call_trans2qfsinfo) SMBtrans2 info_level = 261 [2009/10/23 16:51:03, 10] lib/util_sock.c:789(read_smb_length_return_keepalive) got smb length of 94 [2009/10/23 16:51:03, 6] smbd/process.c:1456(process_smb) got message type 0x0 of len 0x5e [2009/10/23 16:51:03, 3] smbd/process.c:1459(process_smb) Transaction 273 of length 98 (0 toread) [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=94 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=24 smb_flg2=51207 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=15811 smt_wct=15 smb_vwv[ 0]= 26 (0x1A) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 10 (0xA) smb_vwv[ 3]=16384 (0x4000) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 26 (0x1A) smb_vwv[10]= 68 (0x44) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 1 (0x1) smb_bcc=29 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 00 00 16 00 56 05 06 00 04 01 00 00 00 00 5C .....V.. .......\ [0010] 00 61 00 61 00 61 00 5C 00 2A 00 00 00 .a.a.a.\ .*... [2009/10/23 16:51:03, 3] smbd/process.c:1273(switch_message) switch message SMBtrans2 (pid 8994) conn 0xb809bb40 [2009/10/23 16:51:03, 4] smbd/uid.c:256(change_to_user) change_to_user: Skipping user change - already user [2009/10/23 16:51:03, 3] smbd/trans2.c:1927(call_trans2findfirst) call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=0, close_if_end = 1 requires_resume_key = 1 level = 0x104, max_data_bytes = 16384 [2009/10/23 16:51:03, 5] smbd/filename.c:148(unix_convert) unix_convert called on file "aaa/*" [2009/10/23 16:51:03, 10] smbd/statcache.c:235(stat_cache_lookup) stat_cache_lookup: lookup failed for name [AAA/*] [2009/10/23 16:51:03, 10] smbd/statcache.c:274(stat_cache_lookup) stat_cache_lookup: lookup succeeded for name [AAA] -> [aaa] [2009/10/23 16:51:03, 5] smbd/filename.c:303(unix_convert) unix_convert begin: name = aaa/*, dirpath = aaa, start = * [2009/10/23 16:51:03, 10] smbd/mangle_hash2.c:239(is_mangled) is_mangled * ? [2009/10/23 16:51:03, 10] smbd/mangle_hash2.c:178(is_mangled_component) is_mangled_component * (len 1) ? [2009/10/23 16:51:03, 10] smbd/mangle_hash2.c:239(is_mangled) is_mangled * ? [2009/10/23 16:51:03, 10] smbd/mangle_hash2.c:178(is_mangled_component) is_mangled_component * (len 1) ? [2009/10/23 16:51:03, 5] smbd/filename.c:564(unix_convert) New file * [2009/10/23 16:51:03, 5] smbd/trans2.c:2014(call_trans2findfirst) dir=aaa, mask = * [2009/10/23 16:51:03, 5] smbd/dir.c:394(dptr_create) dptr_create dir=aaa [2009/10/23 16:51:03, 3] smbd/dir.c:512(dptr_create) creating new dirptr 256 for path aaa, expect_close = 1 [2009/10/23 16:51:03, 4] smbd/trans2.c:2081(call_trans2findfirst) dptr_num is 256, wcard = *, attr = 22 [2009/10/23 16:51:03, 8] smbd/trans2.c:2089(call_trans2findfirst) dirpath= dontdescend=<> [2009/10/23 16:51:03, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb80ad300 now at offset 0 [2009/10/23 16:51:03, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa/. [2009/10/23 16:51:03, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa/. [2009/10/23 16:51:03, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning d [2009/10/23 16:51:03, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning d [2009/10/23 16:51:03, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:18:29 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 2 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 3, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[1]: UNUSED pid = 8994, share_access = 0x7, private_options = 0x200000, access_mask = 0x20080, mid = 0x0, type= 0x40, gen_id = 38, uid = 30006, flags = 0, file_id 832:352562:0 [2009/10/23 16:51:03, 5] smbd/trans2.c:1445(get_lanman2_dir_entry) get_lanman2_dir_entry: found aaa/. fname=. [2009/10/23 16:51:03, 10] smbd/trans2.c:1597(get_lanman2_dir_entry) get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO [2009/10/23 16:51:03, 10] smbd/trans2.c:204(get_ea_names_from_file) get_ea_list_from_file: ea_namelist size = 40 [2009/10/23 16:51:03, 10] smbd/trans2.c:314(get_ea_list_from_file) get_ea_list_from_file: total_len = 0 [2009/10/23 16:51:03, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb80ad300 now at offset -2147483648 [2009/10/23 16:51:03, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa/.. [2009/10/23 16:51:03, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa/.. [2009/10/23 16:51:03, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa/.. [2009/10/23 16:51:03, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 4294967295 for file aaa/.. [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1001 gid 0 (root) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1000 uid 0 (root) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:03, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1000 uid 0 (root) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-1001 gid 0 (root) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 [2009/10/23 16:51:03, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning rd [2009/10/23 16:51:03, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning rd [2009/10/23 16:51:03, 10] locking/locking.c:552(parse_share_modes) parse_share_modes: delete_on_close: 0, owrt: Fri Oct 23 15:04:41 2009 CEST, cwrt: Thu Jan 1 01:00:00 1970 CET, tok: 0, num_share_modes: 3 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[0]: pid = 8994, share_access = 0x7, private_options = 0x1, access_mask = 0x100081, mid = 0x0, type= 0x0, gen_id = 1, uid = 30006, flags = 0, file_id 832:352565:0 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[1]: UNUSED pid = 8808, share_access = 0x7, private_options = 0x0, access_mask = 0x1f01ff, mid = 0x0, type= 0x40, gen_id = 5680, uid = 0, flags = 0, file_id 832:352565:0 [2009/10/23 16:51:03, 10] locking/locking.c:649(parse_share_modes) parse_share_modes: share_mode_entry[2]: UNUSED pid = 8808, share_access = 0x7, private_options = 0x0, access_mask = 0x1f01ff, mid = 0x0, type= 0x40, gen_id = 4672, uid = 0, flags = 0, file_id 832:352565:0 [2009/10/23 16:51:03, 5] smbd/trans2.c:1445(get_lanman2_dir_entry) get_lanman2_dir_entry: found aaa/.. fname=.. [2009/10/23 16:51:03, 10] smbd/trans2.c:1597(get_lanman2_dir_entry) get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO [2009/10/23 16:51:03, 10] smbd/trans2.c:204(get_ea_names_from_file) get_ea_list_from_file: ea_namelist size = 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:3347(posix_get_nt_acl) posix_get_nt_acl: called for file aaa/bbb [2009/10/23 16:51:03, 10] smbd/posix_acls.c:688(load_inherited_info) load_inherited_info: ret = 43 for file aaa/bbb [2009/10/23 16:51:03, 10] smbd/posix_acls.c:544(create_pai_val_v2) create_pai_val_v2: num_entries = 3, num_def_entries = 3 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:395(get_pai_owner_type) get_pai_owner_type: gid = 50001 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Access ace entries before arrange : [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:03, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-61012 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-5-21-3308023661-3915791984-1724325443-513 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2498(canonicalise_acl) canonicalise_acl: Default ace entries before arrange : [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2511(canonicalise_acl) canon_ace index 2. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx [2009/10/23 16:51:03, 10] smbd/posix_acls.c:817(print_canon_ace_list) print_canon_ace_list: canonicalise_acl: ace entries after arrange canon_ace index 0. Type = allow SID = S-1-3-0 uid 30006 (brot) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx canon_ace index 1. Type = allow SID = S-1-3-1 gid 50001 (users) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms --- canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms --- [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:1092(map_canon_ace_perms) map_canon_ace_perms: Mapped (UNIX) 0 to (NT) 0 [2009/10/23 16:51:03, 10] smbd/posix_acls.c:2969(merge_default_aces) merge_default_aces: Merging zero access ACE 2 onto ACE 5. [2009/10/23 16:51:03, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb80ad300 now at offset 4096 [2009/10/23 16:51:03, 8] smbd/dosmode.c:474(dos_mode) dos_mode: aaa/bbb [2009/10/23 16:51:03, 10] smbd/file_access.c:155(can_access_file_data) can_access_file_data: requesting 0x2 on file aaa/bbb [2009/10/23 16:51:03, 8] smbd/dosmode.c:175(dos_mode_from_sbuf) dos_mode_from_sbuf returning d [2009/10/23 16:51:03, 8] smbd/dosmode.c:521(dos_mode) dos_mode returning d [2009/10/23 16:51:03, 10] locking/locking.c:891(fetch_share_mode_unlocked) fetch_share_mode_unlocked: no share_mode record around (file not open) [2009/10/23 16:51:03, 5] smbd/trans2.c:1445(get_lanman2_dir_entry) get_lanman2_dir_entry: found aaa/bbb fname=bbb [2009/10/23 16:51:03, 10] smbd/trans2.c:1597(get_lanman2_dir_entry) get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO [2009/10/23 16:51:03, 10] smbd/trans2.c:204(get_ea_names_from_file) get_ea_list_from_file: ea_namelist size = 40 [2009/10/23 16:51:03, 10] smbd/trans2.c:314(get_ea_list_from_file) get_ea_list_from_file: total_len = 0 [2009/10/23 16:51:03, 8] smbd/trans2.c:1302(get_lanman2_dir_entry) get_lanman2_dir_entry:readdir on dirptr 0xb80ad300 now at offset -1 [2009/10/23 16:51:03, 5] smbd/trans2.c:2145(call_trans2findfirst) call_trans2findfirst - (2) closing dptr_num 256 [2009/10/23 16:51:03, 4] smbd/dir.c:243(dptr_close_internal) closing dptr key 256 [2009/10/23 16:51:03, 9] smbd/trans2.c:820(send_trans2_replies) t2_rep: params_sent_thistime = 10, data_sent_thistime = 296, useable_space = 131010 [2009/10/23 16:51:03, 9] smbd/trans2.c:822(send_trans2_replies) t2_rep: params_to_send = 10, data_to_send = 296, paramsize = 10, datasize = 296 [2009/10/23 16:51:03, 5] lib/util.c:632(show_msg) [2009/10/23 16:51:03, 5] lib/util.c:642(show_msg) size=364 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=2 smb_pid=1524 smb_uid=101 smb_mid=15811 smt_wct=10 smb_vwv[ 0]= 10 (0xA) smb_vwv[ 1]= 296 (0x128) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 10 (0xA) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 296 (0x128) smb_vwv[ 7]= 68 (0x44) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=309 [2009/10/23 16:51:03, 10] ../lib/util/util.c:304(_dump_data) [0000] 00 FD FF 03 00 01 00 00 00 C4 00 00 00 60 00 00 ........ .....`.. [0010] 00 00 00 00 00 80 C0 80 4F E3 53 CA 01 80 E5 F1 ........ O.S..... [0020] 3D F0 53 CA 01 80 C0 80 4F E3 53 CA 01 80 C0 80 =.S..... O.S..... [0030] 4F E3 53 CA 01 00 00 00 00 00 00 00 00 00 00 00 O.S..... ........ [0040] 00 00 00 00 00 10 00 00 00 02 00 00 00 00 00 00 ........ ........ [0050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0060] 00 00 00 00 00 00 00 00 00 00 00 2E 00 64 00 00 ........ .....d.. [0070] 00 00 00 00 00 80 FA F9 61 E1 53 CA 01 80 E5 F1 ........ a.S..... [0080] 3D F0 53 CA 01 80 FA F9 61 E1 53 CA 01 80 FA F9 =.S..... a.S..... [0090] 61 E1 53 CA 01 00 00 00 00 00 00 00 00 00 00 00 a.S..... ........ [00A0] 00 00 00 00 00 11 00 00 00 04 00 00 00 00 00 00 ........ ........ [00B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [00C0] 00 00 00 00 00 00 00 00 00 00 00 2E 00 2E 00 00 ........ ........ [00D0] 00 64 00 00 00 00 00 00 00 00 FD B6 4D E3 53 CA .d...... ....M.S. [00E0] 01 00 4F 59 3D F0 53 CA 01 00 FD B6 4D E3 53 CA ..OY=.S. ....M.S. [00F0] 01 00 FD B6 4D E3 53 CA 01 00 00 00 00 00 00 00 ....M.S. ........ [0100] 00 00 00 00 00 00 00 00 00 10 00 00 00 06 00 00 ........ ........ [0110] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0120] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 62 ........ .......b [0130] 00 62 00 62 00 .b.b. [2009/10/23 16:51:03, 4] smbd/trans2.c:2189(call_trans2findfirst) SMBtrans2 mask=* directory=aaa dirtype=22 numentries=3 [2009/10/23 16:51:03, 10] smbd/mangle_hash2.c:613(hash2_name_to_8_3) hash2_name_to_8_3: * -> 0A877AA5 -> _2X68P~X (cache=1) [2009/10/23 16:51:11, 10] lib/messages_local.c:73(messaging_tdb_signal_handler) messaging_tdb_signal_handler: sig[10] count[1] msgs[1] [2009/10/23 16:51:11, 10] lib/messages_local.c:447(message_dispatch) message_dispatch: received_messages = 1 [2009/10/23 16:51:11, 10] lib/messages_local.c:196(messaging_tdb_fetch) messaging_tdb_fetch: [2009/10/23 16:51:11, 1] ../librpc/ndr/ndr.c:214(ndr_print_debug) result: struct messaging_array num_messages : 0x00000001 (1) messages: ARRAY(1) messages: struct messaging_rec msg_version : 0x00000002 (2) msg_type : MSG_DEBUG (1) dest: struct server_id id : 0x00002322 (8994) vnn : 0xffffffff (4294967295) src: struct server_id id : 0x00002358 (9048) vnn : 0xffffffff (4294967295) buf : DATA_BLOB length=2 [2009/10/23 16:51:11, 10] ../lib/util/util.c:304(_dump_data) [0000] 30 00 0. [2009/10/23 16:51:11, 3] lib/debug.c:509(debug_message) INFO: Remote set of debug to `0' (pid 8994 from pid 9048)