process_request: request fn AUTH_CRAP [ 3932]: pam auth crap domain: [wretched.nin.asglab.juniper.net] user: MA$ is_myname("wretched.nin.asglab.juniper.net") returns 0 child daemon request 14 child_process_request: request fn AUTH_CRAP [ 3782]: pam auth crap domain: wretched.nin.asglab.juniper.net user: MA$ is_myname("wretched.nin.asglab.juniper.net") returns 0 netr_LogonSamLogonEx: struct netr_LogonSamLogonEx in: struct netr_LogonSamLogonEx server_name : * server_name : '\\root.nin.asglab.juniper.net' computer_name : * computer_name : '0271MM50F5B0IZ' logon_level : NetlogonNetworkInformation (2) logon : * logon : union netr_LogonLevel(case 2) network : * network: struct netr_NetworkInfo identity_info: struct netr_IdentityInfo domain_name: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : 'wretched.nin.asglab.juniper.net' parameter_control : 0x00000820 (2080) 0: MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 0: MSV1_0_UPDATE_LOGON_STATISTICS 0: MSV1_0_RETURN_USER_PARAMETERS 0: MSV1_0_DONT_TRY_GUEST_ACCOUNT 1: MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 0: MSV1_0_RETURN_PASSWORD_EXPIRY 0: MSV1_0_USE_CLIENT_CHALLENGE 0: MSV1_0_TRY_GUEST_ACCOUNT_ONLY 0: MSV1_0_RETURN_PROFILE_PATH 0: MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY 1: MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0: MSV1_0_DISABLE_PERSONAL_FALLBACK 0: MSV1_0_ALLOW_FORCE_GUEST 0: MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED 0: MSV1_0_USE_DOMAIN_FOR_ROUTING_ONLY 0: MSV1_0_ALLOW_MSVCHAPV2 0: MSV1_0_S4U2SELF 0: MSV1_0_CHECK_LOGONHOURS_FOR_S4U 0: MSV1_0_SUBAUTHENTICATION_DLL_EX logon_id_low : 0x0000dead (57005) logon_id_high : 0x0000beef (48879) account_name: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : 'MA$' workstation: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : * string : '\\0271MM50F5B0IZ' challenge : 79af3700f3ec52c7 nt: struct netr_ChallengeResponse length : 0x0018 (24) size : 0x0000 (0) data : * data : 50517bb4c23ac46e90dfa01899d22de5f96ba86ba8f563a9 lm: struct netr_ChallengeResponse length : 0x0000 (0) size : 0x0000 (0) data : * data : validation_level : 0x0003 (3) flags : * flags : 0x00000000 (0) 000000 smb_io_rpc_hdr hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 00 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 01c8 000a auth_len : 0020 000c call_id : 0000000d 000010 smb_io_rpc_hdr_req hdr_req 0010 alloc_hint: 00000184 0014 context_id: 0000 0016 opnum : 0027 0001a0 smb_io_rpc_hdr_auth hdr_auth 01a0 auth_type : 44 01a1 auth_level : 06 01a2 auth_pad_len : 04 01a3 auth_reserved: 00 01a4 auth_context_id: 00000001 add_schannel_auth_footer: SCHANNEL seq_num=6 &r: struct NL_AUTH_SIGNATURE SignatureAlgorithm : NL_SIGN_HMAC_MD5 (0x77) SealAlgorithm : NL_SEAL_RC4 (0x7A) Pad : 0xffff (65535) Flags : 0x0000 (0) SequenceNumber : 1a97b32b26f0d089 Checksum : b05fd856ef0e227b Confounder : d608b4f8efd8c8f8 rpc_api_pipe: host root.nin.asglab.juniper.net num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0, data_total=456, this_data=456, max_data=4280, param_offset=82, param_disp=0, data_disp=0 smb_signing_md5: sequence number 24 smb_signing_sign_pdu: sent SMB signature of [0000] D8 3E 3F 19 D4 2C BE CF .>?..,.. smb_signing_md5: sequence number 25 smb_signing_check_pdu: seq 25: got good SMB signature of [0000] 4D 06 FC A1 E3 EF D0 32 M......2 000000 smb_io_rpc_hdr rpc_hdr 0000 major : 05 0001 minor : 00 0002 pkt_type : 02 0003 flags : 03 0004 pack_type0: 10 0005 pack_type1: 00 0006 pack_type2: 00 0007 pack_type3: 00 0008 frag_len : 01a8 000a auth_len : 0038 000c call_id : 0000000d 000010 smb_io_rpc_hdr_resp rpc_hdr_resp 0010 alloc_hint: 00000150 0014 context_id: 0000 0016 cancel_ct : 00 0017 reserved : 00 000168 smb_io_rpc_hdr_auth hdr_auth 0168 auth_type : 44 0169 auth_level : 06 016a auth_pad_len : 00 016b auth_reserved: 00 016c auth_context_id: 00000001 &r: struct NL_AUTH_SIGNATURE SignatureAlgorithm : NL_SIGN_HMAC_MD5 (0x77) SealAlgorithm : NL_SEAL_RC4 (0x7A) Pad : 0xffff (65535) Flags : 0x0000 (0) SequenceNumber : 0e6a93c915bfc94d Checksum : 7cca6bc912f35902 Confounder : d8a4bf1117cbaed1 cli_pipe_validate_current_pdu: got pdu len 424, data_len 336, ss_len 0 rpc_api_pipe: got frag len of 424 at offset 0: NT_STATUS_OK rpc_api_pipe: host root.nin.asglab.juniper.net returned 672 bytes. netr_LogonSamLogonEx: struct netr_LogonSamLogonEx out: struct netr_LogonSamLogonEx validation : * validation : union netr_Validation(case 3) sam3 : * sam3: struct netr_SamInfo3 base: struct netr_SamBaseInfo last_logon : Thu Nov 10 18:22:37 2011 UTC last_logoff : Tue Jan 19 03:14:07 2038 UTC acct_expiry : Tue Jan 19 03:14:07 2038 UTC last_password_change : Fri Oct 28 22:21:06 2011 UTC allow_password_change : Sat Oct 29 22:21:06 2011 UTC force_password_change : Tue Jan 19 03:14:07 2038 UTC account_name: struct lsa_String length : 0x0006 (6) size : 0x0008 (8) string : * string : 'MA$' full_name: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : NULL logon_script: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : NULL profile_path: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : NULL home_directory: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : NULL home_drive: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : NULL logon_count : 0x0022 (34) bad_password_count : 0x0000 (0) rid : 0x00000450 (1104) primary_gid : 0x00000203 (515) groups: struct samr_RidWithAttributeArray count : 0x00000001 (1) rids : * rids: ARRAY(1) rids: struct samr_RidWithAttribute rid : 0x00000203 (515) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) user_flags : 0x00000120 (288) 0: NETLOGON_GUEST 0: NETLOGON_NOENCRYPTION 0: NETLOGON_CACHED_ACCOUNT 0: NETLOGON_USED_LM_PASSWORD 1: NETLOGON_EXTRA_SIDS 0: NETLOGON_SUBAUTH_SESSION_KEY 0: NETLOGON_SERVER_TRUST_ACCOUNT 1: NETLOGON_NTLMV2_ENABLED 0: NETLOGON_RESOURCE_GROUPS 0: NETLOGON_PROFILE_PATH_RETURNED 0: NETLOGON_GRACE_LOGON key: struct netr_UserSessionKey key : cd7cc953864a906a7251ed966915d21f logon_server: struct lsa_StringLarge length : 0x000a (10) size : 0x000c (12) string : * string : 'CHILD' domain: struct lsa_StringLarge length : 0x0010 (16) size : 0x0012 (18) string : * string : 'WRETCHED' domain_sid : * domain_sid : S-1-5-21-298864289-1109787924-2511658638 LMSessKey: struct netr_LMSessionKey key : 02b442bde1413cf3 acct_flags : 0x00000080 (128) 0: ACB_DISABLED 0: ACB_HOMDIRREQ 0: ACB_PWNOTREQ 0: ACB_TEMPDUP 0: ACB_NORMAL 0: ACB_MNS 0: ACB_DOMTRUST 1: ACB_WSTRUST 0: ACB_SVRTRUST 0: ACB_PWNOEXP 0: ACB_AUTOLOCK 0: ACB_ENC_TXT_PWD_ALLOWED 0: ACB_SMARTCARD_REQUIRED 0: ACB_TRUSTED_FOR_DELEGATION 0: ACB_NOT_DELEGATED 0: ACB_USE_DES_KEY_ONLY 0: ACB_DONT_REQUIRE_PREAUTH 0: ACB_PW_EXPIRED 0: ACB_NO_AUTH_DATA_REQD unknown: ARRAY(7) unknown : 0x00000000 (0) unknown : 0x00000000 (0) unknown : 0x00000000 (0) unknown : 0x00000000 (0) unknown : 0x00000000 (0) unknown : 0x00000000 (0) unknown : 0x00000000 (0) sidcount : 0x00000000 (0) sids : NULL authoritative : * authoritative : 0x01 (1) flags : * flags : 0x00000000 (0) result : NT_STATUS_OK wcache_invalidate_samlogon: clearing U/S-1-5-21-298864289-1109787924-2511658638-1104 wcache_invalidate_samlogon: clearing UG/S-1-5-21-298864289-1109787924-2511658638-1104 netsamlogon_clear_cached_user: SID [S-1-5-21-298864289-1109787924-2511658638-1104] netsamlogon_cache_store: SID [S-1-5-21-298864289-1109787924-2511658638-1104] &r: struct netsamlogoncache_entry timestamp : Thu Nov 10 20:34:54 2011 UTC info3: struct netr_SamInfo3 base: struct netr_SamBaseInfo last_logon : Thu Nov 10 18:22:37 2011 UTC last_logoff : Tue Jan 19 03:14:07 2038 UTC acct_expiry : Tue Jan 19 03:14:07 2038 UTC last_password_change : Fri Oct 28 22:21:06 2011 UTC allow_password_change : Sat Oct 29 22:21:06 2011 UTC force_password_change : Tue Jan 19 03:14:07 2038 UTC account_name: struct lsa_String length : 0x0006 (6) size : 0x0008 (8) string : * string : 'MA$' full_name: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : NULL logon_script: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : NULL profile_path: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : NULL home_directory: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : NULL home_drive: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : NULL logon_count : 0x0022 (34) bad_password_count : 0x0000 (0) rid : 0x00000450 (1104) primary_gid : 0x00000203 (515) groups: struct samr_RidWithAttributeArray count : 0x00000001 (1) rids : * rids: ARRAY(1) rids: struct samr_RidWithAttribute rid : 0x00000203 (515) attributes : 0x00000007 (7) 1: SE_GROUP_MANDATORY 1: SE_GROUP_ENABLED_BY_DEFAULT 1: SE_GROUP_ENABLED 0: SE_GROUP_OWNER 0: SE_GROUP_USE_FOR_DENY_ONLY 0: SE_GROUP_RESOURCE 0x00: SE_GROUP_LOGON_ID (0) user_flags : 0x00000120 (288) 0: NETLOGON_GUEST 0: NETLOGON_NOENCRYPTION 0: NETLOGON_CACHED_ACCOUNT 0: NETLOGON_USED_LM_PASSWORD 1: NETLOGON_EXTRA_SIDS 0: NETLOGON_SUBAUTH_SESSION_KEY 0: NETLOGON_SERVER_TRUST_ACCOUNT 1: NETLOGON_NTLMV2_ENABLED 0: NETLOGON_RESOURCE_GROUPS 0: NETLOGON_PROFILE_PATH_RETURNED 0: NETLOGON_GRACE_LOGON key: struct netr_UserSessionKey key : a0b133d62901d36caf329bf5ce3572bf logon_server: struct lsa_StringLarge length : 0x000a (10) size : 0x000c (12) string : * string : 'CHILD' domain: struct lsa_StringLarge length : 0x0010 (16) size : 0x0012 (18) string : * string : 'WRETCHED' domain_sid : * domain_sid : S-1-5-21-298864289-1109787924-2511658638 LMSessKey: struct netr_LMSessionKey key : 6f79b8384e0a7ff5 acct_flags : 0x00000080 (128) 0: ACB_DISABLED 0: ACB_HOMDIRREQ 0: ACB_PWNOTREQ 0: ACB_TEMPDUP 0: ACB_NORMAL 0: ACB_MNS 0: ACB_DOMTRUST 1: ACB_WSTRUST 0: ACB_SVRTRUST 0: ACB_PWNOEXP 0: ACB_AUTOLOCK 0: ACB_ENC_TXT_PWD_ALLOWED 0: ACB_SMARTCARD_REQUIRED 0: ACB_TRUSTED_FOR_DELEGATION 0: ACB_NOT_DELEGATED 0: ACB_USE_DES_KEY_ONLY 0: ACB_DONT_REQUIRE_PREAUTH 0: ACB_PW_EXPIRED 0: ACB_NO_AUTH_DATA_REQD unknown: ARRAY(7) unknown : 0x00000000 (0) unknown : 0x00000000 (0) unknown : 0x00000000 (0) unknown : 0x00000000 (0) unknown : 0x00000000 (0) unknown : 0x00000000 (0) unknown : 0x00000000 (0) sidcount : 0x00000000 (0) sids : NULL NTLM CRAP authentication for user [wretched.nin.asglab.juniper.net]\[MA$] returned NT_STATUS_OK (PAM: 0) Finished processing child request 14 Writing 3519 bytes to parent winbind_client_response_written[3932:AUTH_CRAP]: deliverd response to client closing socket 23, client exited