[2010/07/07 16:28:51.324451, 10] ../lib/util/util.c:278(_dump_data) [0000] A0 06 98 CC F9 16 64 09 ......d. [2010/07/07 16:28:51.324717, 5] rpc_parse/parse_prs.c:89(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 00ac 000a auth_len : 0000 000c call_id : 00000002 [2010/07/07 16:28:51.324804, 5] rpc_parse/parse_prs.c:89(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000094 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2010/07/07 16:28:51.324848, 10] rpc_client/cli_pipe.c:1002(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 172, data_len 148, ss_len 0 [2010/07/07 16:28:51.324867, 10] rpc_client/cli_pipe.c:1471(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 172 at offset 0: NT_STATUS_OK [2010/07/07 16:28:51.324885, 10] rpc_client/cli_pipe.c:1522(rpc_api_pipe_got_pdu) rpc_api_pipe: host bismit.gla-rlp.de returned 296 bytes. [2010/07/07 16:28:51.324921, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) dssetup_DsRoleGetPrimaryDomainInformation: struct dssetup_DsRoleGetPrimaryDomainInformation out: struct dssetup_DsRoleGetPrimaryDomainInformation info : * info : union dssetup_DsRoleInfo(case 1) basic: struct dssetup_DsRolePrimaryDomInfoBasic role : DS_ROLE_PRIMARY_DC (5) flags : 0x01000001 (16777217) 1: DS_ROLE_PRIMARY_DS_RUNNING 0: DS_ROLE_PRIMARY_DS_MIXED_MODE 0: DS_ROLE_UPGRADE_IN_PROGRESS 1: DS_ROLE_PRIMARY_DOMAIN_GUID_PRESENT domain : * domain : 'GLA-RLP' dns_domain : * dns_domain : 'gla-rlp.de' forest : * forest : 'gla-rlp.de' domain_guid : f0c023a0-e4cd-4aa1-823c-97535c4e9ae1 result : WERR_OK [2010/07/07 16:28:51.325095, 10] libsmb/smb_signing.c:115(smb_signing_md5) smb_signing_md5: sequence number 10 [2010/07/07 16:28:51.325114, 10] libsmb/smb_signing.c:209(smb_signing_sign_pdu) smb_signing_sign_pdu: sent SMB signature of [2010/07/07 16:28:51.325131, 10] ../lib/util/util.c:278(_dump_data) [0000] 67 90 4C A2 D6 53 55 E8 g.L..SU. [2010/07/07 16:28:51.325316, 10] libsmb/smb_signing.c:115(smb_signing_md5) smb_signing_md5: sequence number 11 [2010/07/07 16:28:51.325336, 10] libsmb/smb_signing.c:267(smb_signing_check_pdu) smb_signing_check_pdu: seq 11: got good SMB signature of [2010/07/07 16:28:51.325354, 10] ../lib/util/util.c:278(_dump_data) [0000] 28 3D D1 EF 7F BC BC 41 (=.....A [2010/07/07 16:28:51.325383, 10] rpc_client/rpc_transport_np.c:81(rpc_transport_np_state_destructor) rpc_pipe_destructor: closed \lsarpc [2010/07/07 16:28:51.325413, 10] libsmb/smb_signing.c:115(smb_signing_md5) smb_signing_md5: sequence number 12 [2010/07/07 16:28:51.325432, 10] libsmb/smb_signing.c:209(smb_signing_sign_pdu) smb_signing_sign_pdu: sent SMB signature of [2010/07/07 16:28:51.325449, 10] ../lib/util/util.c:278(_dump_data) [0000] 07 AC 19 44 2A 7E DC 74 ...D*~.t [2010/07/07 16:28:51.325664, 10] libsmb/smb_signing.c:115(smb_signing_md5) smb_signing_md5: sequence number 13 [2010/07/07 16:28:51.325685, 10] libsmb/smb_signing.c:267(smb_signing_check_pdu) smb_signing_check_pdu: seq 13: got good SMB signature of [2010/07/07 16:28:51.325702, 10] ../lib/util/util.c:278(_dump_data) [0000] DA 55 EE 5C 48 7D 12 C5 .U.\H}.. [2010/07/07 16:28:51.325750, 5] rpc_client/cli_pipe.c:2637(rpc_pipe_bind_send) Bind RPC Pipe: host bismit.gla-rlp.de auth_type 0, auth_level 1 [2010/07/07 16:28:51.325770, 5] rpc_parse/parse_prs.c:89(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0b 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0048 000a auth_len : 0000 000c call_id : 00000003 [2010/07/07 16:28:51.325858, 5] rpc_parse/parse_prs.c:89(prs_debug) 000010 smb_io_rpc_hdr_rb [2010/07/07 16:28:51.325876, 6] rpc_parse/parse_prs.c:89(prs_debug) 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 10b8 0012 max_rsize: 10b8 0014 assoc_gid: 00000000 0018 num_contexts: 01 001c context_id : 0000 001e num_transfer_syntaxes: 01 [2010/07/07 16:28:51.325931, 6] rpc_parse/parse_prs.c:89(prs_debug) 00001f smb_io_rpc_iface [2010/07/07 16:28:51.325948, 7] rpc_parse/parse_prs.c:89(prs_debug) 000020 smb_io_uuid uuid 0020 data : 12345778 0024 data : 1234 0026 data : abcd 0028 data : ef 00 002a data : 01 23 45 67 89 ab 0030 version: 00000000 [2010/07/07 16:28:51.326006, 6] rpc_parse/parse_prs.c:89(prs_debug) 000034 smb_io_rpc_iface [2010/07/07 16:28:51.326024, 7] rpc_parse/parse_prs.c:89(prs_debug) 000034 smb_io_uuid uuid 0034 data : 8a885d04 0038 data : 1ceb 003a data : 11c9 003c data : 9f e8 003e data : 08 00 2b 10 48 60 0044 version: 00000002 [2010/07/07 16:28:51.326082, 5] rpc_client/cli_pipe.c:1372(rpc_api_pipe_send) rpc_api_pipe: host bismit.gla-rlp.de [2010/07/07 16:28:51.326102, 10] libsmb/clitrans.c:925(cli_trans_format) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=72, this_data=72, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2010/07/07 16:28:51.326125, 10] libsmb/smb_signing.c:115(smb_signing_md5) smb_signing_md5: sequence number 14 [2010/07/07 16:28:51.326144, 10] libsmb/smb_signing.c:209(smb_signing_sign_pdu) smb_signing_sign_pdu: sent SMB signature of [2010/07/07 16:28:51.326160, 10] ../lib/util/util.c:278(_dump_data) [0000] 2D EF 82 55 E5 12 61 F3 -..U..a. [2010/07/07 16:28:51.326313, 10] libsmb/smb_signing.c:115(smb_signing_md5) smb_signing_md5: sequence number 15 [2010/07/07 16:28:51.326334, 10] libsmb/smb_signing.c:267(smb_signing_check_pdu) smb_signing_check_pdu: seq 15: got good SMB signature of [2010/07/07 16:28:51.326352, 10] ../lib/util/util.c:278(_dump_data) [0000] 2B 6B E9 82 E0 32 9F 48 +k...2.H [2010/07/07 16:28:51.326404, 5] rpc_parse/parse_prs.c:89(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000003 [2010/07/07 16:28:51.326491, 10] rpc_client/cli_pipe.c:1471(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 68 at offset 0: NT_STATUS_OK [2010/07/07 16:28:51.326509, 10] rpc_client/cli_pipe.c:1522(rpc_api_pipe_got_pdu) rpc_api_pipe: host bismit.gla-rlp.de returned 68 bytes. [2010/07/07 16:28:51.326528, 5] rpc_parse/parse_prs.c:89(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 0c 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0044 000a auth_len : 0000 000c call_id : 00000003 [2010/07/07 16:28:51.326611, 5] rpc_parse/parse_prs.c:89(prs_debug) 000010 smb_io_rpc_hdr_ba [2010/07/07 16:28:51.326644, 6] rpc_parse/parse_prs.c:89(prs_debug) 000010 smb_io_rpc_hdr_bba 0010 max_tsize: 10b8 0012 max_rsize: 10b8 0014 assoc_gid: 0000e4f3 [2010/07/07 16:28:51.326682, 6] rpc_parse/parse_prs.c:89(prs_debug) 000018 smb_io_rpc_addr_str 0018 len: 000c 001a str: \PIPE\lsass. [2010/07/07 16:28:51.326714, 6] rpc_parse/parse_prs.c:89(prs_debug) 000026 smb_io_rpc_results 0028 num_results: 01 002c result : 0000 002e reason : 0000 [2010/07/07 16:28:51.326750, 6] rpc_parse/parse_prs.c:89(prs_debug) 000030 smb_io_rpc_iface [2010/07/07 16:28:51.326767, 7] rpc_parse/parse_prs.c:89(prs_debug) 000030 smb_io_uuid uuid 0030 data : 8a885d04 0034 data : 1ceb 0036 data : 11c9 0038 data : 9f e8 003a data : 08 00 2b 10 48 60 0040 version: 00000002 [2010/07/07 16:28:51.326824, 5] rpc_client/cli_pipe.c:2484(check_bind_response) check_bind_response: accepted! [2010/07/07 16:28:51.326844, 10] rpc_client/cli_pipe.c:3801(cli_rpc_pipe_open_noauth_transport) cli_rpc_pipe_open_noauth: opened pipe \lsarpc to machine bismit.gla-rlp.de and bound anonymously. [2010/07/07 16:28:51.326868, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_OpenPolicy2: struct lsa_OpenPolicy2 in: struct lsa_OpenPolicy2 system_name : * system_name : '\\BISMIT.GLA-RLP.DE' attr : * attr: struct lsa_ObjectAttribute len : 0x00000018 (24) root_dir : NULL object_name : NULL attributes : 0x00000000 (0) sec_desc : NULL sec_qos : * sec_qos: struct lsa_QosInfo len : 0x0000000c (12) impersonation_level : 0x0002 (2) context_mode : 0x01 (1) effective_only : 0x00 (0) access_mask : 0x02000000 (33554432) 0: LSA_POLICY_VIEW_LOCAL_INFORMATION 0: LSA_POLICY_VIEW_AUDIT_INFORMATION 0: LSA_POLICY_GET_PRIVATE_INFORMATION 0: LSA_POLICY_TRUST_ADMIN 0: LSA_POLICY_CREATE_ACCOUNT 0: LSA_POLICY_CREATE_SECRET 0: LSA_POLICY_CREATE_PRIVILEGE 0: LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS 0: LSA_POLICY_SET_AUDIT_REQUIREMENTS 0: LSA_POLICY_AUDIT_LOG_ADMIN 0: LSA_POLICY_SERVER_ADMIN 0: LSA_POLICY_LOOKUP_NAMES 0: LSA_POLICY_NOTIFICATION [2010/07/07 16:28:51.327127, 5] rpc_parse/parse_prs.c:89(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0074 000a auth_len : 0000 000c call_id : 00000004 [2010/07/07 16:28:51.327211, 5] rpc_parse/parse_prs.c:89(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 0000005c 0014 context_id: 0000 0016 opnum : 002c [2010/07/07 16:28:51.327248, 5] rpc_client/cli_pipe.c:1372(rpc_api_pipe_send) rpc_api_pipe: host bismit.gla-rlp.de [2010/07/07 16:28:51.327269, 10] libsmb/clitrans.c:925(cli_trans_format) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=116, this_data=116, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2010/07/07 16:28:51.327293, 10] libsmb/smb_signing.c:115(smb_signing_md5) smb_signing_md5: sequence number 16 [2010/07/07 16:28:51.327327, 10] libsmb/smb_signing.c:209(smb_signing_sign_pdu) smb_signing_sign_pdu: sent SMB signature of [2010/07/07 16:28:51.327345, 10] ../lib/util/util.c:278(_dump_data) [0000] 21 F2 99 34 6D C1 1D F1 !..4m... [2010/07/07 16:28:51.327661, 10] libsmb/smb_signing.c:115(smb_signing_md5) smb_signing_md5: sequence number 17 [2010/07/07 16:28:51.327682, 10] libsmb/smb_signing.c:267(smb_signing_check_pdu) smb_signing_check_pdu: seq 17: got good SMB signature of [2010/07/07 16:28:51.327700, 10] ../lib/util/util.c:278(_dump_data) [0000] 1C FF 64 9B 83 4C 72 91 ..d..Lr. [2010/07/07 16:28:51.327729, 5] rpc_parse/parse_prs.c:89(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 0030 000a auth_len : 0000 000c call_id : 00000004 [2010/07/07 16:28:51.327817, 5] rpc_parse/parse_prs.c:89(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000018 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2010/07/07 16:28:51.327860, 10] rpc_client/cli_pipe.c:1002(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 48, data_len 24, ss_len 0 [2010/07/07 16:28:51.327877, 10] rpc_client/cli_pipe.c:1471(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK [2010/07/07 16:28:51.327895, 10] rpc_client/cli_pipe.c:1522(rpc_api_pipe_got_pdu) rpc_api_pipe: host bismit.gla-rlp.de returned 48 bytes. [2010/07/07 16:28:51.327918, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_OpenPolicy2: struct lsa_OpenPolicy2 out: struct lsa_OpenPolicy2 handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 1cecc2d5-1ebe-4db8-afa3-36c6077ede6e result : NT_STATUS_OK [2010/07/07 16:28:51.327987, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_QueryInfoPolicy2: struct lsa_QueryInfoPolicy2 in: struct lsa_QueryInfoPolicy2 handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 1cecc2d5-1ebe-4db8-afa3-36c6077ede6e level : LSA_POLICY_INFO_DNS (12) [2010/07/07 16:28:51.328066, 5] rpc_parse/parse_prs.c:89(prs_debug) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 002e 000a auth_len : 0000 000c call_id : 00000005 [2010/07/07 16:28:51.328150, 5] rpc_parse/parse_prs.c:89(prs_debug) 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000016 0014 context_id: 0000 0016 opnum : 002e [2010/07/07 16:28:51.328187, 5] rpc_client/cli_pipe.c:1372(rpc_api_pipe_send) rpc_api_pipe: host bismit.gla-rlp.de [2010/07/07 16:28:51.328208, 10] libsmb/clitrans.c:925(cli_trans_format) num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=46, this_data=46, max_data=4280, param_offset=82, param_disp=0, data_disp=0 [2010/07/07 16:28:51.328231, 10] libsmb/smb_signing.c:115(smb_signing_md5) smb_signing_md5: sequence number 18 [2010/07/07 16:28:51.328249, 10] libsmb/smb_signing.c:209(smb_signing_sign_pdu) smb_signing_sign_pdu: sent SMB signature of [2010/07/07 16:28:51.328266, 10] ../lib/util/util.c:278(_dump_data) [0000] 1E 72 2A 35 1B E3 B2 17 .r*5.... [2010/07/07 16:28:51.328460, 10] libsmb/smb_signing.c:115(smb_signing_md5) smb_signing_md5: sequence number 19 [2010/07/07 16:28:51.328494, 10] libsmb/smb_signing.c:267(smb_signing_check_pdu) smb_signing_check_pdu: seq 19: got good SMB signature of [2010/07/07 16:28:51.328509, 10] ../lib/util/util.c:278(_dump_data) [0000] E3 B4 13 3E D6 D0 23 13 ...>..#. [2010/07/07 16:28:51.328536, 5] rpc_parse/parse_prs.c:89(prs_debug) 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 00c8 000a auth_len : 0000 000c call_id : 00000005 [2010/07/07 16:28:51.328605, 5] rpc_parse/parse_prs.c:89(prs_debug) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 000000b0 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 [2010/07/07 16:28:51.328639, 10] rpc_client/cli_pipe.c:1002(cli_pipe_validate_current_pdu) cli_pipe_validate_current_pdu: got pdu len 200, data_len 176, ss_len 0 [2010/07/07 16:28:51.328655, 10] rpc_client/cli_pipe.c:1471(rpc_api_pipe_got_pdu) rpc_api_pipe: got frag len of 200 at offset 0: NT_STATUS_OK [2010/07/07 16:28:51.328670, 10] rpc_client/cli_pipe.c:1522(rpc_api_pipe_got_pdu) rpc_api_pipe: host bismit.gla-rlp.de returned 352 bytes. [2010/07/07 16:28:51.328703, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug) lsa_QueryInfoPolicy2: struct lsa_QueryInfoPolicy2 out: struct lsa_QueryInfoPolicy2 info : * info : * info : union lsa_PolicyInformation(case 12) dns: struct lsa_DnsDomainInfo name: struct lsa_StringLarge length : 0x000e (14) size : 0x0010 (16) string : * string : 'GLA-RLP' dns_domain: struct lsa_StringLarge length : 0x0014 (20) size : 0x0016 (22) string : * string : 'gla-rlp.de' dns_forest: struct lsa_StringLarge length : 0x0014 (20) size : 0x0016 (22) string : * string : 'gla-rlp.de' domain_guid : f0c023a0-e4cd-4aa1-823c-97535c4e9ae1 sid : * sid : S-1-5-21-1960408961-1935655697-725345543 result : NT_STATUS_OK [2010/07/07 16:28:51.328885, 5] winbindd/winbindd_cm.c:1974(set_dc_type_and_flags_connect) set_dc_type_and_flags_connect: domain GLA-RLP is in native mode. [2010/07/07 16:28:51.328901, 5] winbindd/winbindd_cm.c:1977(set_dc_type_and_flags_connect) set_dc_type_and_flags_connect: domain GLA-RLP is running active directory. [2010/07/07 16:28:51.328921, 10] libsmb/smb_signing.c:115(smb_signing_md5) smb_signing_md5: sequence number 20 [2010/07/07 16:28:51.328937, 10] libsmb/smb_signing.c:209(smb_signing_sign_pdu) smb_signing_sign_pdu: sent SMB signature of [2010/07/07 16:28:51.328951, 10] ../lib/util/util.c:278(_dump_data) [0000] 8D 15 7B 1D 4A 0B 4F 90 ..{.J.O. [2010/07/07 16:28:51.329109, 10] libsmb/smb_signing.c:115(smb_signing_md5) smb_signing_md5: sequence number 21 [2010/07/07 16:28:51.329127, 10] libsmb/smb_signing.c:267(smb_signing_check_pdu) smb_signing_check_pdu: seq 21: got good SMB signature of [2010/07/07 16:28:51.329158, 10] ../lib/util/util.c:278(_dump_data) [0000] FE 08 30 6D 05 BE C8 A6 ..0m.... [2010/07/07 16:28:51.329186, 10] rpc_client/rpc_transport_np.c:81(rpc_transport_np_state_destructor) rpc_pipe_destructor: closed \lsarpc