The Samba-Bugzilla – Attachment 8179 Details for
Bug 9378
publish of printer is not possible "Object class violation"
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
loglevel9log_from_publish_bug_samba369
log.publish_bug (text/plain), 1.97 MB, created by
Franz Pförtsch
on 2012-11-11 20:24:00 UTC
(
hide
)
Description:
loglevel9log_from_publish_bug_samba369
Filename:
MIME Type:
Creator:
Franz Pförtsch
Created:
2012-11-11 20:24:00 UTC
Size:
1.97 MB
patch
obsolete
>[2012/11/09 16:29:11.061438, 6] param/loadparm.c:7490(lp_file_list_changed) > lp_file_list_changed() > file /etc/samba/smb.shares.conf -> /etc/samba/smb.shares.conf last mod_time: Thu Oct 25 21:33:17 2012 > > file /etc/samba/dhcp.conf -> /etc/samba/dhcp.conf last mod_time: Wed Nov 7 11:01:17 2012 > > file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Fri Nov 9 16:26:49 2012 > >[2012/11/09 16:29:11.061622, 3] lib/access.c:338(allow_access) > Allowed connection from yyyc27002.xxxxx.xxx (10.129.108.68) >[2012/11/09 16:29:11.061663, 3] smbd/oplock.c:922(init_oplocks) > init_oplocks: initializing messages. >[2012/11/09 16:29:11.061751, 3] smbd/oplock_linux.c:239(linux_init_kernel_oplocks) > Linux kernel oplocks enabled >[2012/11/09 16:29:11.061794, 5] lib/messages.c:332(messaging_deregister) > Deregistering messaging pointer for type 1 - private_data=(nil) >[2012/11/09 16:29:11.061887, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x85 >[2012/11/09 16:29:11.061963, 3] smbd/process.c:1662(process_smb) > Transaction 0 of length 137 (0 toread) >[2012/11/09 16:29:11.061997, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.062017, 5] lib/util.c:342(show_msg) > size=133 > smb_com=0x72 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51267 > smb_tid=0 > smb_pid=65279 > smb_uid=0 > smb_mid=0 > smt_wct=0 > smb_bcc=98 >[2012/11/09 16:29:11.062183, 3] smbd/process.c:1467(switch_message) > switch message SMBnegprot (pid 12629) conn 0x0 >[2012/11/09 16:29:11.062219, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.062257, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.062299, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.062362, 5] smbd/uid.c:400(change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) >[2012/11/09 16:29:11.062646, 3] smbd/negprot.c:598(reply_negprot) > Requested protocol [PC NETWORK PROGRAM 1.0] >[2012/11/09 16:29:11.062694, 3] smbd/negprot.c:598(reply_negprot) > Requested protocol [LANMAN1.0] >[2012/11/09 16:29:11.062730, 3] smbd/negprot.c:598(reply_negprot) > Requested protocol [Windows for Workgroups 3.1a] >[2012/11/09 16:29:11.062767, 3] smbd/negprot.c:598(reply_negprot) > Requested protocol [LM1.2X002] >[2012/11/09 16:29:11.062804, 3] smbd/negprot.c:598(reply_negprot) > Requested protocol [LANMAN2.1] >[2012/11/09 16:29:11.062841, 3] smbd/negprot.c:598(reply_negprot) > Requested protocol [NT LM 0.12] >[2012/11/09 16:29:11.062890, 6] param/loadparm.c:7490(lp_file_list_changed) > lp_file_list_changed() > file /etc/samba/smb.shares.conf -> /etc/samba/smb.shares.conf last mod_time: Thu Oct 25 21:33:17 2012 > > file /etc/samba/dhcp.conf -> /etc/samba/dhcp.conf last mod_time: Wed Nov 7 11:01:17 2012 > > file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Fri Nov 9 16:26:49 2012 > >[2012/11/09 16:29:11.063047, 6] param/loadparm.c:7490(lp_file_list_changed) > lp_file_list_changed() > file /etc/samba/smb.shares.conf -> /etc/samba/smb.shares.conf last mod_time: Thu Oct 25 21:33:17 2012 > > file /etc/samba/dhcp.conf -> /etc/samba/dhcp.conf last mod_time: Wed Nov 7 11:01:17 2012 > > file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Fri Nov 9 16:26:49 2012 > >[2012/11/09 16:29:11.063203, 3] smbd/negprot.c:419(reply_nt1) > using SPNEGO >[2012/11/09 16:29:11.063234, 3] smbd/negprot.c:704(reply_negprot) > Selected protocol NT LM 0.12 >[2012/11/09 16:29:11.063262, 5] smbd/negprot.c:711(reply_negprot) > negprot index=5 >[2012/11/09 16:29:11.063291, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.063308, 5] lib/util.c:342(show_msg) > size=181 > smb_com=0x72 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51267 > smb_tid=0 > smb_pid=65279 > smb_uid=0 > smb_mid=0 > smt_wct=17 > smb_vwv[ 0]= 5 (0x5) > smb_vwv[ 1]=12807 (0x3207) > smb_vwv[ 2]= 256 (0x100) > smb_vwv[ 3]= 1024 (0x400) > smb_vwv[ 4]= 65 (0x41) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 256 (0x100) > smb_vwv[ 7]=21760 (0x5500) > smb_vwv[ 8]= 49 (0x31) > smb_vwv[ 9]=64512 (0xFC00) > smb_vwv[10]=33011 (0x80F3) > smb_vwv[11]=17280 (0x4380) > smb_vwv[12]=32865 (0x8061) > smb_vwv[13]=36599 (0x8EF7) > smb_vwv[14]=52670 (0xCDBE) > smb_vwv[15]=50177 (0xC401) > smb_vwv[16]= 255 (0xFF) > smb_bcc=112 >[2012/11/09 16:29:11.069807, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x2310 >[2012/11/09 16:29:11.069882, 3] smbd/process.c:1662(process_smb) > Transaction 1 of length 8980 (0 toread) >[2012/11/09 16:29:11.069903, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.069915, 5] lib/util.c:342(show_msg) > size=8976 > smb_com=0x73 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=65535 > smb_pid=65279 > smb_uid=0 > smb_mid=48064 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]=16644 (0x4104) > smb_vwv[ 3]= 50 (0x32) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 8913 (0x22D1) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 212 (0xD4) > smb_vwv[11]=40960 (0xA000) > smb_bcc=8917 >[2012/11/09 16:29:11.070104, 3] smbd/process.c:1467(switch_message) > switch message SMBsesssetupX (pid 12629) conn 0x0 >[2012/11/09 16:29:11.070125, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.070144, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.070163, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.070196, 5] smbd/uid.c:400(change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) >[2012/11/09 16:29:11.070220, 3] smbd/sesssetup.c:1333(reply_sesssetup_and_X) > wct=12 flg2=0xc817 >[2012/11/09 16:29:11.070242, 2] smbd/sesssetup.c:1279(setup_new_vc_session) > setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. >[2012/11/09 16:29:11.070263, 3] smbd/sesssetup.c:1065(reply_sesssetup_and_X_spnego) > Doing spnego session setup >[2012/11/09 16:29:11.070309, 3] smbd/sesssetup.c:1107(reply_sesssetup_and_X_spnego) > NativeOS=[] NativeLanMan=[] PrimaryDomain=[] >[2012/11/09 16:29:11.070392, 5] smbd/sesssetup.c:607(parse_spnego_mechanisms) > parse_spnego_mechanisms: Got OID 1.2.840.48018.1.2.2 >[2012/11/09 16:29:11.070421, 5] smbd/sesssetup.c:607(parse_spnego_mechanisms) > parse_spnego_mechanisms: Got OID 1.2.840.113554.1.2.2 >[2012/11/09 16:29:11.070441, 5] smbd/sesssetup.c:607(parse_spnego_mechanisms) > parse_spnego_mechanisms: Got OID 1.3.6.1.4.1.311.2.2.30 >[2012/11/09 16:29:11.070459, 5] smbd/sesssetup.c:607(parse_spnego_mechanisms) > parse_spnego_mechanisms: Got OID 1.3.6.1.4.1.311.2.2.10 >[2012/11/09 16:29:11.070478, 3] smbd/sesssetup.c:660(reply_spnego_negotiate) > reply_spnego_negotiate: Got secblob of size 8835 >[2012/11/09 16:29:11.074572, 3] libads/authdata.c:332(decode_pac_data) > Found account name from PAC: PFOERFR [Pförtsch, Franz] >[2012/11/09 16:29:11.074698, 3] auth/user_krb5.c:50(get_user_from_kerberos_info) > Kerberos ticket principal name is [PFOERFR@XXXXX.XXX] >[2012/11/09 16:29:11.074748, 5] lib/username.c:171(Get_Pwnam_alloc) > Finding user BROSE+PFOERFR >[2012/11/09 16:29:11.074779, 5] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is brose+pfoerfr >[2012/11/09 16:29:11.082136, 5] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [BROSE+PFOERFR]! >[2012/11/09 16:29:11.083743, 6] param/loadparm.c:7490(lp_file_list_changed) > lp_file_list_changed() > file /etc/samba/smb.shares.conf -> /etc/samba/smb.shares.conf last mod_time: Thu Oct 25 21:33:17 2012 > > file /etc/samba/dhcp.conf -> /etc/samba/dhcp.conf last mod_time: Wed Nov 7 11:01:17 2012 > > file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Fri Nov 9 16:26:49 2012 > >[2012/11/09 16:29:11.083859, 5] lib/username.c:171(Get_Pwnam_alloc) > Finding user BROSE+pfoerfr >[2012/11/09 16:29:11.083915, 5] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is brose+pfoerfr >[2012/11/09 16:29:11.083943, 5] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [BROSE+pfoerfr]! >[2012/11/09 16:29:11.084919, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.084955, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.084978, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.085013, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.085045, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.086742, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.086796, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-19743] >[2012/11/09 16:29:11.086845, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-513] >[2012/11/09 16:29:11.086890, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-334230] >[2012/11/09 16:29:11.086935, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-23353] >[2012/11/09 16:29:11.086963, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-304793] >[2012/11/09 16:29:11.086987, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-269408] >[2012/11/09 16:29:11.087011, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-50420] >[2012/11/09 16:29:11.087035, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-113634] >[2012/11/09 16:29:11.087059, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-113662] >[2012/11/09 16:29:11.087083, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-260755] >[2012/11/09 16:29:11.087107, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-288770] >[2012/11/09 16:29:11.087131, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-67892] >[2012/11/09 16:29:11.087155, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-20800] >[2012/11/09 16:29:11.087179, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-269744] >[2012/11/09 16:29:11.087203, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-63803] >[2012/11/09 16:29:11.087227, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-360934] >[2012/11/09 16:29:11.087251, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-421750] >[2012/11/09 16:29:11.087274, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-294313] >[2012/11/09 16:29:11.087298, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-109619] >[2012/11/09 16:29:11.087343, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-13623] >[2012/11/09 16:29:11.087394, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-113660] >[2012/11/09 16:29:11.087442, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-13846] >[2012/11/09 16:29:11.087488, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-351693] >[2012/11/09 16:29:11.087517, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-56178] >[2012/11/09 16:29:11.087542, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-268914] >[2012/11/09 16:29:11.087566, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-276389] >[2012/11/09 16:29:11.087590, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-294265] >[2012/11/09 16:29:11.087614, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-289050] >[2012/11/09 16:29:11.087639, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-284074] >[2012/11/09 16:29:11.087664, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-353623] >[2012/11/09 16:29:11.087688, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-60632] >[2012/11/09 16:29:11.087712, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-299617] >[2012/11/09 16:29:11.087737, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-269875] >[2012/11/09 16:29:11.087761, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-260777] >[2012/11/09 16:29:11.087785, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-72011] >[2012/11/09 16:29:11.087809, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-56174] >[2012/11/09 16:29:11.087833, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-294145] >[2012/11/09 16:29:11.087858, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-46643] >[2012/11/09 16:29:11.087887, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-110684] >[2012/11/09 16:29:11.087935, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-69476] >[2012/11/09 16:29:11.087985, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-354438] >[2012/11/09 16:29:11.088031, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-288215] >[2012/11/09 16:29:11.088066, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-418124] >[2012/11/09 16:29:11.088092, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-32947] >[2012/11/09 16:29:11.088128, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-373447] >[2012/11/09 16:29:11.088154, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-21119] >[2012/11/09 16:29:11.088178, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-254283] >[2012/11/09 16:29:11.088203, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-21918] >[2012/11/09 16:29:11.088227, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-268915] >[2012/11/09 16:29:11.088251, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-267093] >[2012/11/09 16:29:11.088276, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-340888] >[2012/11/09 16:29:11.088300, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-294363] >[2012/11/09 16:29:11.088324, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-414620] >[2012/11/09 16:29:11.088349, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-260959] >[2012/11/09 16:29:11.088374, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-56176] >[2012/11/09 16:29:11.088398, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-373472] >[2012/11/09 16:29:11.088423, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-294492] >[2012/11/09 16:29:11.088447, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-373554] >[2012/11/09 16:29:11.088548, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-104382] >[2012/11/09 16:29:11.088597, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-294361] >[2012/11/09 16:29:11.088643, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-245149] >[2012/11/09 16:29:11.088680, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-32807] >[2012/11/09 16:29:11.088705, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-63805] >[2012/11/09 16:29:11.088730, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-290135] >[2012/11/09 16:29:11.088754, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-248439] >[2012/11/09 16:29:11.088778, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-58745] >[2012/11/09 16:29:11.088803, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-288316] >[2012/11/09 16:29:11.088827, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-373441] >[2012/11/09 16:29:11.088861, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-268916] >[2012/11/09 16:29:11.088888, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-17597] >[2012/11/09 16:29:11.088912, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-113654] >[2012/11/09 16:29:11.088937, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-304050] >[2012/11/09 16:29:11.088961, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-112626] >[2012/11/09 16:29:11.088985, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-360946] >[2012/11/09 16:29:11.089009, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-1116] >[2012/11/09 16:29:11.089034, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-294490] >[2012/11/09 16:29:11.089058, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-373442] >[2012/11/09 16:29:11.089082, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-402137] >[2012/11/09 16:29:11.089122, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-373470] >[2012/11/09 16:29:11.089170, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-284963] >[2012/11/09 16:29:11.089215, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-21963] >[2012/11/09 16:29:11.089260, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-373556] >[2012/11/09 16:29:11.089288, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-351504] >[2012/11/09 16:29:11.089313, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-360382] >[2012/11/09 16:29:11.089338, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-266966] >[2012/11/09 16:29:11.089362, 5] lib/privileges.c:175(get_privileges_for_sids) > get_privileges_for_sids: sid = S-1-5-21-160562036-3150058255-2134394716-63797 > Privilege set: 0x20 >[2012/11/09 16:29:11.089394, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-31306] >[2012/11/09 16:29:11.089419, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-420969] >[2012/11/09 16:29:11.089443, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-58439] >[2012/11/09 16:29:11.089468, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-351240] >[2012/11/09 16:29:11.089492, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-290160] >[2012/11/09 16:29:11.089516, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-335340] >[2012/11/09 16:29:11.089540, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-32819] >[2012/11/09 16:29:11.089581, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-63801] >[2012/11/09 16:29:11.089607, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-53171] >[2012/11/09 16:29:11.089632, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-294243] >[2012/11/09 16:29:11.089656, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-350032] >[2012/11/09 16:29:11.089680, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-63737] >[2012/11/09 16:29:11.089711, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-13863] >[2012/11/09 16:29:11.089758, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-351719] >[2012/11/09 16:29:11.089806, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-56165] >[2012/11/09 16:29:11.089851, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-113646] >[2012/11/09 16:29:11.089888, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-430811] >[2012/11/09 16:29:11.089914, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-284081] >[2012/11/09 16:29:11.089938, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-256696] >[2012/11/09 16:29:11.089963, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-416414] >[2012/11/09 16:29:11.089987, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-49609] >[2012/11/09 16:29:11.090012, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-377791] >[2012/11/09 16:29:11.090036, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-32821] >[2012/11/09 16:29:11.090060, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-359223] >[2012/11/09 16:29:11.090084, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-284091] >[2012/11/09 16:29:11.090109, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-433713] >[2012/11/09 16:29:11.090133, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-33100] >[2012/11/09 16:29:11.090157, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-416203] >[2012/11/09 16:29:11.090181, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-317007] >[2012/11/09 16:29:11.090205, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-69542] >[2012/11/09 16:29:11.090229, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-268918] >[2012/11/09 16:29:11.090267, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-69428] >[2012/11/09 16:29:11.090294, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-316764] >[2012/11/09 16:29:11.090324, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-55705] >[2012/11/09 16:29:11.090372, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-291229] >[2012/11/09 16:29:11.090423, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-250116] >[2012/11/09 16:29:11.090469, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-294315] >[2012/11/09 16:29:11.090503, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-402469] >[2012/11/09 16:29:11.090528, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-256697] >[2012/11/09 16:29:11.090552, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-418438] >[2012/11/09 16:29:11.090577, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-435652] >[2012/11/09 16:29:11.090608, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-45010] >[2012/11/09 16:29:11.090634, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-322368] >[2012/11/09 16:29:11.090659, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-267090] >[2012/11/09 16:29:11.090683, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-32825] >[2012/11/09 16:29:11.090708, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-35099] >[2012/11/09 16:29:11.090732, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-56157] >[2012/11/09 16:29:11.090756, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-113648] >[2012/11/09 16:29:11.090781, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-55709] >[2012/11/09 16:29:11.090805, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-108789] >[2012/11/09 16:29:11.090830, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-56159] >[2012/11/09 16:29:11.090854, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-268919] >[2012/11/09 16:29:11.090879, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-245147] >[2012/11/09 16:29:11.090903, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-430693] >[2012/11/09 16:29:11.090942, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-289617] >[2012/11/09 16:29:11.090990, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-373445] >[2012/11/09 16:29:11.091052, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-14282] >[2012/11/09 16:29:11.091095, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-433712] >[2012/11/09 16:29:11.091122, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-59232] >[2012/11/09 16:29:11.091146, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-33429] >[2012/11/09 16:29:11.091171, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-437634] >[2012/11/09 16:29:11.091195, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-23354] >[2012/11/09 16:29:11.091220, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-113636] >[2012/11/09 16:29:11.091244, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-63799] >[2012/11/09 16:29:11.091268, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-261009] >[2012/11/09 16:29:11.091293, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-290498] >[2012/11/09 16:29:11.091317, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-375928] >[2012/11/09 16:29:11.091342, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-276407] >[2012/11/09 16:29:11.091366, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-357401] >[2012/11/09 16:29:11.091390, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-357385] >[2012/11/09 16:29:11.091415, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-269404] >[2012/11/09 16:29:11.091439, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-67790] >[2012/11/09 16:29:11.091463, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-392120] >[2012/11/09 16:29:11.091488, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-276395] >[2012/11/09 16:29:11.091512, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-113343] >[2012/11/09 16:29:11.091551, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-56172] >[2012/11/09 16:29:11.091599, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-402467] >[2012/11/09 16:29:11.091646, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-293007] >[2012/11/09 16:29:11.091693, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-427942] >[2012/11/09 16:29:11.091723, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-373529] >[2012/11/09 16:29:11.091758, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-263163] >[2012/11/09 16:29:11.091785, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-64111] >[2012/11/09 16:29:11.091810, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-266852] >[2012/11/09 16:29:11.091835, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-357892] >[2012/11/09 16:29:11.091860, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-104429] >[2012/11/09 16:29:11.091885, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-32813] >[2012/11/09 16:29:11.091909, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-360722] >[2012/11/09 16:29:11.091934, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-284092] >[2012/11/09 16:29:11.091959, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-289619] >[2012/11/09 16:29:11.091983, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-369316] >[2012/11/09 16:29:11.092008, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-49542] >[2012/11/09 16:29:11.092032, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-329659] >[2012/11/09 16:29:11.092057, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-32809] >[2012/11/09 16:29:11.092081, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-108767] >[2012/11/09 16:29:11.092106, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-305399] >[2012/11/09 16:29:11.092133, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-263161] >[2012/11/09 16:29:11.092179, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-314050] >[2012/11/09 16:29:11.092229, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-31001] >[2012/11/09 16:29:11.092275, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-279682] >[2012/11/09 16:29:11.092313, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-294147] >[2012/11/09 16:29:11.092339, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-56163] >[2012/11/09 16:29:11.092364, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-285751] >[2012/11/09 16:29:11.092389, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-21723] >[2012/11/09 16:29:11.092413, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-8332] >[2012/11/09 16:29:11.092437, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-32827] >[2012/11/09 16:29:11.092495, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-256460] >[2012/11/09 16:29:11.092522, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-256183] >[2012/11/09 16:29:11.092547, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-300424] >[2012/11/09 16:29:11.092571, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-55677] >[2012/11/09 16:29:11.092596, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-253145] >[2012/11/09 16:29:11.092620, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-63804] >[2012/11/09 16:29:11.092644, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-358866] >[2012/11/09 16:29:11.092668, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-32823] >[2012/11/09 16:29:11.092692, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-276620] >[2012/11/09 16:29:11.092717, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-361940] >[2012/11/09 16:29:11.092744, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-49274] >[2012/11/09 16:29:11.092791, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-402177] >[2012/11/09 16:29:11.092840, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-252230] >[2012/11/09 16:29:11.092885, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-321100] >[2012/11/09 16:29:11.092923, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-20801] >[2012/11/09 16:29:11.092949, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-276621] >[2012/11/09 16:29:11.092973, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-252010] >[2012/11/09 16:29:11.092998, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-292766] >[2012/11/09 16:29:11.093022, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-37331] >[2012/11/09 16:29:11.093046, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-260776] >[2012/11/09 16:29:11.093070, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-386708] >[2012/11/09 16:29:11.093094, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-374616] >[2012/11/09 16:29:11.093118, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-21084] >[2012/11/09 16:29:11.093142, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-294267] >[2012/11/09 16:29:11.093176, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-63802] >[2012/11/09 16:29:11.093203, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-31186] >[2012/11/09 16:29:11.093228, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-105575] >[2012/11/09 16:29:11.093252, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-361874] >[2012/11/09 16:29:11.093276, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-360362] >[2012/11/09 16:29:11.093300, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-357734] >[2012/11/09 16:29:11.093324, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-294241] >[2012/11/09 16:29:11.093354, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-251778] >[2012/11/09 16:29:11.093403, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-49510] >[2012/11/09 16:29:11.093450, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-35015] >[2012/11/09 16:29:11.093495, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-20749] >[2012/11/09 16:29:11.093542, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-294291] >[2012/11/09 16:29:11.093581, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-254469] >[2012/11/09 16:29:11.093607, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-247296] >[2012/11/09 16:29:11.093632, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-63798] >[2012/11/09 16:29:11.093656, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-59035] >[2012/11/09 16:29:11.093681, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-430331] >[2012/11/09 16:29:11.093705, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-21301] >[2012/11/09 16:29:11.093730, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-55627] >[2012/11/09 16:29:11.093755, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-32815] >[2012/11/09 16:29:11.093779, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-277164] >[2012/11/09 16:29:11.093803, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-21552] >[2012/11/09 16:29:11.093828, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-56622] >[2012/11/09 16:29:11.093853, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-37315] >[2012/11/09 16:29:11.093877, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-334225] >[2012/11/09 16:29:11.093911, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-338141] >[2012/11/09 16:29:11.093938, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-246169] >[2012/11/09 16:29:11.093973, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-297835] >[2012/11/09 16:29:11.094020, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-353615] >[2012/11/09 16:29:11.094068, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-322371] >[2012/11/09 16:29:11.094114, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-63235] >[2012/11/09 16:29:11.094155, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-266849] >[2012/11/09 16:29:11.094182, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-293998] >[2012/11/09 16:29:11.094207, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-433714] >[2012/11/09 16:29:11.094231, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-107694] >[2012/11/09 16:29:11.094256, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-288317] >[2012/11/09 16:29:11.094281, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-44135] >[2012/11/09 16:29:11.094305, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-290560] >[2012/11/09 16:29:11.094329, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-322681] >[2012/11/09 16:29:11.094353, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-283109] >[2012/11/09 16:29:11.094378, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-357879] >[2012/11/09 16:29:11.094402, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-289046] >[2012/11/09 16:29:11.094426, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-32803] >[2012/11/09 16:29:11.094450, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-343968] >[2012/11/09 16:29:11.094483, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-50792] >[2012/11/09 16:29:11.094509, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-50518] >[2012/11/09 16:29:11.094534, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-37238] >[2012/11/09 16:29:11.094560, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-360465] >[2012/11/09 16:29:11.094617, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-366652] >[2012/11/09 16:29:11.094666, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-294094] >[2012/11/09 16:29:11.094728, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-288540] >[2012/11/09 16:29:11.094756, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-297984] >[2012/11/09 16:29:11.094780, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-276427] >[2012/11/09 16:29:11.094805, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-333792] >[2012/11/09 16:29:11.094829, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-427342] >[2012/11/09 16:29:11.094853, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-333794] >[2012/11/09 16:29:11.094878, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-290460] >[2012/11/09 16:29:11.094902, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-294091] >[2012/11/09 16:29:11.094926, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-333793] >[2012/11/09 16:29:11.094950, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-338207] >[2012/11/09 16:29:11.094974, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-409571] >[2012/11/09 16:29:11.094999, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-294054] >[2012/11/09 16:29:11.095023, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-30854] >[2012/11/09 16:29:11.095047, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-288547] >[2012/11/09 16:29:11.095071, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-365347] >[2012/11/09 16:29:11.095096, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-6776287-465249537-1446904402-4108] >[2012/11/09 16:29:11.095120, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-58230] >[2012/11/09 16:29:11.095144, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-357400] >[2012/11/09 16:29:11.095173, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-343966] >[2012/11/09 16:29:11.095222, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-104268] >[2012/11/09 16:29:11.095270, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-334228] >[2012/11/09 16:29:11.095316, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-357384] >[2012/11/09 16:29:11.095350, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-64500] >[2012/11/09 16:29:11.095375, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-291227] >[2012/11/09 16:29:11.095410, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-62708] >[2012/11/09 16:29:11.095437, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-266847] >[2012/11/09 16:29:11.095462, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-313857] >[2012/11/09 16:29:11.095486, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-350031] >[2012/11/09 16:29:11.095511, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-373448] >[2012/11/09 16:29:11.095535, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-420970] >[2012/11/09 16:29:11.095560, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-351238] >[2012/11/09 16:29:11.095584, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-11861] >[2012/11/09 16:29:11.095622, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-353613] >[2012/11/09 16:29:11.095649, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-322679] >[2012/11/09 16:29:11.095674, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-253148] >[2012/11/09 16:29:11.095723, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-277162] >[2012/11/09 16:29:11.095770, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-304048] >[2012/11/09 16:29:11.095816, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-288768] >[2012/11/09 16:29:11.095860, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-62920] >[2012/11/09 16:29:11.095887, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-62814] >[2012/11/09 16:29:11.095912, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-338139] >[2012/11/09 16:29:11.095939, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-266850] >[2012/11/09 16:29:11.095964, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-74038] >[2012/11/09 16:29:11.095988, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-62715] >[2012/11/09 16:29:11.096013, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-357877] >[2012/11/09 16:29:11.096037, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-252117] >[2012/11/09 16:29:11.096062, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-322372] >[2012/11/09 16:29:11.096087, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-65121] >[2012/11/09 16:29:11.096111, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-62711] >[2012/11/09 16:29:11.096147, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-267091] >[2012/11/09 16:29:11.096173, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-24652] >[2012/11/09 16:29:11.096198, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-360933] >[2012/11/09 16:29:11.096234, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-354437] >[2012/11/09 16:29:11.096282, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-249119] >[2012/11/09 16:29:11.096328, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-248731] >[2012/11/09 16:29:11.096374, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-64215] >[2012/11/09 16:29:11.096406, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-373475] >[2012/11/09 16:29:11.096431, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-250664] >[2012/11/09 16:29:11.096474, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-267088] >[2012/11/09 16:29:11.096505, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-50311] >[2012/11/09 16:29:11.096531, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-62644] >[2012/11/09 16:29:11.096555, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-69148] >[2012/11/09 16:29:11.096579, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-360380] >[2012/11/09 16:29:11.096604, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-52124] >[2012/11/09 16:29:11.096629, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-351502] >[2012/11/09 16:29:11.096653, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-317005] >[2012/11/09 16:29:11.096677, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-62713] >[2012/11/09 16:29:11.096702, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-313855] >[2012/11/09 16:29:11.096727, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-53143] >[2012/11/09 16:29:11.096751, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-349705] >[2012/11/09 16:29:11.096777, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-357732] >[2012/11/09 16:29:11.096817, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-402142] >[2012/11/09 16:29:11.096865, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-50421] >[2012/11/09 16:29:11.096925, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-357890] >[2012/11/09 16:29:11.096967, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-416413] >[2012/11/09 16:29:11.096998, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-255117] >[2012/11/09 16:29:11.097049, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-73891] >[2012/11/09 16:29:11.097097, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-377792] >[2012/11/09 16:29:11.097148, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-63081] >[2012/11/09 16:29:11.097195, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-386707] >[2012/11/09 16:29:11.097250, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-64112] >[2012/11/09 16:29:11.097296, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-256555] >[2012/11/09 16:29:11.097343, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-361939] >[2012/11/09 16:29:11.097370, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-62709] >[2012/11/09 16:29:11.097395, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-248759] >[2012/11/09 16:29:11.097433, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-359221] >[2012/11/09 16:29:11.097483, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-310730] >[2012/11/09 16:29:11.097531, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-109617] >[2012/11/09 16:29:11.097577, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-60474] >[2012/11/09 16:29:11.097607, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-402472] >[2012/11/09 16:29:11.097632, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-55679] >[2012/11/09 16:29:11.097672, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-69153] >[2012/11/09 16:29:11.097701, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-22265] >[2012/11/09 16:29:11.097726, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-423112] >[2012/11/09 16:29:11.097752, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-289044] >[2012/11/09 16:29:11.097798, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-67791] >[2012/11/09 16:29:11.097841, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-69156] >[2012/11/09 16:29:11.097886, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-62712] >[2012/11/09 16:29:11.097954, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-360721] >[2012/11/09 16:29:11.098002, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-435651] >[2012/11/09 16:29:11.098052, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-69149] >[2012/11/09 16:29:11.098099, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-73730] >[2012/11/09 16:29:11.098146, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-243660] >[2012/11/09 16:29:11.098192, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-104280] >[2012/11/09 16:29:11.098237, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-430692] >[2012/11/09 16:29:11.098281, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-256558] >[2012/11/09 16:29:11.098326, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-54515] >[2012/11/09 16:29:11.098373, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-334223] >[2012/11/09 16:29:11.098420, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-304790] >[2012/11/09 16:29:11.098465, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-373528] >[2012/11/09 16:29:11.098510, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-375927] >[2012/11/09 16:29:11.098555, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-74039] >[2012/11/09 16:29:11.098614, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-62781] >[2012/11/09 16:29:11.098664, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-69157] >[2012/11/09 16:29:11.098711, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-309445] >[2012/11/09 16:29:11.098756, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-62733] >[2012/11/09 16:29:11.098803, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-418123] >[2012/11/09 16:29:11.098850, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-64415] >[2012/11/09 16:29:11.098895, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-414619] >[2012/11/09 16:29:11.098941, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-373446] >[2012/11/09 16:29:11.098986, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-289048] >[2012/11/09 16:29:11.099033, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-69158] >[2012/11/09 16:29:11.099078, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-373559] >[2012/11/09 16:29:11.099138, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-110686] >[2012/11/09 16:29:11.099186, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-260757] >[2012/11/09 16:29:11.099233, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-249663] >[2012/11/09 16:29:11.099278, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-249619] >[2012/11/09 16:29:11.099326, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-321098] >[2012/11/09 16:29:11.099371, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-64497] >[2012/11/09 16:29:11.099417, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-112627] >[2012/11/09 16:29:11.099463, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-62710] >[2012/11/09 16:29:11.099507, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-360361] >[2012/11/09 16:29:11.099552, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-353621] >[2012/11/09 16:29:11.099598, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-365152] >[2012/11/09 16:29:11.099645, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-69544] >[2012/11/09 16:29:11.099691, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-249644] >[2012/11/09 16:29:11.099733, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-160562036-3150058255-2134394716-55625] >[2012/11/09 16:29:11.099760, 5] lib/privileges.c:175(get_privileges_for_sids) > get_privileges_for_sids: sid = S-1-1-0 > Privilege set: 0x0 >[2012/11/09 16:29:11.099790, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-2] >[2012/11/09 16:29:11.099813, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-11] >[2012/11/09 16:29:11.099837, 4] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-32-545] >[2012/11/09 16:29:11.146640, 3] smbd/password.c:298(register_existing_vuid) > register_existing_vuid: User name: BROSE+pfoerfr Real name: Pförtsch, Franz >[2012/11/09 16:29:11.146723, 3] smbd/password.c:308(register_existing_vuid) > register_existing_vuid: UNIX uid 10000 is UNIX user BROSE+pfoerfr, and will be vuid 101 >[2012/11/09 16:29:11.147039, 7] param/loadparm.c:9834(lp_servicenumber) > lp_servicenumber: couldn't find BROSE+pfoerfr >[2012/11/09 16:29:11.147069, 5] lib/username.c:171(Get_Pwnam_alloc) > Finding user BROSE+pfoerfr >[2012/11/09 16:29:11.147089, 5] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is brose+pfoerfr >[2012/11/09 16:29:11.147110, 5] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [BROSE+pfoerfr]! >[2012/11/09 16:29:11.147128, 3] smbd/password.c:238(register_homes_share) > Adding homes service for user 'BROSE+pfoerfr' using home directory: '/home/BROSE/pfoerfr' >[2012/11/09 16:29:11.147151, 7] param/loadparm.c:9834(lp_servicenumber) > lp_servicenumber: couldn't find homes >[2012/11/09 16:29:11.147182, 3] smbd/signing.c:267(srv_set_signing) > srv_set_signing: turning on SMB signing: signing negotiated = 1, mandatory_signing = 0. >[2012/11/09 16:29:11.147224, 6] param/loadparm.c:7490(lp_file_list_changed) > lp_file_list_changed() > file /etc/samba/smb.shares.conf -> /etc/samba/smb.shares.conf last mod_time: Thu Oct 25 21:33:17 2012 > > file /etc/samba/dhcp.conf -> /etc/samba/dhcp.conf last mod_time: Wed Nov 7 11:01:17 2012 > > file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Fri Nov 9 16:26:49 2012 > >[2012/11/09 16:29:11.147344, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.147360, 5] lib/util.c:342(show_msg) > size=302 > smb_com=0x73 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=65535 > smb_pid=65279 > smb_uid=101 > smb_mid=48064 > smt_wct=4 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 152 (0x98) > smb_bcc=259 >[2012/11/09 16:29:11.148801, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x52 >[2012/11/09 16:29:11.148833, 3] smbd/process.c:1662(process_smb) > Transaction 2 of length 86 (0 toread) >[2012/11/09 16:29:11.148853, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.148864, 5] lib/util.c:342(show_msg) > size=82 > smb_com=0x75 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=0 > smb_pid=65279 > smb_uid=101 > smb_mid=48128 > smt_wct=4 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]= 82 (0x52) > smb_vwv[ 2]= 12 (0xC) > smb_vwv[ 3]= 1 (0x1) > smb_bcc=39 >[2012/11/09 16:29:11.148986, 3] smbd/process.c:1467(switch_message) > switch message SMBtconX (pid 12629) conn 0x0 >[2012/11/09 16:29:11.149008, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.149027, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.149045, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.149076, 5] smbd/uid.c:400(change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) >[2012/11/09 16:29:11.149103, 4] smbd/reply.c:794(reply_tcon_and_X) > Client requested device type [?????] for share [IPC$] >[2012/11/09 16:29:11.149130, 5] smbd/service.c:1354(make_connection) > making a connection to 'normal' service ipc$ >[2012/11/09 16:29:11.149154, 3] lib/access.c:338(allow_access) > Allowed connection from yyyc27002.xxxxx.xxx (10.129.108.68) >[2012/11/09 16:29:11.149213, 5] lib/username.c:171(Get_Pwnam_alloc) > Finding user BROSE+pfoerfr >[2012/11/09 16:29:11.149240, 5] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is brose+pfoerfr >[2012/11/09 16:29:11.149260, 5] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [BROSE+pfoerfr]! >[2012/11/09 16:29:11.149283, 3] smbd/service.c:872(make_connection_snum) > Connect path is '/var/tmp' for service [IPC$] >[2012/11/09 16:29:11.149330, 3] smbd/vfs.c:102(vfs_init_default) > Initialising default vfs hooks >[2012/11/09 16:29:11.149356, 5] smbd/vfs.c:92(smb_register_vfs) > Successfully added vfs backend '/[Default VFS]/' >[2012/11/09 16:29:11.149377, 5] smbd/vfs.c:92(smb_register_vfs) > Successfully added vfs backend 'posixacl' >[2012/11/09 16:29:11.149395, 3] smbd/vfs.c:128(vfs_init_custom) > Initialising custom vfs hooks from [/[Default VFS]/] > Successfully loaded vfs module [/[Default VFS]/] with the new modules system >[2012/11/09 16:29:11.149424, 5] smbd/connection.c:134(claim_connection) > claiming [IPC$] >[2012/11/09 16:29:11.149705, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.149739, 5] ../libcli/security/security_token.c:63(security_token_debug) > Security token SIDs (811): > SID[ 0]: S-1-5-21-160562036-3150058255-2134394716-19743 > SID[ 1]: S-1-5-21-160562036-3150058255-2134394716-513 > SID[ 2]: S-1-5-21-160562036-3150058255-2134394716-334230 > SID[ 3]: S-1-5-21-160562036-3150058255-2134394716-23353 > SID[ 4]: S-1-5-21-160562036-3150058255-2134394716-304793 > SID[ 5]: S-1-5-21-160562036-3150058255-2134394716-269408 > SID[ 6]: S-1-5-21-160562036-3150058255-2134394716-50420 > SID[ 7]: S-1-5-21-160562036-3150058255-2134394716-113634 > SID[ 8]: S-1-5-21-160562036-3150058255-2134394716-113662 > SID[ 9]: S-1-5-21-160562036-3150058255-2134394716-260755 > SID[ 10]: S-1-5-21-160562036-3150058255-2134394716-288770 > SID[ 11]: S-1-5-21-160562036-3150058255-2134394716-67892 > SID[ 12]: S-1-5-21-160562036-3150058255-2134394716-20800 > SID[ 13]: S-1-5-21-160562036-3150058255-2134394716-269744 > SID[ 14]: S-1-5-21-160562036-3150058255-2134394716-63803 > SID[ 15]: S-1-5-21-160562036-3150058255-2134394716-360934 > SID[ 16]: S-1-5-21-160562036-3150058255-2134394716-421750 > SID[ 17]: S-1-5-21-160562036-3150058255-2134394716-294313 > SID[ 18]: S-1-5-21-160562036-3150058255-2134394716-109619 > SID[ 19]: S-1-5-21-160562036-3150058255-2134394716-13623 > SID[ 20]: S-1-5-21-160562036-3150058255-2134394716-113660 > SID[ 21]: S-1-5-21-160562036-3150058255-2134394716-13846 > SID[ 22]: S-1-5-21-160562036-3150058255-2134394716-351693 > SID[ 23]: S-1-5-21-160562036-3150058255-2134394716-56178 > SID[ 24]: S-1-5-21-160562036-3150058255-2134394716-268914 > SID[ 25]: S-1-5-21-160562036-3150058255-2134394716-276389 > SID[ 26]: S-1-5-21-160562036-3150058255-2134394716-294265 > SID[ 27]: S-1-5-21-160562036-3150058255-2134394716-289050 > SID[ 28]: S-1-5-21-160562036-3150058255-2134394716-284074 > SID[ 29]: S-1-5-21-160562036-3150058255-2134394716-353623 > SID[ 30]: S-1-5-21-160562036-3150058255-2134394716-60632 > SID[ 31]: S-1-5-21-160562036-3150058255-2134394716-299617 > SID[ 32]: S-1-5-21-160562036-3150058255-2134394716-269875 > SID[ 33]: S-1-5-21-160562036-3150058255-2134394716-260777 > SID[ 34]: S-1-5-21-160562036-3150058255-2134394716-72011 > SID[ 35]: S-1-5-21-160562036-3150058255-2134394716-56174 > SID[ 36]: S-1-5-21-160562036-3150058255-2134394716-294145 > SID[ 37]: S-1-5-21-160562036-3150058255-2134394716-46643 > SID[ 38]: S-1-5-21-160562036-3150058255-2134394716-110684 > SID[ 39]: S-1-5-21-160562036-3150058255-2134394716-69476 > SID[ 40]: S-1-5-21-160562036-3150058255-2134394716-354438 > SID[ 41]: S-1-5-21-160562036-3150058255-2134394716-288215 > SID[ 42]: S-1-5-21-160562036-3150058255-2134394716-418124 > SID[ 43]: S-1-5-21-160562036-3150058255-2134394716-32947 > SID[ 44]: S-1-5-21-160562036-3150058255-2134394716-373447 > SID[ 45]: S-1-5-21-160562036-3150058255-2134394716-21119 > SID[ 46]: S-1-5-21-160562036-3150058255-2134394716-254283 > SID[ 47]: S-1-5-21-160562036-3150058255-2134394716-21918 > SID[ 48]: S-1-5-21-160562036-3150058255-2134394716-268915 > SID[ 49]: S-1-5-21-160562036-3150058255-2134394716-267093 > SID[ 50]: S-1-5-21-160562036-3150058255-2134394716-340888 > SID[ 51]: S-1-5-21-160562036-3150058255-2134394716-294363 > SID[ 52]: S-1-5-21-160562036-3150058255-2134394716-414620 > SID[ 53]: S-1-5-21-160562036-3150058255-2134394716-260959 > SID[ 54]: S-1-5-21-160562036-3150058255-2134394716-56176 > SID[ 55]: S-1-5-21-160562036-3150058255-2134394716-373472 > SID[ 56]: S-1-5-21-160562036-3150058255-2134394716-294492 > SID[ 57]: S-1-5-21-160562036-3150058255-2134394716-373554 > SID[ 58]: S-1-5-21-160562036-3150058255-2134394716-104382 > SID[ 59]: S-1-5-21-160562036-3150058255-2134394716-294361 > SID[ 60]: S-1-5-21-160562036-3150058255-2134394716-245149 > SID[ 61]: S-1-5-21-160562036-3150058255-2134394716-32807 > SID[ 62]: S-1-5-21-160562036-3150058255-2134394716-63805 > SID[ 63]: S-1-5-21-160562036-3150058255-2134394716-290135 > SID[ 64]: S-1-5-21-160562036-3150058255-2134394716-248439 > SID[ 65]: S-1-5-21-160562036-3150058255-2134394716-58745 > SID[ 66]: S-1-5-21-160562036-3150058255-2134394716-288316 > SID[ 67]: S-1-5-21-160562036-3150058255-2134394716-373441 > SID[ 68]: S-1-5-21-160562036-3150058255-2134394716-268916 > SID[ 69]: S-1-5-21-160562036-3150058255-2134394716-17597 > SID[ 70]: S-1-5-21-160562036-3150058255-2134394716-113654 > SID[ 71]: S-1-5-21-160562036-3150058255-2134394716-304050 > SID[ 72]: S-1-5-21-160562036-3150058255-2134394716-112626 > SID[ 73]: S-1-5-21-160562036-3150058255-2134394716-360946 > SID[ 74]: S-1-5-21-160562036-3150058255-2134394716-1116 > SID[ 75]: S-1-5-21-160562036-3150058255-2134394716-294490 > SID[ 76]: S-1-5-21-160562036-3150058255-2134394716-373442 > SID[ 77]: S-1-5-21-160562036-3150058255-2134394716-402137 > SID[ 78]: S-1-5-21-160562036-3150058255-2134394716-373470 > SID[ 79]: S-1-5-21-160562036-3150058255-2134394716-284963 > SID[ 80]: S-1-5-21-160562036-3150058255-2134394716-21963 > SID[ 81]: S-1-5-21-160562036-3150058255-2134394716-373556 > SID[ 82]: S-1-5-21-160562036-3150058255-2134394716-351504 > SID[ 83]: S-1-5-21-160562036-3150058255-2134394716-360382 > SID[ 84]: S-1-5-21-160562036-3150058255-2134394716-266966 > SID[ 85]: S-1-5-21-160562036-3150058255-2134394716-63797 > SID[ 86]: S-1-5-21-160562036-3150058255-2134394716-31306 > SID[ 87]: S-1-5-21-160562036-3150058255-2134394716-420969 > SID[ 88]: S-1-5-21-160562036-3150058255-2134394716-58439 > SID[ 89]: S-1-5-21-160562036-3150058255-2134394716-351240 > SID[ 90]: S-1-5-21-160562036-3150058255-2134394716-290160 > SID[ 91]: S-1-5-21-160562036-3150058255-2134394716-335340 > SID[ 92]: S-1-5-21-160562036-3150058255-2134394716-32819 > SID[ 93]: S-1-5-21-160562036-3150058255-2134394716-63801 > SID[ 94]: S-1-5-21-160562036-3150058255-2134394716-53171 > SID[ 95]: S-1-5-21-160562036-3150058255-2134394716-294243 > SID[ 96]: S-1-5-21-160562036-3150058255-2134394716-350032 > SID[ 97]: S-1-5-21-160562036-3150058255-2134394716-63737 > SID[ 98]: S-1-5-21-160562036-3150058255-2134394716-13863 > SID[ 99]: S-1-5-21-160562036-3150058255-2134394716-351719 > SID[100]: S-1-5-21-160562036-3150058255-2134394716-56165 > SID[101]: S-1-5-21-160562036-3150058255-2134394716-113646 > SID[102]: S-1-5-21-160562036-3150058255-2134394716-430811 > SID[103]: S-1-5-21-160562036-3150058255-2134394716-284081 > SID[104]: S-1-5-21-160562036-3150058255-2134394716-256696 > SID[105]: S-1-5-21-160562036-3150058255-2134394716-416414 > SID[106]: S-1-5-21-160562036-3150058255-2134394716-49609 > SID[107]: S-1-5-21-160562036-3150058255-2134394716-377791 > SID[108]: S-1-5-21-160562036-3150058255-2134394716-32821 > SID[109]: S-1-5-21-160562036-3150058255-2134394716-359223 > SID[110]: S-1-5-21-160562036-3150058255-2134394716-284091 > SID[111]: S-1-5-21-160562036-3150058255-2134394716-433713 > SID[112]: S-1-5-21-160562036-3150058255-2134394716-33100 > SID[113]: S-1-5-21-160562036-3150058255-2134394716-416203 > SID[114]: S-1-5-21-160562036-3150058255-2134394716-317007 > SID[115]: S-1-5-21-160562036-3150058255-2134394716-69542 > SID[116]: S-1-5-21-160562036-3150058255-2134394716-268918 > SID[117]: S-1-5-21-160562036-3150058255-2134394716-69428 > SID[118]: S-1-5-21-160562036-3150058255-2134394716-316764 > SID[119]: S-1-5-21-160562036-3150058255-2134394716-55705 > SID[120]: S-1-5-21-160562036-3150058255-2134394716-291229 > SID[121]: S-1-5-21-160562036-3150058255-2134394716-250116 > SID[122]: S-1-5-21-160562036-3150058255-2134394716-294315 > SID[123]: S-1-5-21-160562036-3150058255-2134394716-402469 > SID[124]: S-1-5-21-160562036-3150058255-2134394716-256697 > SID[125]: S-1-5-21-160562036-3150058255-2134394716-418438 > SID[126]: S-1-5-21-160562036-3150058255-2134394716-435652 > SID[127]: S-1-5-21-160562036-3150058255-2134394716-45010 > SID[128]: S-1-5-21-160562036-3150058255-2134394716-322368 > SID[129]: S-1-5-21-160562036-3150058255-2134394716-267090 > SID[130]: S-1-5-21-160562036-3150058255-2134394716-32825 > SID[131]: S-1-5-21-160562036-3150058255-2134394716-35099 > SID[132]: S-1-5-21-160562036-3150058255-2134394716-56157 > SID[133]: S-1-5-21-160562036-3150058255-2134394716-113648 > SID[134]: S-1-5-21-160562036-3150058255-2134394716-55709 > SID[135]: S-1-5-21-160562036-3150058255-2134394716-108789 > SID[136]: S-1-5-21-160562036-3150058255-2134394716-56159 > SID[137]: S-1-5-21-160562036-3150058255-2134394716-268919 > SID[138]: S-1-5-21-160562036-3150058255-2134394716-245147 > SID[139]: S-1-5-21-160562036-3150058255-2134394716-430693 > SID[140]: S-1-5-21-160562036-3150058255-2134394716-289617 > SID[141]: S-1-5-21-160562036-3150058255-2134394716-373445 > SID[142]: S-1-5-21-160562036-3150058255-2134394716-14282 > SID[143]: S-1-5-21-160562036-3150058255-2134394716-433712 > SID[144]: S-1-5-21-160562036-3150058255-2134394716-59232 > SID[145]: S-1-5-21-160562036-3150058255-2134394716-33429 > SID[146]: S-1-5-21-160562036-3150058255-2134394716-437634 > SID[147]: S-1-5-21-160562036-3150058255-2134394716-23354 > SID[148]: S-1-5-21-160562036-3150058255-2134394716-113636 > SID[149]: S-1-5-21-160562036-3150058255-2134394716-63799 > SID[150]: S-1-5-21-160562036-3150058255-2134394716-261009 > SID[151]: S-1-5-21-160562036-3150058255-2134394716-290498 > SID[152]: S-1-5-21-160562036-3150058255-2134394716-375928 > SID[153]: S-1-5-21-160562036-3150058255-2134394716-276407 > SID[154]: S-1-5-21-160562036-3150058255-2134394716-357401 > SID[155]: S-1-5-21-160562036-3150058255-2134394716-357385 > SID[156]: S-1-5-21-160562036-3150058255-2134394716-269404 > SID[157]: S-1-5-21-160562036-3150058255-2134394716-67790 > SID[158]: S-1-5-21-160562036-3150058255-2134394716-392120 > SID[159]: S-1-5-21-160562036-3150058255-2134394716-276395 > SID[160]: S-1-5-21-160562036-3150058255-2134394716-113343 > SID[161]: S-1-5-21-160562036-3150058255-2134394716-56172 > SID[162]: S-1-5-21-160562036-3150058255-2134394716-402467 > SID[163]: S-1-5-21-160562036-3150058255-2134394716-293007 > SID[164]: S-1-5-21-160562036-3150058255-2134394716-427942 > SID[165]: S-1-5-21-160562036-3150058255-2134394716-373529 > SID[166]: S-1-5-21-160562036-3150058255-2134394716-263163 > SID[167]: S-1-5-21-160562036-3150058255-2134394716-64111 > SID[168]: S-1-5-21-160562036-3150058255-2134394716-266852 > SID[169]: S-1-5-21-160562036-3150058255-2134394716-357892 > SID[170]: S-1-5-21-160562036-3150058255-2134394716-104429 > SID[171]: S-1-5-21-160562036-3150058255-2134394716-32813 > SID[172]: S-1-5-21-160562036-3150058255-2134394716-360722 > SID[173]: S-1-5-21-160562036-3150058255-2134394716-284092 > SID[174]: S-1-5-21-160562036-3150058255-2134394716-289619 > SID[175]: S-1-5-21-160562036-3150058255-2134394716-369316 > SID[176]: S-1-5-21-160562036-3150058255-2134394716-49542 > SID[177]: S-1-5-21-160562036-3150058255-2134394716-329659 > SID[178]: S-1-5-21-160562036-3150058255-2134394716-32809 > SID[179]: S-1-5-21-160562036-3150058255-2134394716-108767 > SID[180]: S-1-5-21-160562036-3150058255-2134394716-305399 > SID[181]: S-1-5-21-160562036-3150058255-2134394716-263161 > SID[182]: S-1-5-21-160562036-3150058255-2134394716-314050 > SID[183]: S-1-5-21-160562036-3150058255-2134394716-31001 > SID[184]: S-1-5-21-160562036-3150058255-2134394716-279682 > SID[185]: S-1-5-21-160562036-3150058255-2134394716-294147 > SID[186]: S-1-5-21-160562036-3150058255-2134394716-56163 > SID[187]: S-1-5-21-160562036-3150058255-2134394716-285751 > SID[188]: S-1-5-21-160562036-3150058255-2134394716-21723 > SID[189]: S-1-5-21-160562036-3150058255-2134394716-8332 > SID[190]: S-1-5-21-160562036-3150058255-2134394716-32827 > SID[191]: S-1-5-21-160562036-3150058255-2134394716-256460 > SID[192]: S-1-5-21-160562036-3150058255-2134394716-256183 > SID[193]: S-1-5-21-160562036-3150058255-2134394716-300424 > SID[194]: S-1-5-21-160562036-3150058255-2134394716-55677 > SID[195]: S-1-5-21-160562036-3150058255-2134394716-253145 > SID[196]: S-1-5-21-160562036-3150058255-2134394716-63804 > SID[197]: S-1-5-21-160562036-3150058255-2134394716-358866 > SID[198]: S-1-5-21-160562036-3150058255-2134394716-32823 > SID[199]: S-1-5-21-160562036-3150058255-2134394716-276620 > SID[200]: S-1-5-21-160562036-3150058255-2134394716-361940 > SID[201]: S-1-5-21-160562036-3150058255-2134394716-49274 > SID[202]: S-1-5-21-160562036-3150058255-2134394716-402177 > SID[203]: S-1-5-21-160562036-3150058255-2134394716-252230 > SID[204]: S-1-5-21-160562036-3150058255-2134394716-321100 > SID[205]: S-1-5-21-160562036-3150058255-2134394716-20801 > SID[206]: S-1-5-21-160562036-3150058255-2134394716-276621 > SID[207]: S-1-5-21-160562036-3150058255-2134394716-252010 > SID[208]: S-1-5-21-160562036-3150058255-2134394716-292766 > SID[209]: S-1-5-21-160562036-3150058255-2134394716-37331 > SID[210]: S-1-5-21-160562036-3150058255-2134394716-260776 > SID[211]: S-1-5-21-160562036-3150058255-2134394716-386708 > SID[212]: S-1-5-21-160562036-3150058255-2134394716-374616 > SID[213]: S-1-5-21-160562036-3150058255-2134394716-21084 > SID[214]: S-1-5-21-160562036-3150058255-2134394716-294267 > SID[215]: S-1-5-21-160562036-3150058255-2134394716-63802 > SID[216]: S-1-5-21-160562036-3150058255-2134394716-31186 > SID[217]: S-1-5-21-160562036-3150058255-2134394716-105575 > SID[218]: S-1-5-21-160562036-3150058255-2134394716-361874 > SID[219]: S-1-5-21-160562036-3150058255-2134394716-360362 > SID[220]: S-1-5-21-160562036-3150058255-2134394716-357734 > SID[221]: S-1-5-21-160562036-3150058255-2134394716-294241 > SID[222]: S-1-5-21-160562036-3150058255-2134394716-251778 > SID[223]: S-1-5-21-160562036-3150058255-2134394716-49510 > SID[224]: S-1-5-21-160562036-3150058255-2134394716-35015 > SID[225]: S-1-5-21-160562036-3150058255-2134394716-20749 > SID[226]: S-1-5-21-160562036-3150058255-2134394716-294291 > SID[227]: S-1-5-21-160562036-3150058255-2134394716-254469 > SID[228]: S-1-5-21-160562036-3150058255-2134394716-247296 > SID[229]: S-1-5-21-160562036-3150058255-2134394716-63798 > SID[230]: S-1-5-21-160562036-3150058255-2134394716-59035 > SID[231]: S-1-5-21-160562036-3150058255-2134394716-430331 > SID[232]: S-1-5-21-160562036-3150058255-2134394716-21301 > SID[233]: S-1-5-21-160562036-3150058255-2134394716-55627 > SID[234]: S-1-5-21-160562036-3150058255-2134394716-32815 > SID[235]: S-1-5-21-160562036-3150058255-2134394716-277164 > SID[236]: S-1-5-21-160562036-3150058255-2134394716-21552 > SID[237]: S-1-5-21-160562036-3150058255-2134394716-56622 > SID[238]: S-1-5-21-160562036-3150058255-2134394716-37315 > SID[239]: S-1-5-21-160562036-3150058255-2134394716-334225 > SID[240]: S-1-5-21-160562036-3150058255-2134394716-338141 > SID[241]: S-1-5-21-160562036-3150058255-2134394716-246169 > SID[242]: S-1-5-21-160562036-3150058255-2134394716-297835 > SID[243]: S-1-5-21-160562036-3150058255-2134394716-353615 > SID[244]: S-1-5-21-160562036-3150058255-2134394716-322371 > SID[245]: S-1-5-21-160562036-3150058255-2134394716-63235 > SID[246]: S-1-5-21-160562036-3150058255-2134394716-266849 > SID[247]: S-1-5-21-160562036-3150058255-2134394716-293998 > SID[248]: S-1-5-21-160562036-3150058255-2134394716-433714 > SID[249]: S-1-5-21-160562036-3150058255-2134394716-107694 > SID[250]: S-1-5-21-160562036-3150058255-2134394716-288317 > SID[251]: S-1-5-21-160562036-3150058255-2134394716-44135 > SID[252]: S-1-5-21-160562036-3150058255-2134394716-290560 > SID[253]: S-1-5-21-160562036-3150058255-2134394716-322681 > SID[254]: S-1-5-21-160562036-3150058255-2134394716-283109 > SID[255]: S-1-5-21-160562036-3150058255-2134394716-357879 > SID[256]: S-1-5-21-160562036-3150058255-2134394716-289046 > SID[257]: S-1-5-21-160562036-3150058255-2134394716-32803 > SID[258]: S-1-5-21-160562036-3150058255-2134394716-343968 > SID[259]: S-1-5-21-160562036-3150058255-2134394716-50792 > SID[260]: S-1-5-21-160562036-3150058255-2134394716-50518 > SID[261]: S-1-5-21-160562036-3150058255-2134394716-37238 > SID[262]: S-1-5-21-160562036-3150058255-2134394716-360465 > SID[263]: S-1-5-21-160562036-3150058255-2134394716-366652 > SID[264]: S-1-5-21-160562036-3150058255-2134394716-294094 > SID[265]: S-1-5-21-160562036-3150058255-2134394716-288540 > SID[266]: S-1-5-21-160562036-3150058255-2134394716-297984 > SID[267]: S-1-5-21-160562036-3150058255-2134394716-276427 > SID[268]: S-1-5-21-160562036-3150058255-2134394716-333792 > SID[269]: S-1-5-21-160562036-3150058255-2134394716-427342 > SID[270]: S-1-5-21-160562036-3150058255-2134394716-333794 > SID[271]: S-1-5-21-160562036-3150058255-2134394716-290460 > SID[272]: S-1-5-21-160562036-3150058255-2134394716-294091 > SID[273]: S-1-5-21-160562036-3150058255-2134394716-333793 > SID[274]: S-1-5-21-160562036-3150058255-2134394716-338207 > SID[275]: S-1-5-21-160562036-3150058255-2134394716-409571 > SID[276]: S-1-5-21-160562036-3150058255-2134394716-294054 > SID[277]: S-1-5-21-160562036-3150058255-2134394716-30854 > SID[278]: S-1-5-21-160562036-3150058255-2134394716-288547 > SID[279]: S-1-5-21-160562036-3150058255-2134394716-365347 > SID[280]: S-1-5-21-6776287-465249537-1446904402-4108 > SID[281]: S-1-5-21-160562036-3150058255-2134394716-58230 > SID[282]: S-1-5-21-160562036-3150058255-2134394716-357400 > SID[283]: S-1-5-21-160562036-3150058255-2134394716-343966 > SID[284]: S-1-5-21-160562036-3150058255-2134394716-104268 > SID[285]: S-1-5-21-160562036-3150058255-2134394716-334228 > SID[286]: S-1-5-21-160562036-3150058255-2134394716-357384 > SID[287]: S-1-5-21-160562036-3150058255-2134394716-64500 > SID[288]: S-1-5-21-160562036-3150058255-2134394716-291227 > SID[289]: S-1-5-21-160562036-3150058255-2134394716-62708 > SID[290]: S-1-5-21-160562036-3150058255-2134394716-266847 > SID[291]: S-1-5-21-160562036-3150058255-2134394716-313857 > SID[292]: S-1-5-21-160562036-3150058255-2134394716-350031 > SID[293]: S-1-5-21-160562036-3150058255-2134394716-373448 > SID[294]: S-1-5-21-160562036-3150058255-2134394716-420970 > SID[295]: S-1-5-21-160562036-3150058255-2134394716-351238 > SID[296]: S-1-5-21-160562036-3150058255-2134394716-11861 > SID[297]: S-1-5-21-160562036-3150058255-2134394716-353613 > SID[298]: S-1-5-21-160562036-3150058255-2134394716-322679 > SID[299]: S-1-5-21-160562036-3150058255-2134394716-253148 > SID[300]: S-1-5-21-160562036-3150058255-2134394716-277162 > SID[301]: S-1-5-21-160562036-3150058255-2134394716-304048 > SID[302]: S-1-5-21-160562036-3150058255-2134394716-288768 > SID[303]: S-1-5-21-160562036-3150058255-2134394716-62920 > SID[304]: S-1-5-21-160562036-3150058255-2134394716-62814 > SID[305]: S-1-5-21-160562036-3150058255-2134394716-338139 > SID[306]: S-1-5-21-160562036-3150058255-2134394716-266850 > SID[307]: S-1-5-21-160562036-3150058255-2134394716-74038 > SID[308]: S-1-5-21-160562036-3150058255-2134394716-62715 > SID[309]: S-1-5-21-160562036-3150058255-2134394716-357877 > SID[310]: S-1-5-21-160562036-3150058255-2134394716-252117 > SID[311]: S-1-5-21-160562036-3150058255-2134394716-322372 > SID[312]: S-1-5-21-160562036-3150058255-2134394716-65121 > SID[313]: S-1-5-21-160562036-3150058255-2134394716-62711 > SID[314]: S-1-5-21-160562036-3150058255-2134394716-267091 > SID[315]: S-1-5-21-160562036-3150058255-2134394716-24652 > SID[316]: S-1-5-21-160562036-3150058255-2134394716-360933 > SID[317]: S-1-5-21-160562036-3150058255-2134394716-354437 > SID[318]: S-1-5-21-160562036-3150058255-2134394716-249119 > SID[319]: S-1-5-21-160562036-3150058255-2134394716-248731 > SID[320]: S-1-5-21-160562036-3150058255-2134394716-64215 > SID[321]: S-1-5-21-160562036-3150058255-2134394716-373475 > SID[322]: S-1-5-21-160562036-3150058255-2134394716-250664 > SID[323]: S-1-5-21-160562036-3150058255-2134394716-267088 > SID[324]: S-1-5-21-160562036-3150058255-2134394716-50311 > SID[325]: S-1-5-21-160562036-3150058255-2134394716-62644 > SID[326]: S-1-5-21-160562036-3150058255-2134394716-69148 > SID[327]: S-1-5-21-160562036-3150058255-2134394716-360380 > SID[328]: S-1-5-21-160562036-3150058255-2134394716-52124 > SID[329]: S-1-5-21-160562036-3150058255-2134394716-351502 > SID[330]: S-1-5-21-160562036-3150058255-2134394716-317005 > SID[331]: S-1-5-21-160562036-3150058255-2134394716-62713 > SID[332]: S-1-5-21-160562036-3150058255-2134394716-313855 > SID[333]: S-1-5-21-160562036-3150058255-2134394716-53143 > SID[334]: S-1-5-21-160562036-3150058255-2134394716-349705 > SID[335]: S-1-5-21-160562036-3150058255-2134394716-357732 > SID[336]: S-1-5-21-160562036-3150058255-2134394716-402142 > SID[337]: S-1-5-21-160562036-3150058255-2134394716-50421 > SID[338]: S-1-5-21-160562036-3150058255-2134394716-357890 > SID[339]: S-1-5-21-160562036-3150058255-2134394716-416413 > SID[340]: S-1-5-21-160562036-3150058255-2134394716-255117 > SID[341]: S-1-5-21-160562036-3150058255-2134394716-73891 > SID[342]: S-1-5-21-160562036-3150058255-2134394716-377792 > SID[343]: S-1-5-21-160562036-3150058255-2134394716-63081 > SID[344]: S-1-5-21-160562036-3150058255-2134394716-386707 > SID[345]: S-1-5-21-160562036-3150058255-2134394716-64112 > SID[346]: S-1-5-21-160562036-3150058255-2134394716-256555 > SID[347]: S-1-5-21-160562036-3150058255-2134394716-361939 > SID[348]: S-1-5-21-160562036-3150058255-2134394716-62709 > SID[349]: S-1-5-21-160562036-3150058255-2134394716-248759 > SID[350]: S-1-5-21-160562036-3150058255-2134394716-359221 > SID[351]: S-1-5-21-160562036-3150058255-2134394716-310730 > SID[352]: S-1-5-21-160562036-3150058255-2134394716-109617 > SID[353]: S-1-5-21-160562036-3150058255-2134394716-60474 > SID[354]: S-1-5-21-160562036-3150058255-2134394716-402472 > SID[355]: S-1-5-21-160562036-3150058255-2134394716-55679 > SID[356]: S-1-5-21-160562036-3150058255-2134394716-69153 > SID[357]: S-1-5-21-160562036-3150058255-2134394716-22265 > SID[358]: S-1-5-21-160562036-3150058255-2134394716-423112 > SID[359]: S-1-5-21-160562036-3150058255-2134394716-289044 > SID[360]: S-1-5-21-160562036-3150058255-2134394716-67791 > SID[361]: S-1-5-21-160562036-3150058255-2134394716-69156 > SID[362]: S-1-5-21-160562036-3150058255-2134394716-62712 > SID[363]: S-1-5-21-160562036-3150058255-2134394716-360721 > SID[364]: S-1-5-21-160562036-3150058255-2134394716-435651 > SID[365]: S-1-5-21-160562036-3150058255-2134394716-69149 > SID[366]: S-1-5-21-160562036-3150058255-2134394716-73730 > SID[367]: S-1-5-21-160562036-3150058255-2134394716-243660 > SID[368]: S-1-5-21-160562036-3150058255-2134394716-104280 > SID[369]: S-1-5-21-160562036-3150058255-2134394716-430692 > SID[370]: S-1-5-21-160562036-3150058255-2134394716-256558 > SID[371]: S-1-5-21-160562036-3150058255-2134394716-54515 > SID[372]: S-1-5-21-160562036-3150058255-2134394716-334223 > SID[373]: S-1-5-21-160562036-3150058255-2134394716-304790 > SID[374]: S-1-5-21-160562036-3150058255-2134394716-373528 > SID[375]: S-1-5-21-160562036-3150058255-2134394716-375927 > SID[376]: S-1-5-21-160562036-3150058255-2134394716-74039 > SID[377]: S-1-5-21-160562036-3150058255-2134394716-62781 > SID[378]: S-1-5-21-160562036-3150058255-2134394716-69157 > SID[379]: S-1-5-21-160562036-3150058255-2134394716-309445 > SID[380]: S-1-5-21-160562036-3150058255-2134394716-62733 > SID[381]: S-1-5-21-160562036-3150058255-2134394716-418123 > SID[382]: S-1-5-21-160562036-3150058255-2134394716-64415 > SID[383]: S-1-5-21-160562036-3150058255-2134394716-414619 > SID[384]: S-1-5-21-160562036-3150058255-2134394716-373446 > SID[385]: S-1-5-21-160562036-3150058255-2134394716-289048 > SID[386]: S-1-5-21-160562036-3150058255-2134394716-69158 > SID[387]: S-1-5-21-160562036-3150058255-2134394716-373559 > SID[388]: S-1-5-21-160562036-3150058255-2134394716-110686 > SID[389]: S-1-5-21-160562036-3150058255-2134394716-260757 > SID[390]: S-1-5-21-160562036-3150058255-2134394716-249663 > SID[391]: S-1-5-21-160562036-3150058255-2134394716-249619 > SID[392]: S-1-5-21-160562036-3150058255-2134394716-321098 > SID[393]: S-1-5-21-160562036-3150058255-2134394716-64497 > SID[394]: S-1-5-21-160562036-3150058255-2134394716-112627 > SID[395]: S-1-5-21-160562036-3150058255-2134394716-62710 > SID[396]: S-1-5-21-160562036-3150058255-2134394716-360361 > SID[397]: S-1-5-21-160562036-3150058255-2134394716-353621 > SID[398]: S-1-5-21-160562036-3150058255-2134394716-365152 > SID[399]: S-1-5-21-160562036-3150058255-2134394716-69544 > SID[400]: S-1-5-21-160562036-3150058255-2134394716-249644 > SID[401]: S-1-5-21-160562036-3150058255-2134394716-55625 > SID[402]: S-1-1-0 > SID[403]: S-1-5-2 > SID[404]: S-1-5-11 > SID[405]: S-1-5-32-545 > SID[406]: S-1-22-1-10000 > SID[407]: S-1-22-2-10006 > SID[408]: S-1-22-2-10007 > SID[409]: S-1-22-2-10008 > SID[410]: S-1-22-2-10009 > SID[411]: S-1-22-2-10010 > SID[412]: S-1-22-2-10011 > SID[413]: S-1-22-2-10012 > SID[414]: S-1-22-2-10013 > SID[415]: S-1-22-2-10014 > SID[416]: S-1-22-2-10015 > SID[417]: S-1-22-2-10016 > SID[418]: S-1-22-2-10017 > SID[419]: S-1-22-2-10018 > SID[420]: S-1-22-2-10019 > SID[421]: S-1-22-2-10020 > SID[422]: S-1-22-2-10021 > SID[423]: S-1-22-2-10022 > SID[424]: S-1-22-2-10023 > SID[425]: S-1-22-2-10024 > SID[426]: S-1-22-2-10025 > SID[427]: S-1-22-2-10026 > SID[428]: S-1-22-2-10027 > SID[429]: S-1-22-2-10028 > SID[430]: S-1-22-2-10029 > SID[431]: S-1-22-2-10030 > SID[432]: S-1-22-2-10031 > SID[433]: S-1-22-2-10032 > SID[434]: S-1-22-2-10033 > SID[435]: S-1-22-2-10034 > SID[436]: S-1-22-2-10035 > SID[437]: S-1-22-2-10036 > SID[438]: S-1-22-2-10037 > SID[439]: S-1-22-2-10038 > SID[440]: S-1-22-2-10039 > SID[441]: S-1-22-2-10040 > SID[442]: S-1-22-2-10041 > SID[443]: S-1-22-2-10042 > SID[444]: S-1-22-2-10043 > SID[445]: S-1-22-2-10044 > SID[446]: S-1-22-2-10045 > SID[447]: S-1-22-2-10046 > SID[448]: S-1-22-2-10047 > SID[449]: S-1-22-2-10048 > SID[450]: S-1-22-2-10049 > SID[451]: S-1-22-2-10050 > SID[452]: S-1-22-2-10051 > SID[453]: S-1-22-2-10052 > SID[454]: S-1-22-2-10053 > SID[455]: S-1-22-2-10054 > SID[456]: S-1-22-2-10055 > SID[457]: S-1-22-2-10056 > SID[458]: S-1-22-2-10057 > SID[459]: S-1-22-2-10058 > SID[460]: S-1-22-2-10059 > SID[461]: S-1-22-2-10060 > SID[462]: S-1-22-2-10061 > SID[463]: S-1-22-2-10062 > SID[464]: S-1-22-2-10063 > SID[465]: S-1-22-2-10064 > SID[466]: S-1-22-2-10065 > SID[467]: S-1-22-2-10066 > SID[468]: S-1-22-2-10067 > SID[469]: S-1-22-2-10068 > SID[470]: S-1-22-2-10069 > SID[471]: S-1-22-2-10070 > SID[472]: S-1-22-2-10071 > SID[473]: S-1-22-2-10072 > SID[474]: S-1-22-2-10073 > SID[475]: S-1-22-2-10074 > SID[476]: S-1-22-2-10075 > SID[477]: S-1-22-2-10076 > SID[478]: S-1-22-2-10077 > SID[479]: S-1-22-2-10078 > SID[480]: S-1-22-2-10079 > SID[481]: S-1-22-2-10080 > SID[482]: S-1-22-2-10081 > SID[483]: S-1-22-2-10082 > SID[484]: S-1-22-2-10083 > SID[485]: S-1-22-2-10084 > SID[486]: S-1-22-2-10085 > SID[487]: S-1-22-2-10086 > SID[488]: S-1-22-2-10087 > SID[489]: S-1-22-2-10088 > SID[490]: S-1-22-2-10089 > SID[491]: S-1-22-2-10090 > SID[492]: S-1-22-2-10091 > SID[493]: S-1-22-2-10092 > SID[494]: S-1-22-2-10093 > SID[495]: S-1-22-2-10094 > SID[496]: S-1-22-2-10095 > SID[497]: S-1-22-2-10096 > SID[498]: S-1-22-2-10097 > SID[499]: S-1-22-2-10098 > SID[500]: S-1-22-2-10099 > SID[501]: S-1-22-2-10100 > SID[502]: S-1-22-2-10101 > SID[503]: S-1-22-2-10102 > SID[504]: S-1-22-2-10103 > SID[505]: S-1-22-2-10104 > SID[506]: S-1-22-2-10105 > SID[507]: S-1-22-2-10106 > SID[508]: S-1-22-2-10107 > SID[509]: S-1-22-2-10108 > SID[510]: S-1-22-2-10109 > SID[511]: S-1-22-2-10110 > SID[512]: S-1-22-2-10111 > SID[513]: S-1-22-2-10112 > SID[514]: S-1-22-2-10113 > SID[515]: S-1-22-2-10114 > SID[516]: S-1-22-2-10115 > SID[517]: S-1-22-2-10116 > SID[518]: S-1-22-2-10117 > SID[519]: S-1-22-2-10118 > SID[520]: S-1-22-2-10119 > SID[521]: S-1-22-2-10120 > SID[522]: S-1-22-2-10121 > SID[523]: S-1-22-2-10122 > SID[524]: S-1-22-2-10123 > SID[525]: S-1-22-2-10124 > SID[526]: S-1-22-2-10125 > SID[527]: S-1-22-2-10126 > SID[528]: S-1-22-2-10127 > SID[529]: S-1-22-2-10128 > SID[530]: S-1-22-2-10129 > SID[531]: S-1-22-2-10130 > SID[532]: S-1-22-2-10131 > SID[533]: S-1-22-2-10132 > SID[534]: S-1-22-2-10133 > SID[535]: S-1-22-2-10134 > SID[536]: S-1-22-2-10135 > SID[537]: S-1-22-2-10136 > SID[538]: S-1-22-2-10137 > SID[539]: S-1-22-2-10138 > SID[540]: S-1-22-2-10139 > SID[541]: S-1-22-2-10140 > SID[542]: S-1-22-2-10141 > SID[543]: S-1-22-2-10142 > SID[544]: S-1-22-2-10143 > SID[545]: S-1-22-2-10144 > SID[546]: S-1-22-2-10145 > SID[547]: S-1-22-2-10146 > SID[548]: S-1-22-2-10147 > SID[549]: S-1-22-2-10148 > SID[550]: S-1-22-2-10149 > SID[551]: S-1-22-2-10150 > SID[552]: S-1-22-2-10471 > SID[553]: S-1-22-2-10151 > SID[554]: S-1-22-2-10152 > SID[555]: S-1-22-2-10153 > SID[556]: S-1-22-2-10154 > SID[557]: S-1-22-2-10155 > SID[558]: S-1-22-2-10156 > SID[559]: S-1-22-2-10157 > SID[560]: S-1-22-2-10158 > SID[561]: S-1-22-2-10159 > SID[562]: S-1-22-2-10160 > SID[563]: S-1-22-2-10161 > SID[564]: S-1-22-2-10162 > SID[565]: S-1-22-2-10163 > SID[566]: S-1-22-2-10164 > SID[567]: S-1-22-2-10165 > SID[568]: S-1-22-2-10166 > SID[569]: S-1-22-2-10167 > SID[570]: S-1-22-2-10168 > SID[571]: S-1-22-2-10169 > SID[572]: S-1-22-2-10170 > SID[573]: S-1-22-2-10171 > SID[574]: S-1-22-2-10172 > SID[575]: S-1-22-2-10173 > SID[576]: S-1-22-2-10174 > SID[577]: S-1-22-2-10175 > SID[578]: S-1-22-2-10176 > SID[579]: S-1-22-2-10177 > SID[580]: S-1-22-2-10178 > SID[581]: S-1-22-2-10179 > SID[582]: S-1-22-2-10180 > SID[583]: S-1-22-2-10181 > SID[584]: S-1-22-2-10182 > SID[585]: S-1-22-2-10183 > SID[586]: S-1-22-2-10184 > SID[587]: S-1-22-2-10185 > SID[588]: S-1-22-2-10186 > SID[589]: S-1-22-2-10187 > SID[590]: S-1-22-2-10188 > SID[591]: S-1-22-2-10189 > SID[592]: S-1-22-2-10190 > SID[593]: S-1-22-2-10191 > SID[594]: S-1-22-2-10192 > SID[595]: S-1-22-2-10193 > SID[596]: S-1-22-2-10194 > SID[597]: S-1-22-2-10195 > SID[598]: S-1-22-2-10196 > SID[599]: S-1-22-2-10197 > SID[600]: S-1-22-2-10198 > SID[601]: S-1-22-2-10199 > SID[602]: S-1-22-2-10200 > SID[603]: S-1-22-2-10201 > SID[604]: S-1-22-2-10202 > SID[605]: S-1-22-2-10203 > SID[606]: S-1-22-2-10204 > SID[607]: S-1-22-2-10205 > SID[608]: S-1-22-2-10206 > SID[609]: S-1-22-2-10207 > SID[610]: S-1-22-2-10208 > SID[611]: S-1-22-2-10209 > SID[612]: S-1-22-2-10210 > SID[613]: S-1-22-2-10211 > SID[614]: S-1-22-2-10212 > SID[615]: S-1-22-2-10213 > SID[616]: S-1-22-2-10214 > SID[617]: S-1-22-2-10215 > SID[618]: S-1-22-2-10216 > SID[619]: S-1-22-2-10217 > SID[620]: S-1-22-2-10218 > SID[621]: S-1-22-2-10219 > SID[622]: S-1-22-2-10220 > SID[623]: S-1-22-2-10221 > SID[624]: S-1-22-2-10222 > SID[625]: S-1-22-2-10223 > SID[626]: S-1-22-2-10224 > SID[627]: S-1-22-2-10225 > SID[628]: S-1-22-2-10226 > SID[629]: S-1-22-2-10227 > SID[630]: S-1-22-2-10228 > SID[631]: S-1-22-2-10229 > SID[632]: S-1-22-2-10230 > SID[633]: S-1-22-2-10231 > SID[634]: S-1-22-2-10232 > SID[635]: S-1-22-2-10233 > SID[636]: S-1-22-2-10234 > SID[637]: S-1-22-2-10235 > SID[638]: S-1-22-2-10236 > SID[639]: S-1-22-2-10237 > SID[640]: S-1-22-2-10238 > SID[641]: S-1-22-2-10239 > SID[642]: S-1-22-2-10240 > SID[643]: S-1-22-2-10241 > SID[644]: S-1-22-2-10242 > SID[645]: S-1-22-2-10243 > SID[646]: S-1-22-2-10244 > SID[647]: S-1-22-2-10245 > SID[648]: S-1-22-2-10246 > SID[649]: S-1-22-2-10247 > SID[650]: S-1-22-2-10248 > SID[651]: S-1-22-2-10249 > SID[652]: S-1-22-2-10250 > SID[653]: S-1-22-2-10251 > SID[654]: S-1-22-2-10252 > SID[655]: S-1-22-2-10253 > SID[656]: S-1-22-2-10254 > SID[657]: S-1-22-2-10255 > SID[658]: S-1-22-2-10256 > SID[659]: S-1-22-2-10257 > SID[660]: S-1-22-2-10258 > SID[661]: S-1-22-2-10259 > SID[662]: S-1-22-2-10260 > SID[663]: S-1-22-2-10261 > SID[664]: S-1-22-2-10262 > SID[665]: S-1-22-2-10263 > SID[666]: S-1-22-2-10264 > SID[667]: S-1-22-2-10265 > SID[668]: S-1-22-2-10266 > SID[669]: S-1-22-2-10267 > SID[670]: S-1-22-2-10268 > SID[671]: S-1-22-2-10269 > SID[672]: S-1-22-2-10270 > SID[673]: S-1-22-2-10271 > SID[674]: S-1-22-2-10272 > SID[675]: S-1-22-2-10273 > SID[676]: S-1-22-2-10274 > SID[677]: S-1-22-2-10275 > SID[678]: S-1-22-2-10276 > SID[679]: S-1-22-2-10277 > SID[680]: S-1-22-2-10278 > SID[681]: S-1-22-2-10279 > SID[682]: S-1-22-2-10280 > SID[683]: S-1-22-2-10281 > SID[684]: S-1-22-2-10282 > SID[685]: S-1-22-2-10283 > SID[686]: S-1-22-2-10284 > SID[687]: S-1-22-2-10285 > SID[688]: S-1-22-2-10286 > SID[689]: S-1-22-2-10287 > SID[690]: S-1-22-2-10288 > SID[691]: S-1-22-2-10289 > SID[692]: S-1-22-2-10290 > SID[693]: S-1-22-2-10291 > SID[694]: S-1-22-2-10292 > SID[695]: S-1-22-2-10293 > SID[696]: S-1-22-2-10294 > SID[697]: S-1-22-2-10295 > SID[698]: S-1-22-2-10296 > SID[699]: S-1-22-2-10297 > SID[700]: S-1-22-2-10298 > SID[701]: S-1-22-2-10299 > SID[702]: S-1-22-2-10300 > SID[703]: S-1-22-2-10301 > SID[704]: S-1-22-2-10302 > SID[705]: S-1-22-2-10303 > SID[706]: S-1-22-2-10304 > SID[707]: S-1-22-2-10305 > SID[708]: S-1-22-2-10306 > SID[709]: S-1-22-2-10307 > SID[710]: S-1-22-2-10308 > SID[711]: S-1-22-2-10309 > SID[712]: S-1-22-2-10310 > SID[713]: S-1-22-2-10311 > SID[714]: S-1-22-2-10312 > SID[715]: S-1-22-2-10313 > SID[716]: S-1-22-2-10314 > SID[717]: S-1-22-2-10315 > SID[718]: S-1-22-2-10316 > SID[719]: S-1-22-2-10317 > SID[720]: S-1-22-2-10318 > SID[721]: S-1-22-2-10319 > SID[722]: S-1-22-2-10320 > SID[723]: S-1-22-2-10321 > SID[724]: S-1-22-2-10322 > SID[725]: S-1-22-2-10323 > SID[726]: S-1-22-2-10324 > SID[727]: S-1-22-2-10325 > SID[728]: S-1-22-2-10326 > SID[729]: S-1-22-2-10327 > SID[730]: S-1-22-2-10328 > SID[731]: S-1-22-2-10329 > SID[732]: S-1-22-2-10330 > SID[733]: S-1-22-2-10331 > SID[734]: S-1-22-2-10332 > SID[735]: S-1-22-2-10333 > SID[736]: S-1-22-2-10334 > SID[737]: S-1-22-2-10335 > SID[738]: S-1-22-2-10336 > SID[739]: S-1-22-2-10337 > SID[740]: S-1-22-2-10338 > SID[741]: S-1-22-2-10339 > SID[742]: S-1-22-2-10340 > SID[743]: S-1-22-2-10341 > SID[744]: S-1-22-2-10342 > SID[745]: S-1-22-2-10343 > SID[746]: S-1-22-2-10344 > SID[747]: S-1-22-2-10345 > SID[748]: S-1-22-2-10346 > SID[749]: S-1-22-2-10347 > SID[750]: S-1-22-2-10348 > SID[751]: S-1-22-2-10349 > SID[752]: S-1-22-2-10350 > SID[753]: S-1-22-2-10351 > SID[754]: S-1-22-2-10352 > SID[755]: S-1-22-2-10353 > SID[756]: S-1-22-2-10354 > SID[757]: S-1-22-2-10355 > SID[758]: S-1-22-2-10356 > SID[759]: S-1-22-2-10357 > SID[760]: S-1-22-2-10358 > SID[761]: S-1-22-2-10359 > SID[762]: S-1-22-2-10360 > SID[763]: S-1-22-2-10361 > SID[764]: S-1-22-2-10362 > SID[765]: S-1-22-2-10363 > SID[766]: S-1-22-2-10364 > SID[767]: S-1-22-2-10365 > SID[768]: S-1-22-2-10366 > SID[769]: S-1-22-2-10367 > SID[770]: S-1-22-2-10368 > SID[771]: S-1-22-2-10369 > SID[772]: S-1-22-2-10370 > SID[773]: S-1-22-2-10371 > SID[774]: S-1-22-2-10372 > SID[775]: S-1-22-2-10373 > SID[776]: S-1-22-2-10374 > SID[777]: S-1-22-2-10375 > SID[778]: S-1-22-2-10376 > SID[779]: S-1-22-2-10377 > SID[780]: S-1-22-2-10378 > SID[781]: S-1-22-2-10379 > SID[782]: S-1-22-2-10380 > SID[783]: S-1-22-2-10381 > SID[784]: S-1-22-2-10382 > SID[785]: S-1-22-2-10383 > SID[786]: S-1-22-2-10384 > SID[787]: S-1-22-2-10385 > SID[788]: S-1-22-2-10386 > SID[789]: S-1-22-2-10387 > SID[790]: S-1-22-2-10388 > SID[791]: S-1-22-2-10389 > SID[792]: S-1-22-2-10390 > SID[793]: S-1-22-2-10391 > SID[794]: S-1-22-2-10392 > SID[795]: S-1-22-2-10393 > SID[796]: S-1-22-2-10394 > SID[797]: S-1-22-2-10395 > SID[798]: S-1-22-2-10396 > SID[799]: S-1-22-2-10397 > SID[800]: S-1-22-2-10398 > SID[801]: S-1-22-2-10399 > SID[802]: S-1-22-2-10400 > SID[803]: S-1-22-2-10401 > SID[804]: S-1-22-2-10402 > SID[805]: S-1-22-2-10403 > SID[806]: S-1-22-2-10404 > SID[807]: S-1-22-2-10002 > SID[808]: S-1-22-2-10003 > SID[809]: S-1-22-2-10004 > SID[810]: S-1-22-2-10001 > Privileges (0x 20): > Privilege[ 0]: SePrintOperatorPrivilege > Rights (0x 0): >[2012/11/09 16:29:11.157119, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 10000 > Primary group is 10006 and contains 404 supplementary groups > Group[ 0]: 10006 > Group[ 1]: 10007 > Group[ 2]: 10008 > Group[ 3]: 10009 > Group[ 4]: 10010 > Group[ 5]: 10011 > Group[ 6]: 10012 > Group[ 7]: 10013 > Group[ 8]: 10014 > Group[ 9]: 10015 > Group[ 10]: 10016 > Group[ 11]: 10017 > Group[ 12]: 10018 > Group[ 13]: 10019 > Group[ 14]: 10020 > Group[ 15]: 10021 > Group[ 16]: 10022 > Group[ 17]: 10023 > Group[ 18]: 10024 > Group[ 19]: 10025 > Group[ 20]: 10026 > Group[ 21]: 10027 > Group[ 22]: 10028 > Group[ 23]: 10029 > Group[ 24]: 10030 > Group[ 25]: 10031 > Group[ 26]: 10032 > Group[ 27]: 10033 > Group[ 28]: 10034 > Group[ 29]: 10035 > Group[ 30]: 10036 > Group[ 31]: 10037 > Group[ 32]: 10038 > Group[ 33]: 10039 > Group[ 34]: 10040 > Group[ 35]: 10041 > Group[ 36]: 10042 > Group[ 37]: 10043 > Group[ 38]: 10044 > Group[ 39]: 10045 > Group[ 40]: 10046 > Group[ 41]: 10047 > Group[ 42]: 10048 > Group[ 43]: 10049 > Group[ 44]: 10050 > Group[ 45]: 10051 > Group[ 46]: 10052 > Group[ 47]: 10053 > Group[ 48]: 10054 > Group[ 49]: 10055 > Group[ 50]: 10056 > Group[ 51]: 10057 > Group[ 52]: 10058 > Group[ 53]: 10059 > Group[ 54]: 10060 > Group[ 55]: 10061 > Group[ 56]: 10062 > Group[ 57]: 10063 > Group[ 58]: 10064 > Group[ 59]: 10065 > Group[ 60]: 10066 > Group[ 61]: 10067 > Group[ 62]: 10068 > Group[ 63]: 10069 > Group[ 64]: 10070 > Group[ 65]: 10071 > Group[ 66]: 10072 > Group[ 67]: 10073 > Group[ 68]: 10074 > Group[ 69]: 10075 > Group[ 70]: 10076 > Group[ 71]: 10077 > Group[ 72]: 10078 > Group[ 73]: 10079 > Group[ 74]: 10080 > Group[ 75]: 10081 > Group[ 76]: 10082 > Group[ 77]: 10083 > Group[ 78]: 10084 > Group[ 79]: 10085 > Group[ 80]: 10086 > Group[ 81]: 10087 > Group[ 82]: 10088 > Group[ 83]: 10089 > Group[ 84]: 10090 > Group[ 85]: 10091 > Group[ 86]: 10092 > Group[ 87]: 10093 > Group[ 88]: 10094 > Group[ 89]: 10095 > Group[ 90]: 10096 > Group[ 91]: 10097 > Group[ 92]: 10098 > Group[ 93]: 10099 > Group[ 94]: 10100 > Group[ 95]: 10101 > Group[ 96]: 10102 > Group[ 97]: 10103 > Group[ 98]: 10104 > Group[ 99]: 10105 > Group[100]: 10106 > Group[101]: 10107 > Group[102]: 10108 > Group[103]: 10109 > Group[104]: 10110 > Group[105]: 10111 > Group[106]: 10112 > Group[107]: 10113 > Group[108]: 10114 > Group[109]: 10115 > Group[110]: 10116 > Group[111]: 10117 > Group[112]: 10118 > Group[113]: 10119 > Group[114]: 10120 > Group[115]: 10121 > Group[116]: 10122 > Group[117]: 10123 > Group[118]: 10124 > Group[119]: 10125 > Group[120]: 10126 > Group[121]: 10127 > Group[122]: 10128 > Group[123]: 10129 > Group[124]: 10130 > Group[125]: 10131 > Group[126]: 10132 > Group[127]: 10133 > Group[128]: 10134 > Group[129]: 10135 > Group[130]: 10136 > Group[131]: 10137 > Group[132]: 10138 > Group[133]: 10139 > Group[134]: 10140 > Group[135]: 10141 > Group[136]: 10142 > Group[137]: 10143 > Group[138]: 10144 > Group[139]: 10145 > Group[140]: 10146 > Group[141]: 10147 > Group[142]: 10148 > Group[143]: 10149 > Group[144]: 10150 > Group[145]: 10471 > Group[146]: 10151 > Group[147]: 10152 > Group[148]: 10153 > Group[149]: 10154 > Group[150]: 10155 > Group[151]: 10156 > Group[152]: 10157 > Group[153]: 10158 > Group[154]: 10159 > Group[155]: 10160 > Group[156]: 10161 > Group[157]: 10162 > Group[158]: 10163 > Group[159]: 10164 > Group[160]: 10165 > Group[161]: 10166 > Group[162]: 10167 > Group[163]: 10168 > Group[164]: 10169 > Group[165]: 10170 > Group[166]: 10171 > Group[167]: 10172 > Group[168]: 10173 > Group[169]: 10174 > Group[170]: 10175 > Group[171]: 10176 > Group[172]: 10177 > Group[173]: 10178 > Group[174]: 10179 > Group[175]: 10180 > Group[176]: 10181 > Group[177]: 10182 > Group[178]: 10183 > Group[179]: 10184 > Group[180]: 10185 > Group[181]: 10186 > Group[182]: 10187 > Group[183]: 10188 > Group[184]: 10189 > Group[185]: 10190 > Group[186]: 10191 > Group[187]: 10192 > Group[188]: 10193 > Group[189]: 10194 > Group[190]: 10195 > Group[191]: 10196 > Group[192]: 10197 > Group[193]: 10198 > Group[194]: 10199 > Group[195]: 10200 > Group[196]: 10201 > Group[197]: 10202 > Group[198]: 10203 > Group[199]: 10204 > Group[200]: 10205 > Group[201]: 10206 > Group[202]: 10207 > Group[203]: 10208 > Group[204]: 10209 > Group[205]: 10210 > Group[206]: 10211 > Group[207]: 10212 > Group[208]: 10213 > Group[209]: 10214 > Group[210]: 10215 > Group[211]: 10216 > Group[212]: 10217 > Group[213]: 10218 > Group[214]: 10219 > Group[215]: 10220 > Group[216]: 10221 > Group[217]: 10222 > Group[218]: 10223 > Group[219]: 10224 > Group[220]: 10225 > Group[221]: 10226 > Group[222]: 10227 > Group[223]: 10228 > Group[224]: 10229 > Group[225]: 10230 > Group[226]: 10231 > Group[227]: 10232 > Group[228]: 10233 > Group[229]: 10234 > Group[230]: 10235 > Group[231]: 10236 > Group[232]: 10237 > Group[233]: 10238 > Group[234]: 10239 > Group[235]: 10240 > Group[236]: 10241 > Group[237]: 10242 > Group[238]: 10243 > Group[239]: 10244 > Group[240]: 10245 > Group[241]: 10246 > Group[242]: 10247 > Group[243]: 10248 > Group[244]: 10249 > Group[245]: 10250 > Group[246]: 10251 > Group[247]: 10252 > Group[248]: 10253 > Group[249]: 10254 > Group[250]: 10255 > Group[251]: 10256 > Group[252]: 10257 > Group[253]: 10258 > Group[254]: 10259 > Group[255]: 10260 > Group[256]: 10261 > Group[257]: 10262 > Group[258]: 10263 > Group[259]: 10264 > Group[260]: 10265 > Group[261]: 10266 > Group[262]: 10267 > Group[263]: 10268 > Group[264]: 10269 > Group[265]: 10270 > Group[266]: 10271 > Group[267]: 10272 > Group[268]: 10273 > Group[269]: 10274 > Group[270]: 10275 > Group[271]: 10276 > Group[272]: 10277 > Group[273]: 10278 > Group[274]: 10279 > Group[275]: 10280 > Group[276]: 10281 > Group[277]: 10282 > Group[278]: 10283 > Group[279]: 10284 > Group[280]: 10285 > Group[281]: 10286 > Group[282]: 10287 > Group[283]: 10288 > Group[284]: 10289 > Group[285]: 10290 > Group[286]: 10291 > Group[287]: 10292 > Group[288]: 10293 > Group[289]: 10294 > Group[290]: 10295 > Group[291]: 10296 > Group[292]: 10297 > Group[293]: 10298 > Group[294]: 10299 > Group[295]: 10300 > Group[296]: 10301 > Group[297]: 10302 > Group[298]: 10303 > Group[299]: 10304 > Group[300]: 10305 > Group[301]: 10306 > Group[302]: 10307 > Group[303]: 10308 > Group[304]: 10309 > Group[305]: 10310 > Group[306]: 10311 > Group[307]: 10312 > Group[308]: 10313 > Group[309]: 10314 > Group[310]: 10315 > Group[311]: 10316 > Group[312]: 10317 > Group[313]: 10318 > Group[314]: 10319 > Group[315]: 10320 > Group[316]: 10321 > Group[317]: 10322 > Group[318]: 10323 > Group[319]: 10324 > Group[320]: 10325 > Group[321]: 10326 > Group[322]: 10327 > Group[323]: 10328 > Group[324]: 10329 > Group[325]: 10330 > Group[326]: 10331 > Group[327]: 10332 > Group[328]: 10333 > Group[329]: 10334 > Group[330]: 10335 > Group[331]: 10336 > Group[332]: 10337 > Group[333]: 10338 > Group[334]: 10339 > Group[335]: 10340 > Group[336]: 10341 > Group[337]: 10342 > Group[338]: 10343 > Group[339]: 10344 > Group[340]: 10345 > Group[341]: 10346 > Group[342]: 10347 > Group[343]: 10348 > Group[344]: 10349 > Group[345]: 10350 > Group[346]: 10351 > Group[347]: 10352 > Group[348]: 10353 > Group[349]: 10354 > Group[350]: 10355 > Group[351]: 10356 > Group[352]: 10357 > Group[353]: 10358 > Group[354]: 10359 > Group[355]: 10360 > Group[356]: 10361 > Group[357]: 10362 > Group[358]: 10363 > Group[359]: 10364 > Group[360]: 10365 > Group[361]: 10366 > Group[362]: 10367 > Group[363]: 10368 > Group[364]: 10369 > Group[365]: 10370 > Group[366]: 10371 > Group[367]: 10372 > Group[368]: 10373 > Group[369]: 10374 > Group[370]: 10375 > Group[371]: 10376 > Group[372]: 10377 > Group[373]: 10378 > Group[374]: 10379 > Group[375]: 10380 > Group[376]: 10381 > Group[377]: 10382 > Group[378]: 10383 > Group[379]: 10384 > Group[380]: 10385 > Group[381]: 10386 > Group[382]: 10387 > Group[383]: 10388 > Group[384]: 10389 > Group[385]: 10390 > Group[386]: 10391 > Group[387]: 10392 > Group[388]: 10393 > Group[389]: 10394 > Group[390]: 10395 > Group[391]: 10396 > Group[392]: 10397 > Group[393]: 10398 > Group[394]: 10399 > Group[395]: 10400 > Group[396]: 10401 > Group[397]: 10402 > Group[398]: 10403 > Group[399]: 10404 > Group[400]: 10002 > Group[401]: 10003 > Group[402]: 10004 > Group[403]: 10001 >[2012/11/09 16:29:11.160411, 5] smbd/uid.c:317(change_to_user_internal) > Impersonated user: uid=(0,10000), gid=(0,10006) >[2012/11/09 16:29:11.160473, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.160500, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.160531, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.160573, 5] smbd/uid.c:400(change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) >[2012/11/09 16:29:11.160612, 3] smbd/service.c:1114(make_connection_snum) > 10.129.108.68 (10.129.108.68) signed connect to service IPC$ initially as user BROSE+pfoerfr (uid=10000, gid=10006) (pid 12629) >[2012/11/09 16:29:11.160641, 3] smbd/reply.c:871(reply_tcon_and_X) > tconX service=IPC$ >[2012/11/09 16:29:11.161487, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x66 >[2012/11/09 16:29:11.161519, 3] smbd/process.c:1662(process_smb) > Transaction 3 of length 106 (0 toread) >[2012/11/09 16:29:11.161547, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.161561, 5] lib/util.c:342(show_msg) > size=102 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=48192 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 4096 (0x1000) > smb_vwv[ 3]= 4096 (0x1000) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=40704 (0x9F00) > smb_vwv[ 8]= 4609 (0x1201) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1792 (0x700) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]=16384 (0x4000) > smb_vwv[20]=16384 (0x4000) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 768 (0x300) > smb_bcc=19 >[2012/11/09 16:29:11.161848, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.161871, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.161891, 5] ../libcli/security/security_token.c:63(security_token_debug) > Security token SIDs (811): > SID[ 0]: S-1-5-21-160562036-3150058255-2134394716-19743 > SID[ 1]: S-1-5-21-160562036-3150058255-2134394716-513 > SID[ 2]: S-1-5-21-160562036-3150058255-2134394716-334230 > SID[ 3]: S-1-5-21-160562036-3150058255-2134394716-23353 > SID[ 4]: S-1-5-21-160562036-3150058255-2134394716-304793 > SID[ 5]: S-1-5-21-160562036-3150058255-2134394716-269408 > SID[ 6]: S-1-5-21-160562036-3150058255-2134394716-50420 > SID[ 7]: S-1-5-21-160562036-3150058255-2134394716-113634 > SID[ 8]: S-1-5-21-160562036-3150058255-2134394716-113662 > SID[ 9]: S-1-5-21-160562036-3150058255-2134394716-260755 > SID[ 10]: S-1-5-21-160562036-3150058255-2134394716-288770 > SID[ 11]: S-1-5-21-160562036-3150058255-2134394716-67892 > SID[ 12]: S-1-5-21-160562036-3150058255-2134394716-20800 > SID[ 13]: S-1-5-21-160562036-3150058255-2134394716-269744 > SID[ 14]: S-1-5-21-160562036-3150058255-2134394716-63803 > SID[ 15]: S-1-5-21-160562036-3150058255-2134394716-360934 > SID[ 16]: S-1-5-21-160562036-3150058255-2134394716-421750 > SID[ 17]: S-1-5-21-160562036-3150058255-2134394716-294313 > SID[ 18]: S-1-5-21-160562036-3150058255-2134394716-109619 > SID[ 19]: S-1-5-21-160562036-3150058255-2134394716-13623 > SID[ 20]: S-1-5-21-160562036-3150058255-2134394716-113660 > SID[ 21]: S-1-5-21-160562036-3150058255-2134394716-13846 > SID[ 22]: S-1-5-21-160562036-3150058255-2134394716-351693 > SID[ 23]: S-1-5-21-160562036-3150058255-2134394716-56178 > SID[ 24]: S-1-5-21-160562036-3150058255-2134394716-268914 > SID[ 25]: S-1-5-21-160562036-3150058255-2134394716-276389 > SID[ 26]: S-1-5-21-160562036-3150058255-2134394716-294265 > SID[ 27]: S-1-5-21-160562036-3150058255-2134394716-289050 > SID[ 28]: S-1-5-21-160562036-3150058255-2134394716-284074 > SID[ 29]: S-1-5-21-160562036-3150058255-2134394716-353623 > SID[ 30]: S-1-5-21-160562036-3150058255-2134394716-60632 > SID[ 31]: S-1-5-21-160562036-3150058255-2134394716-299617 > SID[ 32]: S-1-5-21-160562036-3150058255-2134394716-269875 > SID[ 33]: S-1-5-21-160562036-3150058255-2134394716-260777 > SID[ 34]: S-1-5-21-160562036-3150058255-2134394716-72011 > SID[ 35]: S-1-5-21-160562036-3150058255-2134394716-56174 > SID[ 36]: S-1-5-21-160562036-3150058255-2134394716-294145 > SID[ 37]: S-1-5-21-160562036-3150058255-2134394716-46643 > SID[ 38]: S-1-5-21-160562036-3150058255-2134394716-110684 > SID[ 39]: S-1-5-21-160562036-3150058255-2134394716-69476 > SID[ 40]: S-1-5-21-160562036-3150058255-2134394716-354438 > SID[ 41]: S-1-5-21-160562036-3150058255-2134394716-288215 > SID[ 42]: S-1-5-21-160562036-3150058255-2134394716-418124 > SID[ 43]: S-1-5-21-160562036-3150058255-2134394716-32947 > SID[ 44]: S-1-5-21-160562036-3150058255-2134394716-373447 > SID[ 45]: S-1-5-21-160562036-3150058255-2134394716-21119 > SID[ 46]: S-1-5-21-160562036-3150058255-2134394716-254283 > SID[ 47]: S-1-5-21-160562036-3150058255-2134394716-21918 > SID[ 48]: S-1-5-21-160562036-3150058255-2134394716-268915 > SID[ 49]: S-1-5-21-160562036-3150058255-2134394716-267093 > SID[ 50]: S-1-5-21-160562036-3150058255-2134394716-340888 > SID[ 51]: S-1-5-21-160562036-3150058255-2134394716-294363 > SID[ 52]: S-1-5-21-160562036-3150058255-2134394716-414620 > SID[ 53]: S-1-5-21-160562036-3150058255-2134394716-260959 > SID[ 54]: S-1-5-21-160562036-3150058255-2134394716-56176 > SID[ 55]: S-1-5-21-160562036-3150058255-2134394716-373472 > SID[ 56]: S-1-5-21-160562036-3150058255-2134394716-294492 > SID[ 57]: S-1-5-21-160562036-3150058255-2134394716-373554 > SID[ 58]: S-1-5-21-160562036-3150058255-2134394716-104382 > SID[ 59]: S-1-5-21-160562036-3150058255-2134394716-294361 > SID[ 60]: S-1-5-21-160562036-3150058255-2134394716-245149 > SID[ 61]: S-1-5-21-160562036-3150058255-2134394716-32807 > SID[ 62]: S-1-5-21-160562036-3150058255-2134394716-63805 > SID[ 63]: S-1-5-21-160562036-3150058255-2134394716-290135 > SID[ 64]: S-1-5-21-160562036-3150058255-2134394716-248439 > SID[ 65]: S-1-5-21-160562036-3150058255-2134394716-58745 > SID[ 66]: S-1-5-21-160562036-3150058255-2134394716-288316 > SID[ 67]: S-1-5-21-160562036-3150058255-2134394716-373441 > SID[ 68]: S-1-5-21-160562036-3150058255-2134394716-268916 > SID[ 69]: S-1-5-21-160562036-3150058255-2134394716-17597 > SID[ 70]: S-1-5-21-160562036-3150058255-2134394716-113654 > SID[ 71]: S-1-5-21-160562036-3150058255-2134394716-304050 > SID[ 72]: S-1-5-21-160562036-3150058255-2134394716-112626 > SID[ 73]: S-1-5-21-160562036-3150058255-2134394716-360946 > SID[ 74]: S-1-5-21-160562036-3150058255-2134394716-1116 > SID[ 75]: S-1-5-21-160562036-3150058255-2134394716-294490 > SID[ 76]: S-1-5-21-160562036-3150058255-2134394716-373442 > SID[ 77]: S-1-5-21-160562036-3150058255-2134394716-402137 > SID[ 78]: S-1-5-21-160562036-3150058255-2134394716-373470 > SID[ 79]: S-1-5-21-160562036-3150058255-2134394716-284963 > SID[ 80]: S-1-5-21-160562036-3150058255-2134394716-21963 > SID[ 81]: S-1-5-21-160562036-3150058255-2134394716-373556 > SID[ 82]: S-1-5-21-160562036-3150058255-2134394716-351504 > SID[ 83]: S-1-5-21-160562036-3150058255-2134394716-360382 > SID[ 84]: S-1-5-21-160562036-3150058255-2134394716-266966 > SID[ 85]: S-1-5-21-160562036-3150058255-2134394716-63797 > SID[ 86]: S-1-5-21-160562036-3150058255-2134394716-31306 > SID[ 87]: S-1-5-21-160562036-3150058255-2134394716-420969 > SID[ 88]: S-1-5-21-160562036-3150058255-2134394716-58439 > SID[ 89]: S-1-5-21-160562036-3150058255-2134394716-351240 > SID[ 90]: S-1-5-21-160562036-3150058255-2134394716-290160 > SID[ 91]: S-1-5-21-160562036-3150058255-2134394716-335340 > SID[ 92]: S-1-5-21-160562036-3150058255-2134394716-32819 > SID[ 93]: S-1-5-21-160562036-3150058255-2134394716-63801 > SID[ 94]: S-1-5-21-160562036-3150058255-2134394716-53171 > SID[ 95]: S-1-5-21-160562036-3150058255-2134394716-294243 > SID[ 96]: S-1-5-21-160562036-3150058255-2134394716-350032 > SID[ 97]: S-1-5-21-160562036-3150058255-2134394716-63737 > SID[ 98]: S-1-5-21-160562036-3150058255-2134394716-13863 > SID[ 99]: S-1-5-21-160562036-3150058255-2134394716-351719 > SID[100]: S-1-5-21-160562036-3150058255-2134394716-56165 > SID[101]: S-1-5-21-160562036-3150058255-2134394716-113646 > SID[102]: S-1-5-21-160562036-3150058255-2134394716-430811 > SID[103]: S-1-5-21-160562036-3150058255-2134394716-284081 > SID[104]: S-1-5-21-160562036-3150058255-2134394716-256696 > SID[105]: S-1-5-21-160562036-3150058255-2134394716-416414 > SID[106]: S-1-5-21-160562036-3150058255-2134394716-49609 > SID[107]: S-1-5-21-160562036-3150058255-2134394716-377791 > SID[108]: S-1-5-21-160562036-3150058255-2134394716-32821 > SID[109]: S-1-5-21-160562036-3150058255-2134394716-359223 > SID[110]: S-1-5-21-160562036-3150058255-2134394716-284091 > SID[111]: S-1-5-21-160562036-3150058255-2134394716-433713 > SID[112]: S-1-5-21-160562036-3150058255-2134394716-33100 > SID[113]: S-1-5-21-160562036-3150058255-2134394716-416203 > SID[114]: S-1-5-21-160562036-3150058255-2134394716-317007 > SID[115]: S-1-5-21-160562036-3150058255-2134394716-69542 > SID[116]: S-1-5-21-160562036-3150058255-2134394716-268918 > SID[117]: S-1-5-21-160562036-3150058255-2134394716-69428 > SID[118]: S-1-5-21-160562036-3150058255-2134394716-316764 > SID[119]: S-1-5-21-160562036-3150058255-2134394716-55705 > SID[120]: S-1-5-21-160562036-3150058255-2134394716-291229 > SID[121]: S-1-5-21-160562036-3150058255-2134394716-250116 > SID[122]: S-1-5-21-160562036-3150058255-2134394716-294315 > SID[123]: S-1-5-21-160562036-3150058255-2134394716-402469 > SID[124]: S-1-5-21-160562036-3150058255-2134394716-256697 > SID[125]: S-1-5-21-160562036-3150058255-2134394716-418438 > SID[126]: S-1-5-21-160562036-3150058255-2134394716-435652 > SID[127]: S-1-5-21-160562036-3150058255-2134394716-45010 > SID[128]: S-1-5-21-160562036-3150058255-2134394716-322368 > SID[129]: S-1-5-21-160562036-3150058255-2134394716-267090 > SID[130]: S-1-5-21-160562036-3150058255-2134394716-32825 > SID[131]: S-1-5-21-160562036-3150058255-2134394716-35099 > SID[132]: S-1-5-21-160562036-3150058255-2134394716-56157 > SID[133]: S-1-5-21-160562036-3150058255-2134394716-113648 > SID[134]: S-1-5-21-160562036-3150058255-2134394716-55709 > SID[135]: S-1-5-21-160562036-3150058255-2134394716-108789 > SID[136]: S-1-5-21-160562036-3150058255-2134394716-56159 > SID[137]: S-1-5-21-160562036-3150058255-2134394716-268919 > SID[138]: S-1-5-21-160562036-3150058255-2134394716-245147 > SID[139]: S-1-5-21-160562036-3150058255-2134394716-430693 > SID[140]: S-1-5-21-160562036-3150058255-2134394716-289617 > SID[141]: S-1-5-21-160562036-3150058255-2134394716-373445 > SID[142]: S-1-5-21-160562036-3150058255-2134394716-14282 > SID[143]: S-1-5-21-160562036-3150058255-2134394716-433712 > SID[144]: S-1-5-21-160562036-3150058255-2134394716-59232 > SID[145]: S-1-5-21-160562036-3150058255-2134394716-33429 > SID[146]: S-1-5-21-160562036-3150058255-2134394716-437634 > SID[147]: S-1-5-21-160562036-3150058255-2134394716-23354 > SID[148]: S-1-5-21-160562036-3150058255-2134394716-113636 > SID[149]: S-1-5-21-160562036-3150058255-2134394716-63799 > SID[150]: S-1-5-21-160562036-3150058255-2134394716-261009 > SID[151]: S-1-5-21-160562036-3150058255-2134394716-290498 > SID[152]: S-1-5-21-160562036-3150058255-2134394716-375928 > SID[153]: S-1-5-21-160562036-3150058255-2134394716-276407 > SID[154]: S-1-5-21-160562036-3150058255-2134394716-357401 > SID[155]: S-1-5-21-160562036-3150058255-2134394716-357385 > SID[156]: S-1-5-21-160562036-3150058255-2134394716-269404 > SID[157]: S-1-5-21-160562036-3150058255-2134394716-67790 > SID[158]: S-1-5-21-160562036-3150058255-2134394716-392120 > SID[159]: S-1-5-21-160562036-3150058255-2134394716-276395 > SID[160]: S-1-5-21-160562036-3150058255-2134394716-113343 > SID[161]: S-1-5-21-160562036-3150058255-2134394716-56172 > SID[162]: S-1-5-21-160562036-3150058255-2134394716-402467 > SID[163]: S-1-5-21-160562036-3150058255-2134394716-293007 > SID[164]: S-1-5-21-160562036-3150058255-2134394716-427942 > SID[165]: S-1-5-21-160562036-3150058255-2134394716-373529 > SID[166]: S-1-5-21-160562036-3150058255-2134394716-263163 > SID[167]: S-1-5-21-160562036-3150058255-2134394716-64111 > SID[168]: S-1-5-21-160562036-3150058255-2134394716-266852 > SID[169]: S-1-5-21-160562036-3150058255-2134394716-357892 > SID[170]: S-1-5-21-160562036-3150058255-2134394716-104429 > SID[171]: S-1-5-21-160562036-3150058255-2134394716-32813 > SID[172]: S-1-5-21-160562036-3150058255-2134394716-360722 > SID[173]: S-1-5-21-160562036-3150058255-2134394716-284092 > SID[174]: S-1-5-21-160562036-3150058255-2134394716-289619 > SID[175]: S-1-5-21-160562036-3150058255-2134394716-369316 > SID[176]: S-1-5-21-160562036-3150058255-2134394716-49542 > SID[177]: S-1-5-21-160562036-3150058255-2134394716-329659 > SID[178]: S-1-5-21-160562036-3150058255-2134394716-32809 > SID[179]: S-1-5-21-160562036-3150058255-2134394716-108767 > SID[180]: S-1-5-21-160562036-3150058255-2134394716-305399 > SID[181]: S-1-5-21-160562036-3150058255-2134394716-263161 > SID[182]: S-1-5-21-160562036-3150058255-2134394716-314050 > SID[183]: S-1-5-21-160562036-3150058255-2134394716-31001 > SID[184]: S-1-5-21-160562036-3150058255-2134394716-279682 > SID[185]: S-1-5-21-160562036-3150058255-2134394716-294147 > SID[186]: S-1-5-21-160562036-3150058255-2134394716-56163 > SID[187]: S-1-5-21-160562036-3150058255-2134394716-285751 > SID[188]: S-1-5-21-160562036-3150058255-2134394716-21723 > SID[189]: S-1-5-21-160562036-3150058255-2134394716-8332 > SID[190]: S-1-5-21-160562036-3150058255-2134394716-32827 > SID[191]: S-1-5-21-160562036-3150058255-2134394716-256460 > SID[192]: S-1-5-21-160562036-3150058255-2134394716-256183 > SID[193]: S-1-5-21-160562036-3150058255-2134394716-300424 > SID[194]: S-1-5-21-160562036-3150058255-2134394716-55677 > SID[195]: S-1-5-21-160562036-3150058255-2134394716-253145 > SID[196]: S-1-5-21-160562036-3150058255-2134394716-63804 > SID[197]: S-1-5-21-160562036-3150058255-2134394716-358866 > SID[198]: S-1-5-21-160562036-3150058255-2134394716-32823 > SID[199]: S-1-5-21-160562036-3150058255-2134394716-276620 > SID[200]: S-1-5-21-160562036-3150058255-2134394716-361940 > SID[201]: S-1-5-21-160562036-3150058255-2134394716-49274 > SID[202]: S-1-5-21-160562036-3150058255-2134394716-402177 > SID[203]: S-1-5-21-160562036-3150058255-2134394716-252230 > SID[204]: S-1-5-21-160562036-3150058255-2134394716-321100 > SID[205]: S-1-5-21-160562036-3150058255-2134394716-20801 > SID[206]: S-1-5-21-160562036-3150058255-2134394716-276621 > SID[207]: S-1-5-21-160562036-3150058255-2134394716-252010 > SID[208]: S-1-5-21-160562036-3150058255-2134394716-292766 > SID[209]: S-1-5-21-160562036-3150058255-2134394716-37331 > SID[210]: S-1-5-21-160562036-3150058255-2134394716-260776 > SID[211]: S-1-5-21-160562036-3150058255-2134394716-386708 > SID[212]: S-1-5-21-160562036-3150058255-2134394716-374616 > SID[213]: S-1-5-21-160562036-3150058255-2134394716-21084 > SID[214]: S-1-5-21-160562036-3150058255-2134394716-294267 > SID[215]: S-1-5-21-160562036-3150058255-2134394716-63802 > SID[216]: S-1-5-21-160562036-3150058255-2134394716-31186 > SID[217]: S-1-5-21-160562036-3150058255-2134394716-105575 > SID[218]: S-1-5-21-160562036-3150058255-2134394716-361874 > SID[219]: S-1-5-21-160562036-3150058255-2134394716-360362 > SID[220]: S-1-5-21-160562036-3150058255-2134394716-357734 > SID[221]: S-1-5-21-160562036-3150058255-2134394716-294241 > SID[222]: S-1-5-21-160562036-3150058255-2134394716-251778 > SID[223]: S-1-5-21-160562036-3150058255-2134394716-49510 > SID[224]: S-1-5-21-160562036-3150058255-2134394716-35015 > SID[225]: S-1-5-21-160562036-3150058255-2134394716-20749 > SID[226]: S-1-5-21-160562036-3150058255-2134394716-294291 > SID[227]: S-1-5-21-160562036-3150058255-2134394716-254469 > SID[228]: S-1-5-21-160562036-3150058255-2134394716-247296 > SID[229]: S-1-5-21-160562036-3150058255-2134394716-63798 > SID[230]: S-1-5-21-160562036-3150058255-2134394716-59035 > SID[231]: S-1-5-21-160562036-3150058255-2134394716-430331 > SID[232]: S-1-5-21-160562036-3150058255-2134394716-21301 > SID[233]: S-1-5-21-160562036-3150058255-2134394716-55627 > SID[234]: S-1-5-21-160562036-3150058255-2134394716-32815 > SID[235]: S-1-5-21-160562036-3150058255-2134394716-277164 > SID[236]: S-1-5-21-160562036-3150058255-2134394716-21552 > SID[237]: S-1-5-21-160562036-3150058255-2134394716-56622 > SID[238]: S-1-5-21-160562036-3150058255-2134394716-37315 > SID[239]: S-1-5-21-160562036-3150058255-2134394716-334225 > SID[240]: S-1-5-21-160562036-3150058255-2134394716-338141 > SID[241]: S-1-5-21-160562036-3150058255-2134394716-246169 > SID[242]: S-1-5-21-160562036-3150058255-2134394716-297835 > SID[243]: S-1-5-21-160562036-3150058255-2134394716-353615 > SID[244]: S-1-5-21-160562036-3150058255-2134394716-322371 > SID[245]: S-1-5-21-160562036-3150058255-2134394716-63235 > SID[246]: S-1-5-21-160562036-3150058255-2134394716-266849 > SID[247]: S-1-5-21-160562036-3150058255-2134394716-293998 > SID[248]: S-1-5-21-160562036-3150058255-2134394716-433714 > SID[249]: S-1-5-21-160562036-3150058255-2134394716-107694 > SID[250]: S-1-5-21-160562036-3150058255-2134394716-288317 > SID[251]: S-1-5-21-160562036-3150058255-2134394716-44135 > SID[252]: S-1-5-21-160562036-3150058255-2134394716-290560 > SID[253]: S-1-5-21-160562036-3150058255-2134394716-322681 > SID[254]: S-1-5-21-160562036-3150058255-2134394716-283109 > SID[255]: S-1-5-21-160562036-3150058255-2134394716-357879 > SID[256]: S-1-5-21-160562036-3150058255-2134394716-289046 > SID[257]: S-1-5-21-160562036-3150058255-2134394716-32803 > SID[258]: S-1-5-21-160562036-3150058255-2134394716-343968 > SID[259]: S-1-5-21-160562036-3150058255-2134394716-50792 > SID[260]: S-1-5-21-160562036-3150058255-2134394716-50518 > SID[261]: S-1-5-21-160562036-3150058255-2134394716-37238 > SID[262]: S-1-5-21-160562036-3150058255-2134394716-360465 > SID[263]: S-1-5-21-160562036-3150058255-2134394716-366652 > SID[264]: S-1-5-21-160562036-3150058255-2134394716-294094 > SID[265]: S-1-5-21-160562036-3150058255-2134394716-288540 > SID[266]: S-1-5-21-160562036-3150058255-2134394716-297984 > SID[267]: S-1-5-21-160562036-3150058255-2134394716-276427 > SID[268]: S-1-5-21-160562036-3150058255-2134394716-333792 > SID[269]: S-1-5-21-160562036-3150058255-2134394716-427342 > SID[270]: S-1-5-21-160562036-3150058255-2134394716-333794 > SID[271]: S-1-5-21-160562036-3150058255-2134394716-290460 > SID[272]: S-1-5-21-160562036-3150058255-2134394716-294091 > SID[273]: S-1-5-21-160562036-3150058255-2134394716-333793 > SID[274]: S-1-5-21-160562036-3150058255-2134394716-338207 > SID[275]: S-1-5-21-160562036-3150058255-2134394716-409571 > SID[276]: S-1-5-21-160562036-3150058255-2134394716-294054 > SID[277]: S-1-5-21-160562036-3150058255-2134394716-30854 > SID[278]: S-1-5-21-160562036-3150058255-2134394716-288547 > SID[279]: S-1-5-21-160562036-3150058255-2134394716-365347 > SID[280]: S-1-5-21-6776287-465249537-1446904402-4108 > SID[281]: S-1-5-21-160562036-3150058255-2134394716-58230 > SID[282]: S-1-5-21-160562036-3150058255-2134394716-357400 > SID[283]: S-1-5-21-160562036-3150058255-2134394716-343966 > SID[284]: S-1-5-21-160562036-3150058255-2134394716-104268 > SID[285]: S-1-5-21-160562036-3150058255-2134394716-334228 > SID[286]: S-1-5-21-160562036-3150058255-2134394716-357384 > SID[287]: S-1-5-21-160562036-3150058255-2134394716-64500 > SID[288]: S-1-5-21-160562036-3150058255-2134394716-291227 > SID[289]: S-1-5-21-160562036-3150058255-2134394716-62708 > SID[290]: S-1-5-21-160562036-3150058255-2134394716-266847 > SID[291]: S-1-5-21-160562036-3150058255-2134394716-313857 > SID[292]: S-1-5-21-160562036-3150058255-2134394716-350031 > SID[293]: S-1-5-21-160562036-3150058255-2134394716-373448 > SID[294]: S-1-5-21-160562036-3150058255-2134394716-420970 > SID[295]: S-1-5-21-160562036-3150058255-2134394716-351238 > SID[296]: S-1-5-21-160562036-3150058255-2134394716-11861 > SID[297]: S-1-5-21-160562036-3150058255-2134394716-353613 > SID[298]: S-1-5-21-160562036-3150058255-2134394716-322679 > SID[299]: S-1-5-21-160562036-3150058255-2134394716-253148 > SID[300]: S-1-5-21-160562036-3150058255-2134394716-277162 > SID[301]: S-1-5-21-160562036-3150058255-2134394716-304048 > SID[302]: S-1-5-21-160562036-3150058255-2134394716-288768 > SID[303]: S-1-5-21-160562036-3150058255-2134394716-62920 > SID[304]: S-1-5-21-160562036-3150058255-2134394716-62814 > SID[305]: S-1-5-21-160562036-3150058255-2134394716-338139 > SID[306]: S-1-5-21-160562036-3150058255-2134394716-266850 > SID[307]: S-1-5-21-160562036-3150058255-2134394716-74038 > SID[308]: S-1-5-21-160562036-3150058255-2134394716-62715 > SID[309]: S-1-5-21-160562036-3150058255-2134394716-357877 > SID[310]: S-1-5-21-160562036-3150058255-2134394716-252117 > SID[311]: S-1-5-21-160562036-3150058255-2134394716-322372 > SID[312]: S-1-5-21-160562036-3150058255-2134394716-65121 > SID[313]: S-1-5-21-160562036-3150058255-2134394716-62711 > SID[314]: S-1-5-21-160562036-3150058255-2134394716-267091 > SID[315]: S-1-5-21-160562036-3150058255-2134394716-24652 > SID[316]: S-1-5-21-160562036-3150058255-2134394716-360933 > SID[317]: S-1-5-21-160562036-3150058255-2134394716-354437 > SID[318]: S-1-5-21-160562036-3150058255-2134394716-249119 > SID[319]: S-1-5-21-160562036-3150058255-2134394716-248731 > SID[320]: S-1-5-21-160562036-3150058255-2134394716-64215 > SID[321]: S-1-5-21-160562036-3150058255-2134394716-373475 > SID[322]: S-1-5-21-160562036-3150058255-2134394716-250664 > SID[323]: S-1-5-21-160562036-3150058255-2134394716-267088 > SID[324]: S-1-5-21-160562036-3150058255-2134394716-50311 > SID[325]: S-1-5-21-160562036-3150058255-2134394716-62644 > SID[326]: S-1-5-21-160562036-3150058255-2134394716-69148 > SID[327]: S-1-5-21-160562036-3150058255-2134394716-360380 > SID[328]: S-1-5-21-160562036-3150058255-2134394716-52124 > SID[329]: S-1-5-21-160562036-3150058255-2134394716-351502 > SID[330]: S-1-5-21-160562036-3150058255-2134394716-317005 > SID[331]: S-1-5-21-160562036-3150058255-2134394716-62713 > SID[332]: S-1-5-21-160562036-3150058255-2134394716-313855 > SID[333]: S-1-5-21-160562036-3150058255-2134394716-53143 > SID[334]: S-1-5-21-160562036-3150058255-2134394716-349705 > SID[335]: S-1-5-21-160562036-3150058255-2134394716-357732 > SID[336]: S-1-5-21-160562036-3150058255-2134394716-402142 > SID[337]: S-1-5-21-160562036-3150058255-2134394716-50421 > SID[338]: S-1-5-21-160562036-3150058255-2134394716-357890 > SID[339]: S-1-5-21-160562036-3150058255-2134394716-416413 > SID[340]: S-1-5-21-160562036-3150058255-2134394716-255117 > SID[341]: S-1-5-21-160562036-3150058255-2134394716-73891 > SID[342]: S-1-5-21-160562036-3150058255-2134394716-377792 > SID[343]: S-1-5-21-160562036-3150058255-2134394716-63081 > SID[344]: S-1-5-21-160562036-3150058255-2134394716-386707 > SID[345]: S-1-5-21-160562036-3150058255-2134394716-64112 > SID[346]: S-1-5-21-160562036-3150058255-2134394716-256555 > SID[347]: S-1-5-21-160562036-3150058255-2134394716-361939 > SID[348]: S-1-5-21-160562036-3150058255-2134394716-62709 > SID[349]: S-1-5-21-160562036-3150058255-2134394716-248759 > SID[350]: S-1-5-21-160562036-3150058255-2134394716-359221 > SID[351]: S-1-5-21-160562036-3150058255-2134394716-310730 > SID[352]: S-1-5-21-160562036-3150058255-2134394716-109617 > SID[353]: S-1-5-21-160562036-3150058255-2134394716-60474 > SID[354]: S-1-5-21-160562036-3150058255-2134394716-402472 > SID[355]: S-1-5-21-160562036-3150058255-2134394716-55679 > SID[356]: S-1-5-21-160562036-3150058255-2134394716-69153 > SID[357]: S-1-5-21-160562036-3150058255-2134394716-22265 > SID[358]: S-1-5-21-160562036-3150058255-2134394716-423112 > SID[359]: S-1-5-21-160562036-3150058255-2134394716-289044 > SID[360]: S-1-5-21-160562036-3150058255-2134394716-67791 > SID[361]: S-1-5-21-160562036-3150058255-2134394716-69156 > SID[362]: S-1-5-21-160562036-3150058255-2134394716-62712 > SID[363]: S-1-5-21-160562036-3150058255-2134394716-360721 > SID[364]: S-1-5-21-160562036-3150058255-2134394716-435651 > SID[365]: S-1-5-21-160562036-3150058255-2134394716-69149 > SID[366]: S-1-5-21-160562036-3150058255-2134394716-73730 > SID[367]: S-1-5-21-160562036-3150058255-2134394716-243660 > SID[368]: S-1-5-21-160562036-3150058255-2134394716-104280 > SID[369]: S-1-5-21-160562036-3150058255-2134394716-430692 > SID[370]: S-1-5-21-160562036-3150058255-2134394716-256558 > SID[371]: S-1-5-21-160562036-3150058255-2134394716-54515 > SID[372]: S-1-5-21-160562036-3150058255-2134394716-334223 > SID[373]: S-1-5-21-160562036-3150058255-2134394716-304790 > SID[374]: S-1-5-21-160562036-3150058255-2134394716-373528 > SID[375]: S-1-5-21-160562036-3150058255-2134394716-375927 > SID[376]: S-1-5-21-160562036-3150058255-2134394716-74039 > SID[377]: S-1-5-21-160562036-3150058255-2134394716-62781 > SID[378]: S-1-5-21-160562036-3150058255-2134394716-69157 > SID[379]: S-1-5-21-160562036-3150058255-2134394716-309445 > SID[380]: S-1-5-21-160562036-3150058255-2134394716-62733 > SID[381]: S-1-5-21-160562036-3150058255-2134394716-418123 > SID[382]: S-1-5-21-160562036-3150058255-2134394716-64415 > SID[383]: S-1-5-21-160562036-3150058255-2134394716-414619 > SID[384]: S-1-5-21-160562036-3150058255-2134394716-373446 > SID[385]: S-1-5-21-160562036-3150058255-2134394716-289048 > SID[386]: S-1-5-21-160562036-3150058255-2134394716-69158 > SID[387]: S-1-5-21-160562036-3150058255-2134394716-373559 > SID[388]: S-1-5-21-160562036-3150058255-2134394716-110686 > SID[389]: S-1-5-21-160562036-3150058255-2134394716-260757 > SID[390]: S-1-5-21-160562036-3150058255-2134394716-249663 > SID[391]: S-1-5-21-160562036-3150058255-2134394716-249619 > SID[392]: S-1-5-21-160562036-3150058255-2134394716-321098 > SID[393]: S-1-5-21-160562036-3150058255-2134394716-64497 > SID[394]: S-1-5-21-160562036-3150058255-2134394716-112627 > SID[395]: S-1-5-21-160562036-3150058255-2134394716-62710 > SID[396]: S-1-5-21-160562036-3150058255-2134394716-360361 > SID[397]: S-1-5-21-160562036-3150058255-2134394716-353621 > SID[398]: S-1-5-21-160562036-3150058255-2134394716-365152 > SID[399]: S-1-5-21-160562036-3150058255-2134394716-69544 > SID[400]: S-1-5-21-160562036-3150058255-2134394716-249644 > SID[401]: S-1-5-21-160562036-3150058255-2134394716-55625 > SID[402]: S-1-1-0 > SID[403]: S-1-5-2 > SID[404]: S-1-5-11 > SID[405]: S-1-5-32-545 > SID[406]: S-1-22-1-10000 > SID[407]: S-1-22-2-10006 > SID[408]: S-1-22-2-10007 > SID[409]: S-1-22-2-10008 > SID[410]: S-1-22-2-10009 > SID[411]: S-1-22-2-10010 > SID[412]: S-1-22-2-10011 > SID[413]: S-1-22-2-10012 > SID[414]: S-1-22-2-10013 > SID[415]: S-1-22-2-10014 > SID[416]: S-1-22-2-10015 > SID[417]: S-1-22-2-10016 > SID[418]: S-1-22-2-10017 > SID[419]: S-1-22-2-10018 > SID[420]: S-1-22-2-10019 > SID[421]: S-1-22-2-10020 > SID[422]: S-1-22-2-10021 > SID[423]: S-1-22-2-10022 > SID[424]: S-1-22-2-10023 > SID[425]: S-1-22-2-10024 > SID[426]: S-1-22-2-10025 > SID[427]: S-1-22-2-10026 > SID[428]: S-1-22-2-10027 > SID[429]: S-1-22-2-10028 > SID[430]: S-1-22-2-10029 > SID[431]: S-1-22-2-10030 > SID[432]: S-1-22-2-10031 > SID[433]: S-1-22-2-10032 > SID[434]: S-1-22-2-10033 > SID[435]: S-1-22-2-10034 > SID[436]: S-1-22-2-10035 > SID[437]: S-1-22-2-10036 > SID[438]: S-1-22-2-10037 > SID[439]: S-1-22-2-10038 > SID[440]: S-1-22-2-10039 > SID[441]: S-1-22-2-10040 > SID[442]: S-1-22-2-10041 > SID[443]: S-1-22-2-10042 > SID[444]: S-1-22-2-10043 > SID[445]: S-1-22-2-10044 > SID[446]: S-1-22-2-10045 > SID[447]: S-1-22-2-10046 > SID[448]: S-1-22-2-10047 > SID[449]: S-1-22-2-10048 > SID[450]: S-1-22-2-10049 > SID[451]: S-1-22-2-10050 > SID[452]: S-1-22-2-10051 > SID[453]: S-1-22-2-10052 > SID[454]: S-1-22-2-10053 > SID[455]: S-1-22-2-10054 > SID[456]: S-1-22-2-10055 > SID[457]: S-1-22-2-10056 > SID[458]: S-1-22-2-10057 > SID[459]: S-1-22-2-10058 > SID[460]: S-1-22-2-10059 > SID[461]: S-1-22-2-10060 > SID[462]: S-1-22-2-10061 > SID[463]: S-1-22-2-10062 > SID[464]: S-1-22-2-10063 > SID[465]: S-1-22-2-10064 > SID[466]: S-1-22-2-10065 > SID[467]: S-1-22-2-10066 > SID[468]: S-1-22-2-10067 > SID[469]: S-1-22-2-10068 > SID[470]: S-1-22-2-10069 > SID[471]: S-1-22-2-10070 > SID[472]: S-1-22-2-10071 > SID[473]: S-1-22-2-10072 > SID[474]: S-1-22-2-10073 > SID[475]: S-1-22-2-10074 > SID[476]: S-1-22-2-10075 > SID[477]: S-1-22-2-10076 > SID[478]: S-1-22-2-10077 > SID[479]: S-1-22-2-10078 > SID[480]: S-1-22-2-10079 > SID[481]: S-1-22-2-10080 > SID[482]: S-1-22-2-10081 > SID[483]: S-1-22-2-10082 > SID[484]: S-1-22-2-10083 > SID[485]: S-1-22-2-10084 > SID[486]: S-1-22-2-10085 > SID[487]: S-1-22-2-10086 > SID[488]: S-1-22-2-10087 > SID[489]: S-1-22-2-10088 > SID[490]: S-1-22-2-10089 > SID[491]: S-1-22-2-10090 > SID[492]: S-1-22-2-10091 > SID[493]: S-1-22-2-10092 > SID[494]: S-1-22-2-10093 > SID[495]: S-1-22-2-10094 > SID[496]: S-1-22-2-10095 > SID[497]: S-1-22-2-10096 > SID[498]: S-1-22-2-10097 > SID[499]: S-1-22-2-10098 > SID[500]: S-1-22-2-10099 > SID[501]: S-1-22-2-10100 > SID[502]: S-1-22-2-10101 > SID[503]: S-1-22-2-10102 > SID[504]: S-1-22-2-10103 > SID[505]: S-1-22-2-10104 > SID[506]: S-1-22-2-10105 > SID[507]: S-1-22-2-10106 > SID[508]: S-1-22-2-10107 > SID[509]: S-1-22-2-10108 > SID[510]: S-1-22-2-10109 > SID[511]: S-1-22-2-10110 > SID[512]: S-1-22-2-10111 > SID[513]: S-1-22-2-10112 > SID[514]: S-1-22-2-10113 > SID[515]: S-1-22-2-10114 > SID[516]: S-1-22-2-10115 > SID[517]: S-1-22-2-10116 > SID[518]: S-1-22-2-10117 > SID[519]: S-1-22-2-10118 > SID[520]: S-1-22-2-10119 > SID[521]: S-1-22-2-10120 > SID[522]: S-1-22-2-10121 > SID[523]: S-1-22-2-10122 > SID[524]: S-1-22-2-10123 > SID[525]: S-1-22-2-10124 > SID[526]: S-1-22-2-10125 > SID[527]: S-1-22-2-10126 > SID[528]: S-1-22-2-10127 > SID[529]: S-1-22-2-10128 > SID[530]: S-1-22-2-10129 > SID[531]: S-1-22-2-10130 > SID[532]: S-1-22-2-10131 > SID[533]: S-1-22-2-10132 > SID[534]: S-1-22-2-10133 > SID[535]: S-1-22-2-10134 > SID[536]: S-1-22-2-10135 > SID[537]: S-1-22-2-10136 > SID[538]: S-1-22-2-10137 > SID[539]: S-1-22-2-10138 > SID[540]: S-1-22-2-10139 > SID[541]: S-1-22-2-10140 > SID[542]: S-1-22-2-10141 > SID[543]: S-1-22-2-10142 > SID[544]: S-1-22-2-10143 > SID[545]: S-1-22-2-10144 > SID[546]: S-1-22-2-10145 > SID[547]: S-1-22-2-10146 > SID[548]: S-1-22-2-10147 > SID[549]: S-1-22-2-10148 > SID[550]: S-1-22-2-10149 > SID[551]: S-1-22-2-10150 > SID[552]: S-1-22-2-10471 > SID[553]: S-1-22-2-10151 > SID[554]: S-1-22-2-10152 > SID[555]: S-1-22-2-10153 > SID[556]: S-1-22-2-10154 > SID[557]: S-1-22-2-10155 > SID[558]: S-1-22-2-10156 > SID[559]: S-1-22-2-10157 > SID[560]: S-1-22-2-10158 > SID[561]: S-1-22-2-10159 > SID[562]: S-1-22-2-10160 > SID[563]: S-1-22-2-10161 > SID[564]: S-1-22-2-10162 > SID[565]: S-1-22-2-10163 > SID[566]: S-1-22-2-10164 > SID[567]: S-1-22-2-10165 > SID[568]: S-1-22-2-10166 > SID[569]: S-1-22-2-10167 > SID[570]: S-1-22-2-10168 > SID[571]: S-1-22-2-10169 > SID[572]: S-1-22-2-10170 > SID[573]: S-1-22-2-10171 > SID[574]: S-1-22-2-10172 > SID[575]: S-1-22-2-10173 > SID[576]: S-1-22-2-10174 > SID[577]: S-1-22-2-10175 > SID[578]: S-1-22-2-10176 > SID[579]: S-1-22-2-10177 > SID[580]: S-1-22-2-10178 > SID[581]: S-1-22-2-10179 > SID[582]: S-1-22-2-10180 > SID[583]: S-1-22-2-10181 > SID[584]: S-1-22-2-10182 > SID[585]: S-1-22-2-10183 > SID[586]: S-1-22-2-10184 > SID[587]: S-1-22-2-10185 > SID[588]: S-1-22-2-10186 > SID[589]: S-1-22-2-10187 > SID[590]: S-1-22-2-10188 > SID[591]: S-1-22-2-10189 > SID[592]: S-1-22-2-10190 > SID[593]: S-1-22-2-10191 > SID[594]: S-1-22-2-10192 > SID[595]: S-1-22-2-10193 > SID[596]: S-1-22-2-10194 > SID[597]: S-1-22-2-10195 > SID[598]: S-1-22-2-10196 > SID[599]: S-1-22-2-10197 > SID[600]: S-1-22-2-10198 > SID[601]: S-1-22-2-10199 > SID[602]: S-1-22-2-10200 > SID[603]: S-1-22-2-10201 > SID[604]: S-1-22-2-10202 > SID[605]: S-1-22-2-10203 > SID[606]: S-1-22-2-10204 > SID[607]: S-1-22-2-10205 > SID[608]: S-1-22-2-10206 > SID[609]: S-1-22-2-10207 > SID[610]: S-1-22-2-10208 > SID[611]: S-1-22-2-10209 > SID[612]: S-1-22-2-10210 > SID[613]: S-1-22-2-10211 > SID[614]: S-1-22-2-10212 > SID[615]: S-1-22-2-10213 > SID[616]: S-1-22-2-10214 > SID[617]: S-1-22-2-10215 > SID[618]: S-1-22-2-10216 > SID[619]: S-1-22-2-10217 > SID[620]: S-1-22-2-10218 > SID[621]: S-1-22-2-10219 > SID[622]: S-1-22-2-10220 > SID[623]: S-1-22-2-10221 > SID[624]: S-1-22-2-10222 > SID[625]: S-1-22-2-10223 > SID[626]: S-1-22-2-10224 > SID[627]: S-1-22-2-10225 > SID[628]: S-1-22-2-10226 > SID[629]: S-1-22-2-10227 > SID[630]: S-1-22-2-10228 > SID[631]: S-1-22-2-10229 > SID[632]: S-1-22-2-10230 > SID[633]: S-1-22-2-10231 > SID[634]: S-1-22-2-10232 > SID[635]: S-1-22-2-10233 > SID[636]: S-1-22-2-10234 > SID[637]: S-1-22-2-10235 > SID[638]: S-1-22-2-10236 > SID[639]: S-1-22-2-10237 > SID[640]: S-1-22-2-10238 > SID[641]: S-1-22-2-10239 > SID[642]: S-1-22-2-10240 > SID[643]: S-1-22-2-10241 > SID[644]: S-1-22-2-10242 > SID[645]: S-1-22-2-10243 > SID[646]: S-1-22-2-10244 > SID[647]: S-1-22-2-10245 > SID[648]: S-1-22-2-10246 > SID[649]: S-1-22-2-10247 > SID[650]: S-1-22-2-10248 > SID[651]: S-1-22-2-10249 > SID[652]: S-1-22-2-10250 > SID[653]: S-1-22-2-10251 > SID[654]: S-1-22-2-10252 > SID[655]: S-1-22-2-10253 > SID[656]: S-1-22-2-10254 > SID[657]: S-1-22-2-10255 > SID[658]: S-1-22-2-10256 > SID[659]: S-1-22-2-10257 > SID[660]: S-1-22-2-10258 > SID[661]: S-1-22-2-10259 > SID[662]: S-1-22-2-10260 > SID[663]: S-1-22-2-10261 > SID[664]: S-1-22-2-10262 > SID[665]: S-1-22-2-10263 > SID[666]: S-1-22-2-10264 > SID[667]: S-1-22-2-10265 > SID[668]: S-1-22-2-10266 > SID[669]: S-1-22-2-10267 > SID[670]: S-1-22-2-10268 > SID[671]: S-1-22-2-10269 > SID[672]: S-1-22-2-10270 > SID[673]: S-1-22-2-10271 > SID[674]: S-1-22-2-10272 > SID[675]: S-1-22-2-10273 > SID[676]: S-1-22-2-10274 > SID[677]: S-1-22-2-10275 > SID[678]: S-1-22-2-10276 > SID[679]: S-1-22-2-10277 > SID[680]: S-1-22-2-10278 > SID[681]: S-1-22-2-10279 > SID[682]: S-1-22-2-10280 > SID[683]: S-1-22-2-10281 > SID[684]: S-1-22-2-10282 > SID[685]: S-1-22-2-10283 > SID[686]: S-1-22-2-10284 > SID[687]: S-1-22-2-10285 > SID[688]: S-1-22-2-10286 > SID[689]: S-1-22-2-10287 > SID[690]: S-1-22-2-10288 > SID[691]: S-1-22-2-10289 > SID[692]: S-1-22-2-10290 > SID[693]: S-1-22-2-10291 > SID[694]: S-1-22-2-10292 > SID[695]: S-1-22-2-10293 > SID[696]: S-1-22-2-10294 > SID[697]: S-1-22-2-10295 > SID[698]: S-1-22-2-10296 > SID[699]: S-1-22-2-10297 > SID[700]: S-1-22-2-10298 > SID[701]: S-1-22-2-10299 > SID[702]: S-1-22-2-10300 > SID[703]: S-1-22-2-10301 > SID[704]: S-1-22-2-10302 > SID[705]: S-1-22-2-10303 > SID[706]: S-1-22-2-10304 > SID[707]: S-1-22-2-10305 > SID[708]: S-1-22-2-10306 > SID[709]: S-1-22-2-10307 > SID[710]: S-1-22-2-10308 > SID[711]: S-1-22-2-10309 > SID[712]: S-1-22-2-10310 > SID[713]: S-1-22-2-10311 > SID[714]: S-1-22-2-10312 > SID[715]: S-1-22-2-10313 > SID[716]: S-1-22-2-10314 > SID[717]: S-1-22-2-10315 > SID[718]: S-1-22-2-10316 > SID[719]: S-1-22-2-10317 > SID[720]: S-1-22-2-10318 > SID[721]: S-1-22-2-10319 > SID[722]: S-1-22-2-10320 > SID[723]: S-1-22-2-10321 > SID[724]: S-1-22-2-10322 > SID[725]: S-1-22-2-10323 > SID[726]: S-1-22-2-10324 > SID[727]: S-1-22-2-10325 > SID[728]: S-1-22-2-10326 > SID[729]: S-1-22-2-10327 > SID[730]: S-1-22-2-10328 > SID[731]: S-1-22-2-10329 > SID[732]: S-1-22-2-10330 > SID[733]: S-1-22-2-10331 > SID[734]: S-1-22-2-10332 > SID[735]: S-1-22-2-10333 > SID[736]: S-1-22-2-10334 > SID[737]: S-1-22-2-10335 > SID[738]: S-1-22-2-10336 > SID[739]: S-1-22-2-10337 > SID[740]: S-1-22-2-10338 > SID[741]: S-1-22-2-10339 > SID[742]: S-1-22-2-10340 > SID[743]: S-1-22-2-10341 > SID[744]: S-1-22-2-10342 > SID[745]: S-1-22-2-10343 > SID[746]: S-1-22-2-10344 > SID[747]: S-1-22-2-10345 > SID[748]: S-1-22-2-10346 > SID[749]: S-1-22-2-10347 > SID[750]: S-1-22-2-10348 > SID[751]: S-1-22-2-10349 > SID[752]: S-1-22-2-10350 > SID[753]: S-1-22-2-10351 > SID[754]: S-1-22-2-10352 > SID[755]: S-1-22-2-10353 > SID[756]: S-1-22-2-10354 > SID[757]: S-1-22-2-10355 > SID[758]: S-1-22-2-10356 > SID[759]: S-1-22-2-10357 > SID[760]: S-1-22-2-10358 > SID[761]: S-1-22-2-10359 > SID[762]: S-1-22-2-10360 > SID[763]: S-1-22-2-10361 > SID[764]: S-1-22-2-10362 > SID[765]: S-1-22-2-10363 > SID[766]: S-1-22-2-10364 > SID[767]: S-1-22-2-10365 > SID[768]: S-1-22-2-10366 > SID[769]: S-1-22-2-10367 > SID[770]: S-1-22-2-10368 > SID[771]: S-1-22-2-10369 > SID[772]: S-1-22-2-10370 > SID[773]: S-1-22-2-10371 > SID[774]: S-1-22-2-10372 > SID[775]: S-1-22-2-10373 > SID[776]: S-1-22-2-10374 > SID[777]: S-1-22-2-10375 > SID[778]: S-1-22-2-10376 > SID[779]: S-1-22-2-10377 > SID[780]: S-1-22-2-10378 > SID[781]: S-1-22-2-10379 > SID[782]: S-1-22-2-10380 > SID[783]: S-1-22-2-10381 > SID[784]: S-1-22-2-10382 > SID[785]: S-1-22-2-10383 > SID[786]: S-1-22-2-10384 > SID[787]: S-1-22-2-10385 > SID[788]: S-1-22-2-10386 > SID[789]: S-1-22-2-10387 > SID[790]: S-1-22-2-10388 > SID[791]: S-1-22-2-10389 > SID[792]: S-1-22-2-10390 > SID[793]: S-1-22-2-10391 > SID[794]: S-1-22-2-10392 > SID[795]: S-1-22-2-10393 > SID[796]: S-1-22-2-10394 > SID[797]: S-1-22-2-10395 > SID[798]: S-1-22-2-10396 > SID[799]: S-1-22-2-10397 > SID[800]: S-1-22-2-10398 > SID[801]: S-1-22-2-10399 > SID[802]: S-1-22-2-10400 > SID[803]: S-1-22-2-10401 > SID[804]: S-1-22-2-10402 > SID[805]: S-1-22-2-10403 > SID[806]: S-1-22-2-10404 > SID[807]: S-1-22-2-10002 > SID[808]: S-1-22-2-10003 > SID[809]: S-1-22-2-10004 > SID[810]: S-1-22-2-10001 > Privileges (0x 20): > Privilege[ 0]: SePrintOperatorPrivilege > Rights (0x 0): >[2012/11/09 16:29:11.168593, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 10000 > Primary group is 10006 and contains 404 supplementary groups > Group[ 0]: 10006 > Group[ 1]: 10007 > Group[ 2]: 10008 > Group[ 3]: 10009 > Group[ 4]: 10010 > Group[ 5]: 10011 > Group[ 6]: 10012 > Group[ 7]: 10013 > Group[ 8]: 10014 > Group[ 9]: 10015 > Group[ 10]: 10016 > Group[ 11]: 10017 > Group[ 12]: 10018 > Group[ 13]: 10019 > Group[ 14]: 10020 > Group[ 15]: 10021 > Group[ 16]: 10022 > Group[ 17]: 10023 > Group[ 18]: 10024 > Group[ 19]: 10025 > Group[ 20]: 10026 > Group[ 21]: 10027 > Group[ 22]: 10028 > Group[ 23]: 10029 > Group[ 24]: 10030 > Group[ 25]: 10031 > Group[ 26]: 10032 > Group[ 27]: 10033 > Group[ 28]: 10034 > Group[ 29]: 10035 > Group[ 30]: 10036 > Group[ 31]: 10037 > Group[ 32]: 10038 > Group[ 33]: 10039 > Group[ 34]: 10040 > Group[ 35]: 10041 > Group[ 36]: 10042 > Group[ 37]: 10043 > Group[ 38]: 10044 > Group[ 39]: 10045 > Group[ 40]: 10046 > Group[ 41]: 10047 > Group[ 42]: 10048 > Group[ 43]: 10049 > Group[ 44]: 10050 > Group[ 45]: 10051 > Group[ 46]: 10052 > Group[ 47]: 10053 > Group[ 48]: 10054 > Group[ 49]: 10055 > Group[ 50]: 10056 > Group[ 51]: 10057 > Group[ 52]: 10058 > Group[ 53]: 10059 > Group[ 54]: 10060 > Group[ 55]: 10061 > Group[ 56]: 10062 > Group[ 57]: 10063 > Group[ 58]: 10064 > Group[ 59]: 10065 > Group[ 60]: 10066 > Group[ 61]: 10067 > Group[ 62]: 10068 > Group[ 63]: 10069 > Group[ 64]: 10070 > Group[ 65]: 10071 > Group[ 66]: 10072 > Group[ 67]: 10073 > Group[ 68]: 10074 > Group[ 69]: 10075 > Group[ 70]: 10076 > Group[ 71]: 10077 > Group[ 72]: 10078 > Group[ 73]: 10079 > Group[ 74]: 10080 > Group[ 75]: 10081 > Group[ 76]: 10082 > Group[ 77]: 10083 > Group[ 78]: 10084 > Group[ 79]: 10085 > Group[ 80]: 10086 > Group[ 81]: 10087 > Group[ 82]: 10088 > Group[ 83]: 10089 > Group[ 84]: 10090 > Group[ 85]: 10091 > Group[ 86]: 10092 > Group[ 87]: 10093 > Group[ 88]: 10094 > Group[ 89]: 10095 > Group[ 90]: 10096 > Group[ 91]: 10097 > Group[ 92]: 10098 > Group[ 93]: 10099 > Group[ 94]: 10100 > Group[ 95]: 10101 > Group[ 96]: 10102 > Group[ 97]: 10103 > Group[ 98]: 10104 > Group[ 99]: 10105 > Group[100]: 10106 > Group[101]: 10107 > Group[102]: 10108 > Group[103]: 10109 > Group[104]: 10110 > Group[105]: 10111 > Group[106]: 10112 > Group[107]: 10113 > Group[108]: 10114 > Group[109]: 10115 > Group[110]: 10116 > Group[111]: 10117 > Group[112]: 10118 > Group[113]: 10119 > Group[114]: 10120 > Group[115]: 10121 > Group[116]: 10122 > Group[117]: 10123 > Group[118]: 10124 > Group[119]: 10125 > Group[120]: 10126 > Group[121]: 10127 > Group[122]: 10128 > Group[123]: 10129 > Group[124]: 10130 > Group[125]: 10131 > Group[126]: 10132 > Group[127]: 10133 > Group[128]: 10134 > Group[129]: 10135 > Group[130]: 10136 > Group[131]: 10137 > Group[132]: 10138 > Group[133]: 10139 > Group[134]: 10140 > Group[135]: 10141 > Group[136]: 10142 > Group[137]: 10143 > Group[138]: 10144 > Group[139]: 10145 > Group[140]: 10146 > Group[141]: 10147 > Group[142]: 10148 > Group[143]: 10149 > Group[144]: 10150 > Group[145]: 10471 > Group[146]: 10151 > Group[147]: 10152 > Group[148]: 10153 > Group[149]: 10154 > Group[150]: 10155 > Group[151]: 10156 > Group[152]: 10157 > Group[153]: 10158 > Group[154]: 10159 > Group[155]: 10160 > Group[156]: 10161 > Group[157]: 10162 > Group[158]: 10163 > Group[159]: 10164 > Group[160]: 10165 > Group[161]: 10166 > Group[162]: 10167 > Group[163]: 10168 > Group[164]: 10169 > Group[165]: 10170 > Group[166]: 10171 > Group[167]: 10172 > Group[168]: 10173 > Group[169]: 10174 > Group[170]: 10175 > Group[171]: 10176 > Group[172]: 10177 > Group[173]: 10178 > Group[174]: 10179 > Group[175]: 10180 > Group[176]: 10181 > Group[177]: 10182 > Group[178]: 10183 > Group[179]: 10184 > Group[180]: 10185 > Group[181]: 10186 > Group[182]: 10187 > Group[183]: 10188 > Group[184]: 10189 > Group[185]: 10190 > Group[186]: 10191 > Group[187]: 10192 > Group[188]: 10193 > Group[189]: 10194 > Group[190]: 10195 > Group[191]: 10196 > Group[192]: 10197 > Group[193]: 10198 > Group[194]: 10199 > Group[195]: 10200 > Group[196]: 10201 > Group[197]: 10202 > Group[198]: 10203 > Group[199]: 10204 > Group[200]: 10205 > Group[201]: 10206 > Group[202]: 10207 > Group[203]: 10208 > Group[204]: 10209 > Group[205]: 10210 > Group[206]: 10211 > Group[207]: 10212 > Group[208]: 10213 > Group[209]: 10214 > Group[210]: 10215 > Group[211]: 10216 > Group[212]: 10217 > Group[213]: 10218 > Group[214]: 10219 > Group[215]: 10220 > Group[216]: 10221 > Group[217]: 10222 > Group[218]: 10223 > Group[219]: 10224 > Group[220]: 10225 > Group[221]: 10226 > Group[222]: 10227 > Group[223]: 10228 > Group[224]: 10229 > Group[225]: 10230 > Group[226]: 10231 > Group[227]: 10232 > Group[228]: 10233 > Group[229]: 10234 > Group[230]: 10235 > Group[231]: 10236 > Group[232]: 10237 > Group[233]: 10238 > Group[234]: 10239 > Group[235]: 10240 > Group[236]: 10241 > Group[237]: 10242 > Group[238]: 10243 > Group[239]: 10244 > Group[240]: 10245 > Group[241]: 10246 > Group[242]: 10247 > Group[243]: 10248 > Group[244]: 10249 > Group[245]: 10250 > Group[246]: 10251 > Group[247]: 10252 > Group[248]: 10253 > Group[249]: 10254 > Group[250]: 10255 > Group[251]: 10256 > Group[252]: 10257 > Group[253]: 10258 > Group[254]: 10259 > Group[255]: 10260 > Group[256]: 10261 > Group[257]: 10262 > Group[258]: 10263 > Group[259]: 10264 > Group[260]: 10265 > Group[261]: 10266 > Group[262]: 10267 > Group[263]: 10268 > Group[264]: 10269 > Group[265]: 10270 > Group[266]: 10271 > Group[267]: 10272 > Group[268]: 10273 > Group[269]: 10274 > Group[270]: 10275 > Group[271]: 10276 > Group[272]: 10277 > Group[273]: 10278 > Group[274]: 10279 > Group[275]: 10280 > Group[276]: 10281 > Group[277]: 10282 > Group[278]: 10283 > Group[279]: 10284 > Group[280]: 10285 > Group[281]: 10286 > Group[282]: 10287 > Group[283]: 10288 > Group[284]: 10289 > Group[285]: 10290 > Group[286]: 10291 > Group[287]: 10292 > Group[288]: 10293 > Group[289]: 10294 > Group[290]: 10295 > Group[291]: 10296 > Group[292]: 10297 > Group[293]: 10298 > Group[294]: 10299 > Group[295]: 10300 > Group[296]: 10301 > Group[297]: 10302 > Group[298]: 10303 > Group[299]: 10304 > Group[300]: 10305 > Group[301]: 10306 > Group[302]: 10307 > Group[303]: 10308 > Group[304]: 10309 > Group[305]: 10310 > Group[306]: 10311 > Group[307]: 10312 > Group[308]: 10313 > Group[309]: 10314 > Group[310]: 10315 > Group[311]: 10316 > Group[312]: 10317 > Group[313]: 10318 > Group[314]: 10319 > Group[315]: 10320 > Group[316]: 10321 > Group[317]: 10322 > Group[318]: 10323 > Group[319]: 10324 > Group[320]: 10325 > Group[321]: 10326 > Group[322]: 10327 > Group[323]: 10328 > Group[324]: 10329 > Group[325]: 10330 > Group[326]: 10331 > Group[327]: 10332 > Group[328]: 10333 > Group[329]: 10334 > Group[330]: 10335 > Group[331]: 10336 > Group[332]: 10337 > Group[333]: 10338 > Group[334]: 10339 > Group[335]: 10340 > Group[336]: 10341 > Group[337]: 10342 > Group[338]: 10343 > Group[339]: 10344 > Group[340]: 10345 > Group[341]: 10346 > Group[342]: 10347 > Group[343]: 10348 > Group[344]: 10349 > Group[345]: 10350 > Group[346]: 10351 > Group[347]: 10352 > Group[348]: 10353 > Group[349]: 10354 > Group[350]: 10355 > Group[351]: 10356 > Group[352]: 10357 > Group[353]: 10358 > Group[354]: 10359 > Group[355]: 10360 > Group[356]: 10361 > Group[357]: 10362 > Group[358]: 10363 > Group[359]: 10364 > Group[360]: 10365 > Group[361]: 10366 > Group[362]: 10367 > Group[363]: 10368 > Group[364]: 10369 > Group[365]: 10370 > Group[366]: 10371 > Group[367]: 10372 > Group[368]: 10373 > Group[369]: 10374 > Group[370]: 10375 > Group[371]: 10376 > Group[372]: 10377 > Group[373]: 10378 > Group[374]: 10379 > Group[375]: 10380 > Group[376]: 10381 > Group[377]: 10382 > Group[378]: 10383 > Group[379]: 10384 > Group[380]: 10385 > Group[381]: 10386 > Group[382]: 10387 > Group[383]: 10388 > Group[384]: 10389 > Group[385]: 10390 > Group[386]: 10391 > Group[387]: 10392 > Group[388]: 10393 > Group[389]: 10394 > Group[390]: 10395 > Group[391]: 10396 > Group[392]: 10397 > Group[393]: 10398 > Group[394]: 10399 > Group[395]: 10400 > Group[396]: 10401 > Group[397]: 10402 > Group[398]: 10403 > Group[399]: 10404 > Group[400]: 10002 > Group[401]: 10003 > Group[402]: 10004 > Group[403]: 10001 >[2012/11/09 16:29:11.171382, 5] smbd/uid.c:317(change_to_user_internal) > Impersonated user: uid=(0,10000), gid=(0,10006) >[2012/11/09 16:29:11.171415, 4] smbd/vfs.c:780(vfs_ChDir) > vfs_ChDir to /var/tmp >[2012/11/09 16:29:11.171454, 4] smbd/nttrans.c:288(nt_open_pipe) > nt_open_pipe: Opening pipe \spoolss. >[2012/11/09 16:29:11.171490, 5] smbd/files.c:140(file_new) > allocated file structure 4114, fnum = 8210 (1 used) >[2012/11/09 16:29:11.171532, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \spoolss >[2012/11/09 16:29:11.171606, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \spoolss (pipes_open=0) >[2012/11/09 16:29:11.171635, 5] smbd/nttrans.c:377(do_ntcreate_pipe_open) > do_ntcreate_pipe_open: open pipe = \spoolss >[2012/11/09 16:29:11.173048, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0xe0 >[2012/11/09 16:29:11.173079, 3] smbd/process.c:1662(process_smb) > Transaction 4 of length 228 (0 toread) >[2012/11/09 16:29:11.173098, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.173109, 5] lib/util.c:342(show_msg) > size=224 > smb_com=0x2f > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=48256 > smt_wct=14 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8210 (0x2012) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]=65535 (0xFFFF) > smb_vwv[ 6]=65535 (0xFFFF) > smb_vwv[ 7]= 8 (0x8) > smb_vwv[ 8]= 160 (0xA0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 160 (0xA0) > smb_vwv[11]= 64 (0x40) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_bcc=161 >[2012/11/09 16:29:11.173297, 3] smbd/process.c:1467(switch_message) > switch message SMBwriteX (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.173317, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.173340, 6] smbd/pipes.c:300(reply_pipe_write_and_X) > reply_pipe_write_and_X: 2012 name: spoolss len: 160 >[2012/11/09 16:29:11.173373, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 160 >[2012/11/09 16:29:11.173409, 3] rpc_server/srv_pipe.c:889(api_pipe_bind_req) > api_pipe_bind_req: \PIPE\spoolss -> \PIPE\spoolss >[2012/11/09 16:29:11.173436, 5] rpc_server/srv_pipe.c:923(api_pipe_bind_req) > api_pipe_bind_req: make response. 923 >[2012/11/09 16:29:11.173456, 3] rpc_server/srv_pipe.c:339(check_bind_req) > check_bind_req for \spoolss >[2012/11/09 16:29:11.173476, 3] rpc_server/srv_pipe.c:346(check_bind_req) > check_bind_req: \PIPE\spoolss -> \PIPE\spoolss >[2012/11/09 16:29:11.173508, 3] smbd/pipes.c:361(pipe_write_andx_done) > writeX-IPC nwritten=160 >[2012/11/09 16:29:11.174630, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:11.174661, 3] smbd/process.c:1662(process_smb) > Transaction 5 of length 63 (0 toread) >[2012/11/09 16:29:11.174680, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.174691, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=48320 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8210 (0x2012) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 1024 (0x400) > smb_vwv[ 6]= 1024 (0x400) > smb_vwv[ 7]=65535 (0xFFFF) > smb_vwv[ 8]=65535 (0xFFFF) > smb_vwv[ 9]= 1024 (0x400) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:11.174866, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.174886, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.174908, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 1024 >[2012/11/09 16:29:11.174928, 3] rpc_server/srv_pipe_hnd.c:121(free_pipe_context) > free_pipe_context: destroying talloc pool of size 29 >[2012/11/09 16:29:11.174956, 3] smbd/pipes.c:485(pipe_read_andx_done) > readX-IPC min=1024 max=1024 nread=68 >[2012/11/09 16:29:11.176062, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x124 >[2012/11/09 16:29:11.176100, 3] smbd/process.c:1662(process_smb) > Transaction 6 of length 296 (0 toread) >[2012/11/09 16:29:11.176119, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.176129, 5] lib/util.c:342(show_msg) > size=292 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=48384 > smt_wct=16 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 208 (0xD0) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 1024 (0x400) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 84 (0x54) > smb_vwv[11]= 208 (0xD0) > smb_vwv[12]= 84 (0x54) > smb_vwv[13]= 2 (0x2) > smb_vwv[14]= 38 (0x26) > smb_vwv[15]= 8210 (0x2012) > smb_bcc=225 >[2012/11/09 16:29:11.176349, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.176371, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.176395, 3] smbd/ipc.c:560(handle_trans) > trans <\PIPE\> data=208 params=0 setup=2 >[2012/11/09 16:29:11.176417, 5] smbd/ipc.c:593(handle_trans) > calling named_pipe >[2012/11/09 16:29:11.176435, 3] smbd/ipc.c:511(named_pipe) > named pipe command on <> name >[2012/11/09 16:29:11.176472, 5] smbd/ipc.c:434(api_fd_reply) > api_fd_reply >[2012/11/09 16:29:11.176496, 3] smbd/ipc.c:475(api_fd_reply) > Got API command 0x26 on pipe "spoolss" (pnum 2012) >[2012/11/09 16:29:11.176516, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 208 >[2012/11/09 16:29:11.176543, 5] rpc_server/srv_pipe.c:1571(api_pipe_request) > Requested \PIPE\\spoolss >[2012/11/09 16:29:11.176566, 4] rpc_server/srv_pipe.c:1611(api_rpcTNP) > api_rpcTNP: \spoolss op 0x45 - api_rpcTNP: rpc command: SPOOLSS_OPENPRINTEREX >[2012/11/09 16:29:11.176598, 6] rpc_server/srv_pipe.c:1645(api_rpcTNP) > api_rpc_cmds[69].fn == 0x7fa2ea3def70 > checking name: \\yyyu0031\yyyp0708 >[2012/11/09 16:29:11.176644, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[1] [0000] 00 00 00 00 1E 00 00 00 00 00 00 00 9D 50 47 21 ........ .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.176691, 3] rpc_server/spoolss/srv_spoolss_nt.c:521(set_printer_hnd_printertype) > Setting printer type=\\yyyu0031\yyyp0708 > Printer is a printer >[2012/11/09 16:29:11.176720, 4] rpc_server/spoolss/srv_spoolss_nt.c:581(set_printer_hnd_name) > Setting printer name=\\yyyu0031\yyyp0708 (len=19) > searching for [yyyp0708] >[2012/11/09 16:29:11.176792, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \winreg >[2012/11/09 16:29:11.176823, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \winreg (pipes_open=0) >[2012/11/09 16:29:11.176867, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.176893, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(10000, 10006) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.176935, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(101) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.176959, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.176978, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.176996, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.177075, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.177132, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[1] [0000] 00 00 00 00 1F 00 00 00 00 00 00 00 9D 50 47 21 ........ .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.177194, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 1F 00 00 00 00 00 00 00 9D 50 47 21 ........ .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.177238, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.177283, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.177323, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.177365, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.177406, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.177442, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.177491, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [_pdf] >[2012/11/09 16:29:11.177540, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 20 00 00 00 00 00 00 00 9D 50 47 21 .... ... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.177599, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 20 00 00 00 00 00 00 00 9D 50 47 21 .... ... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.177687, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 20 00 00 00 00 00 00 00 9D 50 47 21 .... ... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.177734, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\_pdf] >[2012/11/09 16:29:11.177780, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 20 00 00 00 00 00 00 00 9D 50 47 21 .... ... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.177823, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\_pdf] >[2012/11/09 16:29:11.177854, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 20 00 00 00 00 00 00 00 9D 50 47 21 .... ... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.177896, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\_pdf] >[2012/11/09 16:29:11.177927, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 20 00 00 00 00 00 00 00 9D 50 47 21 .... ... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.177968, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\_pdf] >[2012/11/09 16:29:11.177999, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 20 00 00 00 00 00 00 00 9D 50 47 21 .... ... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.178040, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\_pdf] >[2012/11/09 16:29:11.178070, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 20 00 00 00 00 00 00 00 9D 50 47 21 .... ... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.178112, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\_pdf] >[2012/11/09 16:29:11.178142, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 20 00 00 00 00 00 00 00 9D 50 47 21 .... ... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.178183, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\_pdf] >[2012/11/09 16:29:11.178214, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 20 00 00 00 00 00 00 00 9D 50 47 21 .... ... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.178255, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\_pdf] >[2012/11/09 16:29:11.178285, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 20 00 00 00 00 00 00 00 9D 50 47 21 .... ... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.178326, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\_pdf] >[2012/11/09 16:29:11.178357, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 20 00 00 00 00 00 00 00 9D 50 47 21 .... ... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.178406, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\_pdf] >[2012/11/09 16:29:11.178440, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 20 00 00 00 00 00 00 00 9D 50 47 21 .... ... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.178482, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\_pdf] >[2012/11/09 16:29:11.178514, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 20 00 00 00 00 00 00 00 9D 50 47 21 .... ... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.178555, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\_pdf] >[2012/11/09 16:29:11.178586, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 20 00 00 00 00 00 00 00 9D 50 47 21 .... ... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.178637, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\_pdf] >[2012/11/09 16:29:11.178691, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 20 00 00 00 00 00 00 00 9D 50 47 21 .... ... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.178737, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\_pdf] >[2012/11/09 16:29:11.178756, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.178791, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.178831, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[3] [0000] 00 00 00 00 21 00 00 00 00 00 00 00 9D 50 47 21 ....!... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.178883, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 21 00 00 00 00 00 00 00 9D 50 47 21 ....!... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.178926, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.178964, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.179004, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.179042, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.179080, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.179116, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.179160, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [_pdf] >[2012/11/09 16:29:11.179208, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[4] [0000] 00 00 00 00 22 00 00 00 00 00 00 00 9D 50 47 21 ...."... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.179264, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 22 00 00 00 00 00 00 00 9D 50 47 21 ...."... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.179318, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\_pdf] >[2012/11/09 16:29:11.179338, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.179384, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 22 00 00 00 00 00 00 00 9D 50 47 21 ...."... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.179429, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\_pdf] >[2012/11/09 16:29:11.179449, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.179484, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 22 00 00 00 00 00 00 00 9D 50 47 21 ...."... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.179527, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 22 00 00 00 00 00 00 00 9D 50 47 21 ...."... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.179564, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.179592, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 21 00 00 00 00 00 00 00 9D 50 47 21 ....!... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.179633, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 21 00 00 00 00 00 00 00 9D 50 47 21 ....!... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.179670, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.179697, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 20 00 00 00 00 00 00 00 9D 50 47 21 .... ... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.179737, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 20 00 00 00 00 00 00 00 9D 50 47 21 .... ... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.179775, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.179802, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 1F 00 00 00 00 00 00 00 9D 50 47 21 ........ .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.179843, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 1F 00 00 00 00 00 00 00 9D 50 47 21 ........ .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.179880, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.179913, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \winreg >[2012/11/09 16:29:11.179941, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \winreg (pipes_open=0) >[2012/11/09 16:29:11.179971, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.179993, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(10000, 10006) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.180019, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(101) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.180042, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.180074, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.180093, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.180171, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.180216, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[1] [0000] 00 00 00 00 23 00 00 00 00 00 00 00 9D 50 47 21 ....#... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.180296, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 23 00 00 00 00 00 00 00 9D 50 47 21 ....#... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.180345, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.180388, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.180428, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.180486, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.180529, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.180565, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.180611, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [lpt1] >[2012/11/09 16:29:11.180663, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 24 00 00 00 00 00 00 00 9D 50 47 21 ....$... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.180719, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 24 00 00 00 00 00 00 00 9D 50 47 21 ....$... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.180797, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 24 00 00 00 00 00 00 00 9D 50 47 21 ....$... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.180842, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\lpt1] >[2012/11/09 16:29:11.180874, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 24 00 00 00 00 00 00 00 9D 50 47 21 ....$... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.180916, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\lpt1] >[2012/11/09 16:29:11.180947, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 24 00 00 00 00 00 00 00 9D 50 47 21 ....$... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.180989, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\lpt1] >[2012/11/09 16:29:11.181020, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 24 00 00 00 00 00 00 00 9D 50 47 21 ....$... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.181061, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\lpt1] >[2012/11/09 16:29:11.181107, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 24 00 00 00 00 00 00 00 9D 50 47 21 ....$... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.181151, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\lpt1] >[2012/11/09 16:29:11.181182, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 24 00 00 00 00 00 00 00 9D 50 47 21 ....$... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.181224, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\lpt1] >[2012/11/09 16:29:11.181254, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 24 00 00 00 00 00 00 00 9D 50 47 21 ....$... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.181295, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\lpt1] >[2012/11/09 16:29:11.181326, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 24 00 00 00 00 00 00 00 9D 50 47 21 ....$... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.181368, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\lpt1] >[2012/11/09 16:29:11.181398, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 24 00 00 00 00 00 00 00 9D 50 47 21 ....$... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.181440, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\lpt1] >[2012/11/09 16:29:11.181471, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 24 00 00 00 00 00 00 00 9D 50 47 21 ....$... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.181512, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\lpt1] >[2012/11/09 16:29:11.181543, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 24 00 00 00 00 00 00 00 9D 50 47 21 ....$... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.181584, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\lpt1] >[2012/11/09 16:29:11.181615, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 24 00 00 00 00 00 00 00 9D 50 47 21 ....$... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.181656, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\lpt1] >[2012/11/09 16:29:11.181686, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 24 00 00 00 00 00 00 00 9D 50 47 21 ....$... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.181741, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\lpt1] >[2012/11/09 16:29:11.181786, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 24 00 00 00 00 00 00 00 9D 50 47 21 ....$... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.181831, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\lpt1] >[2012/11/09 16:29:11.181850, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.181881, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.181921, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[3] [0000] 00 00 00 00 25 00 00 00 00 00 00 00 9D 50 47 21 ....%... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.181974, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 25 00 00 00 00 00 00 00 9D 50 47 21 ....%... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.182017, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.182055, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.182094, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.182132, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.182169, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.182205, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.182248, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [lpt1] >[2012/11/09 16:29:11.182307, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[4] [0000] 00 00 00 00 26 00 00 00 00 00 00 00 9D 50 47 21 ....&... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.182367, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 26 00 00 00 00 00 00 00 9D 50 47 21 ....&... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.182411, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\lpt1] >[2012/11/09 16:29:11.182430, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.182479, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 26 00 00 00 00 00 00 00 9D 50 47 21 ....&... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.182532, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\lpt1] >[2012/11/09 16:29:11.182553, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.182586, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 26 00 00 00 00 00 00 00 9D 50 47 21 ....&... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.182637, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 26 00 00 00 00 00 00 00 9D 50 47 21 ....&... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.182690, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.182741, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 25 00 00 00 00 00 00 00 9D 50 47 21 ....%... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.182789, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 25 00 00 00 00 00 00 00 9D 50 47 21 ....%... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.182827, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.182855, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 24 00 00 00 00 00 00 00 9D 50 47 21 ....$... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.182896, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 24 00 00 00 00 00 00 00 9D 50 47 21 ....$... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.182936, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.182975, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 23 00 00 00 00 00 00 00 9D 50 47 21 ....#... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.183019, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 23 00 00 00 00 00 00 00 9D 50 47 21 ....#... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.183056, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.183089, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \winreg >[2012/11/09 16:29:11.183117, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \winreg (pipes_open=0) >[2012/11/09 16:29:11.183160, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.183185, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(10000, 10006) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.183211, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(101) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.183234, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.183252, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.183270, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.183336, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.183386, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[1] [0000] 00 00 00 00 27 00 00 00 00 00 00 00 9D 50 47 21 ....'... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.183449, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 27 00 00 00 00 00 00 00 9D 50 47 21 ....'... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.183494, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.183536, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.183576, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.183617, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.183677, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.183715, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.183760, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0705] >[2012/11/09 16:29:11.183809, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.183878, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.183964, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.184018, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0705] >[2012/11/09 16:29:11.184059, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.184102, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0705] >[2012/11/09 16:29:11.184134, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.184176, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0705] >[2012/11/09 16:29:11.184223, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.184293, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0705] >[2012/11/09 16:29:11.184330, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.184373, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0705] >[2012/11/09 16:29:11.184418, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.184487, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0705] >[2012/11/09 16:29:11.184524, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.184572, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0705] >[2012/11/09 16:29:11.184625, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.184670, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0705] >[2012/11/09 16:29:11.184701, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.184745, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0705] >[2012/11/09 16:29:11.184790, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.184833, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0705] >[2012/11/09 16:29:11.184865, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.184907, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0705] >[2012/11/09 16:29:11.184950, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.184997, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0705] >[2012/11/09 16:29:11.185030, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.185071, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0705] >[2012/11/09 16:29:11.185110, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.185158, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0705] >[2012/11/09 16:29:11.185190, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.185232, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0705] >[2012/11/09 16:29:11.185264, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.185325, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0705] >[2012/11/09 16:29:11.185362, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.185405, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0705] >[2012/11/09 16:29:11.185439, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.185497, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0705] >[2012/11/09 16:29:11.185534, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.185577, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0705] >[2012/11/09 16:29:11.185636, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.185697, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0705] >[2012/11/09 16:29:11.185718, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.185750, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.185793, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0705] >[2012/11/09 16:29:11.185813, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.185858, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.185914, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[3] [0000] 00 00 00 00 29 00 00 00 00 00 00 00 9D 50 47 21 ....)... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.185969, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 29 00 00 00 00 00 00 00 9D 50 47 21 ....)... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.186017, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.186066, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.186107, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.186146, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.186185, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.186243, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.186291, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0705] >[2012/11/09 16:29:11.186340, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[4] [0000] 00 00 00 00 2A 00 00 00 00 00 00 00 9D 50 47 21 ....*... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.186409, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2A 00 00 00 00 00 00 00 9D 50 47 21 ....*... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.186456, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0705] >[2012/11/09 16:29:11.186476, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.186526, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2A 00 00 00 00 00 00 00 9D 50 47 21 ....*... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.186571, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0705] >[2012/11/09 16:29:11.186603, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.186639, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2A 00 00 00 00 00 00 00 9D 50 47 21 ....*... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.186682, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2A 00 00 00 00 00 00 00 9D 50 47 21 ....*... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.186719, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.186748, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 29 00 00 00 00 00 00 00 9D 50 47 21 ....)... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.186799, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 29 00 00 00 00 00 00 00 9D 50 47 21 ....)... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.186838, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.186866, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.186907, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 28 00 00 00 00 00 00 00 9D 50 47 21 ....(... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.186960, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.186992, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 27 00 00 00 00 00 00 00 9D 50 47 21 ....'... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.187033, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 27 00 00 00 00 00 00 00 9D 50 47 21 ....'... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.187071, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.187119, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \winreg >[2012/11/09 16:29:11.187155, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \winreg (pipes_open=0) >[2012/11/09 16:29:11.187187, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.187210, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(10000, 10006) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.187236, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(101) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.187259, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.187277, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.187297, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.187375, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.187420, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[1] [0000] 00 00 00 00 2B 00 00 00 00 00 00 00 9D 50 47 21 ....+... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.187477, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2B 00 00 00 00 00 00 00 9D 50 47 21 ....+... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.187530, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.187573, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.187612, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.187654, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.187703, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.187742, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.187788, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0687ptx] >[2012/11/09 16:29:11.187838, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.187904, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.187988, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.188054, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0687ptx] >[2012/11/09 16:29:11.188092, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.188135, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0687ptx] >[2012/11/09 16:29:11.188167, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.188233, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0687ptx] >[2012/11/09 16:29:11.188285, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.188332, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0687ptx] >[2012/11/09 16:29:11.188364, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.188422, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0687ptx] >[2012/11/09 16:29:11.188476, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.188524, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0687ptx] >[2012/11/09 16:29:11.188557, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.188660, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0687ptx] >[2012/11/09 16:29:11.188698, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.188742, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0687ptx] >[2012/11/09 16:29:11.188784, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.188831, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0687ptx] >[2012/11/09 16:29:11.188863, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.188905, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0687ptx] >[2012/11/09 16:29:11.188937, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.188991, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0687ptx] >[2012/11/09 16:29:11.189036, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.189081, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0687ptx] >[2012/11/09 16:29:11.189112, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.189171, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0687ptx] >[2012/11/09 16:29:11.189206, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.189250, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0687ptx] >[2012/11/09 16:29:11.189281, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.189323, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0687ptx] >[2012/11/09 16:29:11.189368, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.189415, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0687ptx] >[2012/11/09 16:29:11.189446, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.189488, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0687ptx] >[2012/11/09 16:29:11.189523, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.189576, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0687ptx] >[2012/11/09 16:29:11.189612, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.189654, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0687ptx] >[2012/11/09 16:29:11.189703, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.189757, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0687ptx] >[2012/11/09 16:29:11.189788, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.189822, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.189866, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0687ptx] >[2012/11/09 16:29:11.189894, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.189940, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.189983, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[3] [0000] 00 00 00 00 2D 00 00 00 00 00 00 00 9D 50 47 21 ....-... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.190036, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2D 00 00 00 00 00 00 00 9D 50 47 21 ....-... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.190080, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.190118, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.190158, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.190196, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.190242, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.190289, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.190335, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0687ptx] >[2012/11/09 16:29:11.190383, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[4] [0000] 00 00 00 00 2E 00 00 00 00 00 00 00 9D 50 47 21 ........ .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.190440, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2E 00 00 00 00 00 00 00 9D 50 47 21 ........ .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.190483, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0687ptx] >[2012/11/09 16:29:11.190502, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.190552, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2E 00 00 00 00 00 00 00 9D 50 47 21 ........ .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.190600, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0687ptx] >[2012/11/09 16:29:11.190622, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.190655, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2E 00 00 00 00 00 00 00 9D 50 47 21 ........ .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.190707, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2E 00 00 00 00 00 00 00 9D 50 47 21 ........ .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.190758, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.190816, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2D 00 00 00 00 00 00 00 9D 50 47 21 ....-... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.190901, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2D 00 00 00 00 00 00 00 9D 50 47 21 ....-... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.190999, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.191053, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.191100, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2C 00 00 00 00 00 00 00 9D 50 47 21 ....,... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.191138, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.191168, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2B 00 00 00 00 00 00 00 9D 50 47 21 ....+... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.191210, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2B 00 00 00 00 00 00 00 9D 50 47 21 ....+... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.191247, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.191287, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \winreg >[2012/11/09 16:29:11.191317, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \winreg (pipes_open=0) >[2012/11/09 16:29:11.191348, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.191371, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(10000, 10006) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.191399, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(101) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.191422, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.191441, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.191458, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.191532, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.191580, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[1] [0000] 00 00 00 00 2F 00 00 00 00 00 00 00 9D 50 47 21 ..../... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.191643, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2F 00 00 00 00 00 00 00 9D 50 47 21 ..../... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.191687, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.191729, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.191769, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.191822, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.191861, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.191897, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.191943, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0790] >[2012/11/09 16:29:11.191991, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 30 00 00 00 00 00 00 00 9D 50 47 21 ....0... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.192046, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 30 00 00 00 00 00 00 00 9D 50 47 21 ....0... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.192128, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 30 00 00 00 00 00 00 00 9D 50 47 21 ....0... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.192174, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0790] >[2012/11/09 16:29:11.192207, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 30 00 00 00 00 00 00 00 9D 50 47 21 ....0... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.192259, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0790] >[2012/11/09 16:29:11.192295, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 30 00 00 00 00 00 00 00 9D 50 47 21 ....0... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.192338, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0790] >[2012/11/09 16:29:11.192369, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 30 00 00 00 00 00 00 00 9D 50 47 21 ....0... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.192410, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0790] >[2012/11/09 16:29:11.192441, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 30 00 00 00 00 00 00 00 9D 50 47 21 ....0... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.192507, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0790] >[2012/11/09 16:29:11.192542, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 30 00 00 00 00 00 00 00 9D 50 47 21 ....0... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.192584, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0790] >[2012/11/09 16:29:11.192615, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 30 00 00 00 00 00 00 00 9D 50 47 21 ....0... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.192666, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0790] >[2012/11/09 16:29:11.192701, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 30 00 00 00 00 00 00 00 9D 50 47 21 ....0... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.192743, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0790] >[2012/11/09 16:29:11.192775, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 30 00 00 00 00 00 00 00 9D 50 47 21 ....0... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.192817, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0790] >[2012/11/09 16:29:11.192848, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 30 00 00 00 00 00 00 00 9D 50 47 21 ....0... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.192889, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0790] >[2012/11/09 16:29:11.192920, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 30 00 00 00 00 00 00 00 9D 50 47 21 ....0... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.192961, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0790] >[2012/11/09 16:29:11.192993, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 30 00 00 00 00 00 00 00 9D 50 47 21 ....0... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.193035, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0790] >[2012/11/09 16:29:11.193066, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 30 00 00 00 00 00 00 00 9D 50 47 21 ....0... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.193107, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0790] >[2012/11/09 16:29:11.193139, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 30 00 00 00 00 00 00 00 9D 50 47 21 ....0... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.193180, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0790] >[2012/11/09 16:29:11.193211, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 30 00 00 00 00 00 00 00 9D 50 47 21 ....0... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.193253, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0790] >[2012/11/09 16:29:11.193284, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 30 00 00 00 00 00 00 00 9D 50 47 21 ....0... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.193334, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0790] >[2012/11/09 16:29:11.193367, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 30 00 00 00 00 00 00 00 9D 50 47 21 ....0... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.193409, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0790] >[2012/11/09 16:29:11.193440, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 30 00 00 00 00 00 00 00 9D 50 47 21 ....0... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.193481, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0790] >[2012/11/09 16:29:11.193528, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 30 00 00 00 00 00 00 00 9D 50 47 21 ....0... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.193573, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0790] >[2012/11/09 16:29:11.193592, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.193623, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.193664, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[3] [0000] 00 00 00 00 31 00 00 00 00 00 00 00 9D 50 47 21 ....1... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.193717, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 31 00 00 00 00 00 00 00 9D 50 47 21 ....1... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.193760, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.193798, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.193838, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.193876, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.193914, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.193950, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.193994, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0790] >[2012/11/09 16:29:11.194042, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[4] [0000] 00 00 00 00 32 00 00 00 00 00 00 00 9D 50 47 21 ....2... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.194097, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 32 00 00 00 00 00 00 00 9D 50 47 21 ....2... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.194140, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0790] >[2012/11/09 16:29:11.194172, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.194226, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 32 00 00 00 00 00 00 00 9D 50 47 21 ....2... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.194271, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0790] >[2012/11/09 16:29:11.194290, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.194322, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 32 00 00 00 00 00 00 00 9D 50 47 21 ....2... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.194364, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 32 00 00 00 00 00 00 00 9D 50 47 21 ....2... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.194402, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.194430, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 31 00 00 00 00 00 00 00 9D 50 47 21 ....1... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.194472, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 31 00 00 00 00 00 00 00 9D 50 47 21 ....1... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.194509, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.194536, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 30 00 00 00 00 00 00 00 9D 50 47 21 ....0... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.194576, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 30 00 00 00 00 00 00 00 9D 50 47 21 ....0... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.194621, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.194650, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2F 00 00 00 00 00 00 00 9D 50 47 21 ..../... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.194692, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 2F 00 00 00 00 00 00 00 9D 50 47 21 ..../... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.194729, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy > set_printer_hnd_name: Printer found: yyyp0708 -> yyyp0708 >[2012/11/09 16:29:11.194796, 5] rpc_server/spoolss/srv_spoolss_nt.c:788(open_printer_hnd) > 1 printer handles active >[2012/11/09 16:29:11.194821, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 1E 00 00 00 00 00 00 00 9D 50 47 21 ........ .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.194863, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 1E 00 00 00 00 00 00 00 9D 50 47 21 ........ .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.194901, 4] rpc_server/spoolss/srv_spoolss_nt.c:504(get_printer_snum) > short name:yyyp0708 >[2012/11/09 16:29:11.194924, 3] lib/access.c:338(allow_access) > Allowed connection from yyyc27002.xxxxx.xxx (10.129.108.68) >[2012/11/09 16:29:11.194963, 4] rpc_server/spoolss/srv_spoolss_nt.c:1923(_spoolss_OpenPrinterEx) > Setting printer access = PRINTER_ACCESS_ADMINISTER >[2012/11/09 16:29:11.194988, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \winreg >[2012/11/09 16:29:11.195012, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \winreg (pipes_open=0) >[2012/11/09 16:29:11.195041, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.195064, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(10000, 10006) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.195090, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(101) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.195113, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.195131, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.195149, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.195215, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.195261, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[1] [0000] 00 00 00 00 33 00 00 00 00 00 00 00 9D 50 47 21 ....3... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.195315, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 33 00 00 00 00 00 00 00 9D 50 47 21 ....3... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.195359, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.195400, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.195440, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.195479, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.195517, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.195552, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.195608, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0708] >[2012/11/09 16:29:11.195661, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 34 00 00 00 00 00 00 00 9D 50 47 21 ....4... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.195711, 2] rpc_client/cli_winreg_spoolss.c:896(winreg_create_printer) > winreg_create_printer: Skipping, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708 already exists >[2012/11/09 16:29:11.195745, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 34 00 00 00 00 00 00 00 9D 50 47 21 ....4... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.195786, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 34 00 00 00 00 00 00 00 9D 50 47 21 ....4... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.195823, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.195850, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 33 00 00 00 00 00 00 00 9D 50 47 21 ....3... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.195891, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 33 00 00 00 00 00 00 00 9D 50 47 21 ....3... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.195942, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.195975, 5] rpc_server/srv_pipe.c:1679(api_rpcTNP) > api_rpcTNP: called \spoolss successfully >[2012/11/09 16:29:11.196009, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 1024 >[2012/11/09 16:29:11.196036, 3] rpc_server/srv_pipe_hnd.c:121(free_pipe_context) > free_pipe_context: destroying talloc pool of size 10301 >[2012/11/09 16:29:11.196070, 5] smbd/ipc.c:62(copy_trans_params_and_data) > copy_trans_params_and_data: params[0..0] data[0..48] (align 0) >[2012/11/09 16:29:11.196092, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.196103, 5] lib/util.c:342(show_msg) > size=104 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=48384 > smt_wct=10 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 48 (0x30) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 48 (0x30) > smb_vwv[ 7]= 56 (0x38) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=49 >[2012/11/09 16:29:11.199430, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x1090 >[2012/11/09 16:29:11.199463, 3] smbd/process.c:1662(process_smb) > Transaction 7 of length 4244 (0 toread) >[2012/11/09 16:29:11.199483, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.199494, 5] lib/util.c:342(show_msg) > size=4240 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=48448 > smt_wct=16 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 4156 (0x103C) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 1024 (0x400) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 84 (0x54) > smb_vwv[11]= 4156 (0x103C) > smb_vwv[12]= 84 (0x54) > smb_vwv[13]= 2 (0x2) > smb_vwv[14]= 38 (0x26) > smb_vwv[15]= 8210 (0x2012) > smb_bcc=4173 >[2012/11/09 16:29:11.199699, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.199720, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.199744, 3] smbd/ipc.c:560(handle_trans) > trans <\PIPE\> data=4156 params=0 setup=2 >[2012/11/09 16:29:11.199765, 5] smbd/ipc.c:593(handle_trans) > calling named_pipe >[2012/11/09 16:29:11.199783, 3] smbd/ipc.c:511(named_pipe) > named pipe command on <> name >[2012/11/09 16:29:11.199802, 5] smbd/ipc.c:434(api_fd_reply) > api_fd_reply >[2012/11/09 16:29:11.199820, 3] smbd/ipc.c:475(api_fd_reply) > Got API command 0x26 on pipe "spoolss" (pnum 2012) >[2012/11/09 16:29:11.199840, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 4156 >[2012/11/09 16:29:11.199866, 5] rpc_server/srv_pipe.c:1571(api_pipe_request) > Requested \PIPE\\spoolss >[2012/11/09 16:29:11.199888, 4] rpc_server/srv_pipe.c:1611(api_rpcTNP) > api_rpcTNP: \spoolss op 0x8 - api_rpcTNP: rpc command: SPOOLSS_GETPRINTER >[2012/11/09 16:29:11.199909, 6] rpc_server/srv_pipe.c:1645(api_rpcTNP) > api_rpc_cmds[8].fn == 0x7fa2ea3e8e50 >[2012/11/09 16:29:11.199936, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 1E 00 00 00 00 00 00 00 9D 50 47 21 ........ .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.199978, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 1E 00 00 00 00 00 00 00 9D 50 47 21 ........ .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.200016, 4] rpc_server/spoolss/srv_spoolss_nt.c:504(get_printer_snum) > short name:yyyp0708 >[2012/11/09 16:29:11.200037, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \winreg >[2012/11/09 16:29:11.200078, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \winreg (pipes_open=0) >[2012/11/09 16:29:11.200108, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.200129, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(10000, 10006) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.200155, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(101) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.200178, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.200197, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.200215, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.200281, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.200327, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[1] [0000] 00 00 00 00 35 00 00 00 00 00 00 00 9D 50 47 21 ....5... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.200381, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 35 00 00 00 00 00 00 00 9D 50 47 21 ....5... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.200424, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.200484, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.200529, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.200569, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.200607, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.200642, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.200688, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0708] >[2012/11/09 16:29:11.200736, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.200790, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.200876, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.200924, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.200958, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.201000, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.201032, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.201074, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.201117, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.201161, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.201192, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.201234, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.201265, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.201307, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.201338, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.201380, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.201411, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.201453, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.201485, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.201527, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.201558, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.201601, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.201632, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.201674, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.201706, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.201757, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.201791, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.201833, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.201865, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.201907, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.201938, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.201980, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.202011, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.202053, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.202084, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.202125, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.202158, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.202200, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.202232, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.202273, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.202321, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.202366, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.202385, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.202427, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.202471, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.202490, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.202527, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.202569, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[3] [0000] 00 00 00 00 37 00 00 00 00 00 00 00 9D 50 47 21 ....7... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.202630, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 37 00 00 00 00 00 00 00 9D 50 47 21 ....7... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.202674, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.202712, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.202751, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.202790, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.202828, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.202863, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.202908, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0708] >[2012/11/09 16:29:11.202955, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[4] [0000] 00 00 00 00 38 00 00 00 00 00 00 00 9D 50 47 21 ....8... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.203011, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 38 00 00 00 00 00 00 00 9D 50 47 21 ....8... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.203053, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.203073, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.203123, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 38 00 00 00 00 00 00 00 9D 50 47 21 ....8... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.203167, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.203187, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.203219, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 38 00 00 00 00 00 00 00 9D 50 47 21 ....8... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.203261, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 38 00 00 00 00 00 00 00 9D 50 47 21 ....8... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.203309, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.203339, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 37 00 00 00 00 00 00 00 9D 50 47 21 ....7... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.203380, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 37 00 00 00 00 00 00 00 9D 50 47 21 ....7... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.203418, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.203445, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.203486, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 36 00 00 00 00 00 00 00 9D 50 47 21 ....6... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.203524, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.203552, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 35 00 00 00 00 00 00 00 9D 50 47 21 ....5... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.203593, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 35 00 00 00 00 00 00 00 9D 50 47 21 ....5... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.203630, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.203674, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(10000, 10006) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.203716, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(101) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.203744, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.203763, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.203781, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.203844, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.203873, 4] printing/printing.c:1316(print_cache_expired) > print_cache_expired: cache expired for queue yyyp0708 (last_qscan_time = 1352473314, time now = 1352474951, qcachetime = 30) >[2012/11/09 16:29:11.206552, 5] rpc_server/srv_pipe.c:1679(api_rpcTNP) > api_rpcTNP: called \spoolss successfully >[2012/11/09 16:29:11.206673, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 1024 >[2012/11/09 16:29:11.206726, 5] smbd/ipc.c:103(send_trans_reply) > send_trans_reply: buffer 1024 too large >[2012/11/09 16:29:11.206756, 5] smbd/ipc.c:62(copy_trans_params_and_data) > copy_trans_params_and_data: params[0..0] data[0..1024] (align 0) >[2012/11/09 16:29:11.206776, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/ipc.c(137) cmd=37 (SMBtrans) STATUS_BUFFER_OVERFLOW >[2012/11/09 16:29:11.206803, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.206815, 5] lib/util.c:342(show_msg) > size=1080 > smb_com=0x25 > smb_rcls=5 > smb_reh=0 > smb_err=32768 > smb_flg=136 > smb_flg2=51203 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=48448 > smt_wct=10 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 1024 (0x400) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 1024 (0x400) > smb_vwv[ 7]= 56 (0x38) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=1025 >[2012/11/09 16:29:11.208954, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:11.209003, 3] smbd/process.c:1662(process_smb) > Transaction 8 of length 63 (0 toread) >[2012/11/09 16:29:11.209033, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.209051, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=48512 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8210 (0x2012) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 3112 (0xC28) > smb_vwv[ 6]= 3112 (0xC28) > smb_vwv[ 7]=65535 (0xFFFF) > smb_vwv[ 8]=65535 (0xFFFF) > smb_vwv[ 9]= 3112 (0xC28) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:11.209330, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.209364, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.209397, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 3112 >[2012/11/09 16:29:11.209429, 3] rpc_server/srv_pipe_hnd.c:121(free_pipe_context) > free_pipe_context: destroying talloc pool of size 8991 >[2012/11/09 16:29:11.209483, 3] smbd/pipes.c:485(pipe_read_andx_done) > readX-IPC min=3112 max=3112 nread=3112 >[2012/11/09 16:29:11.213174, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x10f8 >[2012/11/09 16:29:11.213219, 3] smbd/process.c:1662(process_smb) > Transaction 9 of length 4348 (0 toread) >[2012/11/09 16:29:11.213239, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.213250, 5] lib/util.c:342(show_msg) > size=4344 > smb_com=0x2f > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=48576 > smt_wct=14 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8210 (0x2012) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]=65535 (0xFFFF) > smb_vwv[ 6]=65535 (0xFFFF) > smb_vwv[ 7]= 8 (0x8) > smb_vwv[ 8]= 4280 (0x10B8) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 4280 (0x10B8) > smb_vwv[11]= 64 (0x40) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_bcc=4281 >[2012/11/09 16:29:11.213473, 3] smbd/process.c:1467(switch_message) > switch message SMBwriteX (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.213495, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.213514, 6] smbd/pipes.c:300(reply_pipe_write_and_X) > reply_pipe_write_and_X: 2012 name: spoolss len: 4280 >[2012/11/09 16:29:11.213535, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 4280 >[2012/11/09 16:29:11.213568, 3] smbd/pipes.c:361(pipe_write_andx_done) > writeX-IPC nwritten=4280 >[2012/11/09 16:29:11.214686, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x1b8 >[2012/11/09 16:29:11.214717, 3] smbd/process.c:1662(process_smb) > Transaction 10 of length 444 (0 toread) >[2012/11/09 16:29:11.214736, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.214746, 5] lib/util.c:342(show_msg) > size=440 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=48640 > smt_wct=16 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 356 (0x164) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 4136 (0x1028) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 84 (0x54) > smb_vwv[11]= 356 (0x164) > smb_vwv[12]= 84 (0x54) > smb_vwv[13]= 2 (0x2) > smb_vwv[14]= 38 (0x26) > smb_vwv[15]= 8210 (0x2012) > smb_bcc=373 >[2012/11/09 16:29:11.214949, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.214969, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.214992, 3] smbd/ipc.c:560(handle_trans) > trans <\PIPE\> data=356 params=0 setup=2 >[2012/11/09 16:29:11.215033, 5] smbd/ipc.c:593(handle_trans) > calling named_pipe >[2012/11/09 16:29:11.215052, 3] smbd/ipc.c:511(named_pipe) > named pipe command on <> name >[2012/11/09 16:29:11.215070, 5] smbd/ipc.c:434(api_fd_reply) > api_fd_reply >[2012/11/09 16:29:11.215088, 3] smbd/ipc.c:475(api_fd_reply) > Got API command 0x26 on pipe "spoolss" (pnum 2012) >[2012/11/09 16:29:11.215107, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 356 >[2012/11/09 16:29:11.215130, 5] rpc_server/srv_pipe.c:1571(api_pipe_request) > Requested \PIPE\\spoolss >[2012/11/09 16:29:11.215151, 4] rpc_server/srv_pipe.c:1611(api_rpcTNP) > api_rpcTNP: \spoolss op 0x8 - api_rpcTNP: rpc command: SPOOLSS_GETPRINTER >[2012/11/09 16:29:11.215171, 6] rpc_server/srv_pipe.c:1645(api_rpcTNP) > api_rpc_cmds[8].fn == 0x7fa2ea3e8e50 >[2012/11/09 16:29:11.215192, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 1E 00 00 00 00 00 00 00 9D 50 47 21 ........ .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.215233, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 1E 00 00 00 00 00 00 00 9D 50 47 21 ........ .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.215270, 4] rpc_server/spoolss/srv_spoolss_nt.c:504(get_printer_snum) > short name:yyyp0708 >[2012/11/09 16:29:11.215294, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \winreg >[2012/11/09 16:29:11.215319, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \winreg (pipes_open=0) >[2012/11/09 16:29:11.215351, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.215373, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(10000, 10006) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.215407, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(101) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.215430, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.215449, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.215467, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.215559, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.215628, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[1] [0000] 00 00 00 00 39 00 00 00 00 00 00 00 9D 50 47 21 ....9... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.215691, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 39 00 00 00 00 00 00 00 9D 50 47 21 ....9... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.215734, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.215777, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.215818, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.215859, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.215898, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.215935, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.215982, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0708] >[2012/11/09 16:29:11.216031, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.216101, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.216191, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.216237, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.216271, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.216314, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.216346, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.216388, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.216419, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.216483, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.216519, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.216562, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.216594, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.216636, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.216667, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.216709, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.216741, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.216783, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.216825, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.216869, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.216902, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.216944, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.216976, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.217017, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.217049, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.217091, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.217123, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.217164, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.217196, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.217237, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.217269, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.217310, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.217342, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.217384, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.217416, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.217458, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.217502, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.217546, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.217578, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.217619, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.217669, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.217714, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.217733, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.217765, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.217807, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.217825, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.217863, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.217905, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[3] [0000] 00 00 00 00 3B 00 00 00 00 00 00 00 9D 50 47 21 ....;... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.217958, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3B 00 00 00 00 00 00 00 9D 50 47 21 ....;... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.218001, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.218040, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.218079, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.218117, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.218155, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.218190, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.218234, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0708] >[2012/11/09 16:29:11.218281, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[4] [0000] 00 00 00 00 3C 00 00 00 00 00 00 00 9D 50 47 21 ....<... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.218337, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3C 00 00 00 00 00 00 00 9D 50 47 21 ....<... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.218390, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.218412, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.218463, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3C 00 00 00 00 00 00 00 9D 50 47 21 ....<... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.218508, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.218528, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.218561, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3C 00 00 00 00 00 00 00 9D 50 47 21 ....<... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.218610, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3C 00 00 00 00 00 00 00 9D 50 47 21 ....<... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.218648, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.218676, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3B 00 00 00 00 00 00 00 9D 50 47 21 ....;... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.218717, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3B 00 00 00 00 00 00 00 9D 50 47 21 ....;... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.218754, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.218781, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.218821, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3A 00 00 00 00 00 00 00 9D 50 47 21 ....:... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.218857, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.218885, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 39 00 00 00 00 00 00 00 9D 50 47 21 ....9... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.218926, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 39 00 00 00 00 00 00 00 9D 50 47 21 ....9... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.218963, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.219048, 5] rpc_server/srv_pipe.c:1679(api_rpcTNP) > api_rpcTNP: called \spoolss successfully >[2012/11/09 16:29:11.219086, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 4136 >[2012/11/09 16:29:11.219116, 5] smbd/ipc.c:103(send_trans_reply) > send_trans_reply: buffer 4136 too large >[2012/11/09 16:29:11.219138, 5] smbd/ipc.c:62(copy_trans_params_and_data) > copy_trans_params_and_data: params[0..0] data[0..4136] (align 0) >[2012/11/09 16:29:11.219159, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/ipc.c(137) cmd=37 (SMBtrans) STATUS_BUFFER_OVERFLOW >[2012/11/09 16:29:11.219190, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.219202, 5] lib/util.c:342(show_msg) > size=4192 > smb_com=0x25 > smb_rcls=5 > smb_reh=0 > smb_err=32768 > smb_flg=136 > smb_flg2=51203 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=48640 > smt_wct=10 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 4136 (0x1028) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 4136 (0x1028) > smb_vwv[ 7]= 56 (0x38) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=4137 >[2012/11/09 16:29:11.221073, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:11.221105, 3] smbd/process.c:1662(process_smb) > Transaction 11 of length 63 (0 toread) >[2012/11/09 16:29:11.221124, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.221135, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=48704 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8210 (0x2012) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 144 (0x90) > smb_vwv[ 6]= 144 (0x90) > smb_vwv[ 7]=65535 (0xFFFF) > smb_vwv[ 8]=65535 (0xFFFF) > smb_vwv[ 9]= 144 (0x90) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:11.221311, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.221332, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.221352, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 144 >[2012/11/09 16:29:11.221377, 3] smbd/pipes.c:485(pipe_read_andx_done) > readX-IPC min=144 max=144 nread=144 >[2012/11/09 16:29:11.222633, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:11.222677, 3] smbd/process.c:1662(process_smb) > Transaction 12 of length 63 (0 toread) >[2012/11/09 16:29:11.222697, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.222708, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=48768 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8210 (0x2012) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 4280 (0x10B8) > smb_vwv[ 6]= 4280 (0x10B8) > smb_vwv[ 7]=65535 (0xFFFF) > smb_vwv[ 8]=65535 (0xFFFF) > smb_vwv[ 9]= 4280 (0x10B8) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:11.222917, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.222939, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.222961, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 4280 >[2012/11/09 16:29:11.222986, 3] rpc_server/srv_pipe_hnd.c:121(free_pipe_context) > free_pipe_context: destroying talloc pool of size 8991 >[2012/11/09 16:29:11.223020, 3] smbd/pipes.c:485(pipe_read_andx_done) > readX-IPC min=4280 max=4280 nread=336 >[2012/11/09 16:29:11.228228, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x66 >[2012/11/09 16:29:11.228262, 3] smbd/process.c:1662(process_smb) > Transaction 13 of length 106 (0 toread) >[2012/11/09 16:29:11.228282, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.228303, 5] lib/util.c:342(show_msg) > size=102 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=48832 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 4096 (0x1000) > smb_vwv[ 3]= 4096 (0x1000) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=40704 (0x9F00) > smb_vwv[ 8]= 4609 (0x1201) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1792 (0x700) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]=16384 (0x4000) > smb_vwv[20]=16384 (0x4000) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 768 (0x300) > smb_bcc=19 >[2012/11/09 16:29:11.228828, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.228867, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.228907, 4] smbd/nttrans.c:288(nt_open_pipe) > nt_open_pipe: Opening pipe \spoolss. >[2012/11/09 16:29:11.228947, 5] smbd/files.c:140(file_new) > allocated file structure 4115, fnum = 8211 (2 used) >[2012/11/09 16:29:11.228990, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \spoolss >[2012/11/09 16:29:11.229059, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \spoolss (pipes_open=0) >[2012/11/09 16:29:11.229102, 5] smbd/nttrans.c:377(do_ntcreate_pipe_open) > do_ntcreate_pipe_open: open pipe = \spoolss >[2012/11/09 16:29:11.230333, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0xe0 >[2012/11/09 16:29:11.230367, 3] smbd/process.c:1662(process_smb) > Transaction 14 of length 228 (0 toread) >[2012/11/09 16:29:11.230387, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.230398, 5] lib/util.c:342(show_msg) > size=224 > smb_com=0x2f > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=48896 > smt_wct=14 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8211 (0x2013) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]=65535 (0xFFFF) > smb_vwv[ 6]=65535 (0xFFFF) > smb_vwv[ 7]= 8 (0x8) > smb_vwv[ 8]= 160 (0xA0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 160 (0xA0) > smb_vwv[11]= 64 (0x40) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_bcc=161 >[2012/11/09 16:29:11.230587, 3] smbd/process.c:1467(switch_message) > switch message SMBwriteX (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.230614, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.230634, 6] smbd/pipes.c:300(reply_pipe_write_and_X) > reply_pipe_write_and_X: 2013 name: spoolss len: 160 >[2012/11/09 16:29:11.230653, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 160 >[2012/11/09 16:29:11.230678, 3] rpc_server/srv_pipe.c:889(api_pipe_bind_req) > api_pipe_bind_req: \PIPE\spoolss -> \PIPE\spoolss >[2012/11/09 16:29:11.230698, 5] rpc_server/srv_pipe.c:923(api_pipe_bind_req) > api_pipe_bind_req: make response. 923 >[2012/11/09 16:29:11.230717, 3] rpc_server/srv_pipe.c:339(check_bind_req) > check_bind_req for \spoolss >[2012/11/09 16:29:11.230736, 3] rpc_server/srv_pipe.c:346(check_bind_req) > check_bind_req: \PIPE\spoolss -> \PIPE\spoolss >[2012/11/09 16:29:11.230765, 3] smbd/pipes.c:361(pipe_write_andx_done) > writeX-IPC nwritten=160 >[2012/11/09 16:29:11.231961, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:11.231997, 3] smbd/process.c:1662(process_smb) > Transaction 15 of length 63 (0 toread) >[2012/11/09 16:29:11.232016, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.232027, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=48960 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8211 (0x2013) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 1024 (0x400) > smb_vwv[ 6]= 1024 (0x400) > smb_vwv[ 7]=65535 (0xFFFF) > smb_vwv[ 8]=65535 (0xFFFF) > smb_vwv[ 9]= 1024 (0x400) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:11.232204, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.232239, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.232261, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 1024 >[2012/11/09 16:29:11.232282, 3] rpc_server/srv_pipe_hnd.c:121(free_pipe_context) > free_pipe_context: destroying talloc pool of size 29 >[2012/11/09 16:29:11.232306, 3] smbd/pipes.c:485(pipe_read_andx_done) > readX-IPC min=1024 max=1024 nread=68 >[2012/11/09 16:29:11.233415, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x124 >[2012/11/09 16:29:11.233462, 3] smbd/process.c:1662(process_smb) > Transaction 16 of length 296 (0 toread) >[2012/11/09 16:29:11.233500, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.233522, 5] lib/util.c:342(show_msg) > size=292 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=49024 > smt_wct=16 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 208 (0xD0) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 1024 (0x400) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 84 (0x54) > smb_vwv[11]= 208 (0xD0) > smb_vwv[12]= 84 (0x54) > smb_vwv[13]= 2 (0x2) > smb_vwv[14]= 38 (0x26) > smb_vwv[15]= 8211 (0x2013) > smb_bcc=225 >[2012/11/09 16:29:11.233834, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.233867, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.233909, 3] smbd/ipc.c:560(handle_trans) > trans <\PIPE\> data=208 params=0 setup=2 >[2012/11/09 16:29:11.233938, 5] smbd/ipc.c:593(handle_trans) > calling named_pipe >[2012/11/09 16:29:11.233957, 3] smbd/ipc.c:511(named_pipe) > named pipe command on <> name >[2012/11/09 16:29:11.233975, 5] smbd/ipc.c:434(api_fd_reply) > api_fd_reply >[2012/11/09 16:29:11.233993, 3] smbd/ipc.c:475(api_fd_reply) > Got API command 0x26 on pipe "spoolss" (pnum 2013) >[2012/11/09 16:29:11.234028, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 208 >[2012/11/09 16:29:11.234054, 5] rpc_server/srv_pipe.c:1571(api_pipe_request) > Requested \PIPE\\spoolss >[2012/11/09 16:29:11.234081, 4] rpc_server/srv_pipe.c:1611(api_rpcTNP) > api_rpcTNP: \spoolss op 0x45 - api_rpcTNP: rpc command: SPOOLSS_OPENPRINTEREX >[2012/11/09 16:29:11.234116, 6] rpc_server/srv_pipe.c:1645(api_rpcTNP) > api_rpc_cmds[69].fn == 0x7fa2ea3def70 > checking name: \\yyyu0031\yyyp0708 >[2012/11/09 16:29:11.234158, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 3D 00 00 00 00 00 00 00 9D 50 47 21 ....=... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.234211, 3] rpc_server/spoolss/srv_spoolss_nt.c:521(set_printer_hnd_printertype) > Setting printer type=\\yyyu0031\yyyp0708 > Printer is a printer >[2012/11/09 16:29:11.234238, 4] rpc_server/spoolss/srv_spoolss_nt.c:581(set_printer_hnd_name) > Setting printer name=\\yyyu0031\yyyp0708 (len=19) > searching for [yyyp0708] > set_printer_hnd_name: Printer found: yyyp0708 -> yyyp0708 >[2012/11/09 16:29:11.234294, 5] rpc_server/spoolss/srv_spoolss_nt.c:788(open_printer_hnd) > 2 printer handles active >[2012/11/09 16:29:11.234314, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3D 00 00 00 00 00 00 00 9D 50 47 21 ....=... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.234351, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3D 00 00 00 00 00 00 00 9D 50 47 21 ....=... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.234388, 4] rpc_server/spoolss/srv_spoolss_nt.c:504(get_printer_snum) > short name:yyyp0708 >[2012/11/09 16:29:11.234410, 3] lib/access.c:338(allow_access) > Allowed connection from yyyc27002.xxxxx.xxx (10.129.108.68) >[2012/11/09 16:29:11.234445, 4] rpc_server/spoolss/srv_spoolss_nt.c:1923(_spoolss_OpenPrinterEx) > Setting printer access = PRINTER_ACCESS_USE >[2012/11/09 16:29:11.234466, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \winreg >[2012/11/09 16:29:11.234490, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \winreg (pipes_open=0) >[2012/11/09 16:29:11.234519, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.234540, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(10000, 10006) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.234577, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(101) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.234607, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.234627, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.234645, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.234731, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.234782, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[1] [0000] 00 00 00 00 3E 00 00 00 00 00 00 00 9D 50 47 21 ....>... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.234838, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3E 00 00 00 00 00 00 00 9D 50 47 21 ....>... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.234881, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.234923, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.234963, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.235003, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.235041, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.235077, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.235134, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0708] >[2012/11/09 16:29:11.235216, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 3F 00 00 00 00 00 00 00 9D 50 47 21 ....?... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.235305, 2] rpc_client/cli_winreg_spoolss.c:896(winreg_create_printer) > winreg_create_printer: Skipping, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708 already exists >[2012/11/09 16:29:11.235354, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3F 00 00 00 00 00 00 00 9D 50 47 21 ....?... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.235432, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3F 00 00 00 00 00 00 00 9D 50 47 21 ....?... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.235504, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.235553, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3E 00 00 00 00 00 00 00 9D 50 47 21 ....>... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.235643, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3E 00 00 00 00 00 00 00 9D 50 47 21 ....>... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.235738, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.235792, 5] rpc_server/srv_pipe.c:1679(api_rpcTNP) > api_rpcTNP: called \spoolss successfully >[2012/11/09 16:29:11.235840, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 1024 >[2012/11/09 16:29:11.235881, 3] rpc_server/srv_pipe_hnd.c:121(free_pipe_context) > free_pipe_context: destroying talloc pool of size 1741 >[2012/11/09 16:29:11.235927, 5] smbd/ipc.c:62(copy_trans_params_and_data) > copy_trans_params_and_data: params[0..0] data[0..48] (align 0) >[2012/11/09 16:29:11.235965, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.235986, 5] lib/util.c:342(show_msg) > size=104 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=49024 > smt_wct=10 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 48 (0x30) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 48 (0x30) > smb_vwv[ 7]= 56 (0x38) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=49 >[2012/11/09 16:29:11.238119, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x8c >[2012/11/09 16:29:11.238166, 3] smbd/process.c:1662(process_smb) > Transaction 17 of length 144 (0 toread) >[2012/11/09 16:29:11.238186, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.238198, 5] lib/util.c:342(show_msg) > size=140 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=49088 > smt_wct=16 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 56 (0x38) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 1024 (0x400) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 84 (0x54) > smb_vwv[11]= 56 (0x38) > smb_vwv[12]= 84 (0x54) > smb_vwv[13]= 2 (0x2) > smb_vwv[14]= 38 (0x26) > smb_vwv[15]= 8211 (0x2013) > smb_bcc=73 >[2012/11/09 16:29:11.238402, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.238422, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.238445, 3] smbd/ipc.c:560(handle_trans) > trans <\PIPE\> data=56 params=0 setup=2 >[2012/11/09 16:29:11.238467, 5] smbd/ipc.c:593(handle_trans) > calling named_pipe >[2012/11/09 16:29:11.238484, 3] smbd/ipc.c:511(named_pipe) > named pipe command on <> name >[2012/11/09 16:29:11.238503, 5] smbd/ipc.c:434(api_fd_reply) > api_fd_reply >[2012/11/09 16:29:11.238521, 3] smbd/ipc.c:475(api_fd_reply) > Got API command 0x26 on pipe "spoolss" (pnum 2013) >[2012/11/09 16:29:11.238541, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 56 >[2012/11/09 16:29:11.238566, 5] rpc_server/srv_pipe.c:1571(api_pipe_request) > Requested \PIPE\\spoolss >[2012/11/09 16:29:11.238587, 4] rpc_server/srv_pipe.c:1611(api_rpcTNP) > api_rpcTNP: \spoolss op 0x8 - api_rpcTNP: rpc command: SPOOLSS_GETPRINTER >[2012/11/09 16:29:11.238613, 6] rpc_server/srv_pipe.c:1645(api_rpcTNP) > api_rpc_cmds[8].fn == 0x7fa2ea3e8e50 >[2012/11/09 16:29:11.238635, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3D 00 00 00 00 00 00 00 9D 50 47 21 ....=... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.238675, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3D 00 00 00 00 00 00 00 9D 50 47 21 ....=... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.238712, 4] rpc_server/spoolss/srv_spoolss_nt.c:504(get_printer_snum) > short name:yyyp0708 >[2012/11/09 16:29:11.238735, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \winreg >[2012/11/09 16:29:11.238776, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \winreg (pipes_open=0) >[2012/11/09 16:29:11.238806, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.238828, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(10000, 10006) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.238858, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(101) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.238881, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.238900, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.238918, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.239006, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.239073, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[1] [0000] 00 00 00 00 40 00 00 00 00 00 00 00 9D 50 47 21 ....@... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.239133, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 40 00 00 00 00 00 00 00 9D 50 47 21 ....@... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.239176, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.239219, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.239258, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.239298, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.239336, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.239373, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.239419, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0708] >[2012/11/09 16:29:11.239468, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.239523, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.239609, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.239656, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.239689, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.239731, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.239762, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.239814, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.239849, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.239891, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.239923, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.239966, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.240017, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.240063, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.240095, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.240137, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.240168, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.240211, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.240243, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.240285, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.240317, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.240359, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.240390, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.240432, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.240486, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.240548, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.240583, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.240625, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.240656, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.240698, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.240729, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.240770, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.240801, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.240843, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.240873, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.240915, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.240953, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.241017, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.241052, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.241094, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.241143, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.241188, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.241219, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.241255, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.241298, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.241317, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.241355, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.241396, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[3] [0000] 00 00 00 00 42 00 00 00 00 00 00 00 9D 50 47 21 ....B... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.241449, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 42 00 00 00 00 00 00 00 9D 50 47 21 ....B... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.241492, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.241530, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.241569, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.241607, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.241645, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.241680, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.241724, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0708] >[2012/11/09 16:29:11.241771, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[4] [0000] 00 00 00 00 43 00 00 00 00 00 00 00 9D 50 47 21 ....C... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.241826, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 43 00 00 00 00 00 00 00 9D 50 47 21 ....C... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.241869, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.241888, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.241949, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 43 00 00 00 00 00 00 00 9D 50 47 21 ....C... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.242007, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.242028, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.242063, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 43 00 00 00 00 00 00 00 9D 50 47 21 ....C... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.242105, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 43 00 00 00 00 00 00 00 9D 50 47 21 ....C... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.242154, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.242183, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 42 00 00 00 00 00 00 00 9D 50 47 21 ....B... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.242225, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 42 00 00 00 00 00 00 00 9D 50 47 21 ....B... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.242262, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.242288, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.242329, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 41 00 00 00 00 00 00 00 9D 50 47 21 ....A... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.242366, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.242394, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 40 00 00 00 00 00 00 00 9D 50 47 21 ....@... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.242434, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 40 00 00 00 00 00 00 00 9D 50 47 21 ....@... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.242471, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.242536, 5] rpc_server/srv_pipe.c:1679(api_rpcTNP) > api_rpcTNP: called \spoolss successfully >[2012/11/09 16:29:11.242571, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 1024 >[2012/11/09 16:29:11.242602, 3] rpc_server/srv_pipe_hnd.c:121(free_pipe_context) > free_pipe_context: destroying talloc pool of size 8991 >[2012/11/09 16:29:11.242635, 5] smbd/ipc.c:62(copy_trans_params_and_data) > copy_trans_params_and_data: params[0..0] data[0..36] (align 0) >[2012/11/09 16:29:11.242656, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.242667, 5] lib/util.c:342(show_msg) > size=92 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=49088 > smt_wct=10 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 36 (0x24) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 36 (0x24) > smb_vwv[ 7]= 56 (0x38) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=37 >[2012/11/09 16:29:11.244949, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x10f8 >[2012/11/09 16:29:11.244982, 3] smbd/process.c:1662(process_smb) > Transaction 18 of length 4348 (0 toread) >[2012/11/09 16:29:11.245002, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.245013, 5] lib/util.c:342(show_msg) > size=4344 > smb_com=0x2f > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=49152 > smt_wct=14 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8211 (0x2013) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]=65535 (0xFFFF) > smb_vwv[ 6]=65535 (0xFFFF) > smb_vwv[ 7]= 8 (0x8) > smb_vwv[ 8]= 4280 (0x10B8) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 4280 (0x10B8) > smb_vwv[11]= 64 (0x40) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_bcc=4281 >[2012/11/09 16:29:11.245202, 3] smbd/process.c:1467(switch_message) > switch message SMBwriteX (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.245235, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.245257, 6] smbd/pipes.c:300(reply_pipe_write_and_X) > reply_pipe_write_and_X: 2013 name: spoolss len: 4280 >[2012/11/09 16:29:11.245277, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 4280 >[2012/11/09 16:29:11.245306, 3] smbd/pipes.c:361(pipe_write_andx_done) > writeX-IPC nwritten=4280 >[2012/11/09 16:29:11.246410, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x138 >[2012/11/09 16:29:11.246441, 3] smbd/process.c:1662(process_smb) > Transaction 19 of length 316 (0 toread) >[2012/11/09 16:29:11.246461, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.246472, 5] lib/util.c:342(show_msg) > size=312 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=49216 > smt_wct=16 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 228 (0xE4) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 1024 (0x400) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 84 (0x54) > smb_vwv[11]= 228 (0xE4) > smb_vwv[12]= 84 (0x54) > smb_vwv[13]= 2 (0x2) > smb_vwv[14]= 38 (0x26) > smb_vwv[15]= 8211 (0x2013) > smb_bcc=245 >[2012/11/09 16:29:11.246674, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.246694, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.246716, 3] smbd/ipc.c:560(handle_trans) > trans <\PIPE\> data=228 params=0 setup=2 >[2012/11/09 16:29:11.246736, 5] smbd/ipc.c:593(handle_trans) > calling named_pipe >[2012/11/09 16:29:11.246754, 3] smbd/ipc.c:511(named_pipe) > named pipe command on <> name >[2012/11/09 16:29:11.246771, 5] smbd/ipc.c:434(api_fd_reply) > api_fd_reply >[2012/11/09 16:29:11.246789, 3] smbd/ipc.c:475(api_fd_reply) > Got API command 0x26 on pipe "spoolss" (pnum 2013) >[2012/11/09 16:29:11.246816, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 228 >[2012/11/09 16:29:11.246853, 5] rpc_server/srv_pipe.c:1571(api_pipe_request) > Requested \PIPE\\spoolss >[2012/11/09 16:29:11.246876, 4] rpc_server/srv_pipe.c:1611(api_rpcTNP) > api_rpcTNP: \spoolss op 0x8 - api_rpcTNP: rpc command: SPOOLSS_GETPRINTER >[2012/11/09 16:29:11.246896, 6] rpc_server/srv_pipe.c:1645(api_rpcTNP) > api_rpc_cmds[8].fn == 0x7fa2ea3e8e50 >[2012/11/09 16:29:11.246917, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3D 00 00 00 00 00 00 00 9D 50 47 21 ....=... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.246956, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3D 00 00 00 00 00 00 00 9D 50 47 21 ....=... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.246993, 4] rpc_server/spoolss/srv_spoolss_nt.c:504(get_printer_snum) > short name:yyyp0708 >[2012/11/09 16:29:11.247014, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \winreg >[2012/11/09 16:29:11.247039, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \winreg (pipes_open=0) >[2012/11/09 16:29:11.247067, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.247088, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(10000, 10006) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.247116, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(101) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.247139, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.247158, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.247175, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.247265, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.247312, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[1] [0000] 00 00 00 00 44 00 00 00 00 00 00 00 9D 50 47 21 ....D... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.247370, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 44 00 00 00 00 00 00 00 9D 50 47 21 ....D... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.247419, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.247461, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.247500, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.247539, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.247577, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.247612, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.247657, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0708] >[2012/11/09 16:29:11.247704, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.247758, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.247886, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.247935, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.247969, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.248011, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.248043, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.248085, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.248116, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.248157, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.248188, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.248240, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.248274, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.248316, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.248348, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.248390, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.248433, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.248505, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.248540, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.248583, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.248615, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.248656, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.248687, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.248729, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.248766, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.248822, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.248857, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.248900, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.248931, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.248992, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.249026, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.249069, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.249100, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.249141, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.249172, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.249214, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.249247, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.249289, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.249320, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.249361, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.249410, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.249454, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.249473, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.249503, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.249545, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.249564, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.249599, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.249653, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[3] [0000] 00 00 00 00 46 00 00 00 00 00 00 00 9D 50 47 21 ....F... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.249708, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 46 00 00 00 00 00 00 00 9D 50 47 21 ....F... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.249773, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.249822, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.249862, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.249900, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.249937, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.249971, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.250014, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0708] >[2012/11/09 16:29:11.250062, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[4] [0000] 00 00 00 00 47 00 00 00 00 00 00 00 9D 50 47 21 ....G... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.250142, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 47 00 00 00 00 00 00 00 9D 50 47 21 ....G... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.250189, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.250208, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.250259, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 47 00 00 00 00 00 00 00 9D 50 47 21 ....G... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.250303, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.250322, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.250354, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 47 00 00 00 00 00 00 00 9D 50 47 21 ....G... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.250396, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 47 00 00 00 00 00 00 00 9D 50 47 21 ....G... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.250433, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.250461, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 46 00 00 00 00 00 00 00 9D 50 47 21 ....F... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.250501, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 46 00 00 00 00 00 00 00 9D 50 47 21 ....F... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.250538, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.250565, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.250622, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 45 00 00 00 00 00 00 00 9D 50 47 21 ....E... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.250661, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.250690, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 44 00 00 00 00 00 00 00 9D 50 47 21 ....D... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.250757, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 44 00 00 00 00 00 00 00 9D 50 47 21 ....D... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.250797, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.250874, 5] rpc_server/srv_pipe.c:1679(api_rpcTNP) > api_rpcTNP: called \spoolss successfully >[2012/11/09 16:29:11.250910, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 1024 >[2012/11/09 16:29:11.250940, 5] smbd/ipc.c:103(send_trans_reply) > send_trans_reply: buffer 1024 too large >[2012/11/09 16:29:11.250962, 5] smbd/ipc.c:62(copy_trans_params_and_data) > copy_trans_params_and_data: params[0..0] data[0..1024] (align 0) >[2012/11/09 16:29:11.250982, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/ipc.c(137) cmd=37 (SMBtrans) STATUS_BUFFER_OVERFLOW >[2012/11/09 16:29:11.251001, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.251012, 5] lib/util.c:342(show_msg) > size=1080 > smb_com=0x25 > smb_rcls=5 > smb_reh=0 > smb_err=32768 > smb_flg=136 > smb_flg2=51203 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=49216 > smt_wct=10 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 1024 (0x400) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 1024 (0x400) > smb_vwv[ 7]= 56 (0x38) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=1025 >[2012/11/09 16:29:11.252371, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:11.252404, 3] smbd/process.c:1662(process_smb) > Transaction 20 of length 63 (0 toread) >[2012/11/09 16:29:11.252423, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.252434, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=49280 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8211 (0x2013) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 3256 (0xCB8) > smb_vwv[ 6]= 3256 (0xCB8) > smb_vwv[ 7]=65535 (0xFFFF) > smb_vwv[ 8]=65535 (0xFFFF) > smb_vwv[ 9]= 3256 (0xCB8) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:11.252633, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.252654, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.252675, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 3256 >[2012/11/09 16:29:11.252700, 3] smbd/pipes.c:485(pipe_read_andx_done) > readX-IPC min=3256 max=3256 nread=3256 >[2012/11/09 16:29:11.254044, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:11.254104, 3] smbd/process.c:1662(process_smb) > Transaction 21 of length 63 (0 toread) >[2012/11/09 16:29:11.254140, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.254154, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=49344 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8211 (0x2013) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 4280 (0x10B8) > smb_vwv[ 6]= 4280 (0x10B8) > smb_vwv[ 7]=65535 (0xFFFF) > smb_vwv[ 8]=65535 (0xFFFF) > smb_vwv[ 9]= 4280 (0x10B8) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:11.254456, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.254488, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.254513, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 4280 >[2012/11/09 16:29:11.254557, 3] rpc_server/srv_pipe_hnd.c:121(free_pipe_context) > free_pipe_context: destroying talloc pool of size 8991 >[2012/11/09 16:29:11.254615, 3] smbd/pipes.c:485(pipe_read_andx_done) > readX-IPC min=4280 max=4280 nread=208 >[2012/11/09 16:29:11.256546, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x80 >[2012/11/09 16:29:11.256581, 3] smbd/process.c:1662(process_smb) > Transaction 22 of length 132 (0 toread) >[2012/11/09 16:29:11.256606, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.256629, 5] lib/util.c:342(show_msg) > size=128 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=49408 > smt_wct=16 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 44 (0x2C) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 4280 (0x10B8) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 84 (0x54) > smb_vwv[11]= 44 (0x2C) > smb_vwv[12]= 84 (0x54) > smb_vwv[13]= 2 (0x2) > smb_vwv[14]= 38 (0x26) > smb_vwv[15]= 8211 (0x2013) > smb_bcc=61 >[2012/11/09 16:29:11.256860, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.256883, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.256907, 3] smbd/ipc.c:560(handle_trans) > trans <\PIPE\> data=44 params=0 setup=2 >[2012/11/09 16:29:11.256929, 5] smbd/ipc.c:593(handle_trans) > calling named_pipe >[2012/11/09 16:29:11.256947, 3] smbd/ipc.c:511(named_pipe) > named pipe command on <> name >[2012/11/09 16:29:11.256966, 5] smbd/ipc.c:434(api_fd_reply) > api_fd_reply >[2012/11/09 16:29:11.256985, 3] smbd/ipc.c:475(api_fd_reply) > Got API command 0x26 on pipe "spoolss" (pnum 2013) >[2012/11/09 16:29:11.257005, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 44 >[2012/11/09 16:29:11.257031, 5] rpc_server/srv_pipe.c:1571(api_pipe_request) > Requested \PIPE\\spoolss >[2012/11/09 16:29:11.257053, 4] rpc_server/srv_pipe.c:1611(api_rpcTNP) > api_rpcTNP: \spoolss op 0x1d - api_rpcTNP: rpc command: SPOOLSS_CLOSEPRINTER >[2012/11/09 16:29:11.257073, 6] rpc_server/srv_pipe.c:1645(api_rpcTNP) > api_rpc_cmds[29].fn == 0x7fa2ea3e55d0 >[2012/11/09 16:29:11.257102, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3D 00 00 00 00 00 00 00 9D 50 47 21 ....=... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.257145, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3D 00 00 00 00 00 00 00 9D 50 47 21 ....=... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.257183, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 3D 00 00 00 00 00 00 00 9D 50 47 21 ....=... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.257221, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.257245, 5] rpc_server/srv_pipe.c:1679(api_rpcTNP) > api_rpcTNP: called \spoolss successfully >[2012/11/09 16:29:11.257273, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 4280 >[2012/11/09 16:29:11.257317, 3] rpc_server/srv_pipe_hnd.c:121(free_pipe_context) > free_pipe_context: destroying talloc pool of size 29 >[2012/11/09 16:29:11.257344, 5] smbd/ipc.c:62(copy_trans_params_and_data) > copy_trans_params_and_data: params[0..0] data[0..48] (align 0) >[2012/11/09 16:29:11.257365, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.257376, 5] lib/util.c:342(show_msg) > size=104 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=49408 > smt_wct=10 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 48 (0x30) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 48 (0x30) > smb_vwv[ 7]= 56 (0x38) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=49 >[2012/11/09 16:29:11.259057, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x29 >[2012/11/09 16:29:11.259090, 3] smbd/process.c:1662(process_smb) > Transaction 23 of length 45 (0 toread) >[2012/11/09 16:29:11.259110, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.259121, 5] lib/util.c:342(show_msg) > size=41 > smb_com=0x4 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=49472 > smt_wct=3 > smb_vwv[ 0]= 8211 (0x2013) > smb_vwv[ 1]=65535 (0xFFFF) > smb_vwv[ 2]=65535 (0xFFFF) > smb_bcc=0 >[2012/11/09 16:29:11.259239, 3] smbd/process.c:1467(switch_message) > switch message SMBclose (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.259259, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.259281, 3] smbd/reply.c:4848(reply_close) > close fd=-1 fnum=8211 (numopen=2) >[2012/11/09 16:29:11.259303, 6] smbd/close.c:532(set_close_write_time) > close_write_time: Sun Feb 7 07:28:15 2106 >[2012/11/09 16:29:11.259371, 5] smbd/files.c:482(file_free) > freed files structure 8211 (1 used) >[2012/11/09 16:29:11.259395, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.259407, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0x4 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=49472 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:11.260568, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x66 >[2012/11/09 16:29:11.260601, 3] smbd/process.c:1662(process_smb) > Transaction 24 of length 106 (0 toread) >[2012/11/09 16:29:11.260621, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.260632, 5] lib/util.c:342(show_msg) > size=102 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=49536 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 4096 (0x1000) > smb_vwv[ 3]= 4096 (0x1000) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=40704 (0x9F00) > smb_vwv[ 8]= 4609 (0x1201) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1792 (0x700) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]=16384 (0x4000) > smb_vwv[20]=16384 (0x4000) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 768 (0x300) > smb_bcc=19 >[2012/11/09 16:29:11.260903, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.260923, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.260946, 4] smbd/nttrans.c:288(nt_open_pipe) > nt_open_pipe: Opening pipe \spoolss. >[2012/11/09 16:29:11.260968, 5] smbd/files.c:140(file_new) > allocated file structure 4116, fnum = 8212 (2 used) >[2012/11/09 16:29:11.260995, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \spoolss >[2012/11/09 16:29:11.261044, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \spoolss (pipes_open=0) >[2012/11/09 16:29:11.261083, 5] smbd/nttrans.c:377(do_ntcreate_pipe_open) > do_ntcreate_pipe_open: open pipe = \spoolss >[2012/11/09 16:29:11.262456, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0xe0 >[2012/11/09 16:29:11.262498, 3] smbd/process.c:1662(process_smb) > Transaction 25 of length 228 (0 toread) >[2012/11/09 16:29:11.262523, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.262535, 5] lib/util.c:342(show_msg) > size=224 > smb_com=0x2f > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=49600 > smt_wct=14 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8212 (0x2014) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]=65535 (0xFFFF) > smb_vwv[ 6]=65535 (0xFFFF) > smb_vwv[ 7]= 8 (0x8) > smb_vwv[ 8]= 160 (0xA0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 160 (0xA0) > smb_vwv[11]= 64 (0x40) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_bcc=161 >[2012/11/09 16:29:11.262741, 3] smbd/process.c:1467(switch_message) > switch message SMBwriteX (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.262764, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.262784, 6] smbd/pipes.c:300(reply_pipe_write_and_X) > reply_pipe_write_and_X: 2014 name: spoolss len: 160 >[2012/11/09 16:29:11.262804, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 160 >[2012/11/09 16:29:11.262829, 3] rpc_server/srv_pipe.c:889(api_pipe_bind_req) > api_pipe_bind_req: \PIPE\spoolss -> \PIPE\spoolss >[2012/11/09 16:29:11.262850, 5] rpc_server/srv_pipe.c:923(api_pipe_bind_req) > api_pipe_bind_req: make response. 923 >[2012/11/09 16:29:11.262869, 3] rpc_server/srv_pipe.c:339(check_bind_req) > check_bind_req for \spoolss >[2012/11/09 16:29:11.262889, 3] rpc_server/srv_pipe.c:346(check_bind_req) > check_bind_req: \PIPE\spoolss -> \PIPE\spoolss >[2012/11/09 16:29:11.262919, 3] smbd/pipes.c:361(pipe_write_andx_done) > writeX-IPC nwritten=160 >[2012/11/09 16:29:11.264112, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:11.264144, 3] smbd/process.c:1662(process_smb) > Transaction 26 of length 63 (0 toread) >[2012/11/09 16:29:11.264164, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.264175, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=49664 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8212 (0x2014) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 1024 (0x400) > smb_vwv[ 6]= 1024 (0x400) > smb_vwv[ 7]=65535 (0xFFFF) > smb_vwv[ 8]=65535 (0xFFFF) > smb_vwv[ 9]= 1024 (0x400) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:11.264386, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.264410, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.264432, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 1024 >[2012/11/09 16:29:11.264500, 3] rpc_server/srv_pipe_hnd.c:121(free_pipe_context) > free_pipe_context: destroying talloc pool of size 29 >[2012/11/09 16:29:11.264530, 3] smbd/pipes.c:485(pipe_read_andx_done) > readX-IPC min=1024 max=1024 nread=68 >[2012/11/09 16:29:11.265567, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x124 >[2012/11/09 16:29:11.265610, 3] smbd/process.c:1662(process_smb) > Transaction 27 of length 296 (0 toread) >[2012/11/09 16:29:11.265633, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.265644, 5] lib/util.c:342(show_msg) > size=292 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=49728 > smt_wct=16 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 208 (0xD0) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 1024 (0x400) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 84 (0x54) > smb_vwv[11]= 208 (0xD0) > smb_vwv[12]= 84 (0x54) > smb_vwv[13]= 2 (0x2) > smb_vwv[14]= 38 (0x26) > smb_vwv[15]= 8212 (0x2014) > smb_bcc=225 >[2012/11/09 16:29:11.265875, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.265897, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.265920, 3] smbd/ipc.c:560(handle_trans) > trans <\PIPE\> data=208 params=0 setup=2 >[2012/11/09 16:29:11.265942, 5] smbd/ipc.c:593(handle_trans) > calling named_pipe >[2012/11/09 16:29:11.265960, 3] smbd/ipc.c:511(named_pipe) > named pipe command on <> name >[2012/11/09 16:29:11.265979, 5] smbd/ipc.c:434(api_fd_reply) > api_fd_reply >[2012/11/09 16:29:11.265998, 3] smbd/ipc.c:475(api_fd_reply) > Got API command 0x26 on pipe "spoolss" (pnum 2014) >[2012/11/09 16:29:11.266018, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 208 >[2012/11/09 16:29:11.266042, 5] rpc_server/srv_pipe.c:1571(api_pipe_request) > Requested \PIPE\\spoolss >[2012/11/09 16:29:11.266063, 4] rpc_server/srv_pipe.c:1611(api_rpcTNP) > api_rpcTNP: \spoolss op 0x45 - api_rpcTNP: rpc command: SPOOLSS_OPENPRINTEREX >[2012/11/09 16:29:11.266084, 6] rpc_server/srv_pipe.c:1645(api_rpcTNP) > api_rpc_cmds[69].fn == 0x7fa2ea3def70 > checking name: \\yyyu0031\yyyp0708 >[2012/11/09 16:29:11.266123, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 48 00 00 00 00 00 00 00 9D 50 47 21 ....H... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.266164, 3] rpc_server/spoolss/srv_spoolss_nt.c:521(set_printer_hnd_printertype) > Setting printer type=\\yyyu0031\yyyp0708 > Printer is a printer >[2012/11/09 16:29:11.266191, 4] rpc_server/spoolss/srv_spoolss_nt.c:581(set_printer_hnd_name) > Setting printer name=\\yyyu0031\yyyp0708 (len=19) > searching for [yyyp0708] > set_printer_hnd_name: Printer found: yyyp0708 -> yyyp0708 >[2012/11/09 16:29:11.266249, 5] rpc_server/spoolss/srv_spoolss_nt.c:788(open_printer_hnd) > 2 printer handles active >[2012/11/09 16:29:11.266269, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 48 00 00 00 00 00 00 00 9D 50 47 21 ....H... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.266308, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 48 00 00 00 00 00 00 00 9D 50 47 21 ....H... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.266346, 4] rpc_server/spoolss/srv_spoolss_nt.c:504(get_printer_snum) > short name:yyyp0708 >[2012/11/09 16:29:11.266382, 3] lib/access.c:338(allow_access) > Allowed connection from yyyc27002.xxxxx.xxx (10.129.108.68) >[2012/11/09 16:29:11.266409, 4] rpc_server/spoolss/srv_spoolss_nt.c:1923(_spoolss_OpenPrinterEx) > Setting printer access = PRINTER_ACCESS_USE >[2012/11/09 16:29:11.266431, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \winreg >[2012/11/09 16:29:11.266456, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \winreg (pipes_open=0) >[2012/11/09 16:29:11.266486, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.266508, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(10000, 10006) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.266542, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(101) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.266566, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.266585, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.266615, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.266708, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.266760, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[1] [0000] 00 00 00 00 49 00 00 00 00 00 00 00 9D 50 47 21 ....I... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.266817, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 49 00 00 00 00 00 00 00 9D 50 47 21 ....I... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.266861, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.266912, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.266958, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.266999, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.267039, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.267076, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.267124, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0708] >[2012/11/09 16:29:11.267173, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 4A 00 00 00 00 00 00 00 9D 50 47 21 ....J... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.267224, 2] rpc_client/cli_winreg_spoolss.c:896(winreg_create_printer) > winreg_create_printer: Skipping, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708 already exists >[2012/11/09 16:29:11.267253, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 4A 00 00 00 00 00 00 00 9D 50 47 21 ....J... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.267294, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 4A 00 00 00 00 00 00 00 9D 50 47 21 ....J... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.267333, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.267375, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 49 00 00 00 00 00 00 00 9D 50 47 21 ....I... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.267419, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 49 00 00 00 00 00 00 00 9D 50 47 21 ....I... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.267457, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.267489, 5] rpc_server/srv_pipe.c:1679(api_rpcTNP) > api_rpcTNP: called \spoolss successfully >[2012/11/09 16:29:11.267520, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 1024 >[2012/11/09 16:29:11.267545, 3] rpc_server/srv_pipe_hnd.c:121(free_pipe_context) > free_pipe_context: destroying talloc pool of size 1741 >[2012/11/09 16:29:11.267572, 5] smbd/ipc.c:62(copy_trans_params_and_data) > copy_trans_params_and_data: params[0..0] data[0..48] (align 0) >[2012/11/09 16:29:11.267593, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.267604, 5] lib/util.c:342(show_msg) > size=104 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=49728 > smt_wct=10 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 48 (0x30) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 48 (0x30) > smb_vwv[ 7]= 56 (0x38) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=49 >[2012/11/09 16:29:11.273719, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x90 >[2012/11/09 16:29:11.273794, 3] smbd/process.c:1662(process_smb) > Transaction 28 of length 148 (0 toread) >[2012/11/09 16:29:11.273815, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.273827, 5] lib/util.c:342(show_msg) > size=144 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=49792 > smt_wct=16 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 60 (0x3C) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 1024 (0x400) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 84 (0x54) > smb_vwv[11]= 60 (0x3C) > smb_vwv[12]= 84 (0x54) > smb_vwv[13]= 2 (0x2) > smb_vwv[14]= 38 (0x26) > smb_vwv[15]= 8212 (0x2014) > smb_bcc=77 >[2012/11/09 16:29:11.274044, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.274066, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.274092, 3] smbd/ipc.c:560(handle_trans) > trans <\PIPE\> data=60 params=0 setup=2 >[2012/11/09 16:29:11.274114, 5] smbd/ipc.c:593(handle_trans) > calling named_pipe >[2012/11/09 16:29:11.274133, 3] smbd/ipc.c:511(named_pipe) > named pipe command on <> name >[2012/11/09 16:29:11.274159, 5] smbd/ipc.c:434(api_fd_reply) > api_fd_reply >[2012/11/09 16:29:11.274192, 3] smbd/ipc.c:475(api_fd_reply) > Got API command 0x26 on pipe "spoolss" (pnum 2014) >[2012/11/09 16:29:11.274229, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 60 >[2012/11/09 16:29:11.274267, 5] rpc_server/srv_pipe.c:1571(api_pipe_request) > Requested \PIPE\\spoolss >[2012/11/09 16:29:11.274306, 4] rpc_server/srv_pipe.c:1611(api_rpcTNP) > api_rpcTNP: \spoolss op 0x22 - api_rpcTNP: rpc command: SPOOLSS_ENUMFORMS >[2012/11/09 16:29:11.274339, 6] rpc_server/srv_pipe.c:1645(api_rpcTNP) > api_rpc_cmds[34].fn == 0x7fa2ea3e4850 >[2012/11/09 16:29:11.274371, 4] rpc_server/spoolss/srv_spoolss_nt.c:7481(_spoolss_EnumForms) > _spoolss_EnumForms > Offered buffer size [0] > Info level [2] >[2012/11/09 16:29:11.274412, 5] rpc_server/srv_pipe.c:1679(api_rpcTNP) > api_rpcTNP: called \spoolss successfully >[2012/11/09 16:29:11.274447, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 1024 >[2012/11/09 16:29:11.274475, 3] rpc_server/srv_pipe_hnd.c:121(free_pipe_context) > free_pipe_context: destroying talloc pool of size 29 >[2012/11/09 16:29:11.274501, 5] smbd/ipc.c:62(copy_trans_params_and_data) > copy_trans_params_and_data: params[0..0] data[0..44] (align 0) >[2012/11/09 16:29:11.274522, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.274533, 5] lib/util.c:342(show_msg) > size=100 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=49792 > smt_wct=10 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 44 (0x2C) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 44 (0x2C) > smb_vwv[ 7]= 56 (0x38) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=45 >[2012/11/09 16:29:11.275665, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x90 >[2012/11/09 16:29:11.275697, 3] smbd/process.c:1662(process_smb) > Transaction 29 of length 148 (0 toread) >[2012/11/09 16:29:11.275718, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.275729, 5] lib/util.c:342(show_msg) > size=144 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=49856 > smt_wct=16 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 60 (0x3C) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 1024 (0x400) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 84 (0x54) > smb_vwv[11]= 60 (0x3C) > smb_vwv[12]= 84 (0x54) > smb_vwv[13]= 2 (0x2) > smb_vwv[14]= 38 (0x26) > smb_vwv[15]= 8212 (0x2014) > smb_bcc=77 >[2012/11/09 16:29:11.275968, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.275990, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.276012, 3] smbd/ipc.c:560(handle_trans) > trans <\PIPE\> data=60 params=0 setup=2 >[2012/11/09 16:29:11.276033, 5] smbd/ipc.c:593(handle_trans) > calling named_pipe >[2012/11/09 16:29:11.276051, 3] smbd/ipc.c:511(named_pipe) > named pipe command on <> name >[2012/11/09 16:29:11.276070, 5] smbd/ipc.c:434(api_fd_reply) > api_fd_reply >[2012/11/09 16:29:11.276089, 3] smbd/ipc.c:475(api_fd_reply) > Got API command 0x26 on pipe "spoolss" (pnum 2014) >[2012/11/09 16:29:11.276109, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 60 >[2012/11/09 16:29:11.276132, 5] rpc_server/srv_pipe.c:1571(api_pipe_request) > Requested \PIPE\\spoolss >[2012/11/09 16:29:11.276154, 4] rpc_server/srv_pipe.c:1611(api_rpcTNP) > api_rpcTNP: \spoolss op 0x22 - api_rpcTNP: rpc command: SPOOLSS_ENUMFORMS >[2012/11/09 16:29:11.276175, 6] rpc_server/srv_pipe.c:1645(api_rpcTNP) > api_rpc_cmds[34].fn == 0x7fa2ea3e4850 >[2012/11/09 16:29:11.276196, 4] rpc_server/spoolss/srv_spoolss_nt.c:7481(_spoolss_EnumForms) > _spoolss_EnumForms > Offered buffer size [0] > Info level [1] >[2012/11/09 16:29:11.276231, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \winreg >[2012/11/09 16:29:11.276271, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \winreg (pipes_open=0) >[2012/11/09 16:29:11.276321, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.276349, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(10000, 10006) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.276384, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(101) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.276408, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.276428, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.276485, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.276588, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.276651, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[1] [0000] 00 00 00 00 4B 00 00 00 00 00 00 00 9D 50 47 21 ....K... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.276719, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 4B 00 00 00 00 00 00 00 9D 50 47 21 ....K... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.276778, 5] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2012/11/09 16:29:11.276801, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SYSTEM] >[2012/11/09 16:29:11.276841, 5] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2012/11/09 16:29:11.276864, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentControlSet] >[2012/11/09 16:29:11.276901, 5] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2012/11/09 16:29:11.276924, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Control] >[2012/11/09 16:29:11.276974, 5] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2012/11/09 16:29:11.276997, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.277035, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Forms] >[2012/11/09 16:29:11.277076, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 4C 00 00 00 00 00 00 00 9D 50 47 21 ....L... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.277136, 8] rpc_client/cli_winreg_spoolss.c:285(winreg_printer_openkey) > winreg_printer_openkey: createkey opened existing SYSTEM\CurrentControlSet\Control\Print\Forms >[2012/11/09 16:29:11.277167, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 4C 00 00 00 00 00 00 00 9D 50 47 21 ....L... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.277247, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 4C 00 00 00 00 00 00 00 9D 50 47 21 ....L... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.277293, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 4C 00 00 00 00 00 00 00 9D 50 47 21 ....L... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.277332, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.277360, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 4B 00 00 00 00 00 00 00 9D 50 47 21 ....K... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.277401, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 4B 00 00 00 00 00 00 00 9D 50 47 21 ....K... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.277440, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.277583, 5] rpc_server/srv_pipe.c:1679(api_rpcTNP) > api_rpcTNP: called \spoolss successfully >[2012/11/09 16:29:11.277624, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 1024 >[2012/11/09 16:29:11.277651, 3] rpc_server/srv_pipe_hnd.c:121(free_pipe_context) > free_pipe_context: destroying talloc pool of size 31741 >[2012/11/09 16:29:11.277696, 5] smbd/ipc.c:62(copy_trans_params_and_data) > copy_trans_params_and_data: params[0..0] data[0..44] (align 0) >[2012/11/09 16:29:11.277721, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.277733, 5] lib/util.c:342(show_msg) > size=100 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=49856 > smt_wct=10 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 44 (0x2C) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 44 (0x2C) > smb_vwv[ 7]= 56 (0x38) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=45 >[2012/11/09 16:29:11.279464, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x10f8 >[2012/11/09 16:29:11.279505, 3] smbd/process.c:1662(process_smb) > Transaction 30 of length 4348 (0 toread) >[2012/11/09 16:29:11.279526, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.279537, 5] lib/util.c:342(show_msg) > size=4344 > smb_com=0x2f > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=49920 > smt_wct=14 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8212 (0x2014) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]=65535 (0xFFFF) > smb_vwv[ 6]=65535 (0xFFFF) > smb_vwv[ 7]= 8 (0x8) > smb_vwv[ 8]= 4280 (0x10B8) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 4280 (0x10B8) > smb_vwv[11]= 64 (0x40) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_bcc=4281 >[2012/11/09 16:29:11.279799, 3] smbd/process.c:1467(switch_message) > switch message SMBwriteX (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.279823, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.279844, 6] smbd/pipes.c:300(reply_pipe_write_and_X) > reply_pipe_write_and_X: 2014 name: spoolss len: 4280 >[2012/11/09 16:29:11.279865, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 4280 >[2012/11/09 16:29:11.279896, 3] smbd/pipes.c:361(pipe_write_andx_done) > writeX-IPC nwritten=4280 >[2012/11/09 16:29:11.281586, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x10f8 >[2012/11/09 16:29:11.281628, 3] smbd/process.c:1662(process_smb) > Transaction 31 of length 4348 (0 toread) >[2012/11/09 16:29:11.281650, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.281662, 5] lib/util.c:342(show_msg) > size=4344 > smb_com=0x2f > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=49984 > smt_wct=14 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8212 (0x2014) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]=65535 (0xFFFF) > smb_vwv[ 6]=65535 (0xFFFF) > smb_vwv[ 7]= 8 (0x8) > smb_vwv[ 8]= 4280 (0x10B8) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 4280 (0x10B8) > smb_vwv[11]= 64 (0x40) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_bcc=4281 >[2012/11/09 16:29:11.281887, 3] smbd/process.c:1467(switch_message) > switch message SMBwriteX (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.281924, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.281946, 6] smbd/pipes.c:300(reply_pipe_write_and_X) > reply_pipe_write_and_X: 2014 name: spoolss len: 4280 >[2012/11/09 16:29:11.281967, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 4280 >[2012/11/09 16:29:11.281997, 3] smbd/pipes.c:361(pipe_write_andx_done) > writeX-IPC nwritten=4280 >[2012/11/09 16:29:11.283143, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x440 >[2012/11/09 16:29:11.283176, 3] smbd/process.c:1662(process_smb) > Transaction 32 of length 1092 (0 toread) >[2012/11/09 16:29:11.283196, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.283208, 5] lib/util.c:342(show_msg) > size=1088 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=50048 > smt_wct=16 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 1004 (0x3EC) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 1024 (0x400) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 84 (0x54) > smb_vwv[11]= 1004 (0x3EC) > smb_vwv[12]= 84 (0x54) > smb_vwv[13]= 2 (0x2) > smb_vwv[14]= 38 (0x26) > smb_vwv[15]= 8212 (0x2014) > smb_bcc=1021 >[2012/11/09 16:29:11.283421, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.283441, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.283465, 3] smbd/ipc.c:560(handle_trans) > trans <\PIPE\> data=1004 params=0 setup=2 >[2012/11/09 16:29:11.283488, 5] smbd/ipc.c:593(handle_trans) > calling named_pipe >[2012/11/09 16:29:11.283506, 3] smbd/ipc.c:511(named_pipe) > named pipe command on <> name >[2012/11/09 16:29:11.283526, 5] smbd/ipc.c:434(api_fd_reply) > api_fd_reply >[2012/11/09 16:29:11.283545, 3] smbd/ipc.c:475(api_fd_reply) > Got API command 0x26 on pipe "spoolss" (pnum 2014) >[2012/11/09 16:29:11.283565, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 1004 >[2012/11/09 16:29:11.283590, 5] rpc_server/srv_pipe.c:1571(api_pipe_request) > Requested \PIPE\\spoolss >[2012/11/09 16:29:11.283623, 4] rpc_server/srv_pipe.c:1611(api_rpcTNP) > api_rpcTNP: \spoolss op 0x22 - api_rpcTNP: rpc command: SPOOLSS_ENUMFORMS >[2012/11/09 16:29:11.283647, 6] rpc_server/srv_pipe.c:1645(api_rpcTNP) > api_rpc_cmds[34].fn == 0x7fa2ea3e4850 >[2012/11/09 16:29:11.283687, 4] rpc_server/spoolss/srv_spoolss_nt.c:7481(_spoolss_EnumForms) > _spoolss_EnumForms > Offered buffer size [9456] > Info level [1] >[2012/11/09 16:29:11.283732, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \winreg >[2012/11/09 16:29:11.283758, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \winreg (pipes_open=0) >[2012/11/09 16:29:11.283785, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.283807, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(10000, 10006) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.283837, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(101) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.283870, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.283902, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.283923, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.284025, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.284100, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[1] [0000] 00 00 00 00 4D 00 00 00 00 00 00 00 9D 50 47 21 ....M... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.284163, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 4D 00 00 00 00 00 00 00 9D 50 47 21 ....M... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.284220, 5] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2012/11/09 16:29:11.284245, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SYSTEM] >[2012/11/09 16:29:11.284301, 5] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2012/11/09 16:29:11.284330, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentControlSet] >[2012/11/09 16:29:11.284369, 5] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2012/11/09 16:29:11.284401, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Control] >[2012/11/09 16:29:11.284442, 5] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2012/11/09 16:29:11.284493, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.284561, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Forms] >[2012/11/09 16:29:11.284636, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 4E 00 00 00 00 00 00 00 9D 50 47 21 ....N... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.284748, 8] rpc_client/cli_winreg_spoolss.c:285(winreg_printer_openkey) > winreg_printer_openkey: createkey opened existing SYSTEM\CurrentControlSet\Control\Print\Forms >[2012/11/09 16:29:11.284815, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 4E 00 00 00 00 00 00 00 9D 50 47 21 ....N... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.284954, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 4E 00 00 00 00 00 00 00 9D 50 47 21 ....N... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.285059, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 4E 00 00 00 00 00 00 00 9D 50 47 21 ....N... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.285138, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.285182, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 4D 00 00 00 00 00 00 00 9D 50 47 21 ....M... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.285227, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 4D 00 00 00 00 00 00 00 9D 50 47 21 ....M... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.285266, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.285583, 5] rpc_server/srv_pipe.c:1679(api_rpcTNP) > api_rpcTNP: called \spoolss successfully >[2012/11/09 16:29:11.285640, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 1024 >[2012/11/09 16:29:11.285673, 5] smbd/ipc.c:103(send_trans_reply) > send_trans_reply: buffer 1024 too large >[2012/11/09 16:29:11.285697, 5] smbd/ipc.c:62(copy_trans_params_and_data) > copy_trans_params_and_data: params[0..0] data[0..1024] (align 0) >[2012/11/09 16:29:11.285717, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/ipc.c(137) cmd=37 (SMBtrans) STATUS_BUFFER_OVERFLOW >[2012/11/09 16:29:11.285738, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.285750, 5] lib/util.c:342(show_msg) > size=1080 > smb_com=0x25 > smb_rcls=5 > smb_reh=0 > smb_err=32768 > smb_flg=136 > smb_flg2=51203 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=50048 > smt_wct=10 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 1024 (0x400) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 1024 (0x400) > smb_vwv[ 7]= 56 (0x38) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=1025 >[2012/11/09 16:29:11.287075, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:11.287111, 3] smbd/process.c:1662(process_smb) > Transaction 33 of length 63 (0 toread) >[2012/11/09 16:29:11.287131, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.287142, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=50112 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8212 (0x2014) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 3256 (0xCB8) > smb_vwv[ 6]= 3256 (0xCB8) > smb_vwv[ 7]=65535 (0xFFFF) > smb_vwv[ 8]=65535 (0xFFFF) > smb_vwv[ 9]= 3256 (0xCB8) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:11.287329, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.287350, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.287372, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 3256 >[2012/11/09 16:29:11.287399, 3] smbd/pipes.c:485(pipe_read_andx_done) > readX-IPC min=3256 max=3256 nread=3256 >[2012/11/09 16:29:11.288803, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:11.288847, 3] smbd/process.c:1662(process_smb) > Transaction 34 of length 63 (0 toread) >[2012/11/09 16:29:11.288870, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.288882, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=50176 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8212 (0x2014) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 4280 (0x10B8) > smb_vwv[ 6]= 4280 (0x10B8) > smb_vwv[ 7]=65535 (0xFFFF) > smb_vwv[ 8]=65535 (0xFFFF) > smb_vwv[ 9]= 4280 (0x10B8) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:11.289079, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.289100, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.289122, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 4280 >[2012/11/09 16:29:11.289152, 3] smbd/pipes.c:485(pipe_read_andx_done) > readX-IPC min=4280 max=4280 nread=4280 >[2012/11/09 16:29:11.290719, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:11.290775, 3] smbd/process.c:1662(process_smb) > Transaction 35 of length 63 (0 toread) >[2012/11/09 16:29:11.290800, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.290812, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=50240 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8212 (0x2014) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 4280 (0x10B8) > smb_vwv[ 6]= 4280 (0x10B8) > smb_vwv[ 7]=65535 (0xFFFF) > smb_vwv[ 8]=65535 (0xFFFF) > smb_vwv[ 9]= 4280 (0x10B8) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:11.291050, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.291075, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.291096, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 4280 >[2012/11/09 16:29:11.291124, 3] rpc_server/srv_pipe_hnd.c:121(free_pipe_context) > free_pipe_context: destroying talloc pool of size 31741 >[2012/11/09 16:29:11.291177, 3] smbd/pipes.c:485(pipe_read_andx_done) > readX-IPC min=4280 max=4280 nread=988 >[2012/11/09 16:29:11.306726, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0xac >[2012/11/09 16:29:11.306826, 3] smbd/process.c:1662(process_smb) > Transaction 36 of length 176 (0 toread) >[2012/11/09 16:29:11.306859, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.306877, 5] lib/util.c:342(show_msg) > size=172 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=50304 > smt_wct=16 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 88 (0x58) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 4280 (0x10B8) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 84 (0x54) > smb_vwv[11]= 88 (0x58) > smb_vwv[12]= 84 (0x54) > smb_vwv[13]= 2 (0x2) > smb_vwv[14]= 38 (0x26) > smb_vwv[15]= 8212 (0x2014) > smb_bcc=105 >[2012/11/09 16:29:11.307234, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.307275, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.307321, 3] smbd/ipc.c:560(handle_trans) > trans <\PIPE\> data=88 params=0 setup=2 >[2012/11/09 16:29:11.307365, 5] smbd/ipc.c:593(handle_trans) > calling named_pipe >[2012/11/09 16:29:11.307402, 3] smbd/ipc.c:511(named_pipe) > named pipe command on <> name >[2012/11/09 16:29:11.307440, 5] smbd/ipc.c:434(api_fd_reply) > api_fd_reply >[2012/11/09 16:29:11.307476, 3] smbd/ipc.c:475(api_fd_reply) > Got API command 0x26 on pipe "spoolss" (pnum 2014) >[2012/11/09 16:29:11.307514, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 88 >[2012/11/09 16:29:11.307563, 5] rpc_server/srv_pipe.c:1571(api_pipe_request) > Requested \PIPE\\spoolss >[2012/11/09 16:29:11.307605, 4] rpc_server/srv_pipe.c:1611(api_rpcTNP) > api_rpcTNP: \spoolss op 0x1a - api_rpcTNP: rpc command: SPOOLSS_GETPRINTERDATA >[2012/11/09 16:29:11.307670, 6] rpc_server/srv_pipe.c:1645(api_rpcTNP) > api_rpc_cmds[26].fn == 0x7fa2ea3e5d00 >[2012/11/09 16:29:11.307725, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 48 00 00 00 00 00 00 00 9D 50 47 21 ....H... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.307807, 4] rpc_server/spoolss/srv_spoolss_nt.c:9191(_spoolss_GetPrinterDataEx) > _spoolss_GetPrinterDataEx >[2012/11/09 16:29:11.307845, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 48 00 00 00 00 00 00 00 9D 50 47 21 ....H... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.307919, 4] rpc_server/spoolss/srv_spoolss_nt.c:504(get_printer_snum) > short name:yyyp0708 >[2012/11/09 16:29:11.307962, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \winreg >[2012/11/09 16:29:11.308011, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \winreg (pipes_open=0) >[2012/11/09 16:29:11.308065, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.308107, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(10000, 10006) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.308160, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(101) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.308200, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.308236, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.308270, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.308413, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.308534, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[1] [0000] 00 00 00 00 4F 00 00 00 00 00 00 00 9D 50 47 21 ....O... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.308644, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 4F 00 00 00 00 00 00 00 9D 50 47 21 ....O... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.308729, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.308806, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.308875, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.308947, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.309016, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.309080, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.309161, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0708] >[2012/11/09 16:29:11.309240, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [PrinterDriverData] >[2012/11/09 16:29:11.309325, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 50 00 00 00 00 00 00 00 9D 50 47 21 ....P... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.309431, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 50 00 00 00 00 00 00 00 9D 50 47 21 ....P... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.309513, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708\PrinterDriverData] >[2012/11/09 16:29:11.309572, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.309663, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 50 00 00 00 00 00 00 00 9D 50 47 21 ....P... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.309747, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 50 00 00 00 00 00 00 00 9D 50 47 21 ....P... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.309824, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.309878, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 4F 00 00 00 00 00 00 00 9D 50 47 21 ....O... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.309959, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 4F 00 00 00 00 00 00 00 9D 50 47 21 ....O... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.310039, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.310099, 5] rpc_server/srv_pipe.c:1679(api_rpcTNP) > api_rpcTNP: called \spoolss successfully >[2012/11/09 16:29:11.310157, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 4280 >[2012/11/09 16:29:11.310205, 3] rpc_server/srv_pipe_hnd.c:121(free_pipe_context) > free_pipe_context: destroying talloc pool of size 1741 >[2012/11/09 16:29:11.310253, 5] smbd/ipc.c:62(copy_trans_params_and_data) > copy_trans_params_and_data: params[0..0] data[0..1064] (align 0) >[2012/11/09 16:29:11.310293, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.310315, 5] lib/util.c:342(show_msg) > size=1120 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=50304 > smt_wct=10 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 1064 (0x428) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 1064 (0x428) > smb_vwv[ 7]= 56 (0x38) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=1065 >[2012/11/09 16:29:11.312328, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x8c0 >[2012/11/09 16:29:11.312409, 3] smbd/process.c:1662(process_smb) > Transaction 37 of length 2244 (0 toread) >[2012/11/09 16:29:11.312475, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.312503, 5] lib/util.c:342(show_msg) > size=2240 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=50368 > smt_wct=16 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 2156 (0x86C) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 4280 (0x10B8) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 84 (0x54) > smb_vwv[11]= 2156 (0x86C) > smb_vwv[12]= 84 (0x54) > smb_vwv[13]= 2 (0x2) > smb_vwv[14]= 38 (0x26) > smb_vwv[15]= 8212 (0x2014) > smb_bcc=2173 >[2012/11/09 16:29:11.312884, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.312923, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.312966, 3] smbd/ipc.c:560(handle_trans) > trans <\PIPE\> data=2156 params=0 setup=2 >[2012/11/09 16:29:11.313006, 5] smbd/ipc.c:593(handle_trans) > calling named_pipe >[2012/11/09 16:29:11.313042, 3] smbd/ipc.c:511(named_pipe) > named pipe command on <> name >[2012/11/09 16:29:11.313078, 5] smbd/ipc.c:434(api_fd_reply) > api_fd_reply >[2012/11/09 16:29:11.313114, 3] smbd/ipc.c:475(api_fd_reply) > Got API command 0x26 on pipe "spoolss" (pnum 2014) >[2012/11/09 16:29:11.313181, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 2156 >[2012/11/09 16:29:11.313228, 5] rpc_server/srv_pipe.c:1571(api_pipe_request) > Requested \PIPE\\spoolss >[2012/11/09 16:29:11.313270, 4] rpc_server/srv_pipe.c:1611(api_rpcTNP) > api_rpcTNP: \spoolss op 0x35 - api_rpcTNP: rpc command: SPOOLSS_GETPRINTERDRIVER2 >[2012/11/09 16:29:11.313309, 6] rpc_server/srv_pipe.c:1645(api_rpcTNP) > api_rpc_cmds[53].fn == 0x7fa2ea3e16c0 >[2012/11/09 16:29:11.313357, 4] rpc_server/spoolss/srv_spoolss_nt.c:5603(_spoolss_GetPrinterDriver2) > _spoolss_GetPrinterDriver2 >[2012/11/09 16:29:11.313398, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 48 00 00 00 00 00 00 00 9D 50 47 21 ....H... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.313476, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 48 00 00 00 00 00 00 00 9D 50 47 21 ....H... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.313552, 4] rpc_server/spoolss/srv_spoolss_nt.c:504(get_printer_snum) > short name:yyyp0708 >[2012/11/09 16:29:11.313592, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \winreg >[2012/11/09 16:29:11.313639, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \winreg (pipes_open=0) >[2012/11/09 16:29:11.313692, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.313735, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(10000, 10006) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.313787, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(101) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.313827, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.313863, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.313899, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.314031, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.314115, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[1] [0000] 00 00 00 00 51 00 00 00 00 00 00 00 9D 50 47 21 ....Q... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.314218, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 51 00 00 00 00 00 00 00 9D 50 47 21 ....Q... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.314300, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.314376, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.314447, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.314518, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.314585, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.314659, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.314744, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0708] >[2012/11/09 16:29:11.314827, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.314927, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.315102, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.315183, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.315244, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.315326, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.315384, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.315464, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.315522, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.315615, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.315677, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.315783, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.315854, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.315947, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.316021, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.316118, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.316182, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.316273, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.316336, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.316445, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.316543, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.316627, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.316687, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.316767, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.316826, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.316906, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.316965, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.317046, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.317106, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.317188, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.317242, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.317317, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.317373, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.317449, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.317489, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.317534, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.317572, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.317628, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.317664, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.317711, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.317793, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.317868, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.317900, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.317949, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.318022, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.318054, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.318112, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.318185, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[3] [0000] 00 00 00 00 53 00 00 00 00 00 00 00 9D 50 47 21 ....S... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.318274, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 53 00 00 00 00 00 00 00 9D 50 47 21 ....S... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.318349, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:11.318413, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:11.318475, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:11.318536, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:11.318604, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.318663, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:11.318736, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0708] >[2012/11/09 16:29:11.318813, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[4] [0000] 00 00 00 00 54 00 00 00 00 00 00 00 9D 50 47 21 ....T... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.318909, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 54 00 00 00 00 00 00 00 9D 50 47 21 ....T... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.318998, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.319033, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.319092, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 54 00 00 00 00 00 00 00 9D 50 47 21 ....T... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.319146, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:11.319168, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:11.319205, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 54 00 00 00 00 00 00 00 9D 50 47 21 ....T... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.319249, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 54 00 00 00 00 00 00 00 9D 50 47 21 ....T... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.319288, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.319319, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 53 00 00 00 00 00 00 00 9D 50 47 21 ....S... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.319372, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 53 00 00 00 00 00 00 00 9D 50 47 21 ....S... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.319419, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.319450, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.319492, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 52 00 00 00 00 00 00 00 9D 50 47 21 ....R... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.319530, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.319561, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 51 00 00 00 00 00 00 00 9D 50 47 21 ....Q... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.319613, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 51 00 00 00 00 00 00 00 9D 50 47 21 ....Q... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.319661, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.319707, 8] rpc_server/spoolss/srv_spoolss_nt.c:5510(construct_printer_driver_info_level) > construct_printer_driver_info_level: status: WERR_OK >[2012/11/09 16:29:11.319750, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:11.319775, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(10000, 10006) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.319812, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(101) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.319838, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.319858, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.319888, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.319993, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.320053, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[1] [0000] 00 00 00 00 55 00 00 00 00 00 00 00 9D 50 47 21 ....U... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.320116, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 55 00 00 00 00 00 00 00 9D 50 47 21 ....U... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.320162, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SYSTEM] >[2012/11/09 16:29:11.320203, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentControlSet] >[2012/11/09 16:29:11.320257, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Control] >[2012/11/09 16:29:11.320315, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:11.320362, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Environments] >[2012/11/09 16:29:11.320412, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows x64] >[2012/11/09 16:29:11.320491, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Drivers] >[2012/11/09 16:29:11.320541, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Version-3] >[2012/11/09 16:29:11.320599, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0708] >[2012/11/09 16:29:11.320655, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.320714, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.320802, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.320849, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\yyyp0708] >[2012/11/09 16:29:11.320883, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.320938, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\yyyp0708] >[2012/11/09 16:29:11.320975, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.321020, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\yyyp0708] >[2012/11/09 16:29:11.321053, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.321111, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\yyyp0708] >[2012/11/09 16:29:11.321148, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.321199, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\yyyp0708] >[2012/11/09 16:29:11.321236, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.321281, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\yyyp0708] >[2012/11/09 16:29:11.321313, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.321356, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\yyyp0708] >[2012/11/09 16:29:11.321388, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.321435, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\yyyp0708] >[2012/11/09 16:29:11.321470, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.321528, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\yyyp0708] >[2012/11/09 16:29:11.321566, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.321610, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\yyyp0708] >[2012/11/09 16:29:11.321643, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.321686, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\yyyp0708] >[2012/11/09 16:29:11.321731, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.321795, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\yyyp0708] >[2012/11/09 16:29:11.321848, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.321895, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\yyyp0708] >[2012/11/09 16:29:11.321928, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.321972, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\yyyp0708] >[2012/11/09 16:29:11.322007, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.322061, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\yyyp0708] >[2012/11/09 16:29:11.322097, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.322147, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\yyyp0708] >[2012/11/09 16:29:11.322183, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.322226, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\yyyp0708] >[2012/11/09 16:29:11.322259, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.322301, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\yyyp0708] >[2012/11/09 16:29:11.322334, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.322382, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\yyyp0708] >[2012/11/09 16:29:11.322418, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.322461, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\yyyp0708] >[2012/11/09 16:29:11.322494, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.322551, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\yyyp0708] >[2012/11/09 16:29:11.322586, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.322637, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\yyyp0708] >[2012/11/09 16:29:11.322671, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.322715, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3\yyyp0708] >[2012/11/09 16:29:11.322781, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.322842, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 56 00 00 00 00 00 00 00 9D 50 47 21 ....V... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.322884, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.322915, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 55 00 00 00 00 00 00 00 9D 50 47 21 ....U... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.322958, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 55 00 00 00 00 00 00 00 9D 50 47 21 ....U... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:11.322997, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:11.323039, 8] rpc_server/spoolss/srv_spoolss_nt.c:5521(construct_printer_driver_info_level) > construct_printer_driver_info_level: status: WERR_OK >[2012/11/09 16:29:11.323129, 5] rpc_server/srv_pipe.c:1679(api_rpcTNP) > api_rpcTNP: called \spoolss successfully >[2012/11/09 16:29:11.323170, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 4280 >[2012/11/09 16:29:11.323199, 3] rpc_server/srv_pipe_hnd.c:121(free_pipe_context) > free_pipe_context: destroying talloc pool of size 2323 >[2012/11/09 16:29:11.323231, 5] smbd/ipc.c:62(copy_trans_params_and_data) > copy_trans_params_and_data: params[0..0] data[0..2096] (align 0) >[2012/11/09 16:29:11.323252, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.323265, 5] lib/util.c:342(show_msg) > size=2152 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=50368 > smt_wct=10 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 2096 (0x830) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 2096 (0x830) > smb_vwv[ 7]= 56 (0x38) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=2097 >[2012/11/09 16:29:11.325274, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x68 >[2012/11/09 16:29:11.325311, 3] smbd/process.c:1662(process_smb) > Transaction 38 of length 108 (0 toread) >[2012/11/09 16:29:11.325331, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.325357, 5] lib/util.c:342(show_msg) > size=104 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=50432 > smt_wct=15 > smb_vwv[ 0]= 36 (0x24) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 4096 (0x1000) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 36 (0x24) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 16 (0x10) > smb_bcc=39 >[2012/11/09 16:29:11.325565, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:11.325587, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.325638, 3] smbd/msdfs.c:891(get_referred_path) > get_referred_path: |print$| in dfs path \yyyu0031\print$ is not a dfs root. >[2012/11/09 16:29:11.325674, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/trans2.c(8340) cmd=50 (SMBtrans2) NT_STATUS_NOT_FOUND >[2012/11/09 16:29:11.325699, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.325711, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0x32 > smb_rcls=37 > smb_reh=2 > smb_err=49152 > smb_flg=136 > smb_flg2=51203 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=50432 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:11.326971, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x56 >[2012/11/09 16:29:11.327020, 3] smbd/process.c:1662(process_smb) > Transaction 39 of length 90 (0 toread) >[2012/11/09 16:29:11.327051, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.327064, 5] lib/util.c:342(show_msg) > size=86 > smb_com=0x75 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=0 > smb_pid=65279 > smb_uid=101 > smb_mid=50496 > smt_wct=4 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]= 86 (0x56) > smb_vwv[ 2]= 8 (0x8) > smb_vwv[ 3]= 1 (0x1) > smb_bcc=43 >[2012/11/09 16:29:11.327206, 3] smbd/process.c:1467(switch_message) > switch message SMBtconX (pid 12629) conn 0x0 >[2012/11/09 16:29:11.327229, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.327248, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.327267, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.327300, 5] smbd/uid.c:400(change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) >[2012/11/09 16:29:11.327328, 4] smbd/reply.c:794(reply_tcon_and_X) > Client requested device type [?????] for share [PRINT$] >[2012/11/09 16:29:11.327354, 5] smbd/service.c:1354(make_connection) > making a connection to 'normal' service print$ >[2012/11/09 16:29:11.327377, 3] lib/access.c:338(allow_access) > Allowed connection from yyyc27002.xxxxx.xxx (10.129.108.68) >[2012/11/09 16:29:11.327429, 5] lib/username.c:171(Get_Pwnam_alloc) > Finding user BROSE+pfoerfr >[2012/11/09 16:29:11.327456, 5] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is brose+pfoerfr >[2012/11/09 16:29:11.327477, 5] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [BROSE+pfoerfr]! >[2012/11/09 16:29:11.327507, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.327528, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.327547, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.327565, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.327583, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.327655, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.330863, 3] smbd/service.c:581(find_forced_group) > Forced group ntadmin >[2012/11/09 16:29:11.330926, 3] smbd/service.c:872(make_connection_snum) > Connect path is '/var/lib/samba/drivers' for service [print$] >[2012/11/09 16:29:11.330973, 3] smbd/vfs.c:102(vfs_init_default) > Initialising default vfs hooks >[2012/11/09 16:29:11.330995, 3] smbd/vfs.c:128(vfs_init_custom) > Initialising custom vfs hooks from [/[Default VFS]/] > Successfully loaded vfs module [/[Default VFS]/] with the new modules system >[2012/11/09 16:29:11.331026, 5] smbd/connection.c:134(claim_connection) > claiming [print$] >[2012/11/09 16:29:11.331102, 3] ../libcli/security/dom_sid.c:208(dom_sid_parse_endp) > string_to_sid: SID @BROSE+YYY_CUPS_Printer_Admin is not in a valid format >[2012/11/09 16:29:11.331159, 5] auth/user_util.c:152(user_in_netgroup) > looking for user BROSE+pfoerfr of domain in netgroup BROSE+YYY_CUPS_Printer_Admin >[2012/11/09 16:29:11.331461, 5] auth/user_util.c:175(user_in_netgroup) > looking for user brose+pfoerfr of domain in netgroup BROSE+YYY_CUPS_Printer_Admin >[2012/11/09 16:29:11.333107, 5] passdb/lookup_sid.c:1384(gid_to_sid) > gid_to_sid: winbind failed to find a sid for gid 71 >[2012/11/09 16:29:11.333139, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.333160, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.333180, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:11.333199, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.333235, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.333299, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.333326, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (10000, 71) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.333347, 5] ../libcli/security/security_token.c:63(security_token_debug) > Security token SIDs (811): > SID[ 0]: S-1-5-21-160562036-3150058255-2134394716-19743 > SID[ 1]: S-1-22-2-71 > SID[ 2]: S-1-5-21-160562036-3150058255-2134394716-334230 > SID[ 3]: S-1-5-21-160562036-3150058255-2134394716-23353 > SID[ 4]: S-1-5-21-160562036-3150058255-2134394716-304793 > SID[ 5]: S-1-5-21-160562036-3150058255-2134394716-269408 > SID[ 6]: S-1-5-21-160562036-3150058255-2134394716-50420 > SID[ 7]: S-1-5-21-160562036-3150058255-2134394716-113634 > SID[ 8]: S-1-5-21-160562036-3150058255-2134394716-113662 > SID[ 9]: S-1-5-21-160562036-3150058255-2134394716-260755 > SID[ 10]: S-1-5-21-160562036-3150058255-2134394716-288770 > SID[ 11]: S-1-5-21-160562036-3150058255-2134394716-67892 > SID[ 12]: S-1-5-21-160562036-3150058255-2134394716-20800 > SID[ 13]: S-1-5-21-160562036-3150058255-2134394716-269744 > SID[ 14]: S-1-5-21-160562036-3150058255-2134394716-63803 > SID[ 15]: S-1-5-21-160562036-3150058255-2134394716-360934 > SID[ 16]: S-1-5-21-160562036-3150058255-2134394716-421750 > SID[ 17]: S-1-5-21-160562036-3150058255-2134394716-294313 > SID[ 18]: S-1-5-21-160562036-3150058255-2134394716-109619 > SID[ 19]: S-1-5-21-160562036-3150058255-2134394716-13623 > SID[ 20]: S-1-5-21-160562036-3150058255-2134394716-113660 > SID[ 21]: S-1-5-21-160562036-3150058255-2134394716-13846 > SID[ 22]: S-1-5-21-160562036-3150058255-2134394716-351693 > SID[ 23]: S-1-5-21-160562036-3150058255-2134394716-56178 > SID[ 24]: S-1-5-21-160562036-3150058255-2134394716-268914 > SID[ 25]: S-1-5-21-160562036-3150058255-2134394716-276389 > SID[ 26]: S-1-5-21-160562036-3150058255-2134394716-294265 > SID[ 27]: S-1-5-21-160562036-3150058255-2134394716-289050 > SID[ 28]: S-1-5-21-160562036-3150058255-2134394716-284074 > SID[ 29]: S-1-5-21-160562036-3150058255-2134394716-353623 > SID[ 30]: S-1-5-21-160562036-3150058255-2134394716-60632 > SID[ 31]: S-1-5-21-160562036-3150058255-2134394716-299617 > SID[ 32]: S-1-5-21-160562036-3150058255-2134394716-269875 > SID[ 33]: S-1-5-21-160562036-3150058255-2134394716-260777 > SID[ 34]: S-1-5-21-160562036-3150058255-2134394716-72011 > SID[ 35]: S-1-5-21-160562036-3150058255-2134394716-56174 > SID[ 36]: S-1-5-21-160562036-3150058255-2134394716-294145 > SID[ 37]: S-1-5-21-160562036-3150058255-2134394716-46643 > SID[ 38]: S-1-5-21-160562036-3150058255-2134394716-110684 > SID[ 39]: S-1-5-21-160562036-3150058255-2134394716-69476 > SID[ 40]: S-1-5-21-160562036-3150058255-2134394716-354438 > SID[ 41]: S-1-5-21-160562036-3150058255-2134394716-288215 > SID[ 42]: S-1-5-21-160562036-3150058255-2134394716-418124 > SID[ 43]: S-1-5-21-160562036-3150058255-2134394716-32947 > SID[ 44]: S-1-5-21-160562036-3150058255-2134394716-373447 > SID[ 45]: S-1-5-21-160562036-3150058255-2134394716-21119 > SID[ 46]: S-1-5-21-160562036-3150058255-2134394716-254283 > SID[ 47]: S-1-5-21-160562036-3150058255-2134394716-21918 > SID[ 48]: S-1-5-21-160562036-3150058255-2134394716-268915 > SID[ 49]: S-1-5-21-160562036-3150058255-2134394716-267093 > SID[ 50]: S-1-5-21-160562036-3150058255-2134394716-340888 > SID[ 51]: S-1-5-21-160562036-3150058255-2134394716-294363 > SID[ 52]: S-1-5-21-160562036-3150058255-2134394716-414620 > SID[ 53]: S-1-5-21-160562036-3150058255-2134394716-260959 > SID[ 54]: S-1-5-21-160562036-3150058255-2134394716-56176 > SID[ 55]: S-1-5-21-160562036-3150058255-2134394716-373472 > SID[ 56]: S-1-5-21-160562036-3150058255-2134394716-294492 > SID[ 57]: S-1-5-21-160562036-3150058255-2134394716-373554 > SID[ 58]: S-1-5-21-160562036-3150058255-2134394716-104382 > SID[ 59]: S-1-5-21-160562036-3150058255-2134394716-294361 > SID[ 60]: S-1-5-21-160562036-3150058255-2134394716-245149 > SID[ 61]: S-1-5-21-160562036-3150058255-2134394716-32807 > SID[ 62]: S-1-5-21-160562036-3150058255-2134394716-63805 > SID[ 63]: S-1-5-21-160562036-3150058255-2134394716-290135 > SID[ 64]: S-1-5-21-160562036-3150058255-2134394716-248439 > SID[ 65]: S-1-5-21-160562036-3150058255-2134394716-58745 > SID[ 66]: S-1-5-21-160562036-3150058255-2134394716-288316 > SID[ 67]: S-1-5-21-160562036-3150058255-2134394716-373441 > SID[ 68]: S-1-5-21-160562036-3150058255-2134394716-268916 > SID[ 69]: S-1-5-21-160562036-3150058255-2134394716-17597 > SID[ 70]: S-1-5-21-160562036-3150058255-2134394716-113654 > SID[ 71]: S-1-5-21-160562036-3150058255-2134394716-304050 > SID[ 72]: S-1-5-21-160562036-3150058255-2134394716-112626 > SID[ 73]: S-1-5-21-160562036-3150058255-2134394716-360946 > SID[ 74]: S-1-5-21-160562036-3150058255-2134394716-1116 > SID[ 75]: S-1-5-21-160562036-3150058255-2134394716-294490 > SID[ 76]: S-1-5-21-160562036-3150058255-2134394716-373442 > SID[ 77]: S-1-5-21-160562036-3150058255-2134394716-402137 > SID[ 78]: S-1-5-21-160562036-3150058255-2134394716-373470 > SID[ 79]: S-1-5-21-160562036-3150058255-2134394716-284963 > SID[ 80]: S-1-5-21-160562036-3150058255-2134394716-21963 > SID[ 81]: S-1-5-21-160562036-3150058255-2134394716-373556 > SID[ 82]: S-1-5-21-160562036-3150058255-2134394716-351504 > SID[ 83]: S-1-5-21-160562036-3150058255-2134394716-360382 > SID[ 84]: S-1-5-21-160562036-3150058255-2134394716-266966 > SID[ 85]: S-1-5-21-160562036-3150058255-2134394716-63797 > SID[ 86]: S-1-5-21-160562036-3150058255-2134394716-31306 > SID[ 87]: S-1-5-21-160562036-3150058255-2134394716-420969 > SID[ 88]: S-1-5-21-160562036-3150058255-2134394716-58439 > SID[ 89]: S-1-5-21-160562036-3150058255-2134394716-351240 > SID[ 90]: S-1-5-21-160562036-3150058255-2134394716-290160 > SID[ 91]: S-1-5-21-160562036-3150058255-2134394716-335340 > SID[ 92]: S-1-5-21-160562036-3150058255-2134394716-32819 > SID[ 93]: S-1-5-21-160562036-3150058255-2134394716-63801 > SID[ 94]: S-1-5-21-160562036-3150058255-2134394716-53171 > SID[ 95]: S-1-5-21-160562036-3150058255-2134394716-294243 > SID[ 96]: S-1-5-21-160562036-3150058255-2134394716-350032 > SID[ 97]: S-1-5-21-160562036-3150058255-2134394716-63737 > SID[ 98]: S-1-5-21-160562036-3150058255-2134394716-13863 > SID[ 99]: S-1-5-21-160562036-3150058255-2134394716-351719 > SID[100]: S-1-5-21-160562036-3150058255-2134394716-56165 > SID[101]: S-1-5-21-160562036-3150058255-2134394716-113646 > SID[102]: S-1-5-21-160562036-3150058255-2134394716-430811 > SID[103]: S-1-5-21-160562036-3150058255-2134394716-284081 > SID[104]: S-1-5-21-160562036-3150058255-2134394716-256696 > SID[105]: S-1-5-21-160562036-3150058255-2134394716-416414 > SID[106]: S-1-5-21-160562036-3150058255-2134394716-49609 > SID[107]: S-1-5-21-160562036-3150058255-2134394716-377791 > SID[108]: S-1-5-21-160562036-3150058255-2134394716-32821 > SID[109]: S-1-5-21-160562036-3150058255-2134394716-359223 > SID[110]: S-1-5-21-160562036-3150058255-2134394716-284091 > SID[111]: S-1-5-21-160562036-3150058255-2134394716-433713 > SID[112]: S-1-5-21-160562036-3150058255-2134394716-33100 > SID[113]: S-1-5-21-160562036-3150058255-2134394716-416203 > SID[114]: S-1-5-21-160562036-3150058255-2134394716-317007 > SID[115]: S-1-5-21-160562036-3150058255-2134394716-69542 > SID[116]: S-1-5-21-160562036-3150058255-2134394716-268918 > SID[117]: S-1-5-21-160562036-3150058255-2134394716-69428 > SID[118]: S-1-5-21-160562036-3150058255-2134394716-316764 > SID[119]: S-1-5-21-160562036-3150058255-2134394716-55705 > SID[120]: S-1-5-21-160562036-3150058255-2134394716-291229 > SID[121]: S-1-5-21-160562036-3150058255-2134394716-250116 > SID[122]: S-1-5-21-160562036-3150058255-2134394716-294315 > SID[123]: S-1-5-21-160562036-3150058255-2134394716-402469 > SID[124]: S-1-5-21-160562036-3150058255-2134394716-256697 > SID[125]: S-1-5-21-160562036-3150058255-2134394716-418438 > SID[126]: S-1-5-21-160562036-3150058255-2134394716-435652 > SID[127]: S-1-5-21-160562036-3150058255-2134394716-45010 > SID[128]: S-1-5-21-160562036-3150058255-2134394716-322368 > SID[129]: S-1-5-21-160562036-3150058255-2134394716-267090 > SID[130]: S-1-5-21-160562036-3150058255-2134394716-32825 > SID[131]: S-1-5-21-160562036-3150058255-2134394716-35099 > SID[132]: S-1-5-21-160562036-3150058255-2134394716-56157 > SID[133]: S-1-5-21-160562036-3150058255-2134394716-113648 > SID[134]: S-1-5-21-160562036-3150058255-2134394716-55709 > SID[135]: S-1-5-21-160562036-3150058255-2134394716-108789 > SID[136]: S-1-5-21-160562036-3150058255-2134394716-56159 > SID[137]: S-1-5-21-160562036-3150058255-2134394716-268919 > SID[138]: S-1-5-21-160562036-3150058255-2134394716-245147 > SID[139]: S-1-5-21-160562036-3150058255-2134394716-430693 > SID[140]: S-1-5-21-160562036-3150058255-2134394716-289617 > SID[141]: S-1-5-21-160562036-3150058255-2134394716-373445 > SID[142]: S-1-5-21-160562036-3150058255-2134394716-14282 > SID[143]: S-1-5-21-160562036-3150058255-2134394716-433712 > SID[144]: S-1-5-21-160562036-3150058255-2134394716-59232 > SID[145]: S-1-5-21-160562036-3150058255-2134394716-33429 > SID[146]: S-1-5-21-160562036-3150058255-2134394716-437634 > SID[147]: S-1-5-21-160562036-3150058255-2134394716-23354 > SID[148]: S-1-5-21-160562036-3150058255-2134394716-113636 > SID[149]: S-1-5-21-160562036-3150058255-2134394716-63799 > SID[150]: S-1-5-21-160562036-3150058255-2134394716-261009 > SID[151]: S-1-5-21-160562036-3150058255-2134394716-290498 > SID[152]: S-1-5-21-160562036-3150058255-2134394716-375928 > SID[153]: S-1-5-21-160562036-3150058255-2134394716-276407 > SID[154]: S-1-5-21-160562036-3150058255-2134394716-357401 > SID[155]: S-1-5-21-160562036-3150058255-2134394716-357385 > SID[156]: S-1-5-21-160562036-3150058255-2134394716-269404 > SID[157]: S-1-5-21-160562036-3150058255-2134394716-67790 > SID[158]: S-1-5-21-160562036-3150058255-2134394716-392120 > SID[159]: S-1-5-21-160562036-3150058255-2134394716-276395 > SID[160]: S-1-5-21-160562036-3150058255-2134394716-113343 > SID[161]: S-1-5-21-160562036-3150058255-2134394716-56172 > SID[162]: S-1-5-21-160562036-3150058255-2134394716-402467 > SID[163]: S-1-5-21-160562036-3150058255-2134394716-293007 > SID[164]: S-1-5-21-160562036-3150058255-2134394716-427942 > SID[165]: S-1-5-21-160562036-3150058255-2134394716-373529 > SID[166]: S-1-5-21-160562036-3150058255-2134394716-263163 > SID[167]: S-1-5-21-160562036-3150058255-2134394716-64111 > SID[168]: S-1-5-21-160562036-3150058255-2134394716-266852 > SID[169]: S-1-5-21-160562036-3150058255-2134394716-357892 > SID[170]: S-1-5-21-160562036-3150058255-2134394716-104429 > SID[171]: S-1-5-21-160562036-3150058255-2134394716-32813 > SID[172]: S-1-5-21-160562036-3150058255-2134394716-360722 > SID[173]: S-1-5-21-160562036-3150058255-2134394716-284092 > SID[174]: S-1-5-21-160562036-3150058255-2134394716-289619 > SID[175]: S-1-5-21-160562036-3150058255-2134394716-369316 > SID[176]: S-1-5-21-160562036-3150058255-2134394716-49542 > SID[177]: S-1-5-21-160562036-3150058255-2134394716-329659 > SID[178]: S-1-5-21-160562036-3150058255-2134394716-32809 > SID[179]: S-1-5-21-160562036-3150058255-2134394716-108767 > SID[180]: S-1-5-21-160562036-3150058255-2134394716-305399 > SID[181]: S-1-5-21-160562036-3150058255-2134394716-263161 > SID[182]: S-1-5-21-160562036-3150058255-2134394716-314050 > SID[183]: S-1-5-21-160562036-3150058255-2134394716-31001 > SID[184]: S-1-5-21-160562036-3150058255-2134394716-279682 > SID[185]: S-1-5-21-160562036-3150058255-2134394716-294147 > SID[186]: S-1-5-21-160562036-3150058255-2134394716-56163 > SID[187]: S-1-5-21-160562036-3150058255-2134394716-285751 > SID[188]: S-1-5-21-160562036-3150058255-2134394716-21723 > SID[189]: S-1-5-21-160562036-3150058255-2134394716-8332 > SID[190]: S-1-5-21-160562036-3150058255-2134394716-32827 > SID[191]: S-1-5-21-160562036-3150058255-2134394716-256460 > SID[192]: S-1-5-21-160562036-3150058255-2134394716-256183 > SID[193]: S-1-5-21-160562036-3150058255-2134394716-300424 > SID[194]: S-1-5-21-160562036-3150058255-2134394716-55677 > SID[195]: S-1-5-21-160562036-3150058255-2134394716-253145 > SID[196]: S-1-5-21-160562036-3150058255-2134394716-63804 > SID[197]: S-1-5-21-160562036-3150058255-2134394716-358866 > SID[198]: S-1-5-21-160562036-3150058255-2134394716-32823 > SID[199]: S-1-5-21-160562036-3150058255-2134394716-276620 > SID[200]: S-1-5-21-160562036-3150058255-2134394716-361940 > SID[201]: S-1-5-21-160562036-3150058255-2134394716-49274 > SID[202]: S-1-5-21-160562036-3150058255-2134394716-402177 > SID[203]: S-1-5-21-160562036-3150058255-2134394716-252230 > SID[204]: S-1-5-21-160562036-3150058255-2134394716-321100 > SID[205]: S-1-5-21-160562036-3150058255-2134394716-20801 > SID[206]: S-1-5-21-160562036-3150058255-2134394716-276621 > SID[207]: S-1-5-21-160562036-3150058255-2134394716-252010 > SID[208]: S-1-5-21-160562036-3150058255-2134394716-292766 > SID[209]: S-1-5-21-160562036-3150058255-2134394716-37331 > SID[210]: S-1-5-21-160562036-3150058255-2134394716-260776 > SID[211]: S-1-5-21-160562036-3150058255-2134394716-386708 > SID[212]: S-1-5-21-160562036-3150058255-2134394716-374616 > SID[213]: S-1-5-21-160562036-3150058255-2134394716-21084 > SID[214]: S-1-5-21-160562036-3150058255-2134394716-294267 > SID[215]: S-1-5-21-160562036-3150058255-2134394716-63802 > SID[216]: S-1-5-21-160562036-3150058255-2134394716-31186 > SID[217]: S-1-5-21-160562036-3150058255-2134394716-105575 > SID[218]: S-1-5-21-160562036-3150058255-2134394716-361874 > SID[219]: S-1-5-21-160562036-3150058255-2134394716-360362 > SID[220]: S-1-5-21-160562036-3150058255-2134394716-357734 > SID[221]: S-1-5-21-160562036-3150058255-2134394716-294241 > SID[222]: S-1-5-21-160562036-3150058255-2134394716-251778 > SID[223]: S-1-5-21-160562036-3150058255-2134394716-49510 > SID[224]: S-1-5-21-160562036-3150058255-2134394716-35015 > SID[225]: S-1-5-21-160562036-3150058255-2134394716-20749 > SID[226]: S-1-5-21-160562036-3150058255-2134394716-294291 > SID[227]: S-1-5-21-160562036-3150058255-2134394716-254469 > SID[228]: S-1-5-21-160562036-3150058255-2134394716-247296 > SID[229]: S-1-5-21-160562036-3150058255-2134394716-63798 > SID[230]: S-1-5-21-160562036-3150058255-2134394716-59035 > SID[231]: S-1-5-21-160562036-3150058255-2134394716-430331 > SID[232]: S-1-5-21-160562036-3150058255-2134394716-21301 > SID[233]: S-1-5-21-160562036-3150058255-2134394716-55627 > SID[234]: S-1-5-21-160562036-3150058255-2134394716-32815 > SID[235]: S-1-5-21-160562036-3150058255-2134394716-277164 > SID[236]: S-1-5-21-160562036-3150058255-2134394716-21552 > SID[237]: S-1-5-21-160562036-3150058255-2134394716-56622 > SID[238]: S-1-5-21-160562036-3150058255-2134394716-37315 > SID[239]: S-1-5-21-160562036-3150058255-2134394716-334225 > SID[240]: S-1-5-21-160562036-3150058255-2134394716-338141 > SID[241]: S-1-5-21-160562036-3150058255-2134394716-246169 > SID[242]: S-1-5-21-160562036-3150058255-2134394716-297835 > SID[243]: S-1-5-21-160562036-3150058255-2134394716-353615 > SID[244]: S-1-5-21-160562036-3150058255-2134394716-322371 > SID[245]: S-1-5-21-160562036-3150058255-2134394716-63235 > SID[246]: S-1-5-21-160562036-3150058255-2134394716-266849 > SID[247]: S-1-5-21-160562036-3150058255-2134394716-293998 > SID[248]: S-1-5-21-160562036-3150058255-2134394716-433714 > SID[249]: S-1-5-21-160562036-3150058255-2134394716-107694 > SID[250]: S-1-5-21-160562036-3150058255-2134394716-288317 > SID[251]: S-1-5-21-160562036-3150058255-2134394716-44135 > SID[252]: S-1-5-21-160562036-3150058255-2134394716-290560 > SID[253]: S-1-5-21-160562036-3150058255-2134394716-322681 > SID[254]: S-1-5-21-160562036-3150058255-2134394716-283109 > SID[255]: S-1-5-21-160562036-3150058255-2134394716-357879 > SID[256]: S-1-5-21-160562036-3150058255-2134394716-289046 > SID[257]: S-1-5-21-160562036-3150058255-2134394716-32803 > SID[258]: S-1-5-21-160562036-3150058255-2134394716-343968 > SID[259]: S-1-5-21-160562036-3150058255-2134394716-50792 > SID[260]: S-1-5-21-160562036-3150058255-2134394716-50518 > SID[261]: S-1-5-21-160562036-3150058255-2134394716-37238 > SID[262]: S-1-5-21-160562036-3150058255-2134394716-360465 > SID[263]: S-1-5-21-160562036-3150058255-2134394716-366652 > SID[264]: S-1-5-21-160562036-3150058255-2134394716-294094 > SID[265]: S-1-5-21-160562036-3150058255-2134394716-288540 > SID[266]: S-1-5-21-160562036-3150058255-2134394716-297984 > SID[267]: S-1-5-21-160562036-3150058255-2134394716-276427 > SID[268]: S-1-5-21-160562036-3150058255-2134394716-333792 > SID[269]: S-1-5-21-160562036-3150058255-2134394716-427342 > SID[270]: S-1-5-21-160562036-3150058255-2134394716-333794 > SID[271]: S-1-5-21-160562036-3150058255-2134394716-290460 > SID[272]: S-1-5-21-160562036-3150058255-2134394716-294091 > SID[273]: S-1-5-21-160562036-3150058255-2134394716-333793 > SID[274]: S-1-5-21-160562036-3150058255-2134394716-338207 > SID[275]: S-1-5-21-160562036-3150058255-2134394716-409571 > SID[276]: S-1-5-21-160562036-3150058255-2134394716-294054 > SID[277]: S-1-5-21-160562036-3150058255-2134394716-30854 > SID[278]: S-1-5-21-160562036-3150058255-2134394716-288547 > SID[279]: S-1-5-21-160562036-3150058255-2134394716-365347 > SID[280]: S-1-5-21-6776287-465249537-1446904402-4108 > SID[281]: S-1-5-21-160562036-3150058255-2134394716-58230 > SID[282]: S-1-5-21-160562036-3150058255-2134394716-357400 > SID[283]: S-1-5-21-160562036-3150058255-2134394716-343966 > SID[284]: S-1-5-21-160562036-3150058255-2134394716-104268 > SID[285]: S-1-5-21-160562036-3150058255-2134394716-334228 > SID[286]: S-1-5-21-160562036-3150058255-2134394716-357384 > SID[287]: S-1-5-21-160562036-3150058255-2134394716-64500 > SID[288]: S-1-5-21-160562036-3150058255-2134394716-291227 > SID[289]: S-1-5-21-160562036-3150058255-2134394716-62708 > SID[290]: S-1-5-21-160562036-3150058255-2134394716-266847 > SID[291]: S-1-5-21-160562036-3150058255-2134394716-313857 > SID[292]: S-1-5-21-160562036-3150058255-2134394716-350031 > SID[293]: S-1-5-21-160562036-3150058255-2134394716-373448 > SID[294]: S-1-5-21-160562036-3150058255-2134394716-420970 > SID[295]: S-1-5-21-160562036-3150058255-2134394716-351238 > SID[296]: S-1-5-21-160562036-3150058255-2134394716-11861 > SID[297]: S-1-5-21-160562036-3150058255-2134394716-353613 > SID[298]: S-1-5-21-160562036-3150058255-2134394716-322679 > SID[299]: S-1-5-21-160562036-3150058255-2134394716-253148 > SID[300]: S-1-5-21-160562036-3150058255-2134394716-277162 > SID[301]: S-1-5-21-160562036-3150058255-2134394716-304048 > SID[302]: S-1-5-21-160562036-3150058255-2134394716-288768 > SID[303]: S-1-5-21-160562036-3150058255-2134394716-62920 > SID[304]: S-1-5-21-160562036-3150058255-2134394716-62814 > SID[305]: S-1-5-21-160562036-3150058255-2134394716-338139 > SID[306]: S-1-5-21-160562036-3150058255-2134394716-266850 > SID[307]: S-1-5-21-160562036-3150058255-2134394716-74038 > SID[308]: S-1-5-21-160562036-3150058255-2134394716-62715 > SID[309]: S-1-5-21-160562036-3150058255-2134394716-357877 > SID[310]: S-1-5-21-160562036-3150058255-2134394716-252117 > SID[311]: S-1-5-21-160562036-3150058255-2134394716-322372 > SID[312]: S-1-5-21-160562036-3150058255-2134394716-65121 > SID[313]: S-1-5-21-160562036-3150058255-2134394716-62711 > SID[314]: S-1-5-21-160562036-3150058255-2134394716-267091 > SID[315]: S-1-5-21-160562036-3150058255-2134394716-24652 > SID[316]: S-1-5-21-160562036-3150058255-2134394716-360933 > SID[317]: S-1-5-21-160562036-3150058255-2134394716-354437 > SID[318]: S-1-5-21-160562036-3150058255-2134394716-249119 > SID[319]: S-1-5-21-160562036-3150058255-2134394716-248731 > SID[320]: S-1-5-21-160562036-3150058255-2134394716-64215 > SID[321]: S-1-5-21-160562036-3150058255-2134394716-373475 > SID[322]: S-1-5-21-160562036-3150058255-2134394716-250664 > SID[323]: S-1-5-21-160562036-3150058255-2134394716-267088 > SID[324]: S-1-5-21-160562036-3150058255-2134394716-50311 > SID[325]: S-1-5-21-160562036-3150058255-2134394716-62644 > SID[326]: S-1-5-21-160562036-3150058255-2134394716-69148 > SID[327]: S-1-5-21-160562036-3150058255-2134394716-360380 > SID[328]: S-1-5-21-160562036-3150058255-2134394716-52124 > SID[329]: S-1-5-21-160562036-3150058255-2134394716-351502 > SID[330]: S-1-5-21-160562036-3150058255-2134394716-317005 > SID[331]: S-1-5-21-160562036-3150058255-2134394716-62713 > SID[332]: S-1-5-21-160562036-3150058255-2134394716-313855 > SID[333]: S-1-5-21-160562036-3150058255-2134394716-53143 > SID[334]: S-1-5-21-160562036-3150058255-2134394716-349705 > SID[335]: S-1-5-21-160562036-3150058255-2134394716-357732 > SID[336]: S-1-5-21-160562036-3150058255-2134394716-402142 > SID[337]: S-1-5-21-160562036-3150058255-2134394716-50421 > SID[338]: S-1-5-21-160562036-3150058255-2134394716-357890 > SID[339]: S-1-5-21-160562036-3150058255-2134394716-416413 > SID[340]: S-1-5-21-160562036-3150058255-2134394716-255117 > SID[341]: S-1-5-21-160562036-3150058255-2134394716-73891 > SID[342]: S-1-5-21-160562036-3150058255-2134394716-377792 > SID[343]: S-1-5-21-160562036-3150058255-2134394716-63081 > SID[344]: S-1-5-21-160562036-3150058255-2134394716-386707 > SID[345]: S-1-5-21-160562036-3150058255-2134394716-64112 > SID[346]: S-1-5-21-160562036-3150058255-2134394716-256555 > SID[347]: S-1-5-21-160562036-3150058255-2134394716-361939 > SID[348]: S-1-5-21-160562036-3150058255-2134394716-62709 > SID[349]: S-1-5-21-160562036-3150058255-2134394716-248759 > SID[350]: S-1-5-21-160562036-3150058255-2134394716-359221 > SID[351]: S-1-5-21-160562036-3150058255-2134394716-310730 > SID[352]: S-1-5-21-160562036-3150058255-2134394716-109617 > SID[353]: S-1-5-21-160562036-3150058255-2134394716-60474 > SID[354]: S-1-5-21-160562036-3150058255-2134394716-402472 > SID[355]: S-1-5-21-160562036-3150058255-2134394716-55679 > SID[356]: S-1-5-21-160562036-3150058255-2134394716-69153 > SID[357]: S-1-5-21-160562036-3150058255-2134394716-22265 > SID[358]: S-1-5-21-160562036-3150058255-2134394716-423112 > SID[359]: S-1-5-21-160562036-3150058255-2134394716-289044 > SID[360]: S-1-5-21-160562036-3150058255-2134394716-67791 > SID[361]: S-1-5-21-160562036-3150058255-2134394716-69156 > SID[362]: S-1-5-21-160562036-3150058255-2134394716-62712 > SID[363]: S-1-5-21-160562036-3150058255-2134394716-360721 > SID[364]: S-1-5-21-160562036-3150058255-2134394716-435651 > SID[365]: S-1-5-21-160562036-3150058255-2134394716-69149 > SID[366]: S-1-5-21-160562036-3150058255-2134394716-73730 > SID[367]: S-1-5-21-160562036-3150058255-2134394716-243660 > SID[368]: S-1-5-21-160562036-3150058255-2134394716-104280 > SID[369]: S-1-5-21-160562036-3150058255-2134394716-430692 > SID[370]: S-1-5-21-160562036-3150058255-2134394716-256558 > SID[371]: S-1-5-21-160562036-3150058255-2134394716-54515 > SID[372]: S-1-5-21-160562036-3150058255-2134394716-334223 > SID[373]: S-1-5-21-160562036-3150058255-2134394716-304790 > SID[374]: S-1-5-21-160562036-3150058255-2134394716-373528 > SID[375]: S-1-5-21-160562036-3150058255-2134394716-375927 > SID[376]: S-1-5-21-160562036-3150058255-2134394716-74039 > SID[377]: S-1-5-21-160562036-3150058255-2134394716-62781 > SID[378]: S-1-5-21-160562036-3150058255-2134394716-69157 > SID[379]: S-1-5-21-160562036-3150058255-2134394716-309445 > SID[380]: S-1-5-21-160562036-3150058255-2134394716-62733 > SID[381]: S-1-5-21-160562036-3150058255-2134394716-418123 > SID[382]: S-1-5-21-160562036-3150058255-2134394716-64415 > SID[383]: S-1-5-21-160562036-3150058255-2134394716-414619 > SID[384]: S-1-5-21-160562036-3150058255-2134394716-373446 > SID[385]: S-1-5-21-160562036-3150058255-2134394716-289048 > SID[386]: S-1-5-21-160562036-3150058255-2134394716-69158 > SID[387]: S-1-5-21-160562036-3150058255-2134394716-373559 > SID[388]: S-1-5-21-160562036-3150058255-2134394716-110686 > SID[389]: S-1-5-21-160562036-3150058255-2134394716-260757 > SID[390]: S-1-5-21-160562036-3150058255-2134394716-249663 > SID[391]: S-1-5-21-160562036-3150058255-2134394716-249619 > SID[392]: S-1-5-21-160562036-3150058255-2134394716-321098 > SID[393]: S-1-5-21-160562036-3150058255-2134394716-64497 > SID[394]: S-1-5-21-160562036-3150058255-2134394716-112627 > SID[395]: S-1-5-21-160562036-3150058255-2134394716-62710 > SID[396]: S-1-5-21-160562036-3150058255-2134394716-360361 > SID[397]: S-1-5-21-160562036-3150058255-2134394716-353621 > SID[398]: S-1-5-21-160562036-3150058255-2134394716-365152 > SID[399]: S-1-5-21-160562036-3150058255-2134394716-69544 > SID[400]: S-1-5-21-160562036-3150058255-2134394716-249644 > SID[401]: S-1-5-21-160562036-3150058255-2134394716-55625 > SID[402]: S-1-1-0 > SID[403]: S-1-5-2 > SID[404]: S-1-5-11 > SID[405]: S-1-5-32-545 > SID[406]: S-1-22-1-10000 > SID[407]: S-1-22-2-10006 > SID[408]: S-1-22-2-10007 > SID[409]: S-1-22-2-10008 > SID[410]: S-1-22-2-10009 > SID[411]: S-1-22-2-10010 > SID[412]: S-1-22-2-10011 > SID[413]: S-1-22-2-10012 > SID[414]: S-1-22-2-10013 > SID[415]: S-1-22-2-10014 > SID[416]: S-1-22-2-10015 > SID[417]: S-1-22-2-10016 > SID[418]: S-1-22-2-10017 > SID[419]: S-1-22-2-10018 > SID[420]: S-1-22-2-10019 > SID[421]: S-1-22-2-10020 > SID[422]: S-1-22-2-10021 > SID[423]: S-1-22-2-10022 > SID[424]: S-1-22-2-10023 > SID[425]: S-1-22-2-10024 > SID[426]: S-1-22-2-10025 > SID[427]: S-1-22-2-10026 > SID[428]: S-1-22-2-10027 > SID[429]: S-1-22-2-10028 > SID[430]: S-1-22-2-10029 > SID[431]: S-1-22-2-10030 > SID[432]: S-1-22-2-10031 > SID[433]: S-1-22-2-10032 > SID[434]: S-1-22-2-10033 > SID[435]: S-1-22-2-10034 > SID[436]: S-1-22-2-10035 > SID[437]: S-1-22-2-10036 > SID[438]: S-1-22-2-10037 > SID[439]: S-1-22-2-10038 > SID[440]: S-1-22-2-10039 > SID[441]: S-1-22-2-10040 > SID[442]: S-1-22-2-10041 > SID[443]: S-1-22-2-10042 > SID[444]: S-1-22-2-10043 > SID[445]: S-1-22-2-10044 > SID[446]: S-1-22-2-10045 > SID[447]: S-1-22-2-10046 > SID[448]: S-1-22-2-10047 > SID[449]: S-1-22-2-10048 > SID[450]: S-1-22-2-10049 > SID[451]: S-1-22-2-10050 > SID[452]: S-1-22-2-10051 > SID[453]: S-1-22-2-10052 > SID[454]: S-1-22-2-10053 > SID[455]: S-1-22-2-10054 > SID[456]: S-1-22-2-10055 > SID[457]: S-1-22-2-10056 > SID[458]: S-1-22-2-10057 > SID[459]: S-1-22-2-10058 > SID[460]: S-1-22-2-10059 > SID[461]: S-1-22-2-10060 > SID[462]: S-1-22-2-10061 > SID[463]: S-1-22-2-10062 > SID[464]: S-1-22-2-10063 > SID[465]: S-1-22-2-10064 > SID[466]: S-1-22-2-10065 > SID[467]: S-1-22-2-10066 > SID[468]: S-1-22-2-10067 > SID[469]: S-1-22-2-10068 > SID[470]: S-1-22-2-10069 > SID[471]: S-1-22-2-10070 > SID[472]: S-1-22-2-10071 > SID[473]: S-1-22-2-10072 > SID[474]: S-1-22-2-10073 > SID[475]: S-1-22-2-10074 > SID[476]: S-1-22-2-10075 > SID[477]: S-1-22-2-10076 > SID[478]: S-1-22-2-10077 > SID[479]: S-1-22-2-10078 > SID[480]: S-1-22-2-10079 > SID[481]: S-1-22-2-10080 > SID[482]: S-1-22-2-10081 > SID[483]: S-1-22-2-10082 > SID[484]: S-1-22-2-10083 > SID[485]: S-1-22-2-10084 > SID[486]: S-1-22-2-10085 > SID[487]: S-1-22-2-10086 > SID[488]: S-1-22-2-10087 > SID[489]: S-1-22-2-10088 > SID[490]: S-1-22-2-10089 > SID[491]: S-1-22-2-10090 > SID[492]: S-1-22-2-10091 > SID[493]: S-1-22-2-10092 > SID[494]: S-1-22-2-10093 > SID[495]: S-1-22-2-10094 > SID[496]: S-1-22-2-10095 > SID[497]: S-1-22-2-10096 > SID[498]: S-1-22-2-10097 > SID[499]: S-1-22-2-10098 > SID[500]: S-1-22-2-10099 > SID[501]: S-1-22-2-10100 > SID[502]: S-1-22-2-10101 > SID[503]: S-1-22-2-10102 > SID[504]: S-1-22-2-10103 > SID[505]: S-1-22-2-10104 > SID[506]: S-1-22-2-10105 > SID[507]: S-1-22-2-10106 > SID[508]: S-1-22-2-10107 > SID[509]: S-1-22-2-10108 > SID[510]: S-1-22-2-10109 > SID[511]: S-1-22-2-10110 > SID[512]: S-1-22-2-10111 > SID[513]: S-1-22-2-10112 > SID[514]: S-1-22-2-10113 > SID[515]: S-1-22-2-10114 > SID[516]: S-1-22-2-10115 > SID[517]: S-1-22-2-10116 > SID[518]: S-1-22-2-10117 > SID[519]: S-1-22-2-10118 > SID[520]: S-1-22-2-10119 > SID[521]: S-1-22-2-10120 > SID[522]: S-1-22-2-10121 > SID[523]: S-1-22-2-10122 > SID[524]: S-1-22-2-10123 > SID[525]: S-1-22-2-10124 > SID[526]: S-1-22-2-10125 > SID[527]: S-1-22-2-10126 > SID[528]: S-1-22-2-10127 > SID[529]: S-1-22-2-10128 > SID[530]: S-1-22-2-10129 > SID[531]: S-1-22-2-10130 > SID[532]: S-1-22-2-10131 > SID[533]: S-1-22-2-10132 > SID[534]: S-1-22-2-10133 > SID[535]: S-1-22-2-10134 > SID[536]: S-1-22-2-10135 > SID[537]: S-1-22-2-10136 > SID[538]: S-1-22-2-10137 > SID[539]: S-1-22-2-10138 > SID[540]: S-1-22-2-10139 > SID[541]: S-1-22-2-10140 > SID[542]: S-1-22-2-10141 > SID[543]: S-1-22-2-10142 > SID[544]: S-1-22-2-10143 > SID[545]: S-1-22-2-10144 > SID[546]: S-1-22-2-10145 > SID[547]: S-1-22-2-10146 > SID[548]: S-1-22-2-10147 > SID[549]: S-1-22-2-10148 > SID[550]: S-1-22-2-10149 > SID[551]: S-1-22-2-10150 > SID[552]: S-1-22-2-10471 > SID[553]: S-1-22-2-10151 > SID[554]: S-1-22-2-10152 > SID[555]: S-1-22-2-10153 > SID[556]: S-1-22-2-10154 > SID[557]: S-1-22-2-10155 > SID[558]: S-1-22-2-10156 > SID[559]: S-1-22-2-10157 > SID[560]: S-1-22-2-10158 > SID[561]: S-1-22-2-10159 > SID[562]: S-1-22-2-10160 > SID[563]: S-1-22-2-10161 > SID[564]: S-1-22-2-10162 > SID[565]: S-1-22-2-10163 > SID[566]: S-1-22-2-10164 > SID[567]: S-1-22-2-10165 > SID[568]: S-1-22-2-10166 > SID[569]: S-1-22-2-10167 > SID[570]: S-1-22-2-10168 > SID[571]: S-1-22-2-10169 > SID[572]: S-1-22-2-10170 > SID[573]: S-1-22-2-10171 > SID[574]: S-1-22-2-10172 > SID[575]: S-1-22-2-10173 > SID[576]: S-1-22-2-10174 > SID[577]: S-1-22-2-10175 > SID[578]: S-1-22-2-10176 > SID[579]: S-1-22-2-10177 > SID[580]: S-1-22-2-10178 > SID[581]: S-1-22-2-10179 > SID[582]: S-1-22-2-10180 > SID[583]: S-1-22-2-10181 > SID[584]: S-1-22-2-10182 > SID[585]: S-1-22-2-10183 > SID[586]: S-1-22-2-10184 > SID[587]: S-1-22-2-10185 > SID[588]: S-1-22-2-10186 > SID[589]: S-1-22-2-10187 > SID[590]: S-1-22-2-10188 > SID[591]: S-1-22-2-10189 > SID[592]: S-1-22-2-10190 > SID[593]: S-1-22-2-10191 > SID[594]: S-1-22-2-10192 > SID[595]: S-1-22-2-10193 > SID[596]: S-1-22-2-10194 > SID[597]: S-1-22-2-10195 > SID[598]: S-1-22-2-10196 > SID[599]: S-1-22-2-10197 > SID[600]: S-1-22-2-10198 > SID[601]: S-1-22-2-10199 > SID[602]: S-1-22-2-10200 > SID[603]: S-1-22-2-10201 > SID[604]: S-1-22-2-10202 > SID[605]: S-1-22-2-10203 > SID[606]: S-1-22-2-10204 > SID[607]: S-1-22-2-10205 > SID[608]: S-1-22-2-10206 > SID[609]: S-1-22-2-10207 > SID[610]: S-1-22-2-10208 > SID[611]: S-1-22-2-10209 > SID[612]: S-1-22-2-10210 > SID[613]: S-1-22-2-10211 > SID[614]: S-1-22-2-10212 > SID[615]: S-1-22-2-10213 > SID[616]: S-1-22-2-10214 > SID[617]: S-1-22-2-10215 > SID[618]: S-1-22-2-10216 > SID[619]: S-1-22-2-10217 > SID[620]: S-1-22-2-10218 > SID[621]: S-1-22-2-10219 > SID[622]: S-1-22-2-10220 > SID[623]: S-1-22-2-10221 > SID[624]: S-1-22-2-10222 > SID[625]: S-1-22-2-10223 > SID[626]: S-1-22-2-10224 > SID[627]: S-1-22-2-10225 > SID[628]: S-1-22-2-10226 > SID[629]: S-1-22-2-10227 > SID[630]: S-1-22-2-10228 > SID[631]: S-1-22-2-10229 > SID[632]: S-1-22-2-10230 > SID[633]: S-1-22-2-10231 > SID[634]: S-1-22-2-10232 > SID[635]: S-1-22-2-10233 > SID[636]: S-1-22-2-10234 > SID[637]: S-1-22-2-10235 > SID[638]: S-1-22-2-10236 > SID[639]: S-1-22-2-10237 > SID[640]: S-1-22-2-10238 > SID[641]: S-1-22-2-10239 > SID[642]: S-1-22-2-10240 > SID[643]: S-1-22-2-10241 > SID[644]: S-1-22-2-10242 > SID[645]: S-1-22-2-10243 > SID[646]: S-1-22-2-10244 > SID[647]: S-1-22-2-10245 > SID[648]: S-1-22-2-10246 > SID[649]: S-1-22-2-10247 > SID[650]: S-1-22-2-10248 > SID[651]: S-1-22-2-10249 > SID[652]: S-1-22-2-10250 > SID[653]: S-1-22-2-10251 > SID[654]: S-1-22-2-10252 > SID[655]: S-1-22-2-10253 > SID[656]: S-1-22-2-10254 > SID[657]: S-1-22-2-10255 > SID[658]: S-1-22-2-10256 > SID[659]: S-1-22-2-10257 > SID[660]: S-1-22-2-10258 > SID[661]: S-1-22-2-10259 > SID[662]: S-1-22-2-10260 > SID[663]: S-1-22-2-10261 > SID[664]: S-1-22-2-10262 > SID[665]: S-1-22-2-10263 > SID[666]: S-1-22-2-10264 > SID[667]: S-1-22-2-10265 > SID[668]: S-1-22-2-10266 > SID[669]: S-1-22-2-10267 > SID[670]: S-1-22-2-10268 > SID[671]: S-1-22-2-10269 > SID[672]: S-1-22-2-10270 > SID[673]: S-1-22-2-10271 > SID[674]: S-1-22-2-10272 > SID[675]: S-1-22-2-10273 > SID[676]: S-1-22-2-10274 > SID[677]: S-1-22-2-10275 > SID[678]: S-1-22-2-10276 > SID[679]: S-1-22-2-10277 > SID[680]: S-1-22-2-10278 > SID[681]: S-1-22-2-10279 > SID[682]: S-1-22-2-10280 > SID[683]: S-1-22-2-10281 > SID[684]: S-1-22-2-10282 > SID[685]: S-1-22-2-10283 > SID[686]: S-1-22-2-10284 > SID[687]: S-1-22-2-10285 > SID[688]: S-1-22-2-10286 > SID[689]: S-1-22-2-10287 > SID[690]: S-1-22-2-10288 > SID[691]: S-1-22-2-10289 > SID[692]: S-1-22-2-10290 > SID[693]: S-1-22-2-10291 > SID[694]: S-1-22-2-10292 > SID[695]: S-1-22-2-10293 > SID[696]: S-1-22-2-10294 > SID[697]: S-1-22-2-10295 > SID[698]: S-1-22-2-10296 > SID[699]: S-1-22-2-10297 > SID[700]: S-1-22-2-10298 > SID[701]: S-1-22-2-10299 > SID[702]: S-1-22-2-10300 > SID[703]: S-1-22-2-10301 > SID[704]: S-1-22-2-10302 > SID[705]: S-1-22-2-10303 > SID[706]: S-1-22-2-10304 > SID[707]: S-1-22-2-10305 > SID[708]: S-1-22-2-10306 > SID[709]: S-1-22-2-10307 > SID[710]: S-1-22-2-10308 > SID[711]: S-1-22-2-10309 > SID[712]: S-1-22-2-10310 > SID[713]: S-1-22-2-10311 > SID[714]: S-1-22-2-10312 > SID[715]: S-1-22-2-10313 > SID[716]: S-1-22-2-10314 > SID[717]: S-1-22-2-10315 > SID[718]: S-1-22-2-10316 > SID[719]: S-1-22-2-10317 > SID[720]: S-1-22-2-10318 > SID[721]: S-1-22-2-10319 > SID[722]: S-1-22-2-10320 > SID[723]: S-1-22-2-10321 > SID[724]: S-1-22-2-10322 > SID[725]: S-1-22-2-10323 > SID[726]: S-1-22-2-10324 > SID[727]: S-1-22-2-10325 > SID[728]: S-1-22-2-10326 > SID[729]: S-1-22-2-10327 > SID[730]: S-1-22-2-10328 > SID[731]: S-1-22-2-10329 > SID[732]: S-1-22-2-10330 > SID[733]: S-1-22-2-10331 > SID[734]: S-1-22-2-10332 > SID[735]: S-1-22-2-10333 > SID[736]: S-1-22-2-10334 > SID[737]: S-1-22-2-10335 > SID[738]: S-1-22-2-10336 > SID[739]: S-1-22-2-10337 > SID[740]: S-1-22-2-10338 > SID[741]: S-1-22-2-10339 > SID[742]: S-1-22-2-10340 > SID[743]: S-1-22-2-10341 > SID[744]: S-1-22-2-10342 > SID[745]: S-1-22-2-10343 > SID[746]: S-1-22-2-10344 > SID[747]: S-1-22-2-10345 > SID[748]: S-1-22-2-10346 > SID[749]: S-1-22-2-10347 > SID[750]: S-1-22-2-10348 > SID[751]: S-1-22-2-10349 > SID[752]: S-1-22-2-10350 > SID[753]: S-1-22-2-10351 > SID[754]: S-1-22-2-10352 > SID[755]: S-1-22-2-10353 > SID[756]: S-1-22-2-10354 > SID[757]: S-1-22-2-10355 > SID[758]: S-1-22-2-10356 > SID[759]: S-1-22-2-10357 > SID[760]: S-1-22-2-10358 > SID[761]: S-1-22-2-10359 > SID[762]: S-1-22-2-10360 > SID[763]: S-1-22-2-10361 > SID[764]: S-1-22-2-10362 > SID[765]: S-1-22-2-10363 > SID[766]: S-1-22-2-10364 > SID[767]: S-1-22-2-10365 > SID[768]: S-1-22-2-10366 > SID[769]: S-1-22-2-10367 > SID[770]: S-1-22-2-10368 > SID[771]: S-1-22-2-10369 > SID[772]: S-1-22-2-10370 > SID[773]: S-1-22-2-10371 > SID[774]: S-1-22-2-10372 > SID[775]: S-1-22-2-10373 > SID[776]: S-1-22-2-10374 > SID[777]: S-1-22-2-10375 > SID[778]: S-1-22-2-10376 > SID[779]: S-1-22-2-10377 > SID[780]: S-1-22-2-10378 > SID[781]: S-1-22-2-10379 > SID[782]: S-1-22-2-10380 > SID[783]: S-1-22-2-10381 > SID[784]: S-1-22-2-10382 > SID[785]: S-1-22-2-10383 > SID[786]: S-1-22-2-10384 > SID[787]: S-1-22-2-10385 > SID[788]: S-1-22-2-10386 > SID[789]: S-1-22-2-10387 > SID[790]: S-1-22-2-10388 > SID[791]: S-1-22-2-10389 > SID[792]: S-1-22-2-10390 > SID[793]: S-1-22-2-10391 > SID[794]: S-1-22-2-10392 > SID[795]: S-1-22-2-10393 > SID[796]: S-1-22-2-10394 > SID[797]: S-1-22-2-10395 > SID[798]: S-1-22-2-10396 > SID[799]: S-1-22-2-10397 > SID[800]: S-1-22-2-10398 > SID[801]: S-1-22-2-10399 > SID[802]: S-1-22-2-10400 > SID[803]: S-1-22-2-10401 > SID[804]: S-1-22-2-10402 > SID[805]: S-1-22-2-10403 > SID[806]: S-1-22-2-10404 > SID[807]: S-1-22-2-10002 > SID[808]: S-1-22-2-10003 > SID[809]: S-1-22-2-10004 > SID[810]: S-1-22-2-10001 > Privileges (0x 20): > Privilege[ 0]: SePrintOperatorPrivilege > Rights (0x 0): >[2012/11/09 16:29:11.340697, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 10000 > Primary group is 71 and contains 404 supplementary groups > Group[ 0]: 10006 > Group[ 1]: 10007 > Group[ 2]: 10008 > Group[ 3]: 10009 > Group[ 4]: 10010 > Group[ 5]: 10011 > Group[ 6]: 10012 > Group[ 7]: 10013 > Group[ 8]: 10014 > Group[ 9]: 10015 > Group[ 10]: 10016 > Group[ 11]: 10017 > Group[ 12]: 10018 > Group[ 13]: 10019 > Group[ 14]: 10020 > Group[ 15]: 10021 > Group[ 16]: 10022 > Group[ 17]: 10023 > Group[ 18]: 10024 > Group[ 19]: 10025 > Group[ 20]: 10026 > Group[ 21]: 10027 > Group[ 22]: 10028 > Group[ 23]: 10029 > Group[ 24]: 10030 > Group[ 25]: 10031 > Group[ 26]: 10032 > Group[ 27]: 10033 > Group[ 28]: 10034 > Group[ 29]: 10035 > Group[ 30]: 10036 > Group[ 31]: 10037 > Group[ 32]: 10038 > Group[ 33]: 10039 > Group[ 34]: 10040 > Group[ 35]: 10041 > Group[ 36]: 10042 > Group[ 37]: 10043 > Group[ 38]: 10044 > Group[ 39]: 10045 > Group[ 40]: 10046 > Group[ 41]: 10047 > Group[ 42]: 10048 > Group[ 43]: 10049 > Group[ 44]: 10050 > Group[ 45]: 10051 > Group[ 46]: 10052 > Group[ 47]: 10053 > Group[ 48]: 10054 > Group[ 49]: 10055 > Group[ 50]: 10056 > Group[ 51]: 10057 > Group[ 52]: 10058 > Group[ 53]: 10059 > Group[ 54]: 10060 > Group[ 55]: 10061 > Group[ 56]: 10062 > Group[ 57]: 10063 > Group[ 58]: 10064 > Group[ 59]: 10065 > Group[ 60]: 10066 > Group[ 61]: 10067 > Group[ 62]: 10068 > Group[ 63]: 10069 > Group[ 64]: 10070 > Group[ 65]: 10071 > Group[ 66]: 10072 > Group[ 67]: 10073 > Group[ 68]: 10074 > Group[ 69]: 10075 > Group[ 70]: 10076 > Group[ 71]: 10077 > Group[ 72]: 10078 > Group[ 73]: 10079 > Group[ 74]: 10080 > Group[ 75]: 10081 > Group[ 76]: 10082 > Group[ 77]: 10083 > Group[ 78]: 10084 > Group[ 79]: 10085 > Group[ 80]: 10086 > Group[ 81]: 10087 > Group[ 82]: 10088 > Group[ 83]: 10089 > Group[ 84]: 10090 > Group[ 85]: 10091 > Group[ 86]: 10092 > Group[ 87]: 10093 > Group[ 88]: 10094 > Group[ 89]: 10095 > Group[ 90]: 10096 > Group[ 91]: 10097 > Group[ 92]: 10098 > Group[ 93]: 10099 > Group[ 94]: 10100 > Group[ 95]: 10101 > Group[ 96]: 10102 > Group[ 97]: 10103 > Group[ 98]: 10104 > Group[ 99]: 10105 > Group[100]: 10106 > Group[101]: 10107 > Group[102]: 10108 > Group[103]: 10109 > Group[104]: 10110 > Group[105]: 10111 > Group[106]: 10112 > Group[107]: 10113 > Group[108]: 10114 > Group[109]: 10115 > Group[110]: 10116 > Group[111]: 10117 > Group[112]: 10118 > Group[113]: 10119 > Group[114]: 10120 > Group[115]: 10121 > Group[116]: 10122 > Group[117]: 10123 > Group[118]: 10124 > Group[119]: 10125 > Group[120]: 10126 > Group[121]: 10127 > Group[122]: 10128 > Group[123]: 10129 > Group[124]: 10130 > Group[125]: 10131 > Group[126]: 10132 > Group[127]: 10133 > Group[128]: 10134 > Group[129]: 10135 > Group[130]: 10136 > Group[131]: 10137 > Group[132]: 10138 > Group[133]: 10139 > Group[134]: 10140 > Group[135]: 10141 > Group[136]: 10142 > Group[137]: 10143 > Group[138]: 10144 > Group[139]: 10145 > Group[140]: 10146 > Group[141]: 10147 > Group[142]: 10148 > Group[143]: 10149 > Group[144]: 10150 > Group[145]: 10471 > Group[146]: 10151 > Group[147]: 10152 > Group[148]: 10153 > Group[149]: 10154 > Group[150]: 10155 > Group[151]: 10156 > Group[152]: 10157 > Group[153]: 10158 > Group[154]: 10159 > Group[155]: 10160 > Group[156]: 10161 > Group[157]: 10162 > Group[158]: 10163 > Group[159]: 10164 > Group[160]: 10165 > Group[161]: 10166 > Group[162]: 10167 > Group[163]: 10168 > Group[164]: 10169 > Group[165]: 10170 > Group[166]: 10171 > Group[167]: 10172 > Group[168]: 10173 > Group[169]: 10174 > Group[170]: 10175 > Group[171]: 10176 > Group[172]: 10177 > Group[173]: 10178 > Group[174]: 10179 > Group[175]: 10180 > Group[176]: 10181 > Group[177]: 10182 > Group[178]: 10183 > Group[179]: 10184 > Group[180]: 10185 > Group[181]: 10186 > Group[182]: 10187 > Group[183]: 10188 > Group[184]: 10189 > Group[185]: 10190 > Group[186]: 10191 > Group[187]: 10192 > Group[188]: 10193 > Group[189]: 10194 > Group[190]: 10195 > Group[191]: 10196 > Group[192]: 10197 > Group[193]: 10198 > Group[194]: 10199 > Group[195]: 10200 > Group[196]: 10201 > Group[197]: 10202 > Group[198]: 10203 > Group[199]: 10204 > Group[200]: 10205 > Group[201]: 10206 > Group[202]: 10207 > Group[203]: 10208 > Group[204]: 10209 > Group[205]: 10210 > Group[206]: 10211 > Group[207]: 10212 > Group[208]: 10213 > Group[209]: 10214 > Group[210]: 10215 > Group[211]: 10216 > Group[212]: 10217 > Group[213]: 10218 > Group[214]: 10219 > Group[215]: 10220 > Group[216]: 10221 > Group[217]: 10222 > Group[218]: 10223 > Group[219]: 10224 > Group[220]: 10225 > Group[221]: 10226 > Group[222]: 10227 > Group[223]: 10228 > Group[224]: 10229 > Group[225]: 10230 > Group[226]: 10231 > Group[227]: 10232 > Group[228]: 10233 > Group[229]: 10234 > Group[230]: 10235 > Group[231]: 10236 > Group[232]: 10237 > Group[233]: 10238 > Group[234]: 10239 > Group[235]: 10240 > Group[236]: 10241 > Group[237]: 10242 > Group[238]: 10243 > Group[239]: 10244 > Group[240]: 10245 > Group[241]: 10246 > Group[242]: 10247 > Group[243]: 10248 > Group[244]: 10249 > Group[245]: 10250 > Group[246]: 10251 > Group[247]: 10252 > Group[248]: 10253 > Group[249]: 10254 > Group[250]: 10255 > Group[251]: 10256 > Group[252]: 10257 > Group[253]: 10258 > Group[254]: 10259 > Group[255]: 10260 > Group[256]: 10261 > Group[257]: 10262 > Group[258]: 10263 > Group[259]: 10264 > Group[260]: 10265 > Group[261]: 10266 > Group[262]: 10267 > Group[263]: 10268 > Group[264]: 10269 > Group[265]: 10270 > Group[266]: 10271 > Group[267]: 10272 > Group[268]: 10273 > Group[269]: 10274 > Group[270]: 10275 > Group[271]: 10276 > Group[272]: 10277 > Group[273]: 10278 > Group[274]: 10279 > Group[275]: 10280 > Group[276]: 10281 > Group[277]: 10282 > Group[278]: 10283 > Group[279]: 10284 > Group[280]: 10285 > Group[281]: 10286 > Group[282]: 10287 > Group[283]: 10288 > Group[284]: 10289 > Group[285]: 10290 > Group[286]: 10291 > Group[287]: 10292 > Group[288]: 10293 > Group[289]: 10294 > Group[290]: 10295 > Group[291]: 10296 > Group[292]: 10297 > Group[293]: 10298 > Group[294]: 10299 > Group[295]: 10300 > Group[296]: 10301 > Group[297]: 10302 > Group[298]: 10303 > Group[299]: 10304 > Group[300]: 10305 > Group[301]: 10306 > Group[302]: 10307 > Group[303]: 10308 > Group[304]: 10309 > Group[305]: 10310 > Group[306]: 10311 > Group[307]: 10312 > Group[308]: 10313 > Group[309]: 10314 > Group[310]: 10315 > Group[311]: 10316 > Group[312]: 10317 > Group[313]: 10318 > Group[314]: 10319 > Group[315]: 10320 > Group[316]: 10321 > Group[317]: 10322 > Group[318]: 10323 > Group[319]: 10324 > Group[320]: 10325 > Group[321]: 10326 > Group[322]: 10327 > Group[323]: 10328 > Group[324]: 10329 > Group[325]: 10330 > Group[326]: 10331 > Group[327]: 10332 > Group[328]: 10333 > Group[329]: 10334 > Group[330]: 10335 > Group[331]: 10336 > Group[332]: 10337 > Group[333]: 10338 > Group[334]: 10339 > Group[335]: 10340 > Group[336]: 10341 > Group[337]: 10342 > Group[338]: 10343 > Group[339]: 10344 > Group[340]: 10345 > Group[341]: 10346 > Group[342]: 10347 > Group[343]: 10348 > Group[344]: 10349 > Group[345]: 10350 > Group[346]: 10351 > Group[347]: 10352 > Group[348]: 10353 > Group[349]: 10354 > Group[350]: 10355 > Group[351]: 10356 > Group[352]: 10357 > Group[353]: 10358 > Group[354]: 10359 > Group[355]: 10360 > Group[356]: 10361 > Group[357]: 10362 > Group[358]: 10363 > Group[359]: 10364 > Group[360]: 10365 > Group[361]: 10366 > Group[362]: 10367 > Group[363]: 10368 > Group[364]: 10369 > Group[365]: 10370 > Group[366]: 10371 > Group[367]: 10372 > Group[368]: 10373 > Group[369]: 10374 > Group[370]: 10375 > Group[371]: 10376 > Group[372]: 10377 > Group[373]: 10378 > Group[374]: 10379 > Group[375]: 10380 > Group[376]: 10381 > Group[377]: 10382 > Group[378]: 10383 > Group[379]: 10384 > Group[380]: 10385 > Group[381]: 10386 > Group[382]: 10387 > Group[383]: 10388 > Group[384]: 10389 > Group[385]: 10390 > Group[386]: 10391 > Group[387]: 10392 > Group[388]: 10393 > Group[389]: 10394 > Group[390]: 10395 > Group[391]: 10396 > Group[392]: 10397 > Group[393]: 10398 > Group[394]: 10399 > Group[395]: 10400 > Group[396]: 10401 > Group[397]: 10402 > Group[398]: 10403 > Group[399]: 10404 > Group[400]: 10002 > Group[401]: 10003 > Group[402]: 10004 > Group[403]: 10001 >[2012/11/09 16:29:11.343688, 5] smbd/uid.c:317(change_to_user_internal) > Impersonated user: uid=(0,10000), gid=(0,71) >[2012/11/09 16:29:11.343723, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.343743, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:11.343761, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:11.343792, 5] smbd/uid.c:400(change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) >[2012/11/09 16:29:11.343827, 1] smbd/service.c:1114(make_connection_snum) > 10.129.108.68 (10.129.108.68) signed connect to service print$ initially as user BROSE+pfoerfr (uid=10000, gid=71) (pid 12629) >[2012/11/09 16:29:11.343858, 3] smbd/reply.c:871(reply_tcon_and_X) > tconX service=PRINT$ >[2012/11/09 16:29:11.345575, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x58 >[2012/11/09 16:29:11.345624, 3] smbd/process.c:1662(process_smb) > Transaction 40 of length 92 (0 toread) >[2012/11/09 16:29:11.345645, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.345656, 5] lib/util.c:342(show_msg) > size=88 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=50560 > smt_wct=15 > smb_vwv[ 0]= 20 (0x14) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 2 (0x2) > smb_vwv[ 3]= 40 (0x28) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 20 (0x14) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 5 (0x5) > smb_bcc=23 >[2012/11/09 16:29:11.345863, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:11.345902, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (10000, 71) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:11.345927, 5] ../libcli/security/security_token.c:63(security_token_debug) > Security token SIDs (811): > SID[ 0]: S-1-5-21-160562036-3150058255-2134394716-19743 > SID[ 1]: S-1-22-2-71 > SID[ 2]: S-1-5-21-160562036-3150058255-2134394716-334230 > SID[ 3]: S-1-5-21-160562036-3150058255-2134394716-23353 > SID[ 4]: S-1-5-21-160562036-3150058255-2134394716-304793 > SID[ 5]: S-1-5-21-160562036-3150058255-2134394716-269408 > SID[ 6]: S-1-5-21-160562036-3150058255-2134394716-50420 > SID[ 7]: S-1-5-21-160562036-3150058255-2134394716-113634 > SID[ 8]: S-1-5-21-160562036-3150058255-2134394716-113662 > SID[ 9]: S-1-5-21-160562036-3150058255-2134394716-260755 > SID[ 10]: S-1-5-21-160562036-3150058255-2134394716-288770 > SID[ 11]: S-1-5-21-160562036-3150058255-2134394716-67892 > SID[ 12]: S-1-5-21-160562036-3150058255-2134394716-20800 > SID[ 13]: S-1-5-21-160562036-3150058255-2134394716-269744 > SID[ 14]: S-1-5-21-160562036-3150058255-2134394716-63803 > SID[ 15]: S-1-5-21-160562036-3150058255-2134394716-360934 > SID[ 16]: S-1-5-21-160562036-3150058255-2134394716-421750 > SID[ 17]: S-1-5-21-160562036-3150058255-2134394716-294313 > SID[ 18]: S-1-5-21-160562036-3150058255-2134394716-109619 > SID[ 19]: S-1-5-21-160562036-3150058255-2134394716-13623 > SID[ 20]: S-1-5-21-160562036-3150058255-2134394716-113660 > SID[ 21]: S-1-5-21-160562036-3150058255-2134394716-13846 > SID[ 22]: S-1-5-21-160562036-3150058255-2134394716-351693 > SID[ 23]: S-1-5-21-160562036-3150058255-2134394716-56178 > SID[ 24]: S-1-5-21-160562036-3150058255-2134394716-268914 > SID[ 25]: S-1-5-21-160562036-3150058255-2134394716-276389 > SID[ 26]: S-1-5-21-160562036-3150058255-2134394716-294265 > SID[ 27]: S-1-5-21-160562036-3150058255-2134394716-289050 > SID[ 28]: S-1-5-21-160562036-3150058255-2134394716-284074 > SID[ 29]: S-1-5-21-160562036-3150058255-2134394716-353623 > SID[ 30]: S-1-5-21-160562036-3150058255-2134394716-60632 > SID[ 31]: S-1-5-21-160562036-3150058255-2134394716-299617 > SID[ 32]: S-1-5-21-160562036-3150058255-2134394716-269875 > SID[ 33]: S-1-5-21-160562036-3150058255-2134394716-260777 > SID[ 34]: S-1-5-21-160562036-3150058255-2134394716-72011 > SID[ 35]: S-1-5-21-160562036-3150058255-2134394716-56174 > SID[ 36]: S-1-5-21-160562036-3150058255-2134394716-294145 > SID[ 37]: S-1-5-21-160562036-3150058255-2134394716-46643 > SID[ 38]: S-1-5-21-160562036-3150058255-2134394716-110684 > SID[ 39]: S-1-5-21-160562036-3150058255-2134394716-69476 > SID[ 40]: S-1-5-21-160562036-3150058255-2134394716-354438 > SID[ 41]: S-1-5-21-160562036-3150058255-2134394716-288215 > SID[ 42]: S-1-5-21-160562036-3150058255-2134394716-418124 > SID[ 43]: S-1-5-21-160562036-3150058255-2134394716-32947 > SID[ 44]: S-1-5-21-160562036-3150058255-2134394716-373447 > SID[ 45]: S-1-5-21-160562036-3150058255-2134394716-21119 > SID[ 46]: S-1-5-21-160562036-3150058255-2134394716-254283 > SID[ 47]: S-1-5-21-160562036-3150058255-2134394716-21918 > SID[ 48]: S-1-5-21-160562036-3150058255-2134394716-268915 > SID[ 49]: S-1-5-21-160562036-3150058255-2134394716-267093 > SID[ 50]: S-1-5-21-160562036-3150058255-2134394716-340888 > SID[ 51]: S-1-5-21-160562036-3150058255-2134394716-294363 > SID[ 52]: S-1-5-21-160562036-3150058255-2134394716-414620 > SID[ 53]: S-1-5-21-160562036-3150058255-2134394716-260959 > SID[ 54]: S-1-5-21-160562036-3150058255-2134394716-56176 > SID[ 55]: S-1-5-21-160562036-3150058255-2134394716-373472 > SID[ 56]: S-1-5-21-160562036-3150058255-2134394716-294492 > SID[ 57]: S-1-5-21-160562036-3150058255-2134394716-373554 > SID[ 58]: S-1-5-21-160562036-3150058255-2134394716-104382 > SID[ 59]: S-1-5-21-160562036-3150058255-2134394716-294361 > SID[ 60]: S-1-5-21-160562036-3150058255-2134394716-245149 > SID[ 61]: S-1-5-21-160562036-3150058255-2134394716-32807 > SID[ 62]: S-1-5-21-160562036-3150058255-2134394716-63805 > SID[ 63]: S-1-5-21-160562036-3150058255-2134394716-290135 > SID[ 64]: S-1-5-21-160562036-3150058255-2134394716-248439 > SID[ 65]: S-1-5-21-160562036-3150058255-2134394716-58745 > SID[ 66]: S-1-5-21-160562036-3150058255-2134394716-288316 > SID[ 67]: S-1-5-21-160562036-3150058255-2134394716-373441 > SID[ 68]: S-1-5-21-160562036-3150058255-2134394716-268916 > SID[ 69]: S-1-5-21-160562036-3150058255-2134394716-17597 > SID[ 70]: S-1-5-21-160562036-3150058255-2134394716-113654 > SID[ 71]: S-1-5-21-160562036-3150058255-2134394716-304050 > SID[ 72]: S-1-5-21-160562036-3150058255-2134394716-112626 > SID[ 73]: S-1-5-21-160562036-3150058255-2134394716-360946 > SID[ 74]: S-1-5-21-160562036-3150058255-2134394716-1116 > SID[ 75]: S-1-5-21-160562036-3150058255-2134394716-294490 > SID[ 76]: S-1-5-21-160562036-3150058255-2134394716-373442 > SID[ 77]: S-1-5-21-160562036-3150058255-2134394716-402137 > SID[ 78]: S-1-5-21-160562036-3150058255-2134394716-373470 > SID[ 79]: S-1-5-21-160562036-3150058255-2134394716-284963 > SID[ 80]: S-1-5-21-160562036-3150058255-2134394716-21963 > SID[ 81]: S-1-5-21-160562036-3150058255-2134394716-373556 > SID[ 82]: S-1-5-21-160562036-3150058255-2134394716-351504 > SID[ 83]: S-1-5-21-160562036-3150058255-2134394716-360382 > SID[ 84]: S-1-5-21-160562036-3150058255-2134394716-266966 > SID[ 85]: S-1-5-21-160562036-3150058255-2134394716-63797 > SID[ 86]: S-1-5-21-160562036-3150058255-2134394716-31306 > SID[ 87]: S-1-5-21-160562036-3150058255-2134394716-420969 > SID[ 88]: S-1-5-21-160562036-3150058255-2134394716-58439 > SID[ 89]: S-1-5-21-160562036-3150058255-2134394716-351240 > SID[ 90]: S-1-5-21-160562036-3150058255-2134394716-290160 > SID[ 91]: S-1-5-21-160562036-3150058255-2134394716-335340 > SID[ 92]: S-1-5-21-160562036-3150058255-2134394716-32819 > SID[ 93]: S-1-5-21-160562036-3150058255-2134394716-63801 > SID[ 94]: S-1-5-21-160562036-3150058255-2134394716-53171 > SID[ 95]: S-1-5-21-160562036-3150058255-2134394716-294243 > SID[ 96]: S-1-5-21-160562036-3150058255-2134394716-350032 > SID[ 97]: S-1-5-21-160562036-3150058255-2134394716-63737 > SID[ 98]: S-1-5-21-160562036-3150058255-2134394716-13863 > SID[ 99]: S-1-5-21-160562036-3150058255-2134394716-351719 > SID[100]: S-1-5-21-160562036-3150058255-2134394716-56165 > SID[101]: S-1-5-21-160562036-3150058255-2134394716-113646 > SID[102]: S-1-5-21-160562036-3150058255-2134394716-430811 > SID[103]: S-1-5-21-160562036-3150058255-2134394716-284081 > SID[104]: S-1-5-21-160562036-3150058255-2134394716-256696 > SID[105]: S-1-5-21-160562036-3150058255-2134394716-416414 > SID[106]: S-1-5-21-160562036-3150058255-2134394716-49609 > SID[107]: S-1-5-21-160562036-3150058255-2134394716-377791 > SID[108]: S-1-5-21-160562036-3150058255-2134394716-32821 > SID[109]: S-1-5-21-160562036-3150058255-2134394716-359223 > SID[110]: S-1-5-21-160562036-3150058255-2134394716-284091 > SID[111]: S-1-5-21-160562036-3150058255-2134394716-433713 > SID[112]: S-1-5-21-160562036-3150058255-2134394716-33100 > SID[113]: S-1-5-21-160562036-3150058255-2134394716-416203 > SID[114]: S-1-5-21-160562036-3150058255-2134394716-317007 > SID[115]: S-1-5-21-160562036-3150058255-2134394716-69542 > SID[116]: S-1-5-21-160562036-3150058255-2134394716-268918 > SID[117]: S-1-5-21-160562036-3150058255-2134394716-69428 > SID[118]: S-1-5-21-160562036-3150058255-2134394716-316764 > SID[119]: S-1-5-21-160562036-3150058255-2134394716-55705 > SID[120]: S-1-5-21-160562036-3150058255-2134394716-291229 > SID[121]: S-1-5-21-160562036-3150058255-2134394716-250116 > SID[122]: S-1-5-21-160562036-3150058255-2134394716-294315 > SID[123]: S-1-5-21-160562036-3150058255-2134394716-402469 > SID[124]: S-1-5-21-160562036-3150058255-2134394716-256697 > SID[125]: S-1-5-21-160562036-3150058255-2134394716-418438 > SID[126]: S-1-5-21-160562036-3150058255-2134394716-435652 > SID[127]: S-1-5-21-160562036-3150058255-2134394716-45010 > SID[128]: S-1-5-21-160562036-3150058255-2134394716-322368 > SID[129]: S-1-5-21-160562036-3150058255-2134394716-267090 > SID[130]: S-1-5-21-160562036-3150058255-2134394716-32825 > SID[131]: S-1-5-21-160562036-3150058255-2134394716-35099 > SID[132]: S-1-5-21-160562036-3150058255-2134394716-56157 > SID[133]: S-1-5-21-160562036-3150058255-2134394716-113648 > SID[134]: S-1-5-21-160562036-3150058255-2134394716-55709 > SID[135]: S-1-5-21-160562036-3150058255-2134394716-108789 > SID[136]: S-1-5-21-160562036-3150058255-2134394716-56159 > SID[137]: S-1-5-21-160562036-3150058255-2134394716-268919 > SID[138]: S-1-5-21-160562036-3150058255-2134394716-245147 > SID[139]: S-1-5-21-160562036-3150058255-2134394716-430693 > SID[140]: S-1-5-21-160562036-3150058255-2134394716-289617 > SID[141]: S-1-5-21-160562036-3150058255-2134394716-373445 > SID[142]: S-1-5-21-160562036-3150058255-2134394716-14282 > SID[143]: S-1-5-21-160562036-3150058255-2134394716-433712 > SID[144]: S-1-5-21-160562036-3150058255-2134394716-59232 > SID[145]: S-1-5-21-160562036-3150058255-2134394716-33429 > SID[146]: S-1-5-21-160562036-3150058255-2134394716-437634 > SID[147]: S-1-5-21-160562036-3150058255-2134394716-23354 > SID[148]: S-1-5-21-160562036-3150058255-2134394716-113636 > SID[149]: S-1-5-21-160562036-3150058255-2134394716-63799 > SID[150]: S-1-5-21-160562036-3150058255-2134394716-261009 > SID[151]: S-1-5-21-160562036-3150058255-2134394716-290498 > SID[152]: S-1-5-21-160562036-3150058255-2134394716-375928 > SID[153]: S-1-5-21-160562036-3150058255-2134394716-276407 > SID[154]: S-1-5-21-160562036-3150058255-2134394716-357401 > SID[155]: S-1-5-21-160562036-3150058255-2134394716-357385 > SID[156]: S-1-5-21-160562036-3150058255-2134394716-269404 > SID[157]: S-1-5-21-160562036-3150058255-2134394716-67790 > SID[158]: S-1-5-21-160562036-3150058255-2134394716-392120 > SID[159]: S-1-5-21-160562036-3150058255-2134394716-276395 > SID[160]: S-1-5-21-160562036-3150058255-2134394716-113343 > SID[161]: S-1-5-21-160562036-3150058255-2134394716-56172 > SID[162]: S-1-5-21-160562036-3150058255-2134394716-402467 > SID[163]: S-1-5-21-160562036-3150058255-2134394716-293007 > SID[164]: S-1-5-21-160562036-3150058255-2134394716-427942 > SID[165]: S-1-5-21-160562036-3150058255-2134394716-373529 > SID[166]: S-1-5-21-160562036-3150058255-2134394716-263163 > SID[167]: S-1-5-21-160562036-3150058255-2134394716-64111 > SID[168]: S-1-5-21-160562036-3150058255-2134394716-266852 > SID[169]: S-1-5-21-160562036-3150058255-2134394716-357892 > SID[170]: S-1-5-21-160562036-3150058255-2134394716-104429 > SID[171]: S-1-5-21-160562036-3150058255-2134394716-32813 > SID[172]: S-1-5-21-160562036-3150058255-2134394716-360722 > SID[173]: S-1-5-21-160562036-3150058255-2134394716-284092 > SID[174]: S-1-5-21-160562036-3150058255-2134394716-289619 > SID[175]: S-1-5-21-160562036-3150058255-2134394716-369316 > SID[176]: S-1-5-21-160562036-3150058255-2134394716-49542 > SID[177]: S-1-5-21-160562036-3150058255-2134394716-329659 > SID[178]: S-1-5-21-160562036-3150058255-2134394716-32809 > SID[179]: S-1-5-21-160562036-3150058255-2134394716-108767 > SID[180]: S-1-5-21-160562036-3150058255-2134394716-305399 > SID[181]: S-1-5-21-160562036-3150058255-2134394716-263161 > SID[182]: S-1-5-21-160562036-3150058255-2134394716-314050 > SID[183]: S-1-5-21-160562036-3150058255-2134394716-31001 > SID[184]: S-1-5-21-160562036-3150058255-2134394716-279682 > SID[185]: S-1-5-21-160562036-3150058255-2134394716-294147 > SID[186]: S-1-5-21-160562036-3150058255-2134394716-56163 > SID[187]: S-1-5-21-160562036-3150058255-2134394716-285751 > SID[188]: S-1-5-21-160562036-3150058255-2134394716-21723 > SID[189]: S-1-5-21-160562036-3150058255-2134394716-8332 > SID[190]: S-1-5-21-160562036-3150058255-2134394716-32827 > SID[191]: S-1-5-21-160562036-3150058255-2134394716-256460 > SID[192]: S-1-5-21-160562036-3150058255-2134394716-256183 > SID[193]: S-1-5-21-160562036-3150058255-2134394716-300424 > SID[194]: S-1-5-21-160562036-3150058255-2134394716-55677 > SID[195]: S-1-5-21-160562036-3150058255-2134394716-253145 > SID[196]: S-1-5-21-160562036-3150058255-2134394716-63804 > SID[197]: S-1-5-21-160562036-3150058255-2134394716-358866 > SID[198]: S-1-5-21-160562036-3150058255-2134394716-32823 > SID[199]: S-1-5-21-160562036-3150058255-2134394716-276620 > SID[200]: S-1-5-21-160562036-3150058255-2134394716-361940 > SID[201]: S-1-5-21-160562036-3150058255-2134394716-49274 > SID[202]: S-1-5-21-160562036-3150058255-2134394716-402177 > SID[203]: S-1-5-21-160562036-3150058255-2134394716-252230 > SID[204]: S-1-5-21-160562036-3150058255-2134394716-321100 > SID[205]: S-1-5-21-160562036-3150058255-2134394716-20801 > SID[206]: S-1-5-21-160562036-3150058255-2134394716-276621 > SID[207]: S-1-5-21-160562036-3150058255-2134394716-252010 > SID[208]: S-1-5-21-160562036-3150058255-2134394716-292766 > SID[209]: S-1-5-21-160562036-3150058255-2134394716-37331 > SID[210]: S-1-5-21-160562036-3150058255-2134394716-260776 > SID[211]: S-1-5-21-160562036-3150058255-2134394716-386708 > SID[212]: S-1-5-21-160562036-3150058255-2134394716-374616 > SID[213]: S-1-5-21-160562036-3150058255-2134394716-21084 > SID[214]: S-1-5-21-160562036-3150058255-2134394716-294267 > SID[215]: S-1-5-21-160562036-3150058255-2134394716-63802 > SID[216]: S-1-5-21-160562036-3150058255-2134394716-31186 > SID[217]: S-1-5-21-160562036-3150058255-2134394716-105575 > SID[218]: S-1-5-21-160562036-3150058255-2134394716-361874 > SID[219]: S-1-5-21-160562036-3150058255-2134394716-360362 > SID[220]: S-1-5-21-160562036-3150058255-2134394716-357734 > SID[221]: S-1-5-21-160562036-3150058255-2134394716-294241 > SID[222]: S-1-5-21-160562036-3150058255-2134394716-251778 > SID[223]: S-1-5-21-160562036-3150058255-2134394716-49510 > SID[224]: S-1-5-21-160562036-3150058255-2134394716-35015 > SID[225]: S-1-5-21-160562036-3150058255-2134394716-20749 > SID[226]: S-1-5-21-160562036-3150058255-2134394716-294291 > SID[227]: S-1-5-21-160562036-3150058255-2134394716-254469 > SID[228]: S-1-5-21-160562036-3150058255-2134394716-247296 > SID[229]: S-1-5-21-160562036-3150058255-2134394716-63798 > SID[230]: S-1-5-21-160562036-3150058255-2134394716-59035 > SID[231]: S-1-5-21-160562036-3150058255-2134394716-430331 > SID[232]: S-1-5-21-160562036-3150058255-2134394716-21301 > SID[233]: S-1-5-21-160562036-3150058255-2134394716-55627 > SID[234]: S-1-5-21-160562036-3150058255-2134394716-32815 > SID[235]: S-1-5-21-160562036-3150058255-2134394716-277164 > SID[236]: S-1-5-21-160562036-3150058255-2134394716-21552 > SID[237]: S-1-5-21-160562036-3150058255-2134394716-56622 > SID[238]: S-1-5-21-160562036-3150058255-2134394716-37315 > SID[239]: S-1-5-21-160562036-3150058255-2134394716-334225 > SID[240]: S-1-5-21-160562036-3150058255-2134394716-338141 > SID[241]: S-1-5-21-160562036-3150058255-2134394716-246169 > SID[242]: S-1-5-21-160562036-3150058255-2134394716-297835 > SID[243]: S-1-5-21-160562036-3150058255-2134394716-353615 > SID[244]: S-1-5-21-160562036-3150058255-2134394716-322371 > SID[245]: S-1-5-21-160562036-3150058255-2134394716-63235 > SID[246]: S-1-5-21-160562036-3150058255-2134394716-266849 > SID[247]: S-1-5-21-160562036-3150058255-2134394716-293998 > SID[248]: S-1-5-21-160562036-3150058255-2134394716-433714 > SID[249]: S-1-5-21-160562036-3150058255-2134394716-107694 > SID[250]: S-1-5-21-160562036-3150058255-2134394716-288317 > SID[251]: S-1-5-21-160562036-3150058255-2134394716-44135 > SID[252]: S-1-5-21-160562036-3150058255-2134394716-290560 > SID[253]: S-1-5-21-160562036-3150058255-2134394716-322681 > SID[254]: S-1-5-21-160562036-3150058255-2134394716-283109 > SID[255]: S-1-5-21-160562036-3150058255-2134394716-357879 > SID[256]: S-1-5-21-160562036-3150058255-2134394716-289046 > SID[257]: S-1-5-21-160562036-3150058255-2134394716-32803 > SID[258]: S-1-5-21-160562036-3150058255-2134394716-343968 > SID[259]: S-1-5-21-160562036-3150058255-2134394716-50792 > SID[260]: S-1-5-21-160562036-3150058255-2134394716-50518 > SID[261]: S-1-5-21-160562036-3150058255-2134394716-37238 > SID[262]: S-1-5-21-160562036-3150058255-2134394716-360465 > SID[263]: S-1-5-21-160562036-3150058255-2134394716-366652 > SID[264]: S-1-5-21-160562036-3150058255-2134394716-294094 > SID[265]: S-1-5-21-160562036-3150058255-2134394716-288540 > SID[266]: S-1-5-21-160562036-3150058255-2134394716-297984 > SID[267]: S-1-5-21-160562036-3150058255-2134394716-276427 > SID[268]: S-1-5-21-160562036-3150058255-2134394716-333792 > SID[269]: S-1-5-21-160562036-3150058255-2134394716-427342 > SID[270]: S-1-5-21-160562036-3150058255-2134394716-333794 > SID[271]: S-1-5-21-160562036-3150058255-2134394716-290460 > SID[272]: S-1-5-21-160562036-3150058255-2134394716-294091 > SID[273]: S-1-5-21-160562036-3150058255-2134394716-333793 > SID[274]: S-1-5-21-160562036-3150058255-2134394716-338207 > SID[275]: S-1-5-21-160562036-3150058255-2134394716-409571 > SID[276]: S-1-5-21-160562036-3150058255-2134394716-294054 > SID[277]: S-1-5-21-160562036-3150058255-2134394716-30854 > SID[278]: S-1-5-21-160562036-3150058255-2134394716-288547 > SID[279]: S-1-5-21-160562036-3150058255-2134394716-365347 > SID[280]: S-1-5-21-6776287-465249537-1446904402-4108 > SID[281]: S-1-5-21-160562036-3150058255-2134394716-58230 > SID[282]: S-1-5-21-160562036-3150058255-2134394716-357400 > SID[283]: S-1-5-21-160562036-3150058255-2134394716-343966 > SID[284]: S-1-5-21-160562036-3150058255-2134394716-104268 > SID[285]: S-1-5-21-160562036-3150058255-2134394716-334228 > SID[286]: S-1-5-21-160562036-3150058255-2134394716-357384 > SID[287]: S-1-5-21-160562036-3150058255-2134394716-64500 > SID[288]: S-1-5-21-160562036-3150058255-2134394716-291227 > SID[289]: S-1-5-21-160562036-3150058255-2134394716-62708 > SID[290]: S-1-5-21-160562036-3150058255-2134394716-266847 > SID[291]: S-1-5-21-160562036-3150058255-2134394716-313857 > SID[292]: S-1-5-21-160562036-3150058255-2134394716-350031 > SID[293]: S-1-5-21-160562036-3150058255-2134394716-373448 > SID[294]: S-1-5-21-160562036-3150058255-2134394716-420970 > SID[295]: S-1-5-21-160562036-3150058255-2134394716-351238 > SID[296]: S-1-5-21-160562036-3150058255-2134394716-11861 > SID[297]: S-1-5-21-160562036-3150058255-2134394716-353613 > SID[298]: S-1-5-21-160562036-3150058255-2134394716-322679 > SID[299]: S-1-5-21-160562036-3150058255-2134394716-253148 > SID[300]: S-1-5-21-160562036-3150058255-2134394716-277162 > SID[301]: S-1-5-21-160562036-3150058255-2134394716-304048 > SID[302]: S-1-5-21-160562036-3150058255-2134394716-288768 > SID[303]: S-1-5-21-160562036-3150058255-2134394716-62920 > SID[304]: S-1-5-21-160562036-3150058255-2134394716-62814 > SID[305]: S-1-5-21-160562036-3150058255-2134394716-338139 > SID[306]: S-1-5-21-160562036-3150058255-2134394716-266850 > SID[307]: S-1-5-21-160562036-3150058255-2134394716-74038 > SID[308]: S-1-5-21-160562036-3150058255-2134394716-62715 > SID[309]: S-1-5-21-160562036-3150058255-2134394716-357877 > SID[310]: S-1-5-21-160562036-3150058255-2134394716-252117 > SID[311]: S-1-5-21-160562036-3150058255-2134394716-322372 > SID[312]: S-1-5-21-160562036-3150058255-2134394716-65121 > SID[313]: S-1-5-21-160562036-3150058255-2134394716-62711 > SID[314]: S-1-5-21-160562036-3150058255-2134394716-267091 > SID[315]: S-1-5-21-160562036-3150058255-2134394716-24652 > SID[316]: S-1-5-21-160562036-3150058255-2134394716-360933 > SID[317]: S-1-5-21-160562036-3150058255-2134394716-354437 > SID[318]: S-1-5-21-160562036-3150058255-2134394716-249119 > SID[319]: S-1-5-21-160562036-3150058255-2134394716-248731 > SID[320]: S-1-5-21-160562036-3150058255-2134394716-64215 > SID[321]: S-1-5-21-160562036-3150058255-2134394716-373475 > SID[322]: S-1-5-21-160562036-3150058255-2134394716-250664 > SID[323]: S-1-5-21-160562036-3150058255-2134394716-267088 > SID[324]: S-1-5-21-160562036-3150058255-2134394716-50311 > SID[325]: S-1-5-21-160562036-3150058255-2134394716-62644 > SID[326]: S-1-5-21-160562036-3150058255-2134394716-69148 > SID[327]: S-1-5-21-160562036-3150058255-2134394716-360380 > SID[328]: S-1-5-21-160562036-3150058255-2134394716-52124 > SID[329]: S-1-5-21-160562036-3150058255-2134394716-351502 > SID[330]: S-1-5-21-160562036-3150058255-2134394716-317005 > SID[331]: S-1-5-21-160562036-3150058255-2134394716-62713 > SID[332]: S-1-5-21-160562036-3150058255-2134394716-313855 > SID[333]: S-1-5-21-160562036-3150058255-2134394716-53143 > SID[334]: S-1-5-21-160562036-3150058255-2134394716-349705 > SID[335]: S-1-5-21-160562036-3150058255-2134394716-357732 > SID[336]: S-1-5-21-160562036-3150058255-2134394716-402142 > SID[337]: S-1-5-21-160562036-3150058255-2134394716-50421 > SID[338]: S-1-5-21-160562036-3150058255-2134394716-357890 > SID[339]: S-1-5-21-160562036-3150058255-2134394716-416413 > SID[340]: S-1-5-21-160562036-3150058255-2134394716-255117 > SID[341]: S-1-5-21-160562036-3150058255-2134394716-73891 > SID[342]: S-1-5-21-160562036-3150058255-2134394716-377792 > SID[343]: S-1-5-21-160562036-3150058255-2134394716-63081 > SID[344]: S-1-5-21-160562036-3150058255-2134394716-386707 > SID[345]: S-1-5-21-160562036-3150058255-2134394716-64112 > SID[346]: S-1-5-21-160562036-3150058255-2134394716-256555 > SID[347]: S-1-5-21-160562036-3150058255-2134394716-361939 > SID[348]: S-1-5-21-160562036-3150058255-2134394716-62709 > SID[349]: S-1-5-21-160562036-3150058255-2134394716-248759 > SID[350]: S-1-5-21-160562036-3150058255-2134394716-359221 > SID[351]: S-1-5-21-160562036-3150058255-2134394716-310730 > SID[352]: S-1-5-21-160562036-3150058255-2134394716-109617 > SID[353]: S-1-5-21-160562036-3150058255-2134394716-60474 > SID[354]: S-1-5-21-160562036-3150058255-2134394716-402472 > SID[355]: S-1-5-21-160562036-3150058255-2134394716-55679 > SID[356]: S-1-5-21-160562036-3150058255-2134394716-69153 > SID[357]: S-1-5-21-160562036-3150058255-2134394716-22265 > SID[358]: S-1-5-21-160562036-3150058255-2134394716-423112 > SID[359]: S-1-5-21-160562036-3150058255-2134394716-289044 > SID[360]: S-1-5-21-160562036-3150058255-2134394716-67791 > SID[361]: S-1-5-21-160562036-3150058255-2134394716-69156 > SID[362]: S-1-5-21-160562036-3150058255-2134394716-62712 > SID[363]: S-1-5-21-160562036-3150058255-2134394716-360721 > SID[364]: S-1-5-21-160562036-3150058255-2134394716-435651 > SID[365]: S-1-5-21-160562036-3150058255-2134394716-69149 > SID[366]: S-1-5-21-160562036-3150058255-2134394716-73730 > SID[367]: S-1-5-21-160562036-3150058255-2134394716-243660 > SID[368]: S-1-5-21-160562036-3150058255-2134394716-104280 > SID[369]: S-1-5-21-160562036-3150058255-2134394716-430692 > SID[370]: S-1-5-21-160562036-3150058255-2134394716-256558 > SID[371]: S-1-5-21-160562036-3150058255-2134394716-54515 > SID[372]: S-1-5-21-160562036-3150058255-2134394716-334223 > SID[373]: S-1-5-21-160562036-3150058255-2134394716-304790 > SID[374]: S-1-5-21-160562036-3150058255-2134394716-373528 > SID[375]: S-1-5-21-160562036-3150058255-2134394716-375927 > SID[376]: S-1-5-21-160562036-3150058255-2134394716-74039 > SID[377]: S-1-5-21-160562036-3150058255-2134394716-62781 > SID[378]: S-1-5-21-160562036-3150058255-2134394716-69157 > SID[379]: S-1-5-21-160562036-3150058255-2134394716-309445 > SID[380]: S-1-5-21-160562036-3150058255-2134394716-62733 > SID[381]: S-1-5-21-160562036-3150058255-2134394716-418123 > SID[382]: S-1-5-21-160562036-3150058255-2134394716-64415 > SID[383]: S-1-5-21-160562036-3150058255-2134394716-414619 > SID[384]: S-1-5-21-160562036-3150058255-2134394716-373446 > SID[385]: S-1-5-21-160562036-3150058255-2134394716-289048 > SID[386]: S-1-5-21-160562036-3150058255-2134394716-69158 > SID[387]: S-1-5-21-160562036-3150058255-2134394716-373559 > SID[388]: S-1-5-21-160562036-3150058255-2134394716-110686 > SID[389]: S-1-5-21-160562036-3150058255-2134394716-260757 > SID[390]: S-1-5-21-160562036-3150058255-2134394716-249663 > SID[391]: S-1-5-21-160562036-3150058255-2134394716-249619 > SID[392]: S-1-5-21-160562036-3150058255-2134394716-321098 > SID[393]: S-1-5-21-160562036-3150058255-2134394716-64497 > SID[394]: S-1-5-21-160562036-3150058255-2134394716-112627 > SID[395]: S-1-5-21-160562036-3150058255-2134394716-62710 > SID[396]: S-1-5-21-160562036-3150058255-2134394716-360361 > SID[397]: S-1-5-21-160562036-3150058255-2134394716-353621 > SID[398]: S-1-5-21-160562036-3150058255-2134394716-365152 > SID[399]: S-1-5-21-160562036-3150058255-2134394716-69544 > SID[400]: S-1-5-21-160562036-3150058255-2134394716-249644 > SID[401]: S-1-5-21-160562036-3150058255-2134394716-55625 > SID[402]: S-1-1-0 > SID[403]: S-1-5-2 > SID[404]: S-1-5-11 > SID[405]: S-1-5-32-545 > SID[406]: S-1-22-1-10000 > SID[407]: S-1-22-2-10006 > SID[408]: S-1-22-2-10007 > SID[409]: S-1-22-2-10008 > SID[410]: S-1-22-2-10009 > SID[411]: S-1-22-2-10010 > SID[412]: S-1-22-2-10011 > SID[413]: S-1-22-2-10012 > SID[414]: S-1-22-2-10013 > SID[415]: S-1-22-2-10014 > SID[416]: S-1-22-2-10015 > SID[417]: S-1-22-2-10016 > SID[418]: S-1-22-2-10017 > SID[419]: S-1-22-2-10018 > SID[420]: S-1-22-2-10019 > SID[421]: S-1-22-2-10020 > SID[422]: S-1-22-2-10021 > SID[423]: S-1-22-2-10022 > SID[424]: S-1-22-2-10023 > SID[425]: S-1-22-2-10024 > SID[426]: S-1-22-2-10025 > SID[427]: S-1-22-2-10026 > SID[428]: S-1-22-2-10027 > SID[429]: S-1-22-2-10028 > SID[430]: S-1-22-2-10029 > SID[431]: S-1-22-2-10030 > SID[432]: S-1-22-2-10031 > SID[433]: S-1-22-2-10032 > SID[434]: S-1-22-2-10033 > SID[435]: S-1-22-2-10034 > SID[436]: S-1-22-2-10035 > SID[437]: S-1-22-2-10036 > SID[438]: S-1-22-2-10037 > SID[439]: S-1-22-2-10038 > SID[440]: S-1-22-2-10039 > SID[441]: S-1-22-2-10040 > SID[442]: S-1-22-2-10041 > SID[443]: S-1-22-2-10042 > SID[444]: S-1-22-2-10043 > SID[445]: S-1-22-2-10044 > SID[446]: S-1-22-2-10045 > SID[447]: S-1-22-2-10046 > SID[448]: S-1-22-2-10047 > SID[449]: S-1-22-2-10048 > SID[450]: S-1-22-2-10049 > SID[451]: S-1-22-2-10050 > SID[452]: S-1-22-2-10051 > SID[453]: S-1-22-2-10052 > SID[454]: S-1-22-2-10053 > SID[455]: S-1-22-2-10054 > SID[456]: S-1-22-2-10055 > SID[457]: S-1-22-2-10056 > SID[458]: S-1-22-2-10057 > SID[459]: S-1-22-2-10058 > SID[460]: S-1-22-2-10059 > SID[461]: S-1-22-2-10060 > SID[462]: S-1-22-2-10061 > SID[463]: S-1-22-2-10062 > SID[464]: S-1-22-2-10063 > SID[465]: S-1-22-2-10064 > SID[466]: S-1-22-2-10065 > SID[467]: S-1-22-2-10066 > SID[468]: S-1-22-2-10067 > SID[469]: S-1-22-2-10068 > SID[470]: S-1-22-2-10069 > SID[471]: S-1-22-2-10070 > SID[472]: S-1-22-2-10071 > SID[473]: S-1-22-2-10072 > SID[474]: S-1-22-2-10073 > SID[475]: S-1-22-2-10074 > SID[476]: S-1-22-2-10075 > SID[477]: S-1-22-2-10076 > SID[478]: S-1-22-2-10077 > SID[479]: S-1-22-2-10078 > SID[480]: S-1-22-2-10079 > SID[481]: S-1-22-2-10080 > SID[482]: S-1-22-2-10081 > SID[483]: S-1-22-2-10082 > SID[484]: S-1-22-2-10083 > SID[485]: S-1-22-2-10084 > SID[486]: S-1-22-2-10085 > SID[487]: S-1-22-2-10086 > SID[488]: S-1-22-2-10087 > SID[489]: S-1-22-2-10088 > SID[490]: S-1-22-2-10089 > SID[491]: S-1-22-2-10090 > SID[492]: S-1-22-2-10091 > SID[493]: S-1-22-2-10092 > SID[494]: S-1-22-2-10093 > SID[495]: S-1-22-2-10094 > SID[496]: S-1-22-2-10095 > SID[497]: S-1-22-2-10096 > SID[498]: S-1-22-2-10097 > SID[499]: S-1-22-2-10098 > SID[500]: S-1-22-2-10099 > SID[501]: S-1-22-2-10100 > SID[502]: S-1-22-2-10101 > SID[503]: S-1-22-2-10102 > SID[504]: S-1-22-2-10103 > SID[505]: S-1-22-2-10104 > SID[506]: S-1-22-2-10105 > SID[507]: S-1-22-2-10106 > SID[508]: S-1-22-2-10107 > SID[509]: S-1-22-2-10108 > SID[510]: S-1-22-2-10109 > SID[511]: S-1-22-2-10110 > SID[512]: S-1-22-2-10111 > SID[513]: S-1-22-2-10112 > SID[514]: S-1-22-2-10113 > SID[515]: S-1-22-2-10114 > SID[516]: S-1-22-2-10115 > SID[517]: S-1-22-2-10116 > SID[518]: S-1-22-2-10117 > SID[519]: S-1-22-2-10118 > SID[520]: S-1-22-2-10119 > SID[521]: S-1-22-2-10120 > SID[522]: S-1-22-2-10121 > SID[523]: S-1-22-2-10122 > SID[524]: S-1-22-2-10123 > SID[525]: S-1-22-2-10124 > SID[526]: S-1-22-2-10125 > SID[527]: S-1-22-2-10126 > SID[528]: S-1-22-2-10127 > SID[529]: S-1-22-2-10128 > SID[530]: S-1-22-2-10129 > SID[531]: S-1-22-2-10130 > SID[532]: S-1-22-2-10131 > SID[533]: S-1-22-2-10132 > SID[534]: S-1-22-2-10133 > SID[535]: S-1-22-2-10134 > SID[536]: S-1-22-2-10135 > SID[537]: S-1-22-2-10136 > SID[538]: S-1-22-2-10137 > SID[539]: S-1-22-2-10138 > SID[540]: S-1-22-2-10139 > SID[541]: S-1-22-2-10140 > SID[542]: S-1-22-2-10141 > SID[543]: S-1-22-2-10142 > SID[544]: S-1-22-2-10143 > SID[545]: S-1-22-2-10144 > SID[546]: S-1-22-2-10145 > SID[547]: S-1-22-2-10146 > SID[548]: S-1-22-2-10147 > SID[549]: S-1-22-2-10148 > SID[550]: S-1-22-2-10149 > SID[551]: S-1-22-2-10150 > SID[552]: S-1-22-2-10471 > SID[553]: S-1-22-2-10151 > SID[554]: S-1-22-2-10152 > SID[555]: S-1-22-2-10153 > SID[556]: S-1-22-2-10154 > SID[557]: S-1-22-2-10155 > SID[558]: S-1-22-2-10156 > SID[559]: S-1-22-2-10157 > SID[560]: S-1-22-2-10158 > SID[561]: S-1-22-2-10159 > SID[562]: S-1-22-2-10160 > SID[563]: S-1-22-2-10161 > SID[564]: S-1-22-2-10162 > SID[565]: S-1-22-2-10163 > SID[566]: S-1-22-2-10164 > SID[567]: S-1-22-2-10165 > SID[568]: S-1-22-2-10166 > SID[569]: S-1-22-2-10167 > SID[570]: S-1-22-2-10168 > SID[571]: S-1-22-2-10169 > SID[572]: S-1-22-2-10170 > SID[573]: S-1-22-2-10171 > SID[574]: S-1-22-2-10172 > SID[575]: S-1-22-2-10173 > SID[576]: S-1-22-2-10174 > SID[577]: S-1-22-2-10175 > SID[578]: S-1-22-2-10176 > SID[579]: S-1-22-2-10177 > SID[580]: S-1-22-2-10178 > SID[581]: S-1-22-2-10179 > SID[582]: S-1-22-2-10180 > SID[583]: S-1-22-2-10181 > SID[584]: S-1-22-2-10182 > SID[585]: S-1-22-2-10183 > SID[586]: S-1-22-2-10184 > SID[587]: S-1-22-2-10185 > SID[588]: S-1-22-2-10186 > SID[589]: S-1-22-2-10187 > SID[590]: S-1-22-2-10188 > SID[591]: S-1-22-2-10189 > SID[592]: S-1-22-2-10190 > SID[593]: S-1-22-2-10191 > SID[594]: S-1-22-2-10192 > SID[595]: S-1-22-2-10193 > SID[596]: S-1-22-2-10194 > SID[597]: S-1-22-2-10195 > SID[598]: S-1-22-2-10196 > SID[599]: S-1-22-2-10197 > SID[600]: S-1-22-2-10198 > SID[601]: S-1-22-2-10199 > SID[602]: S-1-22-2-10200 > SID[603]: S-1-22-2-10201 > SID[604]: S-1-22-2-10202 > SID[605]: S-1-22-2-10203 > SID[606]: S-1-22-2-10204 > SID[607]: S-1-22-2-10205 > SID[608]: S-1-22-2-10206 > SID[609]: S-1-22-2-10207 > SID[610]: S-1-22-2-10208 > SID[611]: S-1-22-2-10209 > SID[612]: S-1-22-2-10210 > SID[613]: S-1-22-2-10211 > SID[614]: S-1-22-2-10212 > SID[615]: S-1-22-2-10213 > SID[616]: S-1-22-2-10214 > SID[617]: S-1-22-2-10215 > SID[618]: S-1-22-2-10216 > SID[619]: S-1-22-2-10217 > SID[620]: S-1-22-2-10218 > SID[621]: S-1-22-2-10219 > SID[622]: S-1-22-2-10220 > SID[623]: S-1-22-2-10221 > SID[624]: S-1-22-2-10222 > SID[625]: S-1-22-2-10223 > SID[626]: S-1-22-2-10224 > SID[627]: S-1-22-2-10225 > SID[628]: S-1-22-2-10226 > SID[629]: S-1-22-2-10227 > SID[630]: S-1-22-2-10228 > SID[631]: S-1-22-2-10229 > SID[632]: S-1-22-2-10230 > SID[633]: S-1-22-2-10231 > SID[634]: S-1-22-2-10232 > SID[635]: S-1-22-2-10233 > SID[636]: S-1-22-2-10234 > SID[637]: S-1-22-2-10235 > SID[638]: S-1-22-2-10236 > SID[639]: S-1-22-2-10237 > SID[640]: S-1-22-2-10238 > SID[641]: S-1-22-2-10239 > SID[642]: S-1-22-2-10240 > SID[643]: S-1-22-2-10241 > SID[644]: S-1-22-2-10242 > SID[645]: S-1-22-2-10243 > SID[646]: S-1-22-2-10244 > SID[647]: S-1-22-2-10245 > SID[648]: S-1-22-2-10246 > SID[649]: S-1-22-2-10247 > SID[650]: S-1-22-2-10248 > SID[651]: S-1-22-2-10249 > SID[652]: S-1-22-2-10250 > SID[653]: S-1-22-2-10251 > SID[654]: S-1-22-2-10252 > SID[655]: S-1-22-2-10253 > SID[656]: S-1-22-2-10254 > SID[657]: S-1-22-2-10255 > SID[658]: S-1-22-2-10256 > SID[659]: S-1-22-2-10257 > SID[660]: S-1-22-2-10258 > SID[661]: S-1-22-2-10259 > SID[662]: S-1-22-2-10260 > SID[663]: S-1-22-2-10261 > SID[664]: S-1-22-2-10262 > SID[665]: S-1-22-2-10263 > SID[666]: S-1-22-2-10264 > SID[667]: S-1-22-2-10265 > SID[668]: S-1-22-2-10266 > SID[669]: S-1-22-2-10267 > SID[670]: S-1-22-2-10268 > SID[671]: S-1-22-2-10269 > SID[672]: S-1-22-2-10270 > SID[673]: S-1-22-2-10271 > SID[674]: S-1-22-2-10272 > SID[675]: S-1-22-2-10273 > SID[676]: S-1-22-2-10274 > SID[677]: S-1-22-2-10275 > SID[678]: S-1-22-2-10276 > SID[679]: S-1-22-2-10277 > SID[680]: S-1-22-2-10278 > SID[681]: S-1-22-2-10279 > SID[682]: S-1-22-2-10280 > SID[683]: S-1-22-2-10281 > SID[684]: S-1-22-2-10282 > SID[685]: S-1-22-2-10283 > SID[686]: S-1-22-2-10284 > SID[687]: S-1-22-2-10285 > SID[688]: S-1-22-2-10286 > SID[689]: S-1-22-2-10287 > SID[690]: S-1-22-2-10288 > SID[691]: S-1-22-2-10289 > SID[692]: S-1-22-2-10290 > SID[693]: S-1-22-2-10291 > SID[694]: S-1-22-2-10292 > SID[695]: S-1-22-2-10293 > SID[696]: S-1-22-2-10294 > SID[697]: S-1-22-2-10295 > SID[698]: S-1-22-2-10296 > SID[699]: S-1-22-2-10297 > SID[700]: S-1-22-2-10298 > SID[701]: S-1-22-2-10299 > SID[702]: S-1-22-2-10300 > SID[703]: S-1-22-2-10301 > SID[704]: S-1-22-2-10302 > SID[705]: S-1-22-2-10303 > SID[706]: S-1-22-2-10304 > SID[707]: S-1-22-2-10305 > SID[708]: S-1-22-2-10306 > SID[709]: S-1-22-2-10307 > SID[710]: S-1-22-2-10308 > SID[711]: S-1-22-2-10309 > SID[712]: S-1-22-2-10310 > SID[713]: S-1-22-2-10311 > SID[714]: S-1-22-2-10312 > SID[715]: S-1-22-2-10313 > SID[716]: S-1-22-2-10314 > SID[717]: S-1-22-2-10315 > SID[718]: S-1-22-2-10316 > SID[719]: S-1-22-2-10317 > SID[720]: S-1-22-2-10318 > SID[721]: S-1-22-2-10319 > SID[722]: S-1-22-2-10320 > SID[723]: S-1-22-2-10321 > SID[724]: S-1-22-2-10322 > SID[725]: S-1-22-2-10323 > SID[726]: S-1-22-2-10324 > SID[727]: S-1-22-2-10325 > SID[728]: S-1-22-2-10326 > SID[729]: S-1-22-2-10327 > SID[730]: S-1-22-2-10328 > SID[731]: S-1-22-2-10329 > SID[732]: S-1-22-2-10330 > SID[733]: S-1-22-2-10331 > SID[734]: S-1-22-2-10332 > SID[735]: S-1-22-2-10333 > SID[736]: S-1-22-2-10334 > SID[737]: S-1-22-2-10335 > SID[738]: S-1-22-2-10336 > SID[739]: S-1-22-2-10337 > SID[740]: S-1-22-2-10338 > SID[741]: S-1-22-2-10339 > SID[742]: S-1-22-2-10340 > SID[743]: S-1-22-2-10341 > SID[744]: S-1-22-2-10342 > SID[745]: S-1-22-2-10343 > SID[746]: S-1-22-2-10344 > SID[747]: S-1-22-2-10345 > SID[748]: S-1-22-2-10346 > SID[749]: S-1-22-2-10347 > SID[750]: S-1-22-2-10348 > SID[751]: S-1-22-2-10349 > SID[752]: S-1-22-2-10350 > SID[753]: S-1-22-2-10351 > SID[754]: S-1-22-2-10352 > SID[755]: S-1-22-2-10353 > SID[756]: S-1-22-2-10354 > SID[757]: S-1-22-2-10355 > SID[758]: S-1-22-2-10356 > SID[759]: S-1-22-2-10357 > SID[760]: S-1-22-2-10358 > SID[761]: S-1-22-2-10359 > SID[762]: S-1-22-2-10360 > SID[763]: S-1-22-2-10361 > SID[764]: S-1-22-2-10362 > SID[765]: S-1-22-2-10363 > SID[766]: S-1-22-2-10364 > SID[767]: S-1-22-2-10365 > SID[768]: S-1-22-2-10366 > SID[769]: S-1-22-2-10367 > SID[770]: S-1-22-2-10368 > SID[771]: S-1-22-2-10369 > SID[772]: S-1-22-2-10370 > SID[773]: S-1-22-2-10371 > SID[774]: S-1-22-2-10372 > SID[775]: S-1-22-2-10373 > SID[776]: S-1-22-2-10374 > SID[777]: S-1-22-2-10375 > SID[778]: S-1-22-2-10376 > SID[779]: S-1-22-2-10377 > SID[780]: S-1-22-2-10378 > SID[781]: S-1-22-2-10379 > SID[782]: S-1-22-2-10380 > SID[783]: S-1-22-2-10381 > SID[784]: S-1-22-2-10382 > SID[785]: S-1-22-2-10383 > SID[786]: S-1-22-2-10384 > SID[787]: S-1-22-2-10385 > SID[788]: S-1-22-2-10386 > SID[789]: S-1-22-2-10387 > SID[790]: S-1-22-2-10388 > SID[791]: S-1-22-2-10389 > SID[792]: S-1-22-2-10390 > SID[793]: S-1-22-2-10391 > SID[794]: S-1-22-2-10392 > SID[795]: S-1-22-2-10393 > SID[796]: S-1-22-2-10394 > SID[797]: S-1-22-2-10395 > SID[798]: S-1-22-2-10396 > SID[799]: S-1-22-2-10397 > SID[800]: S-1-22-2-10398 > SID[801]: S-1-22-2-10399 > SID[802]: S-1-22-2-10400 > SID[803]: S-1-22-2-10401 > SID[804]: S-1-22-2-10402 > SID[805]: S-1-22-2-10403 > SID[806]: S-1-22-2-10404 > SID[807]: S-1-22-2-10002 > SID[808]: S-1-22-2-10003 > SID[809]: S-1-22-2-10004 > SID[810]: S-1-22-2-10001 > Privileges (0x 20): > Privilege[ 0]: SePrintOperatorPrivilege > Rights (0x 0): >[2012/11/09 16:29:11.353214, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 10000 > Primary group is 71 and contains 404 supplementary groups > Group[ 0]: 10006 > Group[ 1]: 10007 > Group[ 2]: 10008 > Group[ 3]: 10009 > Group[ 4]: 10010 > Group[ 5]: 10011 > Group[ 6]: 10012 > Group[ 7]: 10013 > Group[ 8]: 10014 > Group[ 9]: 10015 > Group[ 10]: 10016 > Group[ 11]: 10017 > Group[ 12]: 10018 > Group[ 13]: 10019 > Group[ 14]: 10020 > Group[ 15]: 10021 > Group[ 16]: 10022 > Group[ 17]: 10023 > Group[ 18]: 10024 > Group[ 19]: 10025 > Group[ 20]: 10026 > Group[ 21]: 10027 > Group[ 22]: 10028 > Group[ 23]: 10029 > Group[ 24]: 10030 > Group[ 25]: 10031 > Group[ 26]: 10032 > Group[ 27]: 10033 > Group[ 28]: 10034 > Group[ 29]: 10035 > Group[ 30]: 10036 > Group[ 31]: 10037 > Group[ 32]: 10038 > Group[ 33]: 10039 > Group[ 34]: 10040 > Group[ 35]: 10041 > Group[ 36]: 10042 > Group[ 37]: 10043 > Group[ 38]: 10044 > Group[ 39]: 10045 > Group[ 40]: 10046 > Group[ 41]: 10047 > Group[ 42]: 10048 > Group[ 43]: 10049 > Group[ 44]: 10050 > Group[ 45]: 10051 > Group[ 46]: 10052 > Group[ 47]: 10053 > Group[ 48]: 10054 > Group[ 49]: 10055 > Group[ 50]: 10056 > Group[ 51]: 10057 > Group[ 52]: 10058 > Group[ 53]: 10059 > Group[ 54]: 10060 > Group[ 55]: 10061 > Group[ 56]: 10062 > Group[ 57]: 10063 > Group[ 58]: 10064 > Group[ 59]: 10065 > Group[ 60]: 10066 > Group[ 61]: 10067 > Group[ 62]: 10068 > Group[ 63]: 10069 > Group[ 64]: 10070 > Group[ 65]: 10071 > Group[ 66]: 10072 > Group[ 67]: 10073 > Group[ 68]: 10074 > Group[ 69]: 10075 > Group[ 70]: 10076 > Group[ 71]: 10077 > Group[ 72]: 10078 > Group[ 73]: 10079 > Group[ 74]: 10080 > Group[ 75]: 10081 > Group[ 76]: 10082 > Group[ 77]: 10083 > Group[ 78]: 10084 > Group[ 79]: 10085 > Group[ 80]: 10086 > Group[ 81]: 10087 > Group[ 82]: 10088 > Group[ 83]: 10089 > Group[ 84]: 10090 > Group[ 85]: 10091 > Group[ 86]: 10092 > Group[ 87]: 10093 > Group[ 88]: 10094 > Group[ 89]: 10095 > Group[ 90]: 10096 > Group[ 91]: 10097 > Group[ 92]: 10098 > Group[ 93]: 10099 > Group[ 94]: 10100 > Group[ 95]: 10101 > Group[ 96]: 10102 > Group[ 97]: 10103 > Group[ 98]: 10104 > Group[ 99]: 10105 > Group[100]: 10106 > Group[101]: 10107 > Group[102]: 10108 > Group[103]: 10109 > Group[104]: 10110 > Group[105]: 10111 > Group[106]: 10112 > Group[107]: 10113 > Group[108]: 10114 > Group[109]: 10115 > Group[110]: 10116 > Group[111]: 10117 > Group[112]: 10118 > Group[113]: 10119 > Group[114]: 10120 > Group[115]: 10121 > Group[116]: 10122 > Group[117]: 10123 > Group[118]: 10124 > Group[119]: 10125 > Group[120]: 10126 > Group[121]: 10127 > Group[122]: 10128 > Group[123]: 10129 > Group[124]: 10130 > Group[125]: 10131 > Group[126]: 10132 > Group[127]: 10133 > Group[128]: 10134 > Group[129]: 10135 > Group[130]: 10136 > Group[131]: 10137 > Group[132]: 10138 > Group[133]: 10139 > Group[134]: 10140 > Group[135]: 10141 > Group[136]: 10142 > Group[137]: 10143 > Group[138]: 10144 > Group[139]: 10145 > Group[140]: 10146 > Group[141]: 10147 > Group[142]: 10148 > Group[143]: 10149 > Group[144]: 10150 > Group[145]: 10471 > Group[146]: 10151 > Group[147]: 10152 > Group[148]: 10153 > Group[149]: 10154 > Group[150]: 10155 > Group[151]: 10156 > Group[152]: 10157 > Group[153]: 10158 > Group[154]: 10159 > Group[155]: 10160 > Group[156]: 10161 > Group[157]: 10162 > Group[158]: 10163 > Group[159]: 10164 > Group[160]: 10165 > Group[161]: 10166 > Group[162]: 10167 > Group[163]: 10168 > Group[164]: 10169 > Group[165]: 10170 > Group[166]: 10171 > Group[167]: 10172 > Group[168]: 10173 > Group[169]: 10174 > Group[170]: 10175 > Group[171]: 10176 > Group[172]: 10177 > Group[173]: 10178 > Group[174]: 10179 > Group[175]: 10180 > Group[176]: 10181 > Group[177]: 10182 > Group[178]: 10183 > Group[179]: 10184 > Group[180]: 10185 > Group[181]: 10186 > Group[182]: 10187 > Group[183]: 10188 > Group[184]: 10189 > Group[185]: 10190 > Group[186]: 10191 > Group[187]: 10192 > Group[188]: 10193 > Group[189]: 10194 > Group[190]: 10195 > Group[191]: 10196 > Group[192]: 10197 > Group[193]: 10198 > Group[194]: 10199 > Group[195]: 10200 > Group[196]: 10201 > Group[197]: 10202 > Group[198]: 10203 > Group[199]: 10204 > Group[200]: 10205 > Group[201]: 10206 > Group[202]: 10207 > Group[203]: 10208 > Group[204]: 10209 > Group[205]: 10210 > Group[206]: 10211 > Group[207]: 10212 > Group[208]: 10213 > Group[209]: 10214 > Group[210]: 10215 > Group[211]: 10216 > Group[212]: 10217 > Group[213]: 10218 > Group[214]: 10219 > Group[215]: 10220 > Group[216]: 10221 > Group[217]: 10222 > Group[218]: 10223 > Group[219]: 10224 > Group[220]: 10225 > Group[221]: 10226 > Group[222]: 10227 > Group[223]: 10228 > Group[224]: 10229 > Group[225]: 10230 > Group[226]: 10231 > Group[227]: 10232 > Group[228]: 10233 > Group[229]: 10234 > Group[230]: 10235 > Group[231]: 10236 > Group[232]: 10237 > Group[233]: 10238 > Group[234]: 10239 > Group[235]: 10240 > Group[236]: 10241 > Group[237]: 10242 > Group[238]: 10243 > Group[239]: 10244 > Group[240]: 10245 > Group[241]: 10246 > Group[242]: 10247 > Group[243]: 10248 > Group[244]: 10249 > Group[245]: 10250 > Group[246]: 10251 > Group[247]: 10252 > Group[248]: 10253 > Group[249]: 10254 > Group[250]: 10255 > Group[251]: 10256 > Group[252]: 10257 > Group[253]: 10258 > Group[254]: 10259 > Group[255]: 10260 > Group[256]: 10261 > Group[257]: 10262 > Group[258]: 10263 > Group[259]: 10264 > Group[260]: 10265 > Group[261]: 10266 > Group[262]: 10267 > Group[263]: 10268 > Group[264]: 10269 > Group[265]: 10270 > Group[266]: 10271 > Group[267]: 10272 > Group[268]: 10273 > Group[269]: 10274 > Group[270]: 10275 > Group[271]: 10276 > Group[272]: 10277 > Group[273]: 10278 > Group[274]: 10279 > Group[275]: 10280 > Group[276]: 10281 > Group[277]: 10282 > Group[278]: 10283 > Group[279]: 10284 > Group[280]: 10285 > Group[281]: 10286 > Group[282]: 10287 > Group[283]: 10288 > Group[284]: 10289 > Group[285]: 10290 > Group[286]: 10291 > Group[287]: 10292 > Group[288]: 10293 > Group[289]: 10294 > Group[290]: 10295 > Group[291]: 10296 > Group[292]: 10297 > Group[293]: 10298 > Group[294]: 10299 > Group[295]: 10300 > Group[296]: 10301 > Group[297]: 10302 > Group[298]: 10303 > Group[299]: 10304 > Group[300]: 10305 > Group[301]: 10306 > Group[302]: 10307 > Group[303]: 10308 > Group[304]: 10309 > Group[305]: 10310 > Group[306]: 10311 > Group[307]: 10312 > Group[308]: 10313 > Group[309]: 10314 > Group[310]: 10315 > Group[311]: 10316 > Group[312]: 10317 > Group[313]: 10318 > Group[314]: 10319 > Group[315]: 10320 > Group[316]: 10321 > Group[317]: 10322 > Group[318]: 10323 > Group[319]: 10324 > Group[320]: 10325 > Group[321]: 10326 > Group[322]: 10327 > Group[323]: 10328 > Group[324]: 10329 > Group[325]: 10330 > Group[326]: 10331 > Group[327]: 10332 > Group[328]: 10333 > Group[329]: 10334 > Group[330]: 10335 > Group[331]: 10336 > Group[332]: 10337 > Group[333]: 10338 > Group[334]: 10339 > Group[335]: 10340 > Group[336]: 10341 > Group[337]: 10342 > Group[338]: 10343 > Group[339]: 10344 > Group[340]: 10345 > Group[341]: 10346 > Group[342]: 10347 > Group[343]: 10348 > Group[344]: 10349 > Group[345]: 10350 > Group[346]: 10351 > Group[347]: 10352 > Group[348]: 10353 > Group[349]: 10354 > Group[350]: 10355 > Group[351]: 10356 > Group[352]: 10357 > Group[353]: 10358 > Group[354]: 10359 > Group[355]: 10360 > Group[356]: 10361 > Group[357]: 10362 > Group[358]: 10363 > Group[359]: 10364 > Group[360]: 10365 > Group[361]: 10366 > Group[362]: 10367 > Group[363]: 10368 > Group[364]: 10369 > Group[365]: 10370 > Group[366]: 10371 > Group[367]: 10372 > Group[368]: 10373 > Group[369]: 10374 > Group[370]: 10375 > Group[371]: 10376 > Group[372]: 10377 > Group[373]: 10378 > Group[374]: 10379 > Group[375]: 10380 > Group[376]: 10381 > Group[377]: 10382 > Group[378]: 10383 > Group[379]: 10384 > Group[380]: 10385 > Group[381]: 10386 > Group[382]: 10387 > Group[383]: 10388 > Group[384]: 10389 > Group[385]: 10390 > Group[386]: 10391 > Group[387]: 10392 > Group[388]: 10393 > Group[389]: 10394 > Group[390]: 10395 > Group[391]: 10396 > Group[392]: 10397 > Group[393]: 10398 > Group[394]: 10399 > Group[395]: 10400 > Group[396]: 10401 > Group[397]: 10402 > Group[398]: 10403 > Group[399]: 10404 > Group[400]: 10002 > Group[401]: 10003 > Group[402]: 10004 > Group[403]: 10001 >[2012/11/09 16:29:11.356268, 5] smbd/uid.c:317(change_to_user_internal) > Impersonated user: uid=(0,10000), gid=(0,71) >[2012/11/09 16:29:11.356302, 4] smbd/vfs.c:780(vfs_ChDir) > vfs_ChDir to /var/lib/samba/drivers >[2012/11/09 16:29:11.356334, 3] smbd/trans2.c:5111(call_trans2qfilepathinfo) > call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 1004 >[2012/11/09 16:29:11.356366, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3" >[2012/11/09 16:29:11.356393, 5] smbd/filename.c:416(unix_convert) > unix_convert begin: name = x64/3, dirpath = , start = x64/3 >[2012/11/09 16:29:11.356421, 5] smbd/statcache.c:143(stat_cache_add) > stat_cache_add: Added entry (7fa2eacb2620:size 5) X64/3 -> x64/3 >[2012/11/09 16:29:11.356442, 5] smbd/filename.c:439(unix_convert) > conversion of base_name finished x64/3 -> x64/3 >[2012/11/09 16:29:11.356487, 3] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [x64/3] [/var/lib/samba/drivers] >[2012/11/09 16:29:11.356522, 3] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: x64/3 reduced to /var/lib/samba/drivers/x64/3 >[2012/11/09 16:29:11.356567, 3] smbd/trans2.c:5255(call_trans2qfilepathinfo) > call_trans2qfilepathinfo x64/3 (fnum = -1) level=1004 call=5 total_data=0 >[2012/11/09 16:29:11.356594, 5] smbd/trans2.c:4223(smbd_do_qfilepathinfo) > smbd_do_qfilepathinfo: x64/3 (fnum = -1) level=1004 max_data=40 >[2012/11/09 16:29:11.356617, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3 >[2012/11/09 16:29:11.356637, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning d >[2012/11/09 16:29:11.356657, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning d >[2012/11/09 16:29:11.356682, 5] smbd/trans2.c:4462(smbd_do_qfilepathinfo) > SMB_QFBI - create: Tue Oct 30 11:28:16 2012 > access: Thu Nov 8 18:45:19 2012 > write: Tue Oct 30 11:28:16 2012 > change: Tue Oct 30 11:28:16 2012 > mode: 10 >[2012/11/09 16:29:11.356754, 9] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 2, data_sent_thistime = 40, useable_space = 131010 >[2012/11/09 16:29:11.356774, 9] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 2, data_to_send = 40, paramsize = 2, datasize = 40 >[2012/11/09 16:29:11.356794, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.356805, 5] lib/util.c:342(show_msg) > size=100 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=50560 > smt_wct=10 > smb_vwv[ 0]= 2 (0x2) > smb_vwv[ 1]= 40 (0x28) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 2 (0x2) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 40 (0x28) > smb_vwv[ 7]= 60 (0x3C) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=45 >[2012/11/09 16:29:11.358270, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x58 >[2012/11/09 16:29:11.358310, 3] smbd/process.c:1662(process_smb) > Transaction 41 of length 92 (0 toread) >[2012/11/09 16:29:11.358330, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.358341, 5] lib/util.c:342(show_msg) > size=88 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=50624 > smt_wct=15 > smb_vwv[ 0]= 20 (0x14) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 2 (0x2) > smb_vwv[ 3]= 24 (0x18) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 20 (0x14) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 5 (0x5) > smb_bcc=23 >[2012/11/09 16:29:11.358549, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:11.358570, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.358591, 3] smbd/trans2.c:5111(call_trans2qfilepathinfo) > call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 1005 >[2012/11/09 16:29:11.358641, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3" >[2012/11/09 16:29:11.358667, 3] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [x64/3] [/var/lib/samba/drivers] >[2012/11/09 16:29:11.358693, 3] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: x64/3 reduced to /var/lib/samba/drivers/x64/3 >[2012/11/09 16:29:11.358722, 3] smbd/trans2.c:5255(call_trans2qfilepathinfo) > call_trans2qfilepathinfo x64/3 (fnum = -1) level=1005 call=5 total_data=0 >[2012/11/09 16:29:11.358744, 5] smbd/trans2.c:4223(smbd_do_qfilepathinfo) > smbd_do_qfilepathinfo: x64/3 (fnum = -1) level=1005 max_data=24 >[2012/11/09 16:29:11.358773, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3 >[2012/11/09 16:29:11.358802, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning d >[2012/11/09 16:29:11.358824, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning d >[2012/11/09 16:29:11.358846, 9] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 2, data_sent_thistime = 24, useable_space = 131010 >[2012/11/09 16:29:11.358867, 9] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 2, data_to_send = 24, paramsize = 2, datasize = 24 >[2012/11/09 16:29:11.358886, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.358897, 5] lib/util.c:342(show_msg) > size=84 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=50624 > smt_wct=10 > smb_vwv[ 0]= 2 (0x2) > smb_vwv[ 1]= 24 (0x18) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 2 (0x2) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 24 (0x18) > smb_vwv[ 7]= 60 (0x3C) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=29 >[2012/11/09 16:29:11.360372, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x78 >[2012/11/09 16:29:11.360405, 3] smbd/process.c:1662(process_smb) > Transaction 42 of length 124 (0 toread) >[2012/11/09 16:29:11.360425, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.360436, 5] lib/util.c:342(show_msg) > size=120 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=50688 > smt_wct=15 > smb_vwv[ 0]= 52 (0x34) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 10 (0xA) > smb_vwv[ 3]=16384 (0x4000) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 52 (0x34) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 1 (0x1) > smb_bcc=55 >[2012/11/09 16:29:11.360667, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:11.360689, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.360716, 3] smbd/trans2.c:2286(call_trans2findfirst) > call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=1, close_if_end = 1 requires_resume_key = 1 level = 0x104, max_data_bytes = 16384 >[2012/11/09 16:29:11.360740, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/pscript5.dll" >[2012/11/09 16:29:11.360764, 5] smbd/filename.c:416(unix_convert) > unix_convert begin: name = x64/3/pscript5.dll, dirpath = x64/3, start = pscript5.dll >[2012/11/09 16:29:11.360787, 5] smbd/statcache.c:143(stat_cache_add) > stat_cache_add: Added entry (7fa2eacb2630:size 12) X64/3/PSCRIPT5.DLL -> x64/3/pscript5.dll >[2012/11/09 16:29:11.360807, 5] smbd/filename.c:439(unix_convert) > conversion of base_name finished x64/3/pscript5.dll -> x64/3/pscript5.dll >[2012/11/09 16:29:11.360827, 3] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [x64/3/pscript5.dll] [/var/lib/samba/drivers] >[2012/11/09 16:29:11.360853, 3] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: x64/3/pscript5.dll reduced to /var/lib/samba/drivers/x64/3/pscript5.dll >[2012/11/09 16:29:11.360883, 5] smbd/trans2.c:2371(call_trans2findfirst) > dir=x64/3, mask = pscript5.dll >[2012/11/09 16:29:11.360907, 5] smbd/dir.c:439(dptr_create) > dptr_create dir=x64/3 >[2012/11/09 16:29:11.360928, 3] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [x64/3] [/var/lib/samba/drivers] >[2012/11/09 16:29:11.360952, 3] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: x64/3 reduced to /var/lib/samba/drivers/x64/3 >[2012/11/09 16:29:11.360994, 3] smbd/dir.c:578(dptr_create) > creating new dirptr 256 for path x64/3, expect_close = 1 >[2012/11/09 16:29:11.361017, 4] smbd/trans2.c:2439(call_trans2findfirst) > dptr_num is 256, wcard = pscript5.dll, attr = 22 >[2012/11/09 16:29:11.361037, 8] smbd/trans2.c:2448(call_trans2findfirst) > dirpath=<x64/3> dontdescend=<> >[2012/11/09 16:29:11.361064, 6] smbd/dir.c:969(smbd_dirptr_get_entry) > smbd_dirptr_get_entry: dirptr 0x7fa2eacb9120 now at offset -1 >[2012/11/09 16:29:11.361089, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/pscript5.dll >[2012/11/09 16:29:11.361113, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:11.361133, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:11.361156, 3] smbd/dir.c:1041(smbd_dirptr_get_entry) > smbd_dirptr_get_entry mask=[pscript5.dll] found x64/3/pscript5.dll fname=pscript5.dll (pscript5.dll) >[2012/11/09 16:29:11.361200, 5] smbd/trans2.c:2505(call_trans2findfirst) > call_trans2findfirst - (2) closing dptr_num 256 >[2012/11/09 16:29:11.361224, 4] smbd/dir.c:257(dptr_close_internal) > closing dptr key 256 >[2012/11/09 16:29:11.361255, 9] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 10, data_sent_thistime = 120, useable_space = 131010 >[2012/11/09 16:29:11.361277, 9] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 10, data_to_send = 120, paramsize = 10, datasize = 120 >[2012/11/09 16:29:11.361297, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.361308, 5] lib/util.c:342(show_msg) > size=188 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=50688 > smt_wct=10 > smb_vwv[ 0]= 10 (0xA) > smb_vwv[ 1]= 120 (0x78) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 10 (0xA) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 120 (0x78) > smb_vwv[ 7]= 68 (0x44) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=133 >[2012/11/09 16:29:11.361488, 4] smbd/trans2.c:2549(call_trans2findfirst) > SMBtrans2 mask=pscript5.dll directory=x64/3 dirtype=22 numentries=1 >[2012/11/09 16:29:11.371673, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x7c >[2012/11/09 16:29:11.371750, 3] smbd/process.c:1662(process_smb) > Transaction 43 of length 128 (0 toread) >[2012/11/09 16:29:11.371772, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:11.371784, 5] lib/util.c:342(show_msg) > size=124 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=50752 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 9728 (0x2600) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 256 (0x100) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]=17408 (0x4400) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 768 (0x300) > smb_bcc=41 >[2012/11/09 16:29:11.372075, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:11.372099, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:11.372128, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/pscript5.dll" >[2012/11/09 16:29:11.372177, 3] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [x64/3/pscript5.dll] [/var/lib/samba/drivers] >[2012/11/09 16:29:11.372211, 3] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: x64/3/pscript5.dll reduced to /var/lib/samba/drivers/x64/3/pscript5.dll >[2012/11/09 16:29:11.372238, 5] smbd/files.c:140(file_new) > allocated file structure 4117, fnum = 8213 (3 used) >[2012/11/09 16:29:11.372266, 3] smbd/dosmode.c:159(unix_mode) > unix_mode(x64/3/pscript5.dll) returning 0664 >[2012/11/09 16:29:11.372287, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/pscript5.dll >[2012/11/09 16:29:11.372307, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:11.372326, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:11.372374, 4] smbd/open.c:2065(open_file_ntcreate) > calling open_file with flags=0x0 flags2=0x0 mode=0664, access_mask = 0x20089, open_access_mask = 0x20089 >[2012/11/09 16:29:11.372406, 2] smbd/open.c:704(open_file) > BROSE+pfoerfr opened file x64/3/pscript5.dll read=Yes write=No (numopen=1) >[2012/11/09 16:29:11.372445, 3] smbd/oplock_linux.c:135(linux_set_kernel_oplock) > linux_set_kernel_oplock: Refused oplock on file x64/3/pscript5.dll, fd = 32, file_id = fd02:e10:0. (Keine Berechtigung) >[2012/11/09 16:29:11.372767, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/pscript5.dll >[2012/11/09 16:29:11.372802, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:11.372835, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.379623, 5] smbd/nttrans.c:725(reply_ntcreate_and_X) > reply_ntcreate_and_X: fnum = 8213, open name = x64/3/pscript5.dll >[2012/11/09 16:29:16.380807, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x48 >[2012/11/09 16:29:16.380852, 3] smbd/process.c:1662(process_smb) > Transaction 44 of length 76 (0 toread) >[2012/11/09 16:29:16.380874, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.380886, 5] lib/util.c:342(show_msg) > size=72 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=50816 > smt_wct=15 > smb_vwv[ 0]= 4 (0x4) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 2 (0x2) > smb_vwv[ 3]= 8 (0x8) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 4 (0x4) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 7 (0x7) > smb_bcc=7 >[2012/11/09 16:29:16.381637, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.381675, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.381703, 3] smbd/trans2.c:5026(call_trans2qfilepathinfo) > call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 1006 >[2012/11/09 16:29:16.381739, 3] smbd/trans2.c:5255(call_trans2qfilepathinfo) > call_trans2qfilepathinfo x64/3/pscript5.dll (fnum = 8213) level=1006 call=7 total_data=0 >[2012/11/09 16:29:16.381762, 5] smbd/trans2.c:4223(smbd_do_qfilepathinfo) > smbd_do_qfilepathinfo: x64/3/pscript5.dll (fnum = 8213) level=1006 max_data=8 >[2012/11/09 16:29:16.381782, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/pscript5.dll >[2012/11/09 16:29:16.381802, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.381821, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.381845, 9] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 2, data_sent_thistime = 8, useable_space = 131010 >[2012/11/09 16:29:16.381865, 9] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 2, data_to_send = 8, paramsize = 2, datasize = 8 >[2012/11/09 16:29:16.381883, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.381894, 5] lib/util.c:342(show_msg) > size=68 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=50816 > smt_wct=10 > smb_vwv[ 0]= 2 (0x2) > smb_vwv[ 1]= 8 (0x8) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 2 (0x2) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 8 (0x8) > smb_vwv[ 7]= 60 (0x3C) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=13 >[2012/11/09 16:29:16.383426, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x48 >[2012/11/09 16:29:16.383462, 3] smbd/process.c:1662(process_smb) > Transaction 45 of length 76 (0 toread) >[2012/11/09 16:29:16.383482, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.383494, 5] lib/util.c:342(show_msg) > size=72 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=50880 > smt_wct=15 > smb_vwv[ 0]= 4 (0x4) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 2 (0x2) > smb_vwv[ 3]= 24 (0x18) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 4 (0x4) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 7 (0x7) > smb_bcc=7 >[2012/11/09 16:29:16.383732, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.383755, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.383775, 3] smbd/trans2.c:5026(call_trans2qfilepathinfo) > call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 1005 >[2012/11/09 16:29:16.383801, 3] smbd/trans2.c:5255(call_trans2qfilepathinfo) > call_trans2qfilepathinfo x64/3/pscript5.dll (fnum = 8213) level=1005 call=7 total_data=0 >[2012/11/09 16:29:16.383823, 5] smbd/trans2.c:4223(smbd_do_qfilepathinfo) > smbd_do_qfilepathinfo: x64/3/pscript5.dll (fnum = 8213) level=1005 max_data=24 >[2012/11/09 16:29:16.383842, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/pscript5.dll >[2012/11/09 16:29:16.383861, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.383880, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.383902, 9] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 2, data_sent_thistime = 24, useable_space = 131010 >[2012/11/09 16:29:16.383921, 9] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 2, data_to_send = 24, paramsize = 2, datasize = 24 >[2012/11/09 16:29:16.383940, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.383951, 5] lib/util.c:342(show_msg) > size=84 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=50880 > smt_wct=10 > smb_vwv[ 0]= 2 (0x2) > smb_vwv[ 1]= 24 (0x18) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 2 (0x2) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 24 (0x18) > smb_vwv[ 7]= 60 (0x3C) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=29 >[2012/11/09 16:29:16.385607, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x76 >[2012/11/09 16:29:16.385651, 3] smbd/process.c:1662(process_smb) > Transaction 46 of length 122 (0 toread) >[2012/11/09 16:29:16.385672, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.385683, 5] lib/util.c:342(show_msg) > size=118 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=50944 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8192 (0x2000) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 256 (0x100) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]=17408 (0x4400) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 768 (0x300) > smb_bcc=35 >[2012/11/09 16:29:16.385964, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.385986, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.386011, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/ps5ui.dll" >[2012/11/09 16:29:16.386036, 5] smbd/filename.c:416(unix_convert) > unix_convert begin: name = x64/3/ps5ui.dll, dirpath = x64/3, start = ps5ui.dll >[2012/11/09 16:29:16.386060, 5] smbd/statcache.c:143(stat_cache_add) > stat_cache_add: Added entry (7fa2eacb9bf0:size f) X64/3/PS5UI.DLL -> x64/3/ps5ui.dll >[2012/11/09 16:29:16.386079, 5] smbd/filename.c:439(unix_convert) > conversion of base_name finished x64/3/ps5ui.dll -> x64/3/ps5ui.dll >[2012/11/09 16:29:16.386098, 3] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [x64/3/ps5ui.dll] [/var/lib/samba/drivers] >[2012/11/09 16:29:16.386127, 3] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: x64/3/ps5ui.dll reduced to /var/lib/samba/drivers/x64/3/ps5ui.dll >[2012/11/09 16:29:16.386151, 5] smbd/files.c:140(file_new) > allocated file structure 4118, fnum = 8214 (4 used) >[2012/11/09 16:29:16.386175, 3] smbd/dosmode.c:159(unix_mode) > unix_mode(x64/3/ps5ui.dll) returning 0664 >[2012/11/09 16:29:16.386195, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/ps5ui.dll >[2012/11/09 16:29:16.386214, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.386232, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.386265, 4] smbd/open.c:2065(open_file_ntcreate) > calling open_file with flags=0x0 flags2=0x0 mode=0664, access_mask = 0x20089, open_access_mask = 0x20089 >[2012/11/09 16:29:16.386292, 2] smbd/open.c:704(open_file) > BROSE+pfoerfr opened file x64/3/ps5ui.dll read=Yes write=No (numopen=2) >[2012/11/09 16:29:16.386317, 3] smbd/oplock_linux.c:135(linux_set_kernel_oplock) > linux_set_kernel_oplock: Refused oplock on file x64/3/ps5ui.dll, fd = 33, file_id = fd02:e12:0. (Keine Berechtigung) >[2012/11/09 16:29:16.386357, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/ps5ui.dll >[2012/11/09 16:29:16.386379, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.386405, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.386475, 5] smbd/nttrans.c:725(reply_ntcreate_and_X) > reply_ntcreate_and_X: fnum = 8214, open name = x64/3/ps5ui.dll >[2012/11/09 16:29:16.387482, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x48 >[2012/11/09 16:29:16.387527, 3] smbd/process.c:1662(process_smb) > Transaction 47 of length 76 (0 toread) >[2012/11/09 16:29:16.387550, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.387561, 5] lib/util.c:342(show_msg) > size=72 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=51008 > smt_wct=15 > smb_vwv[ 0]= 4 (0x4) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 2 (0x2) > smb_vwv[ 3]= 8 (0x8) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 4 (0x4) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 7 (0x7) > smb_bcc=7 >[2012/11/09 16:29:16.387761, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.387780, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.387801, 3] smbd/trans2.c:5026(call_trans2qfilepathinfo) > call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 1006 >[2012/11/09 16:29:16.387827, 3] smbd/trans2.c:5255(call_trans2qfilepathinfo) > call_trans2qfilepathinfo x64/3/ps5ui.dll (fnum = 8214) level=1006 call=7 total_data=0 >[2012/11/09 16:29:16.387863, 5] smbd/trans2.c:4223(smbd_do_qfilepathinfo) > smbd_do_qfilepathinfo: x64/3/ps5ui.dll (fnum = 8214) level=1006 max_data=8 >[2012/11/09 16:29:16.387886, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/ps5ui.dll >[2012/11/09 16:29:16.387905, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.387924, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.387946, 9] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 2, data_sent_thistime = 8, useable_space = 131010 >[2012/11/09 16:29:16.387965, 9] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 2, data_to_send = 8, paramsize = 2, datasize = 8 >[2012/11/09 16:29:16.387984, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.387995, 5] lib/util.c:342(show_msg) > size=68 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=51008 > smt_wct=10 > smb_vwv[ 0]= 2 (0x2) > smb_vwv[ 1]= 8 (0x8) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 2 (0x2) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 8 (0x8) > smb_vwv[ 7]= 60 (0x3C) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=13 >[2012/11/09 16:29:16.389357, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x48 >[2012/11/09 16:29:16.389401, 3] smbd/process.c:1662(process_smb) > Transaction 48 of length 76 (0 toread) >[2012/11/09 16:29:16.389433, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.389452, 5] lib/util.c:342(show_msg) > size=72 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=51072 > smt_wct=15 > smb_vwv[ 0]= 4 (0x4) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 2 (0x2) > smb_vwv[ 3]= 24 (0x18) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 4 (0x4) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 7 (0x7) > smb_bcc=7 >[2012/11/09 16:29:16.389757, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.389789, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.389821, 3] smbd/trans2.c:5026(call_trans2qfilepathinfo) > call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 1005 >[2012/11/09 16:29:16.389861, 3] smbd/trans2.c:5255(call_trans2qfilepathinfo) > call_trans2qfilepathinfo x64/3/ps5ui.dll (fnum = 8214) level=1005 call=7 total_data=0 >[2012/11/09 16:29:16.389896, 5] smbd/trans2.c:4223(smbd_do_qfilepathinfo) > smbd_do_qfilepathinfo: x64/3/ps5ui.dll (fnum = 8214) level=1005 max_data=24 >[2012/11/09 16:29:16.389927, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/ps5ui.dll >[2012/11/09 16:29:16.389958, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.389987, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.390021, 9] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 2, data_sent_thistime = 24, useable_space = 131010 >[2012/11/09 16:29:16.390053, 9] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 2, data_to_send = 24, paramsize = 2, datasize = 24 >[2012/11/09 16:29:16.390083, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.390101, 5] lib/util.c:342(show_msg) > size=84 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=51072 > smt_wct=10 > smb_vwv[ 0]= 2 (0x2) > smb_vwv[ 1]= 24 (0x18) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 2 (0x2) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 24 (0x18) > smb_vwv[ 7]= 60 (0x3C) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=29 >[2012/11/09 16:29:16.391811, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x7c >[2012/11/09 16:29:16.391862, 3] smbd/process.c:1662(process_smb) > Transaction 49 of length 128 (0 toread) >[2012/11/09 16:29:16.391886, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.391897, 5] lib/util.c:342(show_msg) > size=124 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=51136 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 9728 (0x2600) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 256 (0x100) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]=17408 (0x4400) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 768 (0x300) > smb_bcc=41 >[2012/11/09 16:29:16.392157, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.392177, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.392200, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/yyyp0708.ppd" >[2012/11/09 16:29:16.392224, 5] smbd/filename.c:416(unix_convert) > unix_convert begin: name = x64/3/yyyp0708.ppd, dirpath = x64/3, start = yyyp0708.ppd >[2012/11/09 16:29:16.392250, 5] smbd/statcache.c:143(stat_cache_add) > stat_cache_add: Added entry (7fa2eaca50a0:size 12) X64/3/YYYP0708.PPD -> x64/3/yyyp0708.ppd >[2012/11/09 16:29:16.392271, 5] smbd/filename.c:439(unix_convert) > conversion of base_name finished x64/3/yyyp0708.ppd -> x64/3/yyyp0708.ppd >[2012/11/09 16:29:16.392290, 3] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [x64/3/yyyp0708.ppd] [/var/lib/samba/drivers] >[2012/11/09 16:29:16.392316, 3] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: x64/3/yyyp0708.ppd reduced to /var/lib/samba/drivers/x64/3/yyyp0708.ppd >[2012/11/09 16:29:16.392338, 5] smbd/files.c:140(file_new) > allocated file structure 4119, fnum = 8215 (5 used) >[2012/11/09 16:29:16.392361, 3] smbd/dosmode.c:159(unix_mode) > unix_mode(x64/3/yyyp0708.ppd) returning 0664 >[2012/11/09 16:29:16.392381, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/yyyp0708.ppd >[2012/11/09 16:29:16.392401, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.392419, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.392451, 4] smbd/open.c:2065(open_file_ntcreate) > calling open_file with flags=0x0 flags2=0x0 mode=0664, access_mask = 0x20089, open_access_mask = 0x20089 >[2012/11/09 16:29:16.392502, 2] smbd/open.c:704(open_file) > BROSE+pfoerfr opened file x64/3/yyyp0708.ppd read=Yes write=No (numopen=3) >[2012/11/09 16:29:16.392527, 3] smbd/oplock_linux.c:135(linux_set_kernel_oplock) > linux_set_kernel_oplock: Refused oplock on file x64/3/yyyp0708.ppd, fd = 34, file_id = fd02:e18:0. (Keine Berechtigung) >[2012/11/09 16:29:16.392562, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/yyyp0708.ppd >[2012/11/09 16:29:16.392585, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.392604, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.392653, 5] smbd/nttrans.c:725(reply_ntcreate_and_X) > reply_ntcreate_and_X: fnum = 8215, open name = x64/3/yyyp0708.ppd >[2012/11/09 16:29:16.392691, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:16.392715, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:16.392734, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:16.392768, 5] smbd/uid.c:400(change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) >[2012/11/09 16:29:16.394151, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x48 >[2012/11/09 16:29:16.394202, 3] smbd/process.c:1662(process_smb) > Transaction 50 of length 76 (0 toread) >[2012/11/09 16:29:16.394237, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.394258, 5] lib/util.c:342(show_msg) > size=72 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=51200 > smt_wct=15 > smb_vwv[ 0]= 4 (0x4) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 2 (0x2) > smb_vwv[ 3]= 8 (0x8) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 4 (0x4) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 7 (0x7) > smb_bcc=7 >[2012/11/09 16:29:16.394602, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.394645, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (10000, 71) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:16.394683, 5] ../libcli/security/security_token.c:63(security_token_debug) > Security token SIDs (811): > SID[ 0]: S-1-5-21-160562036-3150058255-2134394716-19743 > SID[ 1]: S-1-22-2-71 > SID[ 2]: S-1-5-21-160562036-3150058255-2134394716-334230 > SID[ 3]: S-1-5-21-160562036-3150058255-2134394716-23353 > SID[ 4]: S-1-5-21-160562036-3150058255-2134394716-304793 > SID[ 5]: S-1-5-21-160562036-3150058255-2134394716-269408 > SID[ 6]: S-1-5-21-160562036-3150058255-2134394716-50420 > SID[ 7]: S-1-5-21-160562036-3150058255-2134394716-113634 > SID[ 8]: S-1-5-21-160562036-3150058255-2134394716-113662 > SID[ 9]: S-1-5-21-160562036-3150058255-2134394716-260755 > SID[ 10]: S-1-5-21-160562036-3150058255-2134394716-288770 > SID[ 11]: S-1-5-21-160562036-3150058255-2134394716-67892 > SID[ 12]: S-1-5-21-160562036-3150058255-2134394716-20800 > SID[ 13]: S-1-5-21-160562036-3150058255-2134394716-269744 > SID[ 14]: S-1-5-21-160562036-3150058255-2134394716-63803 > SID[ 15]: S-1-5-21-160562036-3150058255-2134394716-360934 > SID[ 16]: S-1-5-21-160562036-3150058255-2134394716-421750 > SID[ 17]: S-1-5-21-160562036-3150058255-2134394716-294313 > SID[ 18]: S-1-5-21-160562036-3150058255-2134394716-109619 > SID[ 19]: S-1-5-21-160562036-3150058255-2134394716-13623 > SID[ 20]: S-1-5-21-160562036-3150058255-2134394716-113660 > SID[ 21]: S-1-5-21-160562036-3150058255-2134394716-13846 > SID[ 22]: S-1-5-21-160562036-3150058255-2134394716-351693 > SID[ 23]: S-1-5-21-160562036-3150058255-2134394716-56178 > SID[ 24]: S-1-5-21-160562036-3150058255-2134394716-268914 > SID[ 25]: S-1-5-21-160562036-3150058255-2134394716-276389 > SID[ 26]: S-1-5-21-160562036-3150058255-2134394716-294265 > SID[ 27]: S-1-5-21-160562036-3150058255-2134394716-289050 > SID[ 28]: S-1-5-21-160562036-3150058255-2134394716-284074 > SID[ 29]: S-1-5-21-160562036-3150058255-2134394716-353623 > SID[ 30]: S-1-5-21-160562036-3150058255-2134394716-60632 > SID[ 31]: S-1-5-21-160562036-3150058255-2134394716-299617 > SID[ 32]: S-1-5-21-160562036-3150058255-2134394716-269875 > SID[ 33]: S-1-5-21-160562036-3150058255-2134394716-260777 > SID[ 34]: S-1-5-21-160562036-3150058255-2134394716-72011 > SID[ 35]: S-1-5-21-160562036-3150058255-2134394716-56174 > SID[ 36]: S-1-5-21-160562036-3150058255-2134394716-294145 > SID[ 37]: S-1-5-21-160562036-3150058255-2134394716-46643 > SID[ 38]: S-1-5-21-160562036-3150058255-2134394716-110684 > SID[ 39]: S-1-5-21-160562036-3150058255-2134394716-69476 > SID[ 40]: S-1-5-21-160562036-3150058255-2134394716-354438 > SID[ 41]: S-1-5-21-160562036-3150058255-2134394716-288215 > SID[ 42]: S-1-5-21-160562036-3150058255-2134394716-418124 > SID[ 43]: S-1-5-21-160562036-3150058255-2134394716-32947 > SID[ 44]: S-1-5-21-160562036-3150058255-2134394716-373447 > SID[ 45]: S-1-5-21-160562036-3150058255-2134394716-21119 > SID[ 46]: S-1-5-21-160562036-3150058255-2134394716-254283 > SID[ 47]: S-1-5-21-160562036-3150058255-2134394716-21918 > SID[ 48]: S-1-5-21-160562036-3150058255-2134394716-268915 > SID[ 49]: S-1-5-21-160562036-3150058255-2134394716-267093 > SID[ 50]: S-1-5-21-160562036-3150058255-2134394716-340888 > SID[ 51]: S-1-5-21-160562036-3150058255-2134394716-294363 > SID[ 52]: S-1-5-21-160562036-3150058255-2134394716-414620 > SID[ 53]: S-1-5-21-160562036-3150058255-2134394716-260959 > SID[ 54]: S-1-5-21-160562036-3150058255-2134394716-56176 > SID[ 55]: S-1-5-21-160562036-3150058255-2134394716-373472 > SID[ 56]: S-1-5-21-160562036-3150058255-2134394716-294492 > SID[ 57]: S-1-5-21-160562036-3150058255-2134394716-373554 > SID[ 58]: S-1-5-21-160562036-3150058255-2134394716-104382 > SID[ 59]: S-1-5-21-160562036-3150058255-2134394716-294361 > SID[ 60]: S-1-5-21-160562036-3150058255-2134394716-245149 > SID[ 61]: S-1-5-21-160562036-3150058255-2134394716-32807 > SID[ 62]: S-1-5-21-160562036-3150058255-2134394716-63805 > SID[ 63]: S-1-5-21-160562036-3150058255-2134394716-290135 > SID[ 64]: S-1-5-21-160562036-3150058255-2134394716-248439 > SID[ 65]: S-1-5-21-160562036-3150058255-2134394716-58745 > SID[ 66]: S-1-5-21-160562036-3150058255-2134394716-288316 > SID[ 67]: S-1-5-21-160562036-3150058255-2134394716-373441 > SID[ 68]: S-1-5-21-160562036-3150058255-2134394716-268916 > SID[ 69]: S-1-5-21-160562036-3150058255-2134394716-17597 > SID[ 70]: S-1-5-21-160562036-3150058255-2134394716-113654 > SID[ 71]: S-1-5-21-160562036-3150058255-2134394716-304050 > SID[ 72]: S-1-5-21-160562036-3150058255-2134394716-112626 > SID[ 73]: S-1-5-21-160562036-3150058255-2134394716-360946 > SID[ 74]: S-1-5-21-160562036-3150058255-2134394716-1116 > SID[ 75]: S-1-5-21-160562036-3150058255-2134394716-294490 > SID[ 76]: S-1-5-21-160562036-3150058255-2134394716-373442 > SID[ 77]: S-1-5-21-160562036-3150058255-2134394716-402137 > SID[ 78]: S-1-5-21-160562036-3150058255-2134394716-373470 > SID[ 79]: S-1-5-21-160562036-3150058255-2134394716-284963 > SID[ 80]: S-1-5-21-160562036-3150058255-2134394716-21963 > SID[ 81]: S-1-5-21-160562036-3150058255-2134394716-373556 > SID[ 82]: S-1-5-21-160562036-3150058255-2134394716-351504 > SID[ 83]: S-1-5-21-160562036-3150058255-2134394716-360382 > SID[ 84]: S-1-5-21-160562036-3150058255-2134394716-266966 > SID[ 85]: S-1-5-21-160562036-3150058255-2134394716-63797 > SID[ 86]: S-1-5-21-160562036-3150058255-2134394716-31306 > SID[ 87]: S-1-5-21-160562036-3150058255-2134394716-420969 > SID[ 88]: S-1-5-21-160562036-3150058255-2134394716-58439 > SID[ 89]: S-1-5-21-160562036-3150058255-2134394716-351240 > SID[ 90]: S-1-5-21-160562036-3150058255-2134394716-290160 > SID[ 91]: S-1-5-21-160562036-3150058255-2134394716-335340 > SID[ 92]: S-1-5-21-160562036-3150058255-2134394716-32819 > SID[ 93]: S-1-5-21-160562036-3150058255-2134394716-63801 > SID[ 94]: S-1-5-21-160562036-3150058255-2134394716-53171 > SID[ 95]: S-1-5-21-160562036-3150058255-2134394716-294243 > SID[ 96]: S-1-5-21-160562036-3150058255-2134394716-350032 > SID[ 97]: S-1-5-21-160562036-3150058255-2134394716-63737 > SID[ 98]: S-1-5-21-160562036-3150058255-2134394716-13863 > SID[ 99]: S-1-5-21-160562036-3150058255-2134394716-351719 > SID[100]: S-1-5-21-160562036-3150058255-2134394716-56165 > SID[101]: S-1-5-21-160562036-3150058255-2134394716-113646 > SID[102]: S-1-5-21-160562036-3150058255-2134394716-430811 > SID[103]: S-1-5-21-160562036-3150058255-2134394716-284081 > SID[104]: S-1-5-21-160562036-3150058255-2134394716-256696 > SID[105]: S-1-5-21-160562036-3150058255-2134394716-416414 > SID[106]: S-1-5-21-160562036-3150058255-2134394716-49609 > SID[107]: S-1-5-21-160562036-3150058255-2134394716-377791 > SID[108]: S-1-5-21-160562036-3150058255-2134394716-32821 > SID[109]: S-1-5-21-160562036-3150058255-2134394716-359223 > SID[110]: S-1-5-21-160562036-3150058255-2134394716-284091 > SID[111]: S-1-5-21-160562036-3150058255-2134394716-433713 > SID[112]: S-1-5-21-160562036-3150058255-2134394716-33100 > SID[113]: S-1-5-21-160562036-3150058255-2134394716-416203 > SID[114]: S-1-5-21-160562036-3150058255-2134394716-317007 > SID[115]: S-1-5-21-160562036-3150058255-2134394716-69542 > SID[116]: S-1-5-21-160562036-3150058255-2134394716-268918 > SID[117]: S-1-5-21-160562036-3150058255-2134394716-69428 > SID[118]: S-1-5-21-160562036-3150058255-2134394716-316764 > SID[119]: S-1-5-21-160562036-3150058255-2134394716-55705 > SID[120]: S-1-5-21-160562036-3150058255-2134394716-291229 > SID[121]: S-1-5-21-160562036-3150058255-2134394716-250116 > SID[122]: S-1-5-21-160562036-3150058255-2134394716-294315 > SID[123]: S-1-5-21-160562036-3150058255-2134394716-402469 > SID[124]: S-1-5-21-160562036-3150058255-2134394716-256697 > SID[125]: S-1-5-21-160562036-3150058255-2134394716-418438 > SID[126]: S-1-5-21-160562036-3150058255-2134394716-435652 > SID[127]: S-1-5-21-160562036-3150058255-2134394716-45010 > SID[128]: S-1-5-21-160562036-3150058255-2134394716-322368 > SID[129]: S-1-5-21-160562036-3150058255-2134394716-267090 > SID[130]: S-1-5-21-160562036-3150058255-2134394716-32825 > SID[131]: S-1-5-21-160562036-3150058255-2134394716-35099 > SID[132]: S-1-5-21-160562036-3150058255-2134394716-56157 > SID[133]: S-1-5-21-160562036-3150058255-2134394716-113648 > SID[134]: S-1-5-21-160562036-3150058255-2134394716-55709 > SID[135]: S-1-5-21-160562036-3150058255-2134394716-108789 > SID[136]: S-1-5-21-160562036-3150058255-2134394716-56159 > SID[137]: S-1-5-21-160562036-3150058255-2134394716-268919 > SID[138]: S-1-5-21-160562036-3150058255-2134394716-245147 > SID[139]: S-1-5-21-160562036-3150058255-2134394716-430693 > SID[140]: S-1-5-21-160562036-3150058255-2134394716-289617 > SID[141]: S-1-5-21-160562036-3150058255-2134394716-373445 > SID[142]: S-1-5-21-160562036-3150058255-2134394716-14282 > SID[143]: S-1-5-21-160562036-3150058255-2134394716-433712 > SID[144]: S-1-5-21-160562036-3150058255-2134394716-59232 > SID[145]: S-1-5-21-160562036-3150058255-2134394716-33429 > SID[146]: S-1-5-21-160562036-3150058255-2134394716-437634 > SID[147]: S-1-5-21-160562036-3150058255-2134394716-23354 > SID[148]: S-1-5-21-160562036-3150058255-2134394716-113636 > SID[149]: S-1-5-21-160562036-3150058255-2134394716-63799 > SID[150]: S-1-5-21-160562036-3150058255-2134394716-261009 > SID[151]: S-1-5-21-160562036-3150058255-2134394716-290498 > SID[152]: S-1-5-21-160562036-3150058255-2134394716-375928 > SID[153]: S-1-5-21-160562036-3150058255-2134394716-276407 > SID[154]: S-1-5-21-160562036-3150058255-2134394716-357401 > SID[155]: S-1-5-21-160562036-3150058255-2134394716-357385 > SID[156]: S-1-5-21-160562036-3150058255-2134394716-269404 > SID[157]: S-1-5-21-160562036-3150058255-2134394716-67790 > SID[158]: S-1-5-21-160562036-3150058255-2134394716-392120 > SID[159]: S-1-5-21-160562036-3150058255-2134394716-276395 > SID[160]: S-1-5-21-160562036-3150058255-2134394716-113343 > SID[161]: S-1-5-21-160562036-3150058255-2134394716-56172 > SID[162]: S-1-5-21-160562036-3150058255-2134394716-402467 > SID[163]: S-1-5-21-160562036-3150058255-2134394716-293007 > SID[164]: S-1-5-21-160562036-3150058255-2134394716-427942 > SID[165]: S-1-5-21-160562036-3150058255-2134394716-373529 > SID[166]: S-1-5-21-160562036-3150058255-2134394716-263163 > SID[167]: S-1-5-21-160562036-3150058255-2134394716-64111 > SID[168]: S-1-5-21-160562036-3150058255-2134394716-266852 > SID[169]: S-1-5-21-160562036-3150058255-2134394716-357892 > SID[170]: S-1-5-21-160562036-3150058255-2134394716-104429 > SID[171]: S-1-5-21-160562036-3150058255-2134394716-32813 > SID[172]: S-1-5-21-160562036-3150058255-2134394716-360722 > SID[173]: S-1-5-21-160562036-3150058255-2134394716-284092 > SID[174]: S-1-5-21-160562036-3150058255-2134394716-289619 > SID[175]: S-1-5-21-160562036-3150058255-2134394716-369316 > SID[176]: S-1-5-21-160562036-3150058255-2134394716-49542 > SID[177]: S-1-5-21-160562036-3150058255-2134394716-329659 > SID[178]: S-1-5-21-160562036-3150058255-2134394716-32809 > SID[179]: S-1-5-21-160562036-3150058255-2134394716-108767 > SID[180]: S-1-5-21-160562036-3150058255-2134394716-305399 > SID[181]: S-1-5-21-160562036-3150058255-2134394716-263161 > SID[182]: S-1-5-21-160562036-3150058255-2134394716-314050 > SID[183]: S-1-5-21-160562036-3150058255-2134394716-31001 > SID[184]: S-1-5-21-160562036-3150058255-2134394716-279682 > SID[185]: S-1-5-21-160562036-3150058255-2134394716-294147 > SID[186]: S-1-5-21-160562036-3150058255-2134394716-56163 > SID[187]: S-1-5-21-160562036-3150058255-2134394716-285751 > SID[188]: S-1-5-21-160562036-3150058255-2134394716-21723 > SID[189]: S-1-5-21-160562036-3150058255-2134394716-8332 > SID[190]: S-1-5-21-160562036-3150058255-2134394716-32827 > SID[191]: S-1-5-21-160562036-3150058255-2134394716-256460 > SID[192]: S-1-5-21-160562036-3150058255-2134394716-256183 > SID[193]: S-1-5-21-160562036-3150058255-2134394716-300424 > SID[194]: S-1-5-21-160562036-3150058255-2134394716-55677 > SID[195]: S-1-5-21-160562036-3150058255-2134394716-253145 > SID[196]: S-1-5-21-160562036-3150058255-2134394716-63804 > SID[197]: S-1-5-21-160562036-3150058255-2134394716-358866 > SID[198]: S-1-5-21-160562036-3150058255-2134394716-32823 > SID[199]: S-1-5-21-160562036-3150058255-2134394716-276620 > SID[200]: S-1-5-21-160562036-3150058255-2134394716-361940 > SID[201]: S-1-5-21-160562036-3150058255-2134394716-49274 > SID[202]: S-1-5-21-160562036-3150058255-2134394716-402177 > SID[203]: S-1-5-21-160562036-3150058255-2134394716-252230 > SID[204]: S-1-5-21-160562036-3150058255-2134394716-321100 > SID[205]: S-1-5-21-160562036-3150058255-2134394716-20801 > SID[206]: S-1-5-21-160562036-3150058255-2134394716-276621 > SID[207]: S-1-5-21-160562036-3150058255-2134394716-252010 > SID[208]: S-1-5-21-160562036-3150058255-2134394716-292766 > SID[209]: S-1-5-21-160562036-3150058255-2134394716-37331 > SID[210]: S-1-5-21-160562036-3150058255-2134394716-260776 > SID[211]: S-1-5-21-160562036-3150058255-2134394716-386708 > SID[212]: S-1-5-21-160562036-3150058255-2134394716-374616 > SID[213]: S-1-5-21-160562036-3150058255-2134394716-21084 > SID[214]: S-1-5-21-160562036-3150058255-2134394716-294267 > SID[215]: S-1-5-21-160562036-3150058255-2134394716-63802 > SID[216]: S-1-5-21-160562036-3150058255-2134394716-31186 > SID[217]: S-1-5-21-160562036-3150058255-2134394716-105575 > SID[218]: S-1-5-21-160562036-3150058255-2134394716-361874 > SID[219]: S-1-5-21-160562036-3150058255-2134394716-360362 > SID[220]: S-1-5-21-160562036-3150058255-2134394716-357734 > SID[221]: S-1-5-21-160562036-3150058255-2134394716-294241 > SID[222]: S-1-5-21-160562036-3150058255-2134394716-251778 > SID[223]: S-1-5-21-160562036-3150058255-2134394716-49510 > SID[224]: S-1-5-21-160562036-3150058255-2134394716-35015 > SID[225]: S-1-5-21-160562036-3150058255-2134394716-20749 > SID[226]: S-1-5-21-160562036-3150058255-2134394716-294291 > SID[227]: S-1-5-21-160562036-3150058255-2134394716-254469 > SID[228]: S-1-5-21-160562036-3150058255-2134394716-247296 > SID[229]: S-1-5-21-160562036-3150058255-2134394716-63798 > SID[230]: S-1-5-21-160562036-3150058255-2134394716-59035 > SID[231]: S-1-5-21-160562036-3150058255-2134394716-430331 > SID[232]: S-1-5-21-160562036-3150058255-2134394716-21301 > SID[233]: S-1-5-21-160562036-3150058255-2134394716-55627 > SID[234]: S-1-5-21-160562036-3150058255-2134394716-32815 > SID[235]: S-1-5-21-160562036-3150058255-2134394716-277164 > SID[236]: S-1-5-21-160562036-3150058255-2134394716-21552 > SID[237]: S-1-5-21-160562036-3150058255-2134394716-56622 > SID[238]: S-1-5-21-160562036-3150058255-2134394716-37315 > SID[239]: S-1-5-21-160562036-3150058255-2134394716-334225 > SID[240]: S-1-5-21-160562036-3150058255-2134394716-338141 > SID[241]: S-1-5-21-160562036-3150058255-2134394716-246169 > SID[242]: S-1-5-21-160562036-3150058255-2134394716-297835 > SID[243]: S-1-5-21-160562036-3150058255-2134394716-353615 > SID[244]: S-1-5-21-160562036-3150058255-2134394716-322371 > SID[245]: S-1-5-21-160562036-3150058255-2134394716-63235 > SID[246]: S-1-5-21-160562036-3150058255-2134394716-266849 > SID[247]: S-1-5-21-160562036-3150058255-2134394716-293998 > SID[248]: S-1-5-21-160562036-3150058255-2134394716-433714 > SID[249]: S-1-5-21-160562036-3150058255-2134394716-107694 > SID[250]: S-1-5-21-160562036-3150058255-2134394716-288317 > SID[251]: S-1-5-21-160562036-3150058255-2134394716-44135 > SID[252]: S-1-5-21-160562036-3150058255-2134394716-290560 > SID[253]: S-1-5-21-160562036-3150058255-2134394716-322681 > SID[254]: S-1-5-21-160562036-3150058255-2134394716-283109 > SID[255]: S-1-5-21-160562036-3150058255-2134394716-357879 > SID[256]: S-1-5-21-160562036-3150058255-2134394716-289046 > SID[257]: S-1-5-21-160562036-3150058255-2134394716-32803 > SID[258]: S-1-5-21-160562036-3150058255-2134394716-343968 > SID[259]: S-1-5-21-160562036-3150058255-2134394716-50792 > SID[260]: S-1-5-21-160562036-3150058255-2134394716-50518 > SID[261]: S-1-5-21-160562036-3150058255-2134394716-37238 > SID[262]: S-1-5-21-160562036-3150058255-2134394716-360465 > SID[263]: S-1-5-21-160562036-3150058255-2134394716-366652 > SID[264]: S-1-5-21-160562036-3150058255-2134394716-294094 > SID[265]: S-1-5-21-160562036-3150058255-2134394716-288540 > SID[266]: S-1-5-21-160562036-3150058255-2134394716-297984 > SID[267]: S-1-5-21-160562036-3150058255-2134394716-276427 > SID[268]: S-1-5-21-160562036-3150058255-2134394716-333792 > SID[269]: S-1-5-21-160562036-3150058255-2134394716-427342 > SID[270]: S-1-5-21-160562036-3150058255-2134394716-333794 > SID[271]: S-1-5-21-160562036-3150058255-2134394716-290460 > SID[272]: S-1-5-21-160562036-3150058255-2134394716-294091 > SID[273]: S-1-5-21-160562036-3150058255-2134394716-333793 > SID[274]: S-1-5-21-160562036-3150058255-2134394716-338207 > SID[275]: S-1-5-21-160562036-3150058255-2134394716-409571 > SID[276]: S-1-5-21-160562036-3150058255-2134394716-294054 > SID[277]: S-1-5-21-160562036-3150058255-2134394716-30854 > SID[278]: S-1-5-21-160562036-3150058255-2134394716-288547 > SID[279]: S-1-5-21-160562036-3150058255-2134394716-365347 > SID[280]: S-1-5-21-6776287-465249537-1446904402-4108 > SID[281]: S-1-5-21-160562036-3150058255-2134394716-58230 > SID[282]: S-1-5-21-160562036-3150058255-2134394716-357400 > SID[283]: S-1-5-21-160562036-3150058255-2134394716-343966 > SID[284]: S-1-5-21-160562036-3150058255-2134394716-104268 > SID[285]: S-1-5-21-160562036-3150058255-2134394716-334228 > SID[286]: S-1-5-21-160562036-3150058255-2134394716-357384 > SID[287]: S-1-5-21-160562036-3150058255-2134394716-64500 > SID[288]: S-1-5-21-160562036-3150058255-2134394716-291227 > SID[289]: S-1-5-21-160562036-3150058255-2134394716-62708 > SID[290]: S-1-5-21-160562036-3150058255-2134394716-266847 > SID[291]: S-1-5-21-160562036-3150058255-2134394716-313857 > SID[292]: S-1-5-21-160562036-3150058255-2134394716-350031 > SID[293]: S-1-5-21-160562036-3150058255-2134394716-373448 > SID[294]: S-1-5-21-160562036-3150058255-2134394716-420970 > SID[295]: S-1-5-21-160562036-3150058255-2134394716-351238 > SID[296]: S-1-5-21-160562036-3150058255-2134394716-11861 > SID[297]: S-1-5-21-160562036-3150058255-2134394716-353613 > SID[298]: S-1-5-21-160562036-3150058255-2134394716-322679 > SID[299]: S-1-5-21-160562036-3150058255-2134394716-253148 > SID[300]: S-1-5-21-160562036-3150058255-2134394716-277162 > SID[301]: S-1-5-21-160562036-3150058255-2134394716-304048 > SID[302]: S-1-5-21-160562036-3150058255-2134394716-288768 > SID[303]: S-1-5-21-160562036-3150058255-2134394716-62920 > SID[304]: S-1-5-21-160562036-3150058255-2134394716-62814 > SID[305]: S-1-5-21-160562036-3150058255-2134394716-338139 > SID[306]: S-1-5-21-160562036-3150058255-2134394716-266850 > SID[307]: S-1-5-21-160562036-3150058255-2134394716-74038 > SID[308]: S-1-5-21-160562036-3150058255-2134394716-62715 > SID[309]: S-1-5-21-160562036-3150058255-2134394716-357877 > SID[310]: S-1-5-21-160562036-3150058255-2134394716-252117 > SID[311]: S-1-5-21-160562036-3150058255-2134394716-322372 > SID[312]: S-1-5-21-160562036-3150058255-2134394716-65121 > SID[313]: S-1-5-21-160562036-3150058255-2134394716-62711 > SID[314]: S-1-5-21-160562036-3150058255-2134394716-267091 > SID[315]: S-1-5-21-160562036-3150058255-2134394716-24652 > SID[316]: S-1-5-21-160562036-3150058255-2134394716-360933 > SID[317]: S-1-5-21-160562036-3150058255-2134394716-354437 > SID[318]: S-1-5-21-160562036-3150058255-2134394716-249119 > SID[319]: S-1-5-21-160562036-3150058255-2134394716-248731 > SID[320]: S-1-5-21-160562036-3150058255-2134394716-64215 > SID[321]: S-1-5-21-160562036-3150058255-2134394716-373475 > SID[322]: S-1-5-21-160562036-3150058255-2134394716-250664 > SID[323]: S-1-5-21-160562036-3150058255-2134394716-267088 > SID[324]: S-1-5-21-160562036-3150058255-2134394716-50311 > SID[325]: S-1-5-21-160562036-3150058255-2134394716-62644 > SID[326]: S-1-5-21-160562036-3150058255-2134394716-69148 > SID[327]: S-1-5-21-160562036-3150058255-2134394716-360380 > SID[328]: S-1-5-21-160562036-3150058255-2134394716-52124 > SID[329]: S-1-5-21-160562036-3150058255-2134394716-351502 > SID[330]: S-1-5-21-160562036-3150058255-2134394716-317005 > SID[331]: S-1-5-21-160562036-3150058255-2134394716-62713 > SID[332]: S-1-5-21-160562036-3150058255-2134394716-313855 > SID[333]: S-1-5-21-160562036-3150058255-2134394716-53143 > SID[334]: S-1-5-21-160562036-3150058255-2134394716-349705 > SID[335]: S-1-5-21-160562036-3150058255-2134394716-357732 > SID[336]: S-1-5-21-160562036-3150058255-2134394716-402142 > SID[337]: S-1-5-21-160562036-3150058255-2134394716-50421 > SID[338]: S-1-5-21-160562036-3150058255-2134394716-357890 > SID[339]: S-1-5-21-160562036-3150058255-2134394716-416413 > SID[340]: S-1-5-21-160562036-3150058255-2134394716-255117 > SID[341]: S-1-5-21-160562036-3150058255-2134394716-73891 > SID[342]: S-1-5-21-160562036-3150058255-2134394716-377792 > SID[343]: S-1-5-21-160562036-3150058255-2134394716-63081 > SID[344]: S-1-5-21-160562036-3150058255-2134394716-386707 > SID[345]: S-1-5-21-160562036-3150058255-2134394716-64112 > SID[346]: S-1-5-21-160562036-3150058255-2134394716-256555 > SID[347]: S-1-5-21-160562036-3150058255-2134394716-361939 > SID[348]: S-1-5-21-160562036-3150058255-2134394716-62709 > SID[349]: S-1-5-21-160562036-3150058255-2134394716-248759 > SID[350]: S-1-5-21-160562036-3150058255-2134394716-359221 > SID[351]: S-1-5-21-160562036-3150058255-2134394716-310730 > SID[352]: S-1-5-21-160562036-3150058255-2134394716-109617 > SID[353]: S-1-5-21-160562036-3150058255-2134394716-60474 > SID[354]: S-1-5-21-160562036-3150058255-2134394716-402472 > SID[355]: S-1-5-21-160562036-3150058255-2134394716-55679 > SID[356]: S-1-5-21-160562036-3150058255-2134394716-69153 > SID[357]: S-1-5-21-160562036-3150058255-2134394716-22265 > SID[358]: S-1-5-21-160562036-3150058255-2134394716-423112 > SID[359]: S-1-5-21-160562036-3150058255-2134394716-289044 > SID[360]: S-1-5-21-160562036-3150058255-2134394716-67791 > SID[361]: S-1-5-21-160562036-3150058255-2134394716-69156 > SID[362]: S-1-5-21-160562036-3150058255-2134394716-62712 > SID[363]: S-1-5-21-160562036-3150058255-2134394716-360721 > SID[364]: S-1-5-21-160562036-3150058255-2134394716-435651 > SID[365]: S-1-5-21-160562036-3150058255-2134394716-69149 > SID[366]: S-1-5-21-160562036-3150058255-2134394716-73730 > SID[367]: S-1-5-21-160562036-3150058255-2134394716-243660 > SID[368]: S-1-5-21-160562036-3150058255-2134394716-104280 > SID[369]: S-1-5-21-160562036-3150058255-2134394716-430692 > SID[370]: S-1-5-21-160562036-3150058255-2134394716-256558 > SID[371]: S-1-5-21-160562036-3150058255-2134394716-54515 > SID[372]: S-1-5-21-160562036-3150058255-2134394716-334223 > SID[373]: S-1-5-21-160562036-3150058255-2134394716-304790 > SID[374]: S-1-5-21-160562036-3150058255-2134394716-373528 > SID[375]: S-1-5-21-160562036-3150058255-2134394716-375927 > SID[376]: S-1-5-21-160562036-3150058255-2134394716-74039 > SID[377]: S-1-5-21-160562036-3150058255-2134394716-62781 > SID[378]: S-1-5-21-160562036-3150058255-2134394716-69157 > SID[379]: S-1-5-21-160562036-3150058255-2134394716-309445 > SID[380]: S-1-5-21-160562036-3150058255-2134394716-62733 > SID[381]: S-1-5-21-160562036-3150058255-2134394716-418123 > SID[382]: S-1-5-21-160562036-3150058255-2134394716-64415 > SID[383]: S-1-5-21-160562036-3150058255-2134394716-414619 > SID[384]: S-1-5-21-160562036-3150058255-2134394716-373446 > SID[385]: S-1-5-21-160562036-3150058255-2134394716-289048 > SID[386]: S-1-5-21-160562036-3150058255-2134394716-69158 > SID[387]: S-1-5-21-160562036-3150058255-2134394716-373559 > SID[388]: S-1-5-21-160562036-3150058255-2134394716-110686 > SID[389]: S-1-5-21-160562036-3150058255-2134394716-260757 > SID[390]: S-1-5-21-160562036-3150058255-2134394716-249663 > SID[391]: S-1-5-21-160562036-3150058255-2134394716-249619 > SID[392]: S-1-5-21-160562036-3150058255-2134394716-321098 > SID[393]: S-1-5-21-160562036-3150058255-2134394716-64497 > SID[394]: S-1-5-21-160562036-3150058255-2134394716-112627 > SID[395]: S-1-5-21-160562036-3150058255-2134394716-62710 > SID[396]: S-1-5-21-160562036-3150058255-2134394716-360361 > SID[397]: S-1-5-21-160562036-3150058255-2134394716-353621 > SID[398]: S-1-5-21-160562036-3150058255-2134394716-365152 > SID[399]: S-1-5-21-160562036-3150058255-2134394716-69544 > SID[400]: S-1-5-21-160562036-3150058255-2134394716-249644 > SID[401]: S-1-5-21-160562036-3150058255-2134394716-55625 > SID[402]: S-1-1-0 > SID[403]: S-1-5-2 > SID[404]: S-1-5-11 > SID[405]: S-1-5-32-545 > SID[406]: S-1-22-1-10000 > SID[407]: S-1-22-2-10006 > SID[408]: S-1-22-2-10007 > SID[409]: S-1-22-2-10008 > SID[410]: S-1-22-2-10009 > SID[411]: S-1-22-2-10010 > SID[412]: S-1-22-2-10011 > SID[413]: S-1-22-2-10012 > SID[414]: S-1-22-2-10013 > SID[415]: S-1-22-2-10014 > SID[416]: S-1-22-2-10015 > SID[417]: S-1-22-2-10016 > SID[418]: S-1-22-2-10017 > SID[419]: S-1-22-2-10018 > SID[420]: S-1-22-2-10019 > SID[421]: S-1-22-2-10020 > SID[422]: S-1-22-2-10021 > SID[423]: S-1-22-2-10022 > SID[424]: S-1-22-2-10023 > SID[425]: S-1-22-2-10024 > SID[426]: S-1-22-2-10025 > SID[427]: S-1-22-2-10026 > SID[428]: S-1-22-2-10027 > SID[429]: S-1-22-2-10028 > SID[430]: S-1-22-2-10029 > SID[431]: S-1-22-2-10030 > SID[432]: S-1-22-2-10031 > SID[433]: S-1-22-2-10032 > SID[434]: S-1-22-2-10033 > SID[435]: S-1-22-2-10034 > SID[436]: S-1-22-2-10035 > SID[437]: S-1-22-2-10036 > SID[438]: S-1-22-2-10037 > SID[439]: S-1-22-2-10038 > SID[440]: S-1-22-2-10039 > SID[441]: S-1-22-2-10040 > SID[442]: S-1-22-2-10041 > SID[443]: S-1-22-2-10042 > SID[444]: S-1-22-2-10043 > SID[445]: S-1-22-2-10044 > SID[446]: S-1-22-2-10045 > SID[447]: S-1-22-2-10046 > SID[448]: S-1-22-2-10047 > SID[449]: S-1-22-2-10048 > SID[450]: S-1-22-2-10049 > SID[451]: S-1-22-2-10050 > SID[452]: S-1-22-2-10051 > SID[453]: S-1-22-2-10052 > SID[454]: S-1-22-2-10053 > SID[455]: S-1-22-2-10054 > SID[456]: S-1-22-2-10055 > SID[457]: S-1-22-2-10056 > SID[458]: S-1-22-2-10057 > SID[459]: S-1-22-2-10058 > SID[460]: S-1-22-2-10059 > SID[461]: S-1-22-2-10060 > SID[462]: S-1-22-2-10061 > SID[463]: S-1-22-2-10062 > SID[464]: S-1-22-2-10063 > SID[465]: S-1-22-2-10064 > SID[466]: S-1-22-2-10065 > SID[467]: S-1-22-2-10066 > SID[468]: S-1-22-2-10067 > SID[469]: S-1-22-2-10068 > SID[470]: S-1-22-2-10069 > SID[471]: S-1-22-2-10070 > SID[472]: S-1-22-2-10071 > SID[473]: S-1-22-2-10072 > SID[474]: S-1-22-2-10073 > SID[475]: S-1-22-2-10074 > SID[476]: S-1-22-2-10075 > SID[477]: S-1-22-2-10076 > SID[478]: S-1-22-2-10077 > SID[479]: S-1-22-2-10078 > SID[480]: S-1-22-2-10079 > SID[481]: S-1-22-2-10080 > SID[482]: S-1-22-2-10081 > SID[483]: S-1-22-2-10082 > SID[484]: S-1-22-2-10083 > SID[485]: S-1-22-2-10084 > SID[486]: S-1-22-2-10085 > SID[487]: S-1-22-2-10086 > SID[488]: S-1-22-2-10087 > SID[489]: S-1-22-2-10088 > SID[490]: S-1-22-2-10089 > SID[491]: S-1-22-2-10090 > SID[492]: S-1-22-2-10091 > SID[493]: S-1-22-2-10092 > SID[494]: S-1-22-2-10093 > SID[495]: S-1-22-2-10094 > SID[496]: S-1-22-2-10095 > SID[497]: S-1-22-2-10096 > SID[498]: S-1-22-2-10097 > SID[499]: S-1-22-2-10098 > SID[500]: S-1-22-2-10099 > SID[501]: S-1-22-2-10100 > SID[502]: S-1-22-2-10101 > SID[503]: S-1-22-2-10102 > SID[504]: S-1-22-2-10103 > SID[505]: S-1-22-2-10104 > SID[506]: S-1-22-2-10105 > SID[507]: S-1-22-2-10106 > SID[508]: S-1-22-2-10107 > SID[509]: S-1-22-2-10108 > SID[510]: S-1-22-2-10109 > SID[511]: S-1-22-2-10110 > SID[512]: S-1-22-2-10111 > SID[513]: S-1-22-2-10112 > SID[514]: S-1-22-2-10113 > SID[515]: S-1-22-2-10114 > SID[516]: S-1-22-2-10115 > SID[517]: S-1-22-2-10116 > SID[518]: S-1-22-2-10117 > SID[519]: S-1-22-2-10118 > SID[520]: S-1-22-2-10119 > SID[521]: S-1-22-2-10120 > SID[522]: S-1-22-2-10121 > SID[523]: S-1-22-2-10122 > SID[524]: S-1-22-2-10123 > SID[525]: S-1-22-2-10124 > SID[526]: S-1-22-2-10125 > SID[527]: S-1-22-2-10126 > SID[528]: S-1-22-2-10127 > SID[529]: S-1-22-2-10128 > SID[530]: S-1-22-2-10129 > SID[531]: S-1-22-2-10130 > SID[532]: S-1-22-2-10131 > SID[533]: S-1-22-2-10132 > SID[534]: S-1-22-2-10133 > SID[535]: S-1-22-2-10134 > SID[536]: S-1-22-2-10135 > SID[537]: S-1-22-2-10136 > SID[538]: S-1-22-2-10137 > SID[539]: S-1-22-2-10138 > SID[540]: S-1-22-2-10139 > SID[541]: S-1-22-2-10140 > SID[542]: S-1-22-2-10141 > SID[543]: S-1-22-2-10142 > SID[544]: S-1-22-2-10143 > SID[545]: S-1-22-2-10144 > SID[546]: S-1-22-2-10145 > SID[547]: S-1-22-2-10146 > SID[548]: S-1-22-2-10147 > SID[549]: S-1-22-2-10148 > SID[550]: S-1-22-2-10149 > SID[551]: S-1-22-2-10150 > SID[552]: S-1-22-2-10471 > SID[553]: S-1-22-2-10151 > SID[554]: S-1-22-2-10152 > SID[555]: S-1-22-2-10153 > SID[556]: S-1-22-2-10154 > SID[557]: S-1-22-2-10155 > SID[558]: S-1-22-2-10156 > SID[559]: S-1-22-2-10157 > SID[560]: S-1-22-2-10158 > SID[561]: S-1-22-2-10159 > SID[562]: S-1-22-2-10160 > SID[563]: S-1-22-2-10161 > SID[564]: S-1-22-2-10162 > SID[565]: S-1-22-2-10163 > SID[566]: S-1-22-2-10164 > SID[567]: S-1-22-2-10165 > SID[568]: S-1-22-2-10166 > SID[569]: S-1-22-2-10167 > SID[570]: S-1-22-2-10168 > SID[571]: S-1-22-2-10169 > SID[572]: S-1-22-2-10170 > SID[573]: S-1-22-2-10171 > SID[574]: S-1-22-2-10172 > SID[575]: S-1-22-2-10173 > SID[576]: S-1-22-2-10174 > SID[577]: S-1-22-2-10175 > SID[578]: S-1-22-2-10176 > SID[579]: S-1-22-2-10177 > SID[580]: S-1-22-2-10178 > SID[581]: S-1-22-2-10179 > SID[582]: S-1-22-2-10180 > SID[583]: S-1-22-2-10181 > SID[584]: S-1-22-2-10182 > SID[585]: S-1-22-2-10183 > SID[586]: S-1-22-2-10184 > SID[587]: S-1-22-2-10185 > SID[588]: S-1-22-2-10186 > SID[589]: S-1-22-2-10187 > SID[590]: S-1-22-2-10188 > SID[591]: S-1-22-2-10189 > SID[592]: S-1-22-2-10190 > SID[593]: S-1-22-2-10191 > SID[594]: S-1-22-2-10192 > SID[595]: S-1-22-2-10193 > SID[596]: S-1-22-2-10194 > SID[597]: S-1-22-2-10195 > SID[598]: S-1-22-2-10196 > SID[599]: S-1-22-2-10197 > SID[600]: S-1-22-2-10198 > SID[601]: S-1-22-2-10199 > SID[602]: S-1-22-2-10200 > SID[603]: S-1-22-2-10201 > SID[604]: S-1-22-2-10202 > SID[605]: S-1-22-2-10203 > SID[606]: S-1-22-2-10204 > SID[607]: S-1-22-2-10205 > SID[608]: S-1-22-2-10206 > SID[609]: S-1-22-2-10207 > SID[610]: S-1-22-2-10208 > SID[611]: S-1-22-2-10209 > SID[612]: S-1-22-2-10210 > SID[613]: S-1-22-2-10211 > SID[614]: S-1-22-2-10212 > SID[615]: S-1-22-2-10213 > SID[616]: S-1-22-2-10214 > SID[617]: S-1-22-2-10215 > SID[618]: S-1-22-2-10216 > SID[619]: S-1-22-2-10217 > SID[620]: S-1-22-2-10218 > SID[621]: S-1-22-2-10219 > SID[622]: S-1-22-2-10220 > SID[623]: S-1-22-2-10221 > SID[624]: S-1-22-2-10222 > SID[625]: S-1-22-2-10223 > SID[626]: S-1-22-2-10224 > SID[627]: S-1-22-2-10225 > SID[628]: S-1-22-2-10226 > SID[629]: S-1-22-2-10227 > SID[630]: S-1-22-2-10228 > SID[631]: S-1-22-2-10229 > SID[632]: S-1-22-2-10230 > SID[633]: S-1-22-2-10231 > SID[634]: S-1-22-2-10232 > SID[635]: S-1-22-2-10233 > SID[636]: S-1-22-2-10234 > SID[637]: S-1-22-2-10235 > SID[638]: S-1-22-2-10236 > SID[639]: S-1-22-2-10237 > SID[640]: S-1-22-2-10238 > SID[641]: S-1-22-2-10239 > SID[642]: S-1-22-2-10240 > SID[643]: S-1-22-2-10241 > SID[644]: S-1-22-2-10242 > SID[645]: S-1-22-2-10243 > SID[646]: S-1-22-2-10244 > SID[647]: S-1-22-2-10245 > SID[648]: S-1-22-2-10246 > SID[649]: S-1-22-2-10247 > SID[650]: S-1-22-2-10248 > SID[651]: S-1-22-2-10249 > SID[652]: S-1-22-2-10250 > SID[653]: S-1-22-2-10251 > SID[654]: S-1-22-2-10252 > SID[655]: S-1-22-2-10253 > SID[656]: S-1-22-2-10254 > SID[657]: S-1-22-2-10255 > SID[658]: S-1-22-2-10256 > SID[659]: S-1-22-2-10257 > SID[660]: S-1-22-2-10258 > SID[661]: S-1-22-2-10259 > SID[662]: S-1-22-2-10260 > SID[663]: S-1-22-2-10261 > SID[664]: S-1-22-2-10262 > SID[665]: S-1-22-2-10263 > SID[666]: S-1-22-2-10264 > SID[667]: S-1-22-2-10265 > SID[668]: S-1-22-2-10266 > SID[669]: S-1-22-2-10267 > SID[670]: S-1-22-2-10268 > SID[671]: S-1-22-2-10269 > SID[672]: S-1-22-2-10270 > SID[673]: S-1-22-2-10271 > SID[674]: S-1-22-2-10272 > SID[675]: S-1-22-2-10273 > SID[676]: S-1-22-2-10274 > SID[677]: S-1-22-2-10275 > SID[678]: S-1-22-2-10276 > SID[679]: S-1-22-2-10277 > SID[680]: S-1-22-2-10278 > SID[681]: S-1-22-2-10279 > SID[682]: S-1-22-2-10280 > SID[683]: S-1-22-2-10281 > SID[684]: S-1-22-2-10282 > SID[685]: S-1-22-2-10283 > SID[686]: S-1-22-2-10284 > SID[687]: S-1-22-2-10285 > SID[688]: S-1-22-2-10286 > SID[689]: S-1-22-2-10287 > SID[690]: S-1-22-2-10288 > SID[691]: S-1-22-2-10289 > SID[692]: S-1-22-2-10290 > SID[693]: S-1-22-2-10291 > SID[694]: S-1-22-2-10292 > SID[695]: S-1-22-2-10293 > SID[696]: S-1-22-2-10294 > SID[697]: S-1-22-2-10295 > SID[698]: S-1-22-2-10296 > SID[699]: S-1-22-2-10297 > SID[700]: S-1-22-2-10298 > SID[701]: S-1-22-2-10299 > SID[702]: S-1-22-2-10300 > SID[703]: S-1-22-2-10301 > SID[704]: S-1-22-2-10302 > SID[705]: S-1-22-2-10303 > SID[706]: S-1-22-2-10304 > SID[707]: S-1-22-2-10305 > SID[708]: S-1-22-2-10306 > SID[709]: S-1-22-2-10307 > SID[710]: S-1-22-2-10308 > SID[711]: S-1-22-2-10309 > SID[712]: S-1-22-2-10310 > SID[713]: S-1-22-2-10311 > SID[714]: S-1-22-2-10312 > SID[715]: S-1-22-2-10313 > SID[716]: S-1-22-2-10314 > SID[717]: S-1-22-2-10315 > SID[718]: S-1-22-2-10316 > SID[719]: S-1-22-2-10317 > SID[720]: S-1-22-2-10318 > SID[721]: S-1-22-2-10319 > SID[722]: S-1-22-2-10320 > SID[723]: S-1-22-2-10321 > SID[724]: S-1-22-2-10322 > SID[725]: S-1-22-2-10323 > SID[726]: S-1-22-2-10324 > SID[727]: S-1-22-2-10325 > SID[728]: S-1-22-2-10326 > SID[729]: S-1-22-2-10327 > SID[730]: S-1-22-2-10328 > SID[731]: S-1-22-2-10329 > SID[732]: S-1-22-2-10330 > SID[733]: S-1-22-2-10331 > SID[734]: S-1-22-2-10332 > SID[735]: S-1-22-2-10333 > SID[736]: S-1-22-2-10334 > SID[737]: S-1-22-2-10335 > SID[738]: S-1-22-2-10336 > SID[739]: S-1-22-2-10337 > SID[740]: S-1-22-2-10338 > SID[741]: S-1-22-2-10339 > SID[742]: S-1-22-2-10340 > SID[743]: S-1-22-2-10341 > SID[744]: S-1-22-2-10342 > SID[745]: S-1-22-2-10343 > SID[746]: S-1-22-2-10344 > SID[747]: S-1-22-2-10345 > SID[748]: S-1-22-2-10346 > SID[749]: S-1-22-2-10347 > SID[750]: S-1-22-2-10348 > SID[751]: S-1-22-2-10349 > SID[752]: S-1-22-2-10350 > SID[753]: S-1-22-2-10351 > SID[754]: S-1-22-2-10352 > SID[755]: S-1-22-2-10353 > SID[756]: S-1-22-2-10354 > SID[757]: S-1-22-2-10355 > SID[758]: S-1-22-2-10356 > SID[759]: S-1-22-2-10357 > SID[760]: S-1-22-2-10358 > SID[761]: S-1-22-2-10359 > SID[762]: S-1-22-2-10360 > SID[763]: S-1-22-2-10361 > SID[764]: S-1-22-2-10362 > SID[765]: S-1-22-2-10363 > SID[766]: S-1-22-2-10364 > SID[767]: S-1-22-2-10365 > SID[768]: S-1-22-2-10366 > SID[769]: S-1-22-2-10367 > SID[770]: S-1-22-2-10368 > SID[771]: S-1-22-2-10369 > SID[772]: S-1-22-2-10370 > SID[773]: S-1-22-2-10371 > SID[774]: S-1-22-2-10372 > SID[775]: S-1-22-2-10373 > SID[776]: S-1-22-2-10374 > SID[777]: S-1-22-2-10375 > SID[778]: S-1-22-2-10376 > SID[779]: S-1-22-2-10377 > SID[780]: S-1-22-2-10378 > SID[781]: S-1-22-2-10379 > SID[782]: S-1-22-2-10380 > SID[783]: S-1-22-2-10381 > SID[784]: S-1-22-2-10382 > SID[785]: S-1-22-2-10383 > SID[786]: S-1-22-2-10384 > SID[787]: S-1-22-2-10385 > SID[788]: S-1-22-2-10386 > SID[789]: S-1-22-2-10387 > SID[790]: S-1-22-2-10388 > SID[791]: S-1-22-2-10389 > SID[792]: S-1-22-2-10390 > SID[793]: S-1-22-2-10391 > SID[794]: S-1-22-2-10392 > SID[795]: S-1-22-2-10393 > SID[796]: S-1-22-2-10394 > SID[797]: S-1-22-2-10395 > SID[798]: S-1-22-2-10396 > SID[799]: S-1-22-2-10397 > SID[800]: S-1-22-2-10398 > SID[801]: S-1-22-2-10399 > SID[802]: S-1-22-2-10400 > SID[803]: S-1-22-2-10401 > SID[804]: S-1-22-2-10402 > SID[805]: S-1-22-2-10403 > SID[806]: S-1-22-2-10404 > SID[807]: S-1-22-2-10002 > SID[808]: S-1-22-2-10003 > SID[809]: S-1-22-2-10004 > SID[810]: S-1-22-2-10001 > Privileges (0x 20): > Privilege[ 0]: SePrintOperatorPrivilege > Rights (0x 0): >[2012/11/09 16:29:16.402020, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 10000 > Primary group is 71 and contains 404 supplementary groups > Group[ 0]: 10006 > Group[ 1]: 10007 > Group[ 2]: 10008 > Group[ 3]: 10009 > Group[ 4]: 10010 > Group[ 5]: 10011 > Group[ 6]: 10012 > Group[ 7]: 10013 > Group[ 8]: 10014 > Group[ 9]: 10015 > Group[ 10]: 10016 > Group[ 11]: 10017 > Group[ 12]: 10018 > Group[ 13]: 10019 > Group[ 14]: 10020 > Group[ 15]: 10021 > Group[ 16]: 10022 > Group[ 17]: 10023 > Group[ 18]: 10024 > Group[ 19]: 10025 > Group[ 20]: 10026 > Group[ 21]: 10027 > Group[ 22]: 10028 > Group[ 23]: 10029 > Group[ 24]: 10030 > Group[ 25]: 10031 > Group[ 26]: 10032 > Group[ 27]: 10033 > Group[ 28]: 10034 > Group[ 29]: 10035 > Group[ 30]: 10036 > Group[ 31]: 10037 > Group[ 32]: 10038 > Group[ 33]: 10039 > Group[ 34]: 10040 > Group[ 35]: 10041 > Group[ 36]: 10042 > Group[ 37]: 10043 > Group[ 38]: 10044 > Group[ 39]: 10045 > Group[ 40]: 10046 > Group[ 41]: 10047 > Group[ 42]: 10048 > Group[ 43]: 10049 > Group[ 44]: 10050 > Group[ 45]: 10051 > Group[ 46]: 10052 > Group[ 47]: 10053 > Group[ 48]: 10054 > Group[ 49]: 10055 > Group[ 50]: 10056 > Group[ 51]: 10057 > Group[ 52]: 10058 > Group[ 53]: 10059 > Group[ 54]: 10060 > Group[ 55]: 10061 > Group[ 56]: 10062 > Group[ 57]: 10063 > Group[ 58]: 10064 > Group[ 59]: 10065 > Group[ 60]: 10066 > Group[ 61]: 10067 > Group[ 62]: 10068 > Group[ 63]: 10069 > Group[ 64]: 10070 > Group[ 65]: 10071 > Group[ 66]: 10072 > Group[ 67]: 10073 > Group[ 68]: 10074 > Group[ 69]: 10075 > Group[ 70]: 10076 > Group[ 71]: 10077 > Group[ 72]: 10078 > Group[ 73]: 10079 > Group[ 74]: 10080 > Group[ 75]: 10081 > Group[ 76]: 10082 > Group[ 77]: 10083 > Group[ 78]: 10084 > Group[ 79]: 10085 > Group[ 80]: 10086 > Group[ 81]: 10087 > Group[ 82]: 10088 > Group[ 83]: 10089 > Group[ 84]: 10090 > Group[ 85]: 10091 > Group[ 86]: 10092 > Group[ 87]: 10093 > Group[ 88]: 10094 > Group[ 89]: 10095 > Group[ 90]: 10096 > Group[ 91]: 10097 > Group[ 92]: 10098 > Group[ 93]: 10099 > Group[ 94]: 10100 > Group[ 95]: 10101 > Group[ 96]: 10102 > Group[ 97]: 10103 > Group[ 98]: 10104 > Group[ 99]: 10105 > Group[100]: 10106 > Group[101]: 10107 > Group[102]: 10108 > Group[103]: 10109 > Group[104]: 10110 > Group[105]: 10111 > Group[106]: 10112 > Group[107]: 10113 > Group[108]: 10114 > Group[109]: 10115 > Group[110]: 10116 > Group[111]: 10117 > Group[112]: 10118 > Group[113]: 10119 > Group[114]: 10120 > Group[115]: 10121 > Group[116]: 10122 > Group[117]: 10123 > Group[118]: 10124 > Group[119]: 10125 > Group[120]: 10126 > Group[121]: 10127 > Group[122]: 10128 > Group[123]: 10129 > Group[124]: 10130 > Group[125]: 10131 > Group[126]: 10132 > Group[127]: 10133 > Group[128]: 10134 > Group[129]: 10135 > Group[130]: 10136 > Group[131]: 10137 > Group[132]: 10138 > Group[133]: 10139 > Group[134]: 10140 > Group[135]: 10141 > Group[136]: 10142 > Group[137]: 10143 > Group[138]: 10144 > Group[139]: 10145 > Group[140]: 10146 > Group[141]: 10147 > Group[142]: 10148 > Group[143]: 10149 > Group[144]: 10150 > Group[145]: 10471 > Group[146]: 10151 > Group[147]: 10152 > Group[148]: 10153 > Group[149]: 10154 > Group[150]: 10155 > Group[151]: 10156 > Group[152]: 10157 > Group[153]: 10158 > Group[154]: 10159 > Group[155]: 10160 > Group[156]: 10161 > Group[157]: 10162 > Group[158]: 10163 > Group[159]: 10164 > Group[160]: 10165 > Group[161]: 10166 > Group[162]: 10167 > Group[163]: 10168 > Group[164]: 10169 > Group[165]: 10170 > Group[166]: 10171 > Group[167]: 10172 > Group[168]: 10173 > Group[169]: 10174 > Group[170]: 10175 > Group[171]: 10176 > Group[172]: 10177 > Group[173]: 10178 > Group[174]: 10179 > Group[175]: 10180 > Group[176]: 10181 > Group[177]: 10182 > Group[178]: 10183 > Group[179]: 10184 > Group[180]: 10185 > Group[181]: 10186 > Group[182]: 10187 > Group[183]: 10188 > Group[184]: 10189 > Group[185]: 10190 > Group[186]: 10191 > Group[187]: 10192 > Group[188]: 10193 > Group[189]: 10194 > Group[190]: 10195 > Group[191]: 10196 > Group[192]: 10197 > Group[193]: 10198 > Group[194]: 10199 > Group[195]: 10200 > Group[196]: 10201 > Group[197]: 10202 > Group[198]: 10203 > Group[199]: 10204 > Group[200]: 10205 > Group[201]: 10206 > Group[202]: 10207 > Group[203]: 10208 > Group[204]: 10209 > Group[205]: 10210 > Group[206]: 10211 > Group[207]: 10212 > Group[208]: 10213 > Group[209]: 10214 > Group[210]: 10215 > Group[211]: 10216 > Group[212]: 10217 > Group[213]: 10218 > Group[214]: 10219 > Group[215]: 10220 > Group[216]: 10221 > Group[217]: 10222 > Group[218]: 10223 > Group[219]: 10224 > Group[220]: 10225 > Group[221]: 10226 > Group[222]: 10227 > Group[223]: 10228 > Group[224]: 10229 > Group[225]: 10230 > Group[226]: 10231 > Group[227]: 10232 > Group[228]: 10233 > Group[229]: 10234 > Group[230]: 10235 > Group[231]: 10236 > Group[232]: 10237 > Group[233]: 10238 > Group[234]: 10239 > Group[235]: 10240 > Group[236]: 10241 > Group[237]: 10242 > Group[238]: 10243 > Group[239]: 10244 > Group[240]: 10245 > Group[241]: 10246 > Group[242]: 10247 > Group[243]: 10248 > Group[244]: 10249 > Group[245]: 10250 > Group[246]: 10251 > Group[247]: 10252 > Group[248]: 10253 > Group[249]: 10254 > Group[250]: 10255 > Group[251]: 10256 > Group[252]: 10257 > Group[253]: 10258 > Group[254]: 10259 > Group[255]: 10260 > Group[256]: 10261 > Group[257]: 10262 > Group[258]: 10263 > Group[259]: 10264 > Group[260]: 10265 > Group[261]: 10266 > Group[262]: 10267 > Group[263]: 10268 > Group[264]: 10269 > Group[265]: 10270 > Group[266]: 10271 > Group[267]: 10272 > Group[268]: 10273 > Group[269]: 10274 > Group[270]: 10275 > Group[271]: 10276 > Group[272]: 10277 > Group[273]: 10278 > Group[274]: 10279 > Group[275]: 10280 > Group[276]: 10281 > Group[277]: 10282 > Group[278]: 10283 > Group[279]: 10284 > Group[280]: 10285 > Group[281]: 10286 > Group[282]: 10287 > Group[283]: 10288 > Group[284]: 10289 > Group[285]: 10290 > Group[286]: 10291 > Group[287]: 10292 > Group[288]: 10293 > Group[289]: 10294 > Group[290]: 10295 > Group[291]: 10296 > Group[292]: 10297 > Group[293]: 10298 > Group[294]: 10299 > Group[295]: 10300 > Group[296]: 10301 > Group[297]: 10302 > Group[298]: 10303 > Group[299]: 10304 > Group[300]: 10305 > Group[301]: 10306 > Group[302]: 10307 > Group[303]: 10308 > Group[304]: 10309 > Group[305]: 10310 > Group[306]: 10311 > Group[307]: 10312 > Group[308]: 10313 > Group[309]: 10314 > Group[310]: 10315 > Group[311]: 10316 > Group[312]: 10317 > Group[313]: 10318 > Group[314]: 10319 > Group[315]: 10320 > Group[316]: 10321 > Group[317]: 10322 > Group[318]: 10323 > Group[319]: 10324 > Group[320]: 10325 > Group[321]: 10326 > Group[322]: 10327 > Group[323]: 10328 > Group[324]: 10329 > Group[325]: 10330 > Group[326]: 10331 > Group[327]: 10332 > Group[328]: 10333 > Group[329]: 10334 > Group[330]: 10335 > Group[331]: 10336 > Group[332]: 10337 > Group[333]: 10338 > Group[334]: 10339 > Group[335]: 10340 > Group[336]: 10341 > Group[337]: 10342 > Group[338]: 10343 > Group[339]: 10344 > Group[340]: 10345 > Group[341]: 10346 > Group[342]: 10347 > Group[343]: 10348 > Group[344]: 10349 > Group[345]: 10350 > Group[346]: 10351 > Group[347]: 10352 > Group[348]: 10353 > Group[349]: 10354 > Group[350]: 10355 > Group[351]: 10356 > Group[352]: 10357 > Group[353]: 10358 > Group[354]: 10359 > Group[355]: 10360 > Group[356]: 10361 > Group[357]: 10362 > Group[358]: 10363 > Group[359]: 10364 > Group[360]: 10365 > Group[361]: 10366 > Group[362]: 10367 > Group[363]: 10368 > Group[364]: 10369 > Group[365]: 10370 > Group[366]: 10371 > Group[367]: 10372 > Group[368]: 10373 > Group[369]: 10374 > Group[370]: 10375 > Group[371]: 10376 > Group[372]: 10377 > Group[373]: 10378 > Group[374]: 10379 > Group[375]: 10380 > Group[376]: 10381 > Group[377]: 10382 > Group[378]: 10383 > Group[379]: 10384 > Group[380]: 10385 > Group[381]: 10386 > Group[382]: 10387 > Group[383]: 10388 > Group[384]: 10389 > Group[385]: 10390 > Group[386]: 10391 > Group[387]: 10392 > Group[388]: 10393 > Group[389]: 10394 > Group[390]: 10395 > Group[391]: 10396 > Group[392]: 10397 > Group[393]: 10398 > Group[394]: 10399 > Group[395]: 10400 > Group[396]: 10401 > Group[397]: 10402 > Group[398]: 10403 > Group[399]: 10404 > Group[400]: 10002 > Group[401]: 10003 > Group[402]: 10004 > Group[403]: 10001 >[2012/11/09 16:29:16.405074, 5] smbd/uid.c:317(change_to_user_internal) > Impersonated user: uid=(0,10000), gid=(0,71) >[2012/11/09 16:29:16.405123, 3] smbd/trans2.c:5026(call_trans2qfilepathinfo) > call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 1006 >[2012/11/09 16:29:16.405164, 3] smbd/trans2.c:5255(call_trans2qfilepathinfo) > call_trans2qfilepathinfo x64/3/yyyp0708.ppd (fnum = 8215) level=1006 call=7 total_data=0 >[2012/11/09 16:29:16.405188, 5] smbd/trans2.c:4223(smbd_do_qfilepathinfo) > smbd_do_qfilepathinfo: x64/3/yyyp0708.ppd (fnum = 8215) level=1006 max_data=8 >[2012/11/09 16:29:16.405208, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/yyyp0708.ppd >[2012/11/09 16:29:16.405229, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.405248, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.405272, 9] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 2, data_sent_thistime = 8, useable_space = 131010 >[2012/11/09 16:29:16.405292, 9] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 2, data_to_send = 8, paramsize = 2, datasize = 8 >[2012/11/09 16:29:16.405311, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.405322, 5] lib/util.c:342(show_msg) > size=68 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=51200 > smt_wct=10 > smb_vwv[ 0]= 2 (0x2) > smb_vwv[ 1]= 8 (0x8) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 2 (0x2) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 8 (0x8) > smb_vwv[ 7]= 60 (0x3C) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=13 >[2012/11/09 16:29:16.406839, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x48 >[2012/11/09 16:29:16.406891, 3] smbd/process.c:1662(process_smb) > Transaction 51 of length 76 (0 toread) >[2012/11/09 16:29:16.406920, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.406933, 5] lib/util.c:342(show_msg) > size=72 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=51264 > smt_wct=15 > smb_vwv[ 0]= 4 (0x4) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 2 (0x2) > smb_vwv[ 3]= 24 (0x18) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 4 (0x4) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 7 (0x7) > smb_bcc=7 >[2012/11/09 16:29:16.407195, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.407219, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.407240, 3] smbd/trans2.c:5026(call_trans2qfilepathinfo) > call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 1005 >[2012/11/09 16:29:16.407280, 3] smbd/trans2.c:5255(call_trans2qfilepathinfo) > call_trans2qfilepathinfo x64/3/yyyp0708.ppd (fnum = 8215) level=1005 call=7 total_data=0 >[2012/11/09 16:29:16.407321, 5] smbd/trans2.c:4223(smbd_do_qfilepathinfo) > smbd_do_qfilepathinfo: x64/3/yyyp0708.ppd (fnum = 8215) level=1005 max_data=24 >[2012/11/09 16:29:16.407357, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/yyyp0708.ppd >[2012/11/09 16:29:16.407395, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.407430, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.407456, 9] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 2, data_sent_thistime = 24, useable_space = 131010 >[2012/11/09 16:29:16.407476, 9] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 2, data_to_send = 24, paramsize = 2, datasize = 24 >[2012/11/09 16:29:16.407495, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.407507, 5] lib/util.c:342(show_msg) > size=84 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=51264 > smt_wct=10 > smb_vwv[ 0]= 2 (0x2) > smb_vwv[ 1]= 24 (0x18) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 2 (0x2) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 24 (0x18) > smb_vwv[ 7]= 60 (0x3C) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=29 >[2012/11/09 16:29:16.409231, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x7a >[2012/11/09 16:29:16.409268, 3] smbd/process.c:1662(process_smb) > Transaction 52 of length 126 (0 toread) >[2012/11/09 16:29:16.409289, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.409301, 5] lib/util.c:342(show_msg) > size=122 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=51328 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 9216 (0x2400) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 256 (0x100) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]=17408 (0x4400) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 768 (0x300) > smb_bcc=39 >[2012/11/09 16:29:16.409625, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.409674, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.409723, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/pscript.hlp" >[2012/11/09 16:29:16.409778, 5] smbd/filename.c:416(unix_convert) > unix_convert begin: name = x64/3/pscript.hlp, dirpath = x64/3, start = pscript.hlp >[2012/11/09 16:29:16.409839, 5] smbd/statcache.c:143(stat_cache_add) > stat_cache_add: Added entry (7fa2eaccf5f0:size 11) X64/3/PSCRIPT.HLP -> x64/3/pscript.hlp >[2012/11/09 16:29:16.409882, 5] smbd/filename.c:439(unix_convert) > conversion of base_name finished x64/3/pscript.hlp -> x64/3/pscript.hlp >[2012/11/09 16:29:16.409916, 3] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [x64/3/pscript.hlp] [/var/lib/samba/drivers] >[2012/11/09 16:29:16.409961, 3] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: x64/3/pscript.hlp reduced to /var/lib/samba/drivers/x64/3/pscript.hlp >[2012/11/09 16:29:16.409999, 5] smbd/files.c:140(file_new) > allocated file structure 4120, fnum = 8216 (6 used) >[2012/11/09 16:29:16.410042, 3] smbd/dosmode.c:159(unix_mode) > unix_mode(x64/3/pscript.hlp) returning 0664 >[2012/11/09 16:29:16.410081, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/pscript.hlp >[2012/11/09 16:29:16.410136, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.410175, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.410236, 4] smbd/open.c:2065(open_file_ntcreate) > calling open_file with flags=0x0 flags2=0x0 mode=0664, access_mask = 0x20089, open_access_mask = 0x20089 >[2012/11/09 16:29:16.410287, 2] smbd/open.c:704(open_file) > BROSE+pfoerfr opened file x64/3/pscript.hlp read=Yes write=No (numopen=4) >[2012/11/09 16:29:16.410328, 3] smbd/oplock_linux.c:135(linux_set_kernel_oplock) > linux_set_kernel_oplock: Refused oplock on file x64/3/pscript.hlp, fd = 35, file_id = fd02:e13:0. (Keine Berechtigung) >[2012/11/09 16:29:16.410372, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/pscript.hlp >[2012/11/09 16:29:16.410396, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.410415, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.410471, 5] smbd/nttrans.c:725(reply_ntcreate_and_X) > reply_ntcreate_and_X: fnum = 8216, open name = x64/3/pscript.hlp >[2012/11/09 16:29:16.411387, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x48 >[2012/11/09 16:29:16.411430, 3] smbd/process.c:1662(process_smb) > Transaction 53 of length 76 (0 toread) >[2012/11/09 16:29:16.411468, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.411483, 5] lib/util.c:342(show_msg) > size=72 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=51392 > smt_wct=15 > smb_vwv[ 0]= 4 (0x4) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 2 (0x2) > smb_vwv[ 3]= 8 (0x8) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 4 (0x4) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 7 (0x7) > smb_bcc=7 >[2012/11/09 16:29:16.411767, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.411808, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.411847, 3] smbd/trans2.c:5026(call_trans2qfilepathinfo) > call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 1006 >[2012/11/09 16:29:16.411884, 3] smbd/trans2.c:5255(call_trans2qfilepathinfo) > call_trans2qfilepathinfo x64/3/pscript.hlp (fnum = 8216) level=1006 call=7 total_data=0 >[2012/11/09 16:29:16.411907, 5] smbd/trans2.c:4223(smbd_do_qfilepathinfo) > smbd_do_qfilepathinfo: x64/3/pscript.hlp (fnum = 8216) level=1006 max_data=8 >[2012/11/09 16:29:16.411928, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/pscript.hlp >[2012/11/09 16:29:16.411948, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.411967, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.411990, 9] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 2, data_sent_thistime = 8, useable_space = 131010 >[2012/11/09 16:29:16.412010, 9] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 2, data_to_send = 8, paramsize = 2, datasize = 8 >[2012/11/09 16:29:16.412029, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.412048, 5] lib/util.c:342(show_msg) > size=68 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=51392 > smt_wct=10 > smb_vwv[ 0]= 2 (0x2) > smb_vwv[ 1]= 8 (0x8) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 2 (0x2) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 8 (0x8) > smb_vwv[ 7]= 60 (0x3C) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=13 >[2012/11/09 16:29:16.413189, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x48 >[2012/11/09 16:29:16.413222, 3] smbd/process.c:1662(process_smb) > Transaction 54 of length 76 (0 toread) >[2012/11/09 16:29:16.413242, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.413268, 5] lib/util.c:342(show_msg) > size=72 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=51456 > smt_wct=15 > smb_vwv[ 0]= 4 (0x4) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 2 (0x2) > smb_vwv[ 3]= 24 (0x18) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 4 (0x4) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 7 (0x7) > smb_bcc=7 >[2012/11/09 16:29:16.413477, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.413498, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.413519, 3] smbd/trans2.c:5026(call_trans2qfilepathinfo) > call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 1005 >[2012/11/09 16:29:16.413545, 3] smbd/trans2.c:5255(call_trans2qfilepathinfo) > call_trans2qfilepathinfo x64/3/pscript.hlp (fnum = 8216) level=1005 call=7 total_data=0 >[2012/11/09 16:29:16.413568, 5] smbd/trans2.c:4223(smbd_do_qfilepathinfo) > smbd_do_qfilepathinfo: x64/3/pscript.hlp (fnum = 8216) level=1005 max_data=24 >[2012/11/09 16:29:16.413588, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/pscript.hlp >[2012/11/09 16:29:16.413607, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.413630, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.413672, 9] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 2, data_sent_thistime = 24, useable_space = 131010 >[2012/11/09 16:29:16.413710, 9] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 2, data_to_send = 24, paramsize = 2, datasize = 24 >[2012/11/09 16:29:16.413747, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.413770, 5] lib/util.c:342(show_msg) > size=84 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=51456 > smt_wct=10 > smb_vwv[ 0]= 2 (0x2) > smb_vwv[ 1]= 24 (0x18) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 2 (0x2) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 24 (0x18) > smb_vwv[ 7]= 60 (0x3C) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=29 >[2012/11/09 16:29:16.415155, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x7a >[2012/11/09 16:29:16.415187, 3] smbd/process.c:1662(process_smb) > Transaction 55 of length 126 (0 toread) >[2012/11/09 16:29:16.415208, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.415219, 5] lib/util.c:342(show_msg) > size=122 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=51520 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 9216 (0x2400) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 256 (0x100) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]=17408 (0x4400) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 768 (0x300) > smb_bcc=39 >[2012/11/09 16:29:16.415506, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.415543, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.415581, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/pscript.ntf" >[2012/11/09 16:29:16.415641, 5] smbd/filename.c:416(unix_convert) > unix_convert begin: name = x64/3/pscript.ntf, dirpath = x64/3, start = pscript.ntf >[2012/11/09 16:29:16.415691, 5] smbd/statcache.c:143(stat_cache_add) > stat_cache_add: Added entry (7fa2eacd1660:size 11) X64/3/PSCRIPT.NTF -> x64/3/pscript.ntf >[2012/11/09 16:29:16.415718, 5] smbd/filename.c:439(unix_convert) > conversion of base_name finished x64/3/pscript.ntf -> x64/3/pscript.ntf >[2012/11/09 16:29:16.415753, 3] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [x64/3/pscript.ntf] [/var/lib/samba/drivers] >[2012/11/09 16:29:16.415785, 3] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: x64/3/pscript.ntf reduced to /var/lib/samba/drivers/x64/3/pscript.ntf >[2012/11/09 16:29:16.415824, 5] smbd/files.c:140(file_new) > allocated file structure 4121, fnum = 8217 (7 used) >[2012/11/09 16:29:16.415857, 3] smbd/dosmode.c:159(unix_mode) > unix_mode(x64/3/pscript.ntf) returning 0664 >[2012/11/09 16:29:16.415879, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/pscript.ntf >[2012/11/09 16:29:16.415898, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.415918, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.415954, 4] smbd/open.c:2065(open_file_ntcreate) > calling open_file with flags=0x0 flags2=0x0 mode=0664, access_mask = 0x20089, open_access_mask = 0x20089 >[2012/11/09 16:29:16.415989, 2] smbd/open.c:704(open_file) > BROSE+pfoerfr opened file x64/3/pscript.ntf read=Yes write=No (numopen=5) >[2012/11/09 16:29:16.416019, 3] smbd/oplock_linux.c:135(linux_set_kernel_oplock) > linux_set_kernel_oplock: Refused oplock on file x64/3/pscript.ntf, fd = 36, file_id = fd02:e14:0. (Keine Berechtigung) >[2012/11/09 16:29:16.416066, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/pscript.ntf >[2012/11/09 16:29:16.416091, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.416110, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.416157, 5] smbd/nttrans.c:725(reply_ntcreate_and_X) > reply_ntcreate_and_X: fnum = 8217, open name = x64/3/pscript.ntf >[2012/11/09 16:29:16.416914, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x48 >[2012/11/09 16:29:16.416946, 3] smbd/process.c:1662(process_smb) > Transaction 56 of length 76 (0 toread) >[2012/11/09 16:29:16.416966, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.416977, 5] lib/util.c:342(show_msg) > size=72 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=51584 > smt_wct=15 > smb_vwv[ 0]= 4 (0x4) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 2 (0x2) > smb_vwv[ 3]= 8 (0x8) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 4 (0x4) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 7 (0x7) > smb_bcc=7 >[2012/11/09 16:29:16.417204, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.417227, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.417247, 3] smbd/trans2.c:5026(call_trans2qfilepathinfo) > call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 1006 >[2012/11/09 16:29:16.417278, 3] smbd/trans2.c:5255(call_trans2qfilepathinfo) > call_trans2qfilepathinfo x64/3/pscript.ntf (fnum = 8217) level=1006 call=7 total_data=0 >[2012/11/09 16:29:16.417306, 5] smbd/trans2.c:4223(smbd_do_qfilepathinfo) > smbd_do_qfilepathinfo: x64/3/pscript.ntf (fnum = 8217) level=1006 max_data=8 >[2012/11/09 16:29:16.417326, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/pscript.ntf >[2012/11/09 16:29:16.417345, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.417366, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.417401, 9] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 2, data_sent_thistime = 8, useable_space = 131010 >[2012/11/09 16:29:16.417436, 9] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 2, data_to_send = 8, paramsize = 2, datasize = 8 >[2012/11/09 16:29:16.417458, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.417470, 5] lib/util.c:342(show_msg) > size=68 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=51584 > smt_wct=10 > smb_vwv[ 0]= 2 (0x2) > smb_vwv[ 1]= 8 (0x8) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 2 (0x2) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 8 (0x8) > smb_vwv[ 7]= 60 (0x3C) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=13 >[2012/11/09 16:29:16.418618, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x48 >[2012/11/09 16:29:16.418651, 3] smbd/process.c:1662(process_smb) > Transaction 57 of length 76 (0 toread) >[2012/11/09 16:29:16.418671, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.418684, 5] lib/util.c:342(show_msg) > size=72 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=51648 > smt_wct=15 > smb_vwv[ 0]= 4 (0x4) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 2 (0x2) > smb_vwv[ 3]= 24 (0x18) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 4 (0x4) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 7 (0x7) > smb_bcc=7 >[2012/11/09 16:29:16.418910, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.418933, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.418954, 3] smbd/trans2.c:5026(call_trans2qfilepathinfo) > call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 1005 >[2012/11/09 16:29:16.418980, 3] smbd/trans2.c:5255(call_trans2qfilepathinfo) > call_trans2qfilepathinfo x64/3/pscript.ntf (fnum = 8217) level=1005 call=7 total_data=0 >[2012/11/09 16:29:16.419003, 5] smbd/trans2.c:4223(smbd_do_qfilepathinfo) > smbd_do_qfilepathinfo: x64/3/pscript.ntf (fnum = 8217) level=1005 max_data=24 >[2012/11/09 16:29:16.419023, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/pscript.ntf >[2012/11/09 16:29:16.419042, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.419061, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.419084, 9] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 2, data_sent_thistime = 24, useable_space = 131010 >[2012/11/09 16:29:16.419113, 9] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 2, data_to_send = 24, paramsize = 2, datasize = 24 >[2012/11/09 16:29:16.419134, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.419146, 5] lib/util.c:342(show_msg) > size=84 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=51648 > smt_wct=10 > smb_vwv[ 0]= 2 (0x2) > smb_vwv[ 1]= 24 (0x18) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 2 (0x2) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 24 (0x18) > smb_vwv[ 7]= 60 (0x3C) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=29 >[2012/11/09 16:29:16.421012, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x7c >[2012/11/09 16:29:16.421059, 3] smbd/process.c:1662(process_smb) > Transaction 58 of length 128 (0 toread) >[2012/11/09 16:29:16.421093, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.421107, 5] lib/util.c:342(show_msg) > size=124 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=51712 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 9728 (0x2600) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1280 (0x500) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]=16384 (0x4000) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 768 (0x300) > smb_bcc=41 >[2012/11/09 16:29:16.421451, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.421490, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.421527, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/pscript5.dll" >[2012/11/09 16:29:16.421563, 3] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [x64/3/pscript5.dll] [/var/lib/samba/drivers] >[2012/11/09 16:29:16.421607, 3] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: x64/3/pscript5.dll reduced to /var/lib/samba/drivers/x64/3/pscript5.dll >[2012/11/09 16:29:16.421643, 5] smbd/files.c:140(file_new) > allocated file structure 4122, fnum = 8218 (8 used) >[2012/11/09 16:29:16.421678, 3] smbd/dosmode.c:159(unix_mode) > unix_mode(x64/3/pscript5.dll) returning 0664 >[2012/11/09 16:29:16.421710, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/pscript5.dll >[2012/11/09 16:29:16.421740, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.421769, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.421807, 4] smbd/open.c:2065(open_file_ntcreate) > calling open_file with flags=0x0 flags2=0x0 mode=0664, access_mask = 0x20089, open_access_mask = 0x20089 >[2012/11/09 16:29:16.421849, 2] smbd/open.c:704(open_file) > BROSE+pfoerfr opened file x64/3/pscript5.dll read=Yes write=No (numopen=6) >[2012/11/09 16:29:16.421886, 5] smbd/oplock.c:92(set_file_oplock) > set_file_oplock: granted oplock on file x64/3/pscript5.dll, fd02:e10:0/2976701240, tv_sec = 509d214c, tv_usec = 66f0a >[2012/11/09 16:29:16.421939, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/pscript5.dll >[2012/11/09 16:29:16.421973, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.422003, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.422064, 5] smbd/nttrans.c:725(reply_ntcreate_and_X) > reply_ntcreate_and_X: fnum = 8218, open name = x64/3/pscript5.dll >[2012/11/09 16:29:16.423126, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x48 >[2012/11/09 16:29:16.423166, 3] smbd/process.c:1662(process_smb) > Transaction 59 of length 76 (0 toread) >[2012/11/09 16:29:16.423197, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.423214, 5] lib/util.c:342(show_msg) > size=72 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=51776 > smt_wct=15 > smb_vwv[ 0]= 4 (0x4) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 2 (0x2) > smb_vwv[ 3]= 24 (0x18) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 4 (0x4) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 7 (0x7) > smb_bcc=7 >[2012/11/09 16:29:16.423526, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.423559, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.423591, 3] smbd/trans2.c:5026(call_trans2qfilepathinfo) > call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 1005 >[2012/11/09 16:29:16.423641, 3] smbd/trans2.c:5255(call_trans2qfilepathinfo) > call_trans2qfilepathinfo x64/3/pscript5.dll (fnum = 8218) level=1005 call=7 total_data=0 >[2012/11/09 16:29:16.423677, 5] smbd/trans2.c:4223(smbd_do_qfilepathinfo) > smbd_do_qfilepathinfo: x64/3/pscript5.dll (fnum = 8218) level=1005 max_data=24 >[2012/11/09 16:29:16.423721, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/pscript5.dll >[2012/11/09 16:29:16.423756, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.423786, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.423820, 9] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 2, data_sent_thistime = 24, useable_space = 131010 >[2012/11/09 16:29:16.423852, 9] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 2, data_to_send = 24, paramsize = 2, datasize = 24 >[2012/11/09 16:29:16.423882, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.423900, 5] lib/util.c:342(show_msg) > size=84 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=51776 > smt_wct=10 > smb_vwv[ 0]= 2 (0x2) > smb_vwv[ 1]= 24 (0x18) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 2 (0x2) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 24 (0x18) > smb_vwv[ 7]= 60 (0x3C) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=29 >[2012/11/09 16:29:16.425008, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:16.425045, 3] smbd/process.c:1662(process_smb) > Transaction 60 of length 63 (0 toread) >[2012/11/09 16:29:16.425065, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.425077, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=59415 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=51840 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8218 (0x201A) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 4096 (0x1000) > smb_vwv[ 6]= 4096 (0x1000) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 4096 (0x1000) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:16.425341, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.425389, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.425450, 8] locking/posix.c:254(posix_fcntl_getlock) > posix_fcntl_getlock 37 0 4096 0 >[2012/11/09 16:29:16.425519, 8] lib/util.c:1474(fcntl_getlock) > fcntl_getlock fd=37 offset=0 count=4096 type=0 >[2012/11/09 16:29:16.425563, 3] lib/util.c:1498(fcntl_getlock) > fcntl_getlock: fd 37 is returned info 2 pid 0 >[2012/11/09 16:29:16.425598, 8] locking/posix.c:284(posix_fcntl_getlock) > posix_fcntl_getlock: Lock query call successful >[2012/11/09 16:29:16.425672, 3] smbd/reply.c:3702(send_file_readX) > send_file_readX fnum=8218 max=4096 nread=4096 >[2012/11/09 16:29:16.427093, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:16.427146, 3] smbd/process.c:1662(process_smb) > Transaction 61 of length 63 (0 toread) >[2012/11/09 16:29:16.427181, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.427200, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=59415 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=51904 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8213 (0x2015) > smb_vwv[ 3]=35328 (0x8A00) > smb_vwv[ 4]= 9 (0x9) > smb_vwv[ 5]= 5120 (0x1400) > smb_vwv[ 6]= 5120 (0x1400) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 5120 (0x1400) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:16.427489, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.427527, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.427570, 8] locking/posix.c:254(posix_fcntl_getlock) > posix_fcntl_getlock 32 625152 5120 0 >[2012/11/09 16:29:16.427610, 8] lib/util.c:1474(fcntl_getlock) > fcntl_getlock fd=32 offset=625152 count=5120 type=0 >[2012/11/09 16:29:16.427669, 3] lib/util.c:1498(fcntl_getlock) > fcntl_getlock: fd 32 is returned info 2 pid 0 >[2012/11/09 16:29:16.427710, 8] locking/posix.c:284(posix_fcntl_getlock) > posix_fcntl_getlock: Lock query call successful >[2012/11/09 16:29:16.427749, 3] smbd/reply.c:3702(send_file_readX) > send_file_readX fnum=8213 max=5120 nread=5120 >[2012/11/09 16:29:16.429333, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x29 >[2012/11/09 16:29:16.429382, 3] smbd/process.c:1662(process_smb) > Transaction 62 of length 45 (0 toread) >[2012/11/09 16:29:16.429420, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.429439, 5] lib/util.c:342(show_msg) > size=41 > smb_com=0x4 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=51968 > smt_wct=3 > smb_vwv[ 0]= 8218 (0x201A) > smb_vwv[ 1]=65535 (0xFFFF) > smb_vwv[ 2]=65535 (0xFFFF) > smb_bcc=0 >[2012/11/09 16:29:16.429594, 3] smbd/process.c:1467(switch_message) > switch message SMBclose (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.429617, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.429647, 3] smbd/reply.c:4848(reply_close) > close fd=37 fnum=8218 (numopen=6) >[2012/11/09 16:29:16.429686, 6] smbd/close.c:532(set_close_write_time) > close_write_time: Sun Feb 7 07:28:15 2106 >[2012/11/09 16:29:16.429784, 2] smbd/close.c:696(close_normal_file) > BROSE+pfoerfr closed file x64/3/pscript5.dll (numopen=5) NT_STATUS_OK >[2012/11/09 16:29:16.429826, 5] smbd/files.c:482(file_free) > freed files structure 8218 (7 used) >[2012/11/09 16:29:16.429860, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.429884, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0x4 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=51968 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.431082, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:16.431127, 3] smbd/process.c:1662(process_smb) > Transaction 63 of length 63 (0 toread) >[2012/11/09 16:29:16.431164, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.431180, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=59415 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=52032 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8213 (0x2015) > smb_vwv[ 3]=34816 (0x8800) > smb_vwv[ 4]= 6 (0x6) > smb_vwv[ 5]=16384 (0x4000) > smb_vwv[ 6]=16384 (0x4000) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]=16384 (0x4000) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:16.431397, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.431425, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.431450, 8] locking/posix.c:254(posix_fcntl_getlock) > posix_fcntl_getlock 32 428032 16384 0 >[2012/11/09 16:29:16.431474, 8] lib/util.c:1474(fcntl_getlock) > fcntl_getlock fd=32 offset=428032 count=16384 type=0 >[2012/11/09 16:29:16.431496, 3] lib/util.c:1498(fcntl_getlock) > fcntl_getlock: fd 32 is returned info 2 pid 0 >[2012/11/09 16:29:16.431516, 8] locking/posix.c:284(posix_fcntl_getlock) > posix_fcntl_getlock: Lock query call successful >[2012/11/09 16:29:16.431543, 3] smbd/reply.c:3702(send_file_readX) > send_file_readX fnum=8213 max=16384 nread=16384 >[2012/11/09 16:29:16.434170, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x90 >[2012/11/09 16:29:16.434211, 3] smbd/process.c:1662(process_smb) > Transaction 64 of length 148 (0 toread) >[2012/11/09 16:29:16.434232, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.434244, 5] lib/util.c:342(show_msg) > size=144 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=52096 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]=14848 (0x3A00) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1280 (0x500) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]= 0 (0x0) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 0 (0x0) > smb_bcc=61 >[2012/11/09 16:29:16.434643, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.434667, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.434693, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/de-DE/pscript5.dll.mui" >[2012/11/09 16:29:16.434721, 5] smbd/filename.c:416(unix_convert) > unix_convert begin: name = x64/3/de-DE/pscript5.dll.mui, dirpath = x64/3, start = de-DE/pscript5.dll.mui >[2012/11/09 16:29:16.434789, 5] smbd/filename.c:675(unix_convert) > Intermediate not found de-DE >[2012/11/09 16:29:16.434817, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/nttrans.c(552) cmd=162 (SMBntcreateX) NT_STATUS_OBJECT_PATH_NOT_FOUND >[2012/11/09 16:29:16.434842, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.434854, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0xa2 > smb_rcls=58 > smb_reh=0 > smb_err=49152 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=52096 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.436371, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x8a >[2012/11/09 16:29:16.436414, 3] smbd/process.c:1662(process_smb) > Transaction 65 of length 142 (0 toread) >[2012/11/09 16:29:16.436444, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.436487, 5] lib/util.c:342(show_msg) > size=138 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=52160 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]=13312 (0x3400) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1280 (0x500) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]= 0 (0x0) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 0 (0x0) > smb_bcc=55 >[2012/11/09 16:29:16.436891, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.436922, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.436954, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/de/pscript5.dll.mui" >[2012/11/09 16:29:16.436988, 5] smbd/filename.c:416(unix_convert) > unix_convert begin: name = x64/3/de/pscript5.dll.mui, dirpath = x64/3, start = de/pscript5.dll.mui >[2012/11/09 16:29:16.437042, 5] smbd/filename.c:675(unix_convert) > Intermediate not found de >[2012/11/09 16:29:16.437076, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/nttrans.c(552) cmd=162 (SMBntcreateX) NT_STATUS_OBJECT_PATH_NOT_FOUND >[2012/11/09 16:29:16.437106, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.437123, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0xa2 > smb_rcls=58 > smb_reh=0 > smb_err=49152 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=52160 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.438593, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x90 >[2012/11/09 16:29:16.438640, 3] smbd/process.c:1662(process_smb) > Transaction 66 of length 148 (0 toread) >[2012/11/09 16:29:16.438676, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.438689, 5] lib/util.c:342(show_msg) > size=144 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=52224 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]=14848 (0x3A00) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1280 (0x500) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]= 0 (0x0) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 0 (0x0) > smb_bcc=61 >[2012/11/09 16:29:16.438960, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.438980, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.439003, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/en-US/pscript5.dll.mui" >[2012/11/09 16:29:16.439027, 5] smbd/filename.c:416(unix_convert) > unix_convert begin: name = x64/3/en-US/pscript5.dll.mui, dirpath = x64/3, start = en-US/pscript5.dll.mui >[2012/11/09 16:29:16.439062, 5] smbd/filename.c:675(unix_convert) > Intermediate not found en-US >[2012/11/09 16:29:16.439085, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/nttrans.c(552) cmd=162 (SMBntcreateX) NT_STATUS_OBJECT_PATH_NOT_FOUND >[2012/11/09 16:29:16.439106, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.439117, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0xa2 > smb_rcls=58 > smb_reh=0 > smb_err=49152 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=52224 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.440597, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x8a >[2012/11/09 16:29:16.440634, 3] smbd/process.c:1662(process_smb) > Transaction 67 of length 142 (0 toread) >[2012/11/09 16:29:16.440674, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.440694, 5] lib/util.c:342(show_msg) > size=138 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=52288 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]=13312 (0x3400) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1280 (0x500) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]= 0 (0x0) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 0 (0x0) > smb_bcc=55 >[2012/11/09 16:29:16.441102, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.441140, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.441186, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/en/pscript5.dll.mui" >[2012/11/09 16:29:16.441237, 5] smbd/filename.c:416(unix_convert) > unix_convert begin: name = x64/3/en/pscript5.dll.mui, dirpath = x64/3, start = en/pscript5.dll.mui >[2012/11/09 16:29:16.441320, 5] smbd/filename.c:675(unix_convert) > Intermediate not found en >[2012/11/09 16:29:16.441362, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/nttrans.c(552) cmd=162 (SMBntcreateX) NT_STATUS_OBJECT_PATH_NOT_FOUND >[2012/11/09 16:29:16.441397, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.441420, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0xa2 > smb_rcls=58 > smb_reh=0 > smb_err=49152 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=52288 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.444611, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x7c >[2012/11/09 16:29:16.444687, 3] smbd/process.c:1662(process_smb) > Transaction 68 of length 128 (0 toread) >[2012/11/09 16:29:16.444724, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.444738, 5] lib/util.c:342(show_msg) > size=124 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=52352 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 9728 (0x2600) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1280 (0x500) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]=16384 (0x4000) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 768 (0x300) > smb_bcc=41 >[2012/11/09 16:29:16.445032, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.445055, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.445093, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/pscript5.dll" >[2012/11/09 16:29:16.445147, 3] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [x64/3/pscript5.dll] [/var/lib/samba/drivers] >[2012/11/09 16:29:16.445195, 3] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: x64/3/pscript5.dll reduced to /var/lib/samba/drivers/x64/3/pscript5.dll >[2012/11/09 16:29:16.445232, 5] smbd/files.c:140(file_new) > allocated file structure 4123, fnum = 8219 (8 used) >[2012/11/09 16:29:16.445262, 3] smbd/dosmode.c:159(unix_mode) > unix_mode(x64/3/pscript5.dll) returning 0664 >[2012/11/09 16:29:16.445283, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/pscript5.dll >[2012/11/09 16:29:16.445302, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.445322, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.445361, 4] smbd/open.c:2065(open_file_ntcreate) > calling open_file with flags=0x0 flags2=0x0 mode=0664, access_mask = 0x20089, open_access_mask = 0x20089 >[2012/11/09 16:29:16.445391, 2] smbd/open.c:704(open_file) > BROSE+pfoerfr opened file x64/3/pscript5.dll read=Yes write=No (numopen=6) >[2012/11/09 16:29:16.445432, 5] smbd/oplock.c:92(set_file_oplock) > set_file_oplock: granted oplock on file x64/3/pscript5.dll, fd02:e10:0/2976701241, tv_sec = 509d214c, tv_usec = 6cb2f >[2012/11/09 16:29:16.445486, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/pscript5.dll >[2012/11/09 16:29:16.445516, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.445545, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.445607, 5] smbd/nttrans.c:725(reply_ntcreate_and_X) > reply_ntcreate_and_X: fnum = 8219, open name = x64/3/pscript5.dll >[2012/11/09 16:29:16.446831, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x48 >[2012/11/09 16:29:16.446869, 3] smbd/process.c:1662(process_smb) > Transaction 69 of length 76 (0 toread) >[2012/11/09 16:29:16.446889, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.446901, 5] lib/util.c:342(show_msg) > size=72 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=52416 > smt_wct=15 > smb_vwv[ 0]= 4 (0x4) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 2 (0x2) > smb_vwv[ 3]= 24 (0x18) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 4 (0x4) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 7 (0x7) > smb_bcc=7 >[2012/11/09 16:29:16.447152, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.447175, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.447198, 3] smbd/trans2.c:5026(call_trans2qfilepathinfo) > call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 1005 >[2012/11/09 16:29:16.447228, 3] smbd/trans2.c:5255(call_trans2qfilepathinfo) > call_trans2qfilepathinfo x64/3/pscript5.dll (fnum = 8219) level=1005 call=7 total_data=0 >[2012/11/09 16:29:16.447251, 5] smbd/trans2.c:4223(smbd_do_qfilepathinfo) > smbd_do_qfilepathinfo: x64/3/pscript5.dll (fnum = 8219) level=1005 max_data=24 >[2012/11/09 16:29:16.447271, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/pscript5.dll >[2012/11/09 16:29:16.447291, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.447310, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.447335, 9] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 2, data_sent_thistime = 24, useable_space = 131010 >[2012/11/09 16:29:16.447355, 9] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 2, data_to_send = 24, paramsize = 2, datasize = 24 >[2012/11/09 16:29:16.447374, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.447385, 5] lib/util.c:342(show_msg) > size=84 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=52416 > smt_wct=10 > smb_vwv[ 0]= 2 (0x2) > smb_vwv[ 1]= 24 (0x18) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 2 (0x2) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 24 (0x18) > smb_vwv[ 7]= 60 (0x3C) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=29 >[2012/11/09 16:29:16.448548, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:16.448581, 3] smbd/process.c:1662(process_smb) > Transaction 70 of length 63 (0 toread) >[2012/11/09 16:29:16.448600, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.448611, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=59415 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=52480 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8219 (0x201B) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 4096 (0x1000) > smb_vwv[ 6]= 4096 (0x1000) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 4096 (0x1000) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:16.448795, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.448815, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.448840, 8] locking/posix.c:254(posix_fcntl_getlock) > posix_fcntl_getlock 37 0 4096 0 >[2012/11/09 16:29:16.448866, 8] lib/util.c:1474(fcntl_getlock) > fcntl_getlock fd=37 offset=0 count=4096 type=0 >[2012/11/09 16:29:16.448887, 3] lib/util.c:1498(fcntl_getlock) > fcntl_getlock: fd 37 is returned info 2 pid 0 >[2012/11/09 16:29:16.448906, 8] locking/posix.c:284(posix_fcntl_getlock) > posix_fcntl_getlock: Lock query call successful >[2012/11/09 16:29:16.448930, 3] smbd/reply.c:3702(send_file_readX) > send_file_readX fnum=8219 max=4096 nread=4096 >[2012/11/09 16:29:16.450635, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:16.450685, 3] smbd/process.c:1662(process_smb) > Transaction 71 of length 63 (0 toread) >[2012/11/09 16:29:16.450719, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.450738, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=59415 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=52544 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8219 (0x201B) > smb_vwv[ 3]=35328 (0x8A00) > smb_vwv[ 4]= 9 (0x9) > smb_vwv[ 5]= 5120 (0x1400) > smb_vwv[ 6]= 5120 (0x1400) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 5120 (0x1400) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:16.451040, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.451064, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.451089, 8] locking/posix.c:254(posix_fcntl_getlock) > posix_fcntl_getlock 37 625152 5120 0 >[2012/11/09 16:29:16.451113, 8] lib/util.c:1474(fcntl_getlock) > fcntl_getlock fd=37 offset=625152 count=5120 type=0 >[2012/11/09 16:29:16.451153, 3] lib/util.c:1498(fcntl_getlock) > fcntl_getlock: fd 37 is returned info 2 pid 0 >[2012/11/09 16:29:16.451175, 8] locking/posix.c:284(posix_fcntl_getlock) > posix_fcntl_getlock: Lock query call successful >[2012/11/09 16:29:16.451199, 3] smbd/reply.c:3702(send_file_readX) > send_file_readX fnum=8219 max=5120 nread=5120 >[2012/11/09 16:29:16.453368, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:16.453411, 3] smbd/process.c:1662(process_smb) > Transaction 72 of length 63 (0 toread) >[2012/11/09 16:29:16.453440, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.453452, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=59415 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=52608 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8219 (0x201B) > smb_vwv[ 3]=34816 (0x8800) > smb_vwv[ 4]= 6 (0x6) > smb_vwv[ 5]=16384 (0x4000) > smb_vwv[ 6]=16384 (0x4000) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]=16384 (0x4000) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:16.453653, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.453683, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.453708, 8] locking/posix.c:254(posix_fcntl_getlock) > posix_fcntl_getlock 37 428032 16384 0 >[2012/11/09 16:29:16.453733, 8] lib/util.c:1474(fcntl_getlock) > fcntl_getlock fd=37 offset=428032 count=16384 type=0 >[2012/11/09 16:29:16.453754, 3] lib/util.c:1498(fcntl_getlock) > fcntl_getlock: fd 37 is returned info 2 pid 0 >[2012/11/09 16:29:16.453774, 8] locking/posix.c:284(posix_fcntl_getlock) > posix_fcntl_getlock: Lock query call successful >[2012/11/09 16:29:16.453801, 3] smbd/reply.c:3702(send_file_readX) > send_file_readX fnum=8219 max=16384 nread=16384 >[2012/11/09 16:29:16.457099, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x90 >[2012/11/09 16:29:16.457160, 3] smbd/process.c:1662(process_smb) > Transaction 73 of length 148 (0 toread) >[2012/11/09 16:29:16.457181, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.457192, 5] lib/util.c:342(show_msg) > size=144 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=52672 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]=14848 (0x3A00) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1280 (0x500) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]= 0 (0x0) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 0 (0x0) > smb_bcc=61 >[2012/11/09 16:29:16.457455, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.457499, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.457526, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/de-DE/pscript5.dll.mui" >[2012/11/09 16:29:16.457554, 5] smbd/filename.c:416(unix_convert) > unix_convert begin: name = x64/3/de-DE/pscript5.dll.mui, dirpath = x64/3, start = de-DE/pscript5.dll.mui >[2012/11/09 16:29:16.457600, 5] smbd/filename.c:675(unix_convert) > Intermediate not found de-DE >[2012/11/09 16:29:16.457624, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/nttrans.c(552) cmd=162 (SMBntcreateX) NT_STATUS_OBJECT_PATH_NOT_FOUND >[2012/11/09 16:29:16.457645, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.457655, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0xa2 > smb_rcls=58 > smb_reh=0 > smb_err=49152 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=52672 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.459303, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x8a >[2012/11/09 16:29:16.459346, 3] smbd/process.c:1662(process_smb) > Transaction 74 of length 142 (0 toread) >[2012/11/09 16:29:16.459366, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.459377, 5] lib/util.c:342(show_msg) > size=138 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=52736 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]=13312 (0x3400) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1280 (0x500) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]= 0 (0x0) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 0 (0x0) > smb_bcc=55 >[2012/11/09 16:29:16.459639, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.459659, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.459681, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/de/pscript5.dll.mui" >[2012/11/09 16:29:16.459705, 5] smbd/filename.c:416(unix_convert) > unix_convert begin: name = x64/3/de/pscript5.dll.mui, dirpath = x64/3, start = de/pscript5.dll.mui >[2012/11/09 16:29:16.459742, 5] smbd/filename.c:675(unix_convert) > Intermediate not found de >[2012/11/09 16:29:16.459778, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/nttrans.c(552) cmd=162 (SMBntcreateX) NT_STATUS_OBJECT_PATH_NOT_FOUND >[2012/11/09 16:29:16.459800, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.459811, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0xa2 > smb_rcls=58 > smb_reh=0 > smb_err=49152 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=52736 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.461341, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x90 >[2012/11/09 16:29:16.461376, 3] smbd/process.c:1662(process_smb) > Transaction 75 of length 148 (0 toread) >[2012/11/09 16:29:16.461396, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.461407, 5] lib/util.c:342(show_msg) > size=144 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=52800 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]=14848 (0x3A00) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1280 (0x500) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]= 0 (0x0) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 0 (0x0) > smb_bcc=61 >[2012/11/09 16:29:16.461687, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.461724, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.461757, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/en-US/pscript5.dll.mui" >[2012/11/09 16:29:16.461782, 5] smbd/filename.c:416(unix_convert) > unix_convert begin: name = x64/3/en-US/pscript5.dll.mui, dirpath = x64/3, start = en-US/pscript5.dll.mui >[2012/11/09 16:29:16.461819, 5] smbd/filename.c:675(unix_convert) > Intermediate not found en-US >[2012/11/09 16:29:16.461843, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/nttrans.c(552) cmd=162 (SMBntcreateX) NT_STATUS_OBJECT_PATH_NOT_FOUND >[2012/11/09 16:29:16.461863, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.461873, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0xa2 > smb_rcls=58 > smb_reh=0 > smb_err=49152 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=52800 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.463371, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x8a >[2012/11/09 16:29:16.463417, 3] smbd/process.c:1662(process_smb) > Transaction 76 of length 142 (0 toread) >[2012/11/09 16:29:16.463439, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.463450, 5] lib/util.c:342(show_msg) > size=138 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=52864 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]=13312 (0x3400) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1280 (0x500) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]= 0 (0x0) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 0 (0x0) > smb_bcc=55 >[2012/11/09 16:29:16.463714, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.463734, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.463756, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/en/pscript5.dll.mui" >[2012/11/09 16:29:16.463781, 5] smbd/filename.c:416(unix_convert) > unix_convert begin: name = x64/3/en/pscript5.dll.mui, dirpath = x64/3, start = en/pscript5.dll.mui >[2012/11/09 16:29:16.463818, 5] smbd/filename.c:675(unix_convert) > Intermediate not found en >[2012/11/09 16:29:16.463842, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/nttrans.c(552) cmd=162 (SMBntcreateX) NT_STATUS_OBJECT_PATH_NOT_FOUND >[2012/11/09 16:29:16.463862, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.463872, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0xa2 > smb_rcls=58 > smb_reh=0 > smb_err=49152 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=52864 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.465945, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:16.466003, 3] smbd/process.c:1662(process_smb) > Transaction 77 of length 63 (0 toread) >[2012/11/09 16:29:16.466042, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.466064, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=59415 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=52928 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8219 (0x201B) > smb_vwv[ 3]=51200 (0xC800) > smb_vwv[ 4]= 6 (0x6) > smb_vwv[ 5]=16384 (0x4000) > smb_vwv[ 6]=16384 (0x4000) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]=16384 (0x4000) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:16.466392, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.466429, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.466473, 8] locking/posix.c:254(posix_fcntl_getlock) > posix_fcntl_getlock 37 444416 16384 0 >[2012/11/09 16:29:16.466518, 8] lib/util.c:1474(fcntl_getlock) > fcntl_getlock fd=37 offset=444416 count=16384 type=0 >[2012/11/09 16:29:16.466559, 3] lib/util.c:1498(fcntl_getlock) > fcntl_getlock: fd 37 is returned info 2 pid 0 >[2012/11/09 16:29:16.466598, 8] locking/posix.c:284(posix_fcntl_getlock) > posix_fcntl_getlock: Lock query call successful >[2012/11/09 16:29:16.466653, 3] smbd/reply.c:3702(send_file_readX) > send_file_readX fnum=8219 max=16384 nread=16384 >[2012/11/09 16:29:16.470740, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x76 >[2012/11/09 16:29:16.470802, 3] smbd/process.c:1662(process_smb) > Transaction 78 of length 122 (0 toread) >[2012/11/09 16:29:16.470823, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.470834, 5] lib/util.c:342(show_msg) > size=118 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=52992 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8192 (0x2000) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1280 (0x500) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]=16384 (0x4000) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 768 (0x300) > smb_bcc=35 >[2012/11/09 16:29:16.471114, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.471136, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.471162, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/ps5ui.dll" >[2012/11/09 16:29:16.471190, 3] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [x64/3/ps5ui.dll] [/var/lib/samba/drivers] >[2012/11/09 16:29:16.471220, 3] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: x64/3/ps5ui.dll reduced to /var/lib/samba/drivers/x64/3/ps5ui.dll >[2012/11/09 16:29:16.471244, 5] smbd/files.c:140(file_new) > allocated file structure 4124, fnum = 8220 (9 used) >[2012/11/09 16:29:16.471268, 3] smbd/dosmode.c:159(unix_mode) > unix_mode(x64/3/ps5ui.dll) returning 0664 >[2012/11/09 16:29:16.471288, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/ps5ui.dll >[2012/11/09 16:29:16.471307, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.471326, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.471363, 4] smbd/open.c:2065(open_file_ntcreate) > calling open_file with flags=0x0 flags2=0x0 mode=0664, access_mask = 0x20089, open_access_mask = 0x20089 >[2012/11/09 16:29:16.471394, 2] smbd/open.c:704(open_file) > BROSE+pfoerfr opened file x64/3/ps5ui.dll read=Yes write=No (numopen=7) >[2012/11/09 16:29:16.471415, 5] smbd/oplock.c:92(set_file_oplock) > set_file_oplock: granted oplock on file x64/3/ps5ui.dll, fd02:e12:0/2976701242, tv_sec = 509d214c, tv_usec = 730cb >[2012/11/09 16:29:16.471457, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/ps5ui.dll >[2012/11/09 16:29:16.471484, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.471523, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.471582, 5] smbd/nttrans.c:725(reply_ntcreate_and_X) > reply_ntcreate_and_X: fnum = 8220, open name = x64/3/ps5ui.dll >[2012/11/09 16:29:16.473028, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x48 >[2012/11/09 16:29:16.473077, 3] smbd/process.c:1662(process_smb) > Transaction 79 of length 76 (0 toread) >[2012/11/09 16:29:16.473097, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.473108, 5] lib/util.c:342(show_msg) > size=72 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=53056 > smt_wct=15 > smb_vwv[ 0]= 4 (0x4) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 2 (0x2) > smb_vwv[ 3]= 24 (0x18) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 4 (0x4) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 7 (0x7) > smb_bcc=7 >[2012/11/09 16:29:16.473306, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.473327, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.473349, 3] smbd/trans2.c:5026(call_trans2qfilepathinfo) > call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 1005 >[2012/11/09 16:29:16.473380, 3] smbd/trans2.c:5255(call_trans2qfilepathinfo) > call_trans2qfilepathinfo x64/3/ps5ui.dll (fnum = 8220) level=1005 call=7 total_data=0 >[2012/11/09 16:29:16.473423, 5] smbd/trans2.c:4223(smbd_do_qfilepathinfo) > smbd_do_qfilepathinfo: x64/3/ps5ui.dll (fnum = 8220) level=1005 max_data=24 >[2012/11/09 16:29:16.473452, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/ps5ui.dll >[2012/11/09 16:29:16.473473, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.473491, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.473515, 9] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 2, data_sent_thistime = 24, useable_space = 131010 >[2012/11/09 16:29:16.473548, 9] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 2, data_to_send = 24, paramsize = 2, datasize = 24 >[2012/11/09 16:29:16.473571, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.473588, 5] lib/util.c:342(show_msg) > size=84 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=53056 > smt_wct=10 > smb_vwv[ 0]= 2 (0x2) > smb_vwv[ 1]= 24 (0x18) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 2 (0x2) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 24 (0x18) > smb_vwv[ 7]= 60 (0x3C) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=29 >[2012/11/09 16:29:16.474891, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:16.474938, 3] smbd/process.c:1662(process_smb) > Transaction 80 of length 63 (0 toread) >[2012/11/09 16:29:16.474971, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.474990, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=59415 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=53120 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8220 (0x201C) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 4096 (0x1000) > smb_vwv[ 6]= 4096 (0x1000) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 4096 (0x1000) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:16.475256, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.475287, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.475325, 8] locking/posix.c:254(posix_fcntl_getlock) > posix_fcntl_getlock 38 0 4096 0 >[2012/11/09 16:29:16.475376, 8] lib/util.c:1474(fcntl_getlock) > fcntl_getlock fd=38 offset=0 count=4096 type=0 >[2012/11/09 16:29:16.475399, 3] lib/util.c:1498(fcntl_getlock) > fcntl_getlock: fd 38 is returned info 2 pid 0 >[2012/11/09 16:29:16.475418, 8] locking/posix.c:284(posix_fcntl_getlock) > posix_fcntl_getlock: Lock query call successful >[2012/11/09 16:29:16.475451, 3] smbd/reply.c:3702(send_file_readX) > send_file_readX fnum=8220 max=4096 nread=4096 >[2012/11/09 16:29:16.482135, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:16.482216, 3] smbd/process.c:1662(process_smb) > Transaction 81 of length 63 (0 toread) >[2012/11/09 16:29:16.482244, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.482257, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=59415 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=53184 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8214 (0x2016) > smb_vwv[ 3]=56832 (0xDE00) > smb_vwv[ 4]= 12 (0xC) > smb_vwv[ 5]= 4608 (0x1200) > smb_vwv[ 6]= 4608 (0x1200) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 4608 (0x1200) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:16.482437, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.482458, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.482485, 8] locking/posix.c:254(posix_fcntl_getlock) > posix_fcntl_getlock 33 843264 4608 0 >[2012/11/09 16:29:16.482511, 8] lib/util.c:1474(fcntl_getlock) > fcntl_getlock fd=33 offset=843264 count=4608 type=0 >[2012/11/09 16:29:16.482533, 3] lib/util.c:1498(fcntl_getlock) > fcntl_getlock: fd 33 is returned info 2 pid 0 >[2012/11/09 16:29:16.482552, 8] locking/posix.c:284(posix_fcntl_getlock) > posix_fcntl_getlock: Lock query call successful >[2012/11/09 16:29:16.482577, 3] smbd/reply.c:3702(send_file_readX) > send_file_readX fnum=8214 max=4608 nread=4608 >[2012/11/09 16:29:16.484727, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x29 >[2012/11/09 16:29:16.484787, 3] smbd/process.c:1662(process_smb) > Transaction 82 of length 45 (0 toread) >[2012/11/09 16:29:16.484826, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.484847, 5] lib/util.c:342(show_msg) > size=41 > smb_com=0x4 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=53248 > smt_wct=3 > smb_vwv[ 0]= 8220 (0x201C) > smb_vwv[ 1]=65535 (0xFFFF) > smb_vwv[ 2]=65535 (0xFFFF) > smb_bcc=0 >[2012/11/09 16:29:16.485054, 3] smbd/process.c:1467(switch_message) > switch message SMBclose (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.485094, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.485135, 3] smbd/reply.c:4848(reply_close) > close fd=38 fnum=8220 (numopen=7) >[2012/11/09 16:29:16.485173, 6] smbd/close.c:532(set_close_write_time) > close_write_time: Sun Feb 7 07:28:15 2106 >[2012/11/09 16:29:16.485263, 2] smbd/close.c:696(close_normal_file) > BROSE+pfoerfr closed file x64/3/ps5ui.dll (numopen=6) NT_STATUS_OK >[2012/11/09 16:29:16.485302, 5] smbd/files.c:482(file_free) > freed files structure 8220 (8 used) >[2012/11/09 16:29:16.485332, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.485350, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0x4 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=53248 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.486844, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:16.486882, 3] smbd/process.c:1662(process_smb) > Transaction 83 of length 63 (0 toread) >[2012/11/09 16:29:16.486902, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.486913, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=59415 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=53312 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8214 (0x2016) > smb_vwv[ 3]=35840 (0x8C00) > smb_vwv[ 4]= 8 (0x8) > smb_vwv[ 5]=16384 (0x4000) > smb_vwv[ 6]=16384 (0x4000) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]=16384 (0x4000) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:16.487121, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.487146, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.487190, 8] locking/posix.c:254(posix_fcntl_getlock) > posix_fcntl_getlock 33 560128 16384 0 >[2012/11/09 16:29:16.487231, 8] lib/util.c:1474(fcntl_getlock) > fcntl_getlock fd=33 offset=560128 count=16384 type=0 >[2012/11/09 16:29:16.487263, 3] lib/util.c:1498(fcntl_getlock) > fcntl_getlock: fd 33 is returned info 2 pid 0 >[2012/11/09 16:29:16.487290, 8] locking/posix.c:284(posix_fcntl_getlock) > posix_fcntl_getlock: Lock query call successful >[2012/11/09 16:29:16.487331, 3] smbd/reply.c:3702(send_file_readX) > send_file_readX fnum=8214 max=16384 nread=16384 >[2012/11/09 16:29:16.490902, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x8a >[2012/11/09 16:29:16.490979, 3] smbd/process.c:1662(process_smb) > Transaction 84 of length 142 (0 toread) >[2012/11/09 16:29:16.491008, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.491024, 5] lib/util.c:342(show_msg) > size=138 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=53376 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]=13312 (0x3400) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1280 (0x500) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]= 0 (0x0) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 0 (0x0) > smb_bcc=55 >[2012/11/09 16:29:16.491389, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.491417, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.491452, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/de-DE/ps5ui.dll.mui" >[2012/11/09 16:29:16.491488, 5] smbd/filename.c:416(unix_convert) > unix_convert begin: name = x64/3/de-DE/ps5ui.dll.mui, dirpath = x64/3, start = de-DE/ps5ui.dll.mui >[2012/11/09 16:29:16.491545, 5] smbd/filename.c:675(unix_convert) > Intermediate not found de-DE >[2012/11/09 16:29:16.491582, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/nttrans.c(552) cmd=162 (SMBntcreateX) NT_STATUS_OBJECT_PATH_NOT_FOUND >[2012/11/09 16:29:16.491613, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.491632, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0xa2 > smb_rcls=58 > smb_reh=0 > smb_err=49152 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=53376 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.493195, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x84 >[2012/11/09 16:29:16.493250, 3] smbd/process.c:1662(process_smb) > Transaction 85 of length 136 (0 toread) >[2012/11/09 16:29:16.493285, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.493306, 5] lib/util.c:342(show_msg) > size=132 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=53440 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]=11776 (0x2E00) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1280 (0x500) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]= 0 (0x0) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 0 (0x0) > smb_bcc=49 >[2012/11/09 16:29:16.493761, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.493799, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.493834, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/de/ps5ui.dll.mui" >[2012/11/09 16:29:16.493880, 5] smbd/filename.c:416(unix_convert) > unix_convert begin: name = x64/3/de/ps5ui.dll.mui, dirpath = x64/3, start = de/ps5ui.dll.mui >[2012/11/09 16:29:16.493941, 5] smbd/filename.c:675(unix_convert) > Intermediate not found de >[2012/11/09 16:29:16.493969, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/nttrans.c(552) cmd=162 (SMBntcreateX) NT_STATUS_OBJECT_PATH_NOT_FOUND >[2012/11/09 16:29:16.493993, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.494015, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0xa2 > smb_rcls=58 > smb_reh=0 > smb_err=49152 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=53440 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.495506, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x8a >[2012/11/09 16:29:16.495559, 3] smbd/process.c:1662(process_smb) > Transaction 86 of length 142 (0 toread) >[2012/11/09 16:29:16.495597, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.495631, 5] lib/util.c:342(show_msg) > size=138 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=53504 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]=13312 (0x3400) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1280 (0x500) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]= 0 (0x0) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 0 (0x0) > smb_bcc=55 >[2012/11/09 16:29:16.496081, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.496117, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.496153, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/en-US/ps5ui.dll.mui" >[2012/11/09 16:29:16.496197, 5] smbd/filename.c:416(unix_convert) > unix_convert begin: name = x64/3/en-US/ps5ui.dll.mui, dirpath = x64/3, start = en-US/ps5ui.dll.mui >[2012/11/09 16:29:16.496257, 5] smbd/filename.c:675(unix_convert) > Intermediate not found en-US >[2012/11/09 16:29:16.496299, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/nttrans.c(552) cmd=162 (SMBntcreateX) NT_STATUS_OBJECT_PATH_NOT_FOUND >[2012/11/09 16:29:16.496337, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.496357, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0xa2 > smb_rcls=58 > smb_reh=0 > smb_err=49152 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=53504 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.497946, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x84 >[2012/11/09 16:29:16.497998, 3] smbd/process.c:1662(process_smb) > Transaction 87 of length 136 (0 toread) >[2012/11/09 16:29:16.498037, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.498079, 5] lib/util.c:342(show_msg) > size=132 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=53568 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]=11776 (0x2E00) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1280 (0x500) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]= 0 (0x0) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 0 (0x0) > smb_bcc=49 >[2012/11/09 16:29:16.498526, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.498563, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.498605, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/en/ps5ui.dll.mui" >[2012/11/09 16:29:16.498662, 5] smbd/filename.c:416(unix_convert) > unix_convert begin: name = x64/3/en/ps5ui.dll.mui, dirpath = x64/3, start = en/ps5ui.dll.mui >[2012/11/09 16:29:16.498726, 5] smbd/filename.c:675(unix_convert) > Intermediate not found en >[2012/11/09 16:29:16.498764, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/nttrans.c(552) cmd=162 (SMBntcreateX) NT_STATUS_OBJECT_PATH_NOT_FOUND >[2012/11/09 16:29:16.498799, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.498819, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0xa2 > smb_rcls=58 > smb_reh=0 > smb_err=49152 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=53568 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.500705, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:16.500761, 3] smbd/process.c:1662(process_smb) > Transaction 88 of length 63 (0 toread) >[2012/11/09 16:29:16.500795, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.500817, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=59415 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=53632 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8214 (0x2016) > smb_vwv[ 3]=35840 (0x8C00) > smb_vwv[ 4]= 12 (0xC) > smb_vwv[ 5]=16384 (0x4000) > smb_vwv[ 6]=16384 (0x4000) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]=16384 (0x4000) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:16.501122, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.501159, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.501199, 8] locking/posix.c:254(posix_fcntl_getlock) > posix_fcntl_getlock 33 822272 16384 0 >[2012/11/09 16:29:16.501246, 8] lib/util.c:1474(fcntl_getlock) > fcntl_getlock fd=33 offset=822272 count=16384 type=0 >[2012/11/09 16:29:16.501291, 3] lib/util.c:1498(fcntl_getlock) > fcntl_getlock: fd 33 is returned info 2 pid 0 >[2012/11/09 16:29:16.501328, 8] locking/posix.c:284(posix_fcntl_getlock) > posix_fcntl_getlock: Lock query call successful >[2012/11/09 16:29:16.501381, 3] smbd/reply.c:3702(send_file_readX) > send_file_readX fnum=8214 max=16384 nread=16384 >[2012/11/09 16:29:16.505702, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x76 >[2012/11/09 16:29:16.505790, 3] smbd/process.c:1662(process_smb) > Transaction 89 of length 122 (0 toread) >[2012/11/09 16:29:16.505830, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.505851, 5] lib/util.c:342(show_msg) > size=118 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=53696 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8192 (0x2000) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1280 (0x500) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]=16384 (0x4000) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 768 (0x300) > smb_bcc=35 >[2012/11/09 16:29:16.506328, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.506364, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.506407, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/ps5ui.dll" >[2012/11/09 16:29:16.506458, 3] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [x64/3/ps5ui.dll] [/var/lib/samba/drivers] >[2012/11/09 16:29:16.506514, 3] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: x64/3/ps5ui.dll reduced to /var/lib/samba/drivers/x64/3/ps5ui.dll >[2012/11/09 16:29:16.506555, 5] smbd/files.c:140(file_new) > allocated file structure 4125, fnum = 8221 (9 used) >[2012/11/09 16:29:16.506596, 3] smbd/dosmode.c:159(unix_mode) > unix_mode(x64/3/ps5ui.dll) returning 0664 >[2012/11/09 16:29:16.506633, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/ps5ui.dll >[2012/11/09 16:29:16.506667, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.506700, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.506760, 4] smbd/open.c:2065(open_file_ntcreate) > calling open_file with flags=0x0 flags2=0x0 mode=0664, access_mask = 0x20089, open_access_mask = 0x20089 >[2012/11/09 16:29:16.506814, 2] smbd/open.c:704(open_file) > BROSE+pfoerfr opened file x64/3/ps5ui.dll read=Yes write=No (numopen=7) >[2012/11/09 16:29:16.506853, 5] smbd/oplock.c:92(set_file_oplock) > set_file_oplock: granted oplock on file x64/3/ps5ui.dll, fd02:e12:0/2976701243, tv_sec = 509d214c, tv_usec = 7baba >[2012/11/09 16:29:16.506904, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/ps5ui.dll >[2012/11/09 16:29:16.506940, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.506973, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.507059, 5] smbd/nttrans.c:725(reply_ntcreate_and_X) > reply_ntcreate_and_X: fnum = 8221, open name = x64/3/ps5ui.dll >[2012/11/09 16:29:16.508510, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x48 >[2012/11/09 16:29:16.508561, 3] smbd/process.c:1662(process_smb) > Transaction 90 of length 76 (0 toread) >[2012/11/09 16:29:16.508596, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.508616, 5] lib/util.c:342(show_msg) > size=72 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=53760 > smt_wct=15 > smb_vwv[ 0]= 4 (0x4) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 2 (0x2) > smb_vwv[ 3]= 24 (0x18) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 4 (0x4) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 7 (0x7) > smb_bcc=7 >[2012/11/09 16:29:16.508952, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.508988, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.509023, 3] smbd/trans2.c:5026(call_trans2qfilepathinfo) > call_trans2qfilepathinfo: TRANSACT2_QFILEINFO: level = 1005 >[2012/11/09 16:29:16.509070, 3] smbd/trans2.c:5255(call_trans2qfilepathinfo) > call_trans2qfilepathinfo x64/3/ps5ui.dll (fnum = 8221) level=1005 call=7 total_data=0 >[2012/11/09 16:29:16.509135, 5] smbd/trans2.c:4223(smbd_do_qfilepathinfo) > smbd_do_qfilepathinfo: x64/3/ps5ui.dll (fnum = 8221) level=1005 max_data=24 >[2012/11/09 16:29:16.509176, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/ps5ui.dll >[2012/11/09 16:29:16.509211, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.509244, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.509282, 9] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 2, data_sent_thistime = 24, useable_space = 131010 >[2012/11/09 16:29:16.509316, 9] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 2, data_to_send = 24, paramsize = 2, datasize = 24 >[2012/11/09 16:29:16.509349, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.509367, 5] lib/util.c:342(show_msg) > size=84 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=53760 > smt_wct=10 > smb_vwv[ 0]= 2 (0x2) > smb_vwv[ 1]= 24 (0x18) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 2 (0x2) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 24 (0x18) > smb_vwv[ 7]= 60 (0x3C) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=29 >[2012/11/09 16:29:16.510648, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:16.510693, 3] smbd/process.c:1662(process_smb) > Transaction 91 of length 63 (0 toread) >[2012/11/09 16:29:16.510713, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.510724, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=59415 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=53824 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8221 (0x201D) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 4096 (0x1000) > smb_vwv[ 6]= 4096 (0x1000) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 4096 (0x1000) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:16.510933, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.510959, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.510985, 8] locking/posix.c:254(posix_fcntl_getlock) > posix_fcntl_getlock 38 0 4096 0 >[2012/11/09 16:29:16.511010, 8] lib/util.c:1474(fcntl_getlock) > fcntl_getlock fd=38 offset=0 count=4096 type=0 >[2012/11/09 16:29:16.511031, 3] lib/util.c:1498(fcntl_getlock) > fcntl_getlock: fd 38 is returned info 2 pid 0 >[2012/11/09 16:29:16.511050, 8] locking/posix.c:284(posix_fcntl_getlock) > posix_fcntl_getlock: Lock query call successful >[2012/11/09 16:29:16.511073, 3] smbd/reply.c:3702(send_file_readX) > send_file_readX fnum=8221 max=4096 nread=4096 >[2012/11/09 16:29:16.512647, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:16.512703, 3] smbd/process.c:1662(process_smb) > Transaction 92 of length 63 (0 toread) >[2012/11/09 16:29:16.512737, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.512758, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=59415 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=53888 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8221 (0x201D) > smb_vwv[ 3]=56832 (0xDE00) > smb_vwv[ 4]= 12 (0xC) > smb_vwv[ 5]= 4608 (0x1200) > smb_vwv[ 6]= 4608 (0x1200) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 4608 (0x1200) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:16.513044, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.513079, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.513114, 8] locking/posix.c:254(posix_fcntl_getlock) > posix_fcntl_getlock 38 843264 4608 0 >[2012/11/09 16:29:16.513180, 8] lib/util.c:1474(fcntl_getlock) > fcntl_getlock fd=38 offset=843264 count=4608 type=0 >[2012/11/09 16:29:16.513220, 3] lib/util.c:1498(fcntl_getlock) > fcntl_getlock: fd 38 is returned info 2 pid 0 >[2012/11/09 16:29:16.513296, 8] locking/posix.c:284(posix_fcntl_getlock) > posix_fcntl_getlock: Lock query call successful >[2012/11/09 16:29:16.513334, 3] smbd/reply.c:3702(send_file_readX) > send_file_readX fnum=8221 max=4608 nread=4608 >[2012/11/09 16:29:16.515539, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:16.515582, 3] smbd/process.c:1662(process_smb) > Transaction 93 of length 63 (0 toread) >[2012/11/09 16:29:16.515611, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.515663, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=59415 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=53952 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8221 (0x201D) > smb_vwv[ 3]=35840 (0x8C00) > smb_vwv[ 4]= 8 (0x8) > smb_vwv[ 5]=16384 (0x4000) > smb_vwv[ 6]=16384 (0x4000) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]=16384 (0x4000) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:16.515878, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.515912, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.515952, 8] locking/posix.c:254(posix_fcntl_getlock) > posix_fcntl_getlock 38 560128 16384 0 >[2012/11/09 16:29:16.515991, 8] lib/util.c:1474(fcntl_getlock) > fcntl_getlock fd=38 offset=560128 count=16384 type=0 >[2012/11/09 16:29:16.516034, 3] lib/util.c:1498(fcntl_getlock) > fcntl_getlock: fd 38 is returned info 2 pid 0 >[2012/11/09 16:29:16.516074, 8] locking/posix.c:284(posix_fcntl_getlock) > posix_fcntl_getlock: Lock query call successful >[2012/11/09 16:29:16.516120, 3] smbd/reply.c:3702(send_file_readX) > send_file_readX fnum=8221 max=16384 nread=16384 >[2012/11/09 16:29:16.519462, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x8a >[2012/11/09 16:29:16.519525, 3] smbd/process.c:1662(process_smb) > Transaction 94 of length 142 (0 toread) >[2012/11/09 16:29:16.519547, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.519559, 5] lib/util.c:342(show_msg) > size=138 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=54016 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]=13312 (0x3400) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1280 (0x500) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]= 0 (0x0) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 0 (0x0) > smb_bcc=55 >[2012/11/09 16:29:16.519836, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.519858, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.519886, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/de-DE/ps5ui.dll.mui" >[2012/11/09 16:29:16.519915, 5] smbd/filename.c:416(unix_convert) > unix_convert begin: name = x64/3/de-DE/ps5ui.dll.mui, dirpath = x64/3, start = de-DE/ps5ui.dll.mui >[2012/11/09 16:29:16.519967, 5] smbd/filename.c:675(unix_convert) > Intermediate not found de-DE >[2012/11/09 16:29:16.519992, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/nttrans.c(552) cmd=162 (SMBntcreateX) NT_STATUS_OBJECT_PATH_NOT_FOUND >[2012/11/09 16:29:16.520014, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.520045, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0xa2 > smb_rcls=58 > smb_reh=0 > smb_err=49152 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=54016 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.523137, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x84 >[2012/11/09 16:29:16.523208, 3] smbd/process.c:1662(process_smb) > Transaction 95 of length 136 (0 toread) >[2012/11/09 16:29:16.523233, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.523244, 5] lib/util.c:342(show_msg) > size=132 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=54080 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]=11776 (0x2E00) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1280 (0x500) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]= 0 (0x0) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 0 (0x0) > smb_bcc=49 >[2012/11/09 16:29:16.523552, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.523575, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.523598, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/de/ps5ui.dll.mui" >[2012/11/09 16:29:16.523624, 5] smbd/filename.c:416(unix_convert) > unix_convert begin: name = x64/3/de/ps5ui.dll.mui, dirpath = x64/3, start = de/ps5ui.dll.mui >[2012/11/09 16:29:16.523666, 5] smbd/filename.c:675(unix_convert) > Intermediate not found de >[2012/11/09 16:29:16.523690, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/nttrans.c(552) cmd=162 (SMBntcreateX) NT_STATUS_OBJECT_PATH_NOT_FOUND >[2012/11/09 16:29:16.523710, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.523721, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0xa2 > smb_rcls=58 > smb_reh=0 > smb_err=49152 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=54080 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.525324, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x8a >[2012/11/09 16:29:16.525372, 3] smbd/process.c:1662(process_smb) > Transaction 96 of length 142 (0 toread) >[2012/11/09 16:29:16.525401, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.525417, 5] lib/util.c:342(show_msg) > size=138 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=54144 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]=13312 (0x3400) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1280 (0x500) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]= 0 (0x0) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 0 (0x0) > smb_bcc=55 >[2012/11/09 16:29:16.525809, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.525839, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.525871, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/en-US/ps5ui.dll.mui" >[2012/11/09 16:29:16.525906, 5] smbd/filename.c:416(unix_convert) > unix_convert begin: name = x64/3/en-US/ps5ui.dll.mui, dirpath = x64/3, start = en-US/ps5ui.dll.mui >[2012/11/09 16:29:16.525977, 5] smbd/filename.c:675(unix_convert) > Intermediate not found en-US >[2012/11/09 16:29:16.526011, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/nttrans.c(552) cmd=162 (SMBntcreateX) NT_STATUS_OBJECT_PATH_NOT_FOUND >[2012/11/09 16:29:16.526041, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.526058, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0xa2 > smb_rcls=58 > smb_reh=0 > smb_err=49152 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=54144 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.527482, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x84 >[2012/11/09 16:29:16.527530, 3] smbd/process.c:1662(process_smb) > Transaction 97 of length 136 (0 toread) >[2012/11/09 16:29:16.527562, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.527578, 5] lib/util.c:342(show_msg) > size=132 > smb_com=0xa2 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=54208 > smt_wct=24 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]=11776 (0x2E00) > smb_vwv[ 3]= 5632 (0x1600) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]=35072 (0x8900) > smb_vwv[ 8]= 512 (0x200) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_vwv[14]= 0 (0x0) > smb_vwv[15]= 1280 (0x500) > smb_vwv[16]= 0 (0x0) > smb_vwv[17]= 256 (0x100) > smb_vwv[18]= 0 (0x0) > smb_vwv[19]= 0 (0x0) > smb_vwv[20]= 0 (0x0) > smb_vwv[21]= 512 (0x200) > smb_vwv[22]= 0 (0x0) > smb_vwv[23]= 0 (0x0) > smb_bcc=49 >[2012/11/09 16:29:16.527971, 3] smbd/process.c:1467(switch_message) > switch message SMBntcreateX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.528007, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.528047, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/en/ps5ui.dll.mui" >[2012/11/09 16:29:16.528089, 5] smbd/filename.c:416(unix_convert) > unix_convert begin: name = x64/3/en/ps5ui.dll.mui, dirpath = x64/3, start = en/ps5ui.dll.mui >[2012/11/09 16:29:16.528149, 5] smbd/filename.c:675(unix_convert) > Intermediate not found en >[2012/11/09 16:29:16.528186, 3] smbd/error.c:81(error_packet_set) > error packet at smbd/nttrans.c(552) cmd=162 (SMBntcreateX) NT_STATUS_OBJECT_PATH_NOT_FOUND >[2012/11/09 16:29:16.528221, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.528243, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0xa2 > smb_rcls=58 > smb_reh=0 > smb_err=49152 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=54208 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.530134, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x3b >[2012/11/09 16:29:16.530182, 3] smbd/process.c:1662(process_smb) > Transaction 98 of length 63 (0 toread) >[2012/11/09 16:29:16.530218, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.530239, 5] lib/util.c:342(show_msg) > size=59 > smb_com=0x2e > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=59415 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=54272 > smt_wct=12 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8221 (0x201D) > smb_vwv[ 3]=35840 (0x8C00) > smb_vwv[ 4]= 12 (0xC) > smb_vwv[ 5]=16384 (0x4000) > smb_vwv[ 6]=16384 (0x4000) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]=16384 (0x4000) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]= 0 (0x0) > smb_bcc=0 >[2012/11/09 16:29:16.530553, 3] smbd/process.c:1467(switch_message) > switch message SMBreadX (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.530592, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.530645, 8] locking/posix.c:254(posix_fcntl_getlock) > posix_fcntl_getlock 38 822272 16384 0 >[2012/11/09 16:29:16.530690, 8] lib/util.c:1474(fcntl_getlock) > fcntl_getlock fd=38 offset=822272 count=16384 type=0 >[2012/11/09 16:29:16.530773, 3] lib/util.c:1498(fcntl_getlock) > fcntl_getlock: fd 38 is returned info 2 pid 0 >[2012/11/09 16:29:16.530813, 8] locking/posix.c:284(posix_fcntl_getlock) > posix_fcntl_getlock: Lock query call successful >[2012/11/09 16:29:16.530862, 3] smbd/reply.c:3702(send_file_readX) > send_file_readX fnum=8221 max=16384 nread=16384 >[2012/11/09 16:29:16.535101, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x78 >[2012/11/09 16:29:16.535157, 3] smbd/process.c:1662(process_smb) > Transaction 99 of length 124 (0 toread) >[2012/11/09 16:29:16.535177, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.535189, 5] lib/util.c:342(show_msg) > size=120 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=54336 > smt_wct=15 > smb_vwv[ 0]= 52 (0x34) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 10 (0xA) > smb_vwv[ 3]=16384 (0x4000) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 52 (0x34) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 1 (0x1) > smb_bcc=55 >[2012/11/09 16:29:16.535389, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.535409, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.535435, 3] smbd/trans2.c:2286(call_trans2findfirst) > call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=1, close_if_end = 1 requires_resume_key = 1 level = 0x104, max_data_bytes = 16384 >[2012/11/09 16:29:16.535461, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/pscript5.dll" >[2012/11/09 16:29:16.535508, 3] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [x64/3/pscript5.dll] [/var/lib/samba/drivers] >[2012/11/09 16:29:16.535559, 3] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: x64/3/pscript5.dll reduced to /var/lib/samba/drivers/x64/3/pscript5.dll >[2012/11/09 16:29:16.535590, 5] smbd/trans2.c:2371(call_trans2findfirst) > dir=x64/3, mask = pscript5.dll >[2012/11/09 16:29:16.535643, 5] smbd/dir.c:439(dptr_create) > dptr_create dir=x64/3 >[2012/11/09 16:29:16.535683, 3] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [x64/3] [/var/lib/samba/drivers] >[2012/11/09 16:29:16.535727, 3] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: x64/3 reduced to /var/lib/samba/drivers/x64/3 >[2012/11/09 16:29:16.535775, 3] smbd/dir.c:578(dptr_create) > creating new dirptr 256 for path x64/3, expect_close = 1 >[2012/11/09 16:29:16.535810, 4] smbd/trans2.c:2439(call_trans2findfirst) > dptr_num is 256, wcard = pscript5.dll, attr = 22 >[2012/11/09 16:29:16.535840, 8] smbd/trans2.c:2448(call_trans2findfirst) > dirpath=<x64/3> dontdescend=<> >[2012/11/09 16:29:16.535879, 6] smbd/dir.c:969(smbd_dirptr_get_entry) > smbd_dirptr_get_entry: dirptr 0x7fa2eaca7500 now at offset -1 >[2012/11/09 16:29:16.535921, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/pscript5.dll >[2012/11/09 16:29:16.535960, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.535992, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.536041, 3] smbd/dir.c:1041(smbd_dirptr_get_entry) > smbd_dirptr_get_entry mask=[pscript5.dll] found x64/3/pscript5.dll fname=pscript5.dll (pscript5.dll) >[2012/11/09 16:29:16.536088, 5] smbd/trans2.c:2505(call_trans2findfirst) > call_trans2findfirst - (2) closing dptr_num 256 >[2012/11/09 16:29:16.536125, 4] smbd/dir.c:257(dptr_close_internal) > closing dptr key 256 >[2012/11/09 16:29:16.536167, 9] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 10, data_sent_thistime = 120, useable_space = 131010 >[2012/11/09 16:29:16.536202, 9] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 10, data_to_send = 120, paramsize = 10, datasize = 120 >[2012/11/09 16:29:16.536240, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.536284, 5] lib/util.c:342(show_msg) > size=188 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=54336 > smt_wct=10 > smb_vwv[ 0]= 10 (0xA) > smb_vwv[ 1]= 120 (0x78) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 10 (0xA) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 120 (0x78) > smb_vwv[ 7]= 68 (0x44) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=133 >[2012/11/09 16:29:16.536647, 4] smbd/trans2.c:2549(call_trans2findfirst) > SMBtrans2 mask=pscript5.dll directory=x64/3 dirtype=22 numentries=1 >[2012/11/09 16:29:16.536684, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:16.536707, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:16.536726, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:16.536762, 5] smbd/uid.c:400(change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) >[2012/11/09 16:29:16.539486, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x72 >[2012/11/09 16:29:16.539543, 3] smbd/process.c:1662(process_smb) > Transaction 100 of length 118 (0 toread) >[2012/11/09 16:29:16.539577, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.539598, 5] lib/util.c:342(show_msg) > size=114 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=54400 > smt_wct=15 > smb_vwv[ 0]= 46 (0x2E) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 10 (0xA) > smb_vwv[ 3]=16384 (0x4000) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 46 (0x2E) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 1 (0x1) > smb_bcc=49 >[2012/11/09 16:29:16.539937, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.539975, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (10000, 71) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:16.540011, 5] ../libcli/security/security_token.c:63(security_token_debug) > Security token SIDs (811): > SID[ 0]: S-1-5-21-160562036-3150058255-2134394716-19743 > SID[ 1]: S-1-22-2-71 > SID[ 2]: S-1-5-21-160562036-3150058255-2134394716-334230 > SID[ 3]: S-1-5-21-160562036-3150058255-2134394716-23353 > SID[ 4]: S-1-5-21-160562036-3150058255-2134394716-304793 > SID[ 5]: S-1-5-21-160562036-3150058255-2134394716-269408 > SID[ 6]: S-1-5-21-160562036-3150058255-2134394716-50420 > SID[ 7]: S-1-5-21-160562036-3150058255-2134394716-113634 > SID[ 8]: S-1-5-21-160562036-3150058255-2134394716-113662 > SID[ 9]: S-1-5-21-160562036-3150058255-2134394716-260755 > SID[ 10]: S-1-5-21-160562036-3150058255-2134394716-288770 > SID[ 11]: S-1-5-21-160562036-3150058255-2134394716-67892 > SID[ 12]: S-1-5-21-160562036-3150058255-2134394716-20800 > SID[ 13]: S-1-5-21-160562036-3150058255-2134394716-269744 > SID[ 14]: S-1-5-21-160562036-3150058255-2134394716-63803 > SID[ 15]: S-1-5-21-160562036-3150058255-2134394716-360934 > SID[ 16]: S-1-5-21-160562036-3150058255-2134394716-421750 > SID[ 17]: S-1-5-21-160562036-3150058255-2134394716-294313 > SID[ 18]: S-1-5-21-160562036-3150058255-2134394716-109619 > SID[ 19]: S-1-5-21-160562036-3150058255-2134394716-13623 > SID[ 20]: S-1-5-21-160562036-3150058255-2134394716-113660 > SID[ 21]: S-1-5-21-160562036-3150058255-2134394716-13846 > SID[ 22]: S-1-5-21-160562036-3150058255-2134394716-351693 > SID[ 23]: S-1-5-21-160562036-3150058255-2134394716-56178 > SID[ 24]: S-1-5-21-160562036-3150058255-2134394716-268914 > SID[ 25]: S-1-5-21-160562036-3150058255-2134394716-276389 > SID[ 26]: S-1-5-21-160562036-3150058255-2134394716-294265 > SID[ 27]: S-1-5-21-160562036-3150058255-2134394716-289050 > SID[ 28]: S-1-5-21-160562036-3150058255-2134394716-284074 > SID[ 29]: S-1-5-21-160562036-3150058255-2134394716-353623 > SID[ 30]: S-1-5-21-160562036-3150058255-2134394716-60632 > SID[ 31]: S-1-5-21-160562036-3150058255-2134394716-299617 > SID[ 32]: S-1-5-21-160562036-3150058255-2134394716-269875 > SID[ 33]: S-1-5-21-160562036-3150058255-2134394716-260777 > SID[ 34]: S-1-5-21-160562036-3150058255-2134394716-72011 > SID[ 35]: S-1-5-21-160562036-3150058255-2134394716-56174 > SID[ 36]: S-1-5-21-160562036-3150058255-2134394716-294145 > SID[ 37]: S-1-5-21-160562036-3150058255-2134394716-46643 > SID[ 38]: S-1-5-21-160562036-3150058255-2134394716-110684 > SID[ 39]: S-1-5-21-160562036-3150058255-2134394716-69476 > SID[ 40]: S-1-5-21-160562036-3150058255-2134394716-354438 > SID[ 41]: S-1-5-21-160562036-3150058255-2134394716-288215 > SID[ 42]: S-1-5-21-160562036-3150058255-2134394716-418124 > SID[ 43]: S-1-5-21-160562036-3150058255-2134394716-32947 > SID[ 44]: S-1-5-21-160562036-3150058255-2134394716-373447 > SID[ 45]: S-1-5-21-160562036-3150058255-2134394716-21119 > SID[ 46]: S-1-5-21-160562036-3150058255-2134394716-254283 > SID[ 47]: S-1-5-21-160562036-3150058255-2134394716-21918 > SID[ 48]: S-1-5-21-160562036-3150058255-2134394716-268915 > SID[ 49]: S-1-5-21-160562036-3150058255-2134394716-267093 > SID[ 50]: S-1-5-21-160562036-3150058255-2134394716-340888 > SID[ 51]: S-1-5-21-160562036-3150058255-2134394716-294363 > SID[ 52]: S-1-5-21-160562036-3150058255-2134394716-414620 > SID[ 53]: S-1-5-21-160562036-3150058255-2134394716-260959 > SID[ 54]: S-1-5-21-160562036-3150058255-2134394716-56176 > SID[ 55]: S-1-5-21-160562036-3150058255-2134394716-373472 > SID[ 56]: S-1-5-21-160562036-3150058255-2134394716-294492 > SID[ 57]: S-1-5-21-160562036-3150058255-2134394716-373554 > SID[ 58]: S-1-5-21-160562036-3150058255-2134394716-104382 > SID[ 59]: S-1-5-21-160562036-3150058255-2134394716-294361 > SID[ 60]: S-1-5-21-160562036-3150058255-2134394716-245149 > SID[ 61]: S-1-5-21-160562036-3150058255-2134394716-32807 > SID[ 62]: S-1-5-21-160562036-3150058255-2134394716-63805 > SID[ 63]: S-1-5-21-160562036-3150058255-2134394716-290135 > SID[ 64]: S-1-5-21-160562036-3150058255-2134394716-248439 > SID[ 65]: S-1-5-21-160562036-3150058255-2134394716-58745 > SID[ 66]: S-1-5-21-160562036-3150058255-2134394716-288316 > SID[ 67]: S-1-5-21-160562036-3150058255-2134394716-373441 > SID[ 68]: S-1-5-21-160562036-3150058255-2134394716-268916 > SID[ 69]: S-1-5-21-160562036-3150058255-2134394716-17597 > SID[ 70]: S-1-5-21-160562036-3150058255-2134394716-113654 > SID[ 71]: S-1-5-21-160562036-3150058255-2134394716-304050 > SID[ 72]: S-1-5-21-160562036-3150058255-2134394716-112626 > SID[ 73]: S-1-5-21-160562036-3150058255-2134394716-360946 > SID[ 74]: S-1-5-21-160562036-3150058255-2134394716-1116 > SID[ 75]: S-1-5-21-160562036-3150058255-2134394716-294490 > SID[ 76]: S-1-5-21-160562036-3150058255-2134394716-373442 > SID[ 77]: S-1-5-21-160562036-3150058255-2134394716-402137 > SID[ 78]: S-1-5-21-160562036-3150058255-2134394716-373470 > SID[ 79]: S-1-5-21-160562036-3150058255-2134394716-284963 > SID[ 80]: S-1-5-21-160562036-3150058255-2134394716-21963 > SID[ 81]: S-1-5-21-160562036-3150058255-2134394716-373556 > SID[ 82]: S-1-5-21-160562036-3150058255-2134394716-351504 > SID[ 83]: S-1-5-21-160562036-3150058255-2134394716-360382 > SID[ 84]: S-1-5-21-160562036-3150058255-2134394716-266966 > SID[ 85]: S-1-5-21-160562036-3150058255-2134394716-63797 > SID[ 86]: S-1-5-21-160562036-3150058255-2134394716-31306 > SID[ 87]: S-1-5-21-160562036-3150058255-2134394716-420969 > SID[ 88]: S-1-5-21-160562036-3150058255-2134394716-58439 > SID[ 89]: S-1-5-21-160562036-3150058255-2134394716-351240 > SID[ 90]: S-1-5-21-160562036-3150058255-2134394716-290160 > SID[ 91]: S-1-5-21-160562036-3150058255-2134394716-335340 > SID[ 92]: S-1-5-21-160562036-3150058255-2134394716-32819 > SID[ 93]: S-1-5-21-160562036-3150058255-2134394716-63801 > SID[ 94]: S-1-5-21-160562036-3150058255-2134394716-53171 > SID[ 95]: S-1-5-21-160562036-3150058255-2134394716-294243 > SID[ 96]: S-1-5-21-160562036-3150058255-2134394716-350032 > SID[ 97]: S-1-5-21-160562036-3150058255-2134394716-63737 > SID[ 98]: S-1-5-21-160562036-3150058255-2134394716-13863 > SID[ 99]: S-1-5-21-160562036-3150058255-2134394716-351719 > SID[100]: S-1-5-21-160562036-3150058255-2134394716-56165 > SID[101]: S-1-5-21-160562036-3150058255-2134394716-113646 > SID[102]: S-1-5-21-160562036-3150058255-2134394716-430811 > SID[103]: S-1-5-21-160562036-3150058255-2134394716-284081 > SID[104]: S-1-5-21-160562036-3150058255-2134394716-256696 > SID[105]: S-1-5-21-160562036-3150058255-2134394716-416414 > SID[106]: S-1-5-21-160562036-3150058255-2134394716-49609 > SID[107]: S-1-5-21-160562036-3150058255-2134394716-377791 > SID[108]: S-1-5-21-160562036-3150058255-2134394716-32821 > SID[109]: S-1-5-21-160562036-3150058255-2134394716-359223 > SID[110]: S-1-5-21-160562036-3150058255-2134394716-284091 > SID[111]: S-1-5-21-160562036-3150058255-2134394716-433713 > SID[112]: S-1-5-21-160562036-3150058255-2134394716-33100 > SID[113]: S-1-5-21-160562036-3150058255-2134394716-416203 > SID[114]: S-1-5-21-160562036-3150058255-2134394716-317007 > SID[115]: S-1-5-21-160562036-3150058255-2134394716-69542 > SID[116]: S-1-5-21-160562036-3150058255-2134394716-268918 > SID[117]: S-1-5-21-160562036-3150058255-2134394716-69428 > SID[118]: S-1-5-21-160562036-3150058255-2134394716-316764 > SID[119]: S-1-5-21-160562036-3150058255-2134394716-55705 > SID[120]: S-1-5-21-160562036-3150058255-2134394716-291229 > SID[121]: S-1-5-21-160562036-3150058255-2134394716-250116 > SID[122]: S-1-5-21-160562036-3150058255-2134394716-294315 > SID[123]: S-1-5-21-160562036-3150058255-2134394716-402469 > SID[124]: S-1-5-21-160562036-3150058255-2134394716-256697 > SID[125]: S-1-5-21-160562036-3150058255-2134394716-418438 > SID[126]: S-1-5-21-160562036-3150058255-2134394716-435652 > SID[127]: S-1-5-21-160562036-3150058255-2134394716-45010 > SID[128]: S-1-5-21-160562036-3150058255-2134394716-322368 > SID[129]: S-1-5-21-160562036-3150058255-2134394716-267090 > SID[130]: S-1-5-21-160562036-3150058255-2134394716-32825 > SID[131]: S-1-5-21-160562036-3150058255-2134394716-35099 > SID[132]: S-1-5-21-160562036-3150058255-2134394716-56157 > SID[133]: S-1-5-21-160562036-3150058255-2134394716-113648 > SID[134]: S-1-5-21-160562036-3150058255-2134394716-55709 > SID[135]: S-1-5-21-160562036-3150058255-2134394716-108789 > SID[136]: S-1-5-21-160562036-3150058255-2134394716-56159 > SID[137]: S-1-5-21-160562036-3150058255-2134394716-268919 > SID[138]: S-1-5-21-160562036-3150058255-2134394716-245147 > SID[139]: S-1-5-21-160562036-3150058255-2134394716-430693 > SID[140]: S-1-5-21-160562036-3150058255-2134394716-289617 > SID[141]: S-1-5-21-160562036-3150058255-2134394716-373445 > SID[142]: S-1-5-21-160562036-3150058255-2134394716-14282 > SID[143]: S-1-5-21-160562036-3150058255-2134394716-433712 > SID[144]: S-1-5-21-160562036-3150058255-2134394716-59232 > SID[145]: S-1-5-21-160562036-3150058255-2134394716-33429 > SID[146]: S-1-5-21-160562036-3150058255-2134394716-437634 > SID[147]: S-1-5-21-160562036-3150058255-2134394716-23354 > SID[148]: S-1-5-21-160562036-3150058255-2134394716-113636 > SID[149]: S-1-5-21-160562036-3150058255-2134394716-63799 > SID[150]: S-1-5-21-160562036-3150058255-2134394716-261009 > SID[151]: S-1-5-21-160562036-3150058255-2134394716-290498 > SID[152]: S-1-5-21-160562036-3150058255-2134394716-375928 > SID[153]: S-1-5-21-160562036-3150058255-2134394716-276407 > SID[154]: S-1-5-21-160562036-3150058255-2134394716-357401 > SID[155]: S-1-5-21-160562036-3150058255-2134394716-357385 > SID[156]: S-1-5-21-160562036-3150058255-2134394716-269404 > SID[157]: S-1-5-21-160562036-3150058255-2134394716-67790 > SID[158]: S-1-5-21-160562036-3150058255-2134394716-392120 > SID[159]: S-1-5-21-160562036-3150058255-2134394716-276395 > SID[160]: S-1-5-21-160562036-3150058255-2134394716-113343 > SID[161]: S-1-5-21-160562036-3150058255-2134394716-56172 > SID[162]: S-1-5-21-160562036-3150058255-2134394716-402467 > SID[163]: S-1-5-21-160562036-3150058255-2134394716-293007 > SID[164]: S-1-5-21-160562036-3150058255-2134394716-427942 > SID[165]: S-1-5-21-160562036-3150058255-2134394716-373529 > SID[166]: S-1-5-21-160562036-3150058255-2134394716-263163 > SID[167]: S-1-5-21-160562036-3150058255-2134394716-64111 > SID[168]: S-1-5-21-160562036-3150058255-2134394716-266852 > SID[169]: S-1-5-21-160562036-3150058255-2134394716-357892 > SID[170]: S-1-5-21-160562036-3150058255-2134394716-104429 > SID[171]: S-1-5-21-160562036-3150058255-2134394716-32813 > SID[172]: S-1-5-21-160562036-3150058255-2134394716-360722 > SID[173]: S-1-5-21-160562036-3150058255-2134394716-284092 > SID[174]: S-1-5-21-160562036-3150058255-2134394716-289619 > SID[175]: S-1-5-21-160562036-3150058255-2134394716-369316 > SID[176]: S-1-5-21-160562036-3150058255-2134394716-49542 > SID[177]: S-1-5-21-160562036-3150058255-2134394716-329659 > SID[178]: S-1-5-21-160562036-3150058255-2134394716-32809 > SID[179]: S-1-5-21-160562036-3150058255-2134394716-108767 > SID[180]: S-1-5-21-160562036-3150058255-2134394716-305399 > SID[181]: S-1-5-21-160562036-3150058255-2134394716-263161 > SID[182]: S-1-5-21-160562036-3150058255-2134394716-314050 > SID[183]: S-1-5-21-160562036-3150058255-2134394716-31001 > SID[184]: S-1-5-21-160562036-3150058255-2134394716-279682 > SID[185]: S-1-5-21-160562036-3150058255-2134394716-294147 > SID[186]: S-1-5-21-160562036-3150058255-2134394716-56163 > SID[187]: S-1-5-21-160562036-3150058255-2134394716-285751 > SID[188]: S-1-5-21-160562036-3150058255-2134394716-21723 > SID[189]: S-1-5-21-160562036-3150058255-2134394716-8332 > SID[190]: S-1-5-21-160562036-3150058255-2134394716-32827 > SID[191]: S-1-5-21-160562036-3150058255-2134394716-256460 > SID[192]: S-1-5-21-160562036-3150058255-2134394716-256183 > SID[193]: S-1-5-21-160562036-3150058255-2134394716-300424 > SID[194]: S-1-5-21-160562036-3150058255-2134394716-55677 > SID[195]: S-1-5-21-160562036-3150058255-2134394716-253145 > SID[196]: S-1-5-21-160562036-3150058255-2134394716-63804 > SID[197]: S-1-5-21-160562036-3150058255-2134394716-358866 > SID[198]: S-1-5-21-160562036-3150058255-2134394716-32823 > SID[199]: S-1-5-21-160562036-3150058255-2134394716-276620 > SID[200]: S-1-5-21-160562036-3150058255-2134394716-361940 > SID[201]: S-1-5-21-160562036-3150058255-2134394716-49274 > SID[202]: S-1-5-21-160562036-3150058255-2134394716-402177 > SID[203]: S-1-5-21-160562036-3150058255-2134394716-252230 > SID[204]: S-1-5-21-160562036-3150058255-2134394716-321100 > SID[205]: S-1-5-21-160562036-3150058255-2134394716-20801 > SID[206]: S-1-5-21-160562036-3150058255-2134394716-276621 > SID[207]: S-1-5-21-160562036-3150058255-2134394716-252010 > SID[208]: S-1-5-21-160562036-3150058255-2134394716-292766 > SID[209]: S-1-5-21-160562036-3150058255-2134394716-37331 > SID[210]: S-1-5-21-160562036-3150058255-2134394716-260776 > SID[211]: S-1-5-21-160562036-3150058255-2134394716-386708 > SID[212]: S-1-5-21-160562036-3150058255-2134394716-374616 > SID[213]: S-1-5-21-160562036-3150058255-2134394716-21084 > SID[214]: S-1-5-21-160562036-3150058255-2134394716-294267 > SID[215]: S-1-5-21-160562036-3150058255-2134394716-63802 > SID[216]: S-1-5-21-160562036-3150058255-2134394716-31186 > SID[217]: S-1-5-21-160562036-3150058255-2134394716-105575 > SID[218]: S-1-5-21-160562036-3150058255-2134394716-361874 > SID[219]: S-1-5-21-160562036-3150058255-2134394716-360362 > SID[220]: S-1-5-21-160562036-3150058255-2134394716-357734 > SID[221]: S-1-5-21-160562036-3150058255-2134394716-294241 > SID[222]: S-1-5-21-160562036-3150058255-2134394716-251778 > SID[223]: S-1-5-21-160562036-3150058255-2134394716-49510 > SID[224]: S-1-5-21-160562036-3150058255-2134394716-35015 > SID[225]: S-1-5-21-160562036-3150058255-2134394716-20749 > SID[226]: S-1-5-21-160562036-3150058255-2134394716-294291 > SID[227]: S-1-5-21-160562036-3150058255-2134394716-254469 > SID[228]: S-1-5-21-160562036-3150058255-2134394716-247296 > SID[229]: S-1-5-21-160562036-3150058255-2134394716-63798 > SID[230]: S-1-5-21-160562036-3150058255-2134394716-59035 > SID[231]: S-1-5-21-160562036-3150058255-2134394716-430331 > SID[232]: S-1-5-21-160562036-3150058255-2134394716-21301 > SID[233]: S-1-5-21-160562036-3150058255-2134394716-55627 > SID[234]: S-1-5-21-160562036-3150058255-2134394716-32815 > SID[235]: S-1-5-21-160562036-3150058255-2134394716-277164 > SID[236]: S-1-5-21-160562036-3150058255-2134394716-21552 > SID[237]: S-1-5-21-160562036-3150058255-2134394716-56622 > SID[238]: S-1-5-21-160562036-3150058255-2134394716-37315 > SID[239]: S-1-5-21-160562036-3150058255-2134394716-334225 > SID[240]: S-1-5-21-160562036-3150058255-2134394716-338141 > SID[241]: S-1-5-21-160562036-3150058255-2134394716-246169 > SID[242]: S-1-5-21-160562036-3150058255-2134394716-297835 > SID[243]: S-1-5-21-160562036-3150058255-2134394716-353615 > SID[244]: S-1-5-21-160562036-3150058255-2134394716-322371 > SID[245]: S-1-5-21-160562036-3150058255-2134394716-63235 > SID[246]: S-1-5-21-160562036-3150058255-2134394716-266849 > SID[247]: S-1-5-21-160562036-3150058255-2134394716-293998 > SID[248]: S-1-5-21-160562036-3150058255-2134394716-433714 > SID[249]: S-1-5-21-160562036-3150058255-2134394716-107694 > SID[250]: S-1-5-21-160562036-3150058255-2134394716-288317 > SID[251]: S-1-5-21-160562036-3150058255-2134394716-44135 > SID[252]: S-1-5-21-160562036-3150058255-2134394716-290560 > SID[253]: S-1-5-21-160562036-3150058255-2134394716-322681 > SID[254]: S-1-5-21-160562036-3150058255-2134394716-283109 > SID[255]: S-1-5-21-160562036-3150058255-2134394716-357879 > SID[256]: S-1-5-21-160562036-3150058255-2134394716-289046 > SID[257]: S-1-5-21-160562036-3150058255-2134394716-32803 > SID[258]: S-1-5-21-160562036-3150058255-2134394716-343968 > SID[259]: S-1-5-21-160562036-3150058255-2134394716-50792 > SID[260]: S-1-5-21-160562036-3150058255-2134394716-50518 > SID[261]: S-1-5-21-160562036-3150058255-2134394716-37238 > SID[262]: S-1-5-21-160562036-3150058255-2134394716-360465 > SID[263]: S-1-5-21-160562036-3150058255-2134394716-366652 > SID[264]: S-1-5-21-160562036-3150058255-2134394716-294094 > SID[265]: S-1-5-21-160562036-3150058255-2134394716-288540 > SID[266]: S-1-5-21-160562036-3150058255-2134394716-297984 > SID[267]: S-1-5-21-160562036-3150058255-2134394716-276427 > SID[268]: S-1-5-21-160562036-3150058255-2134394716-333792 > SID[269]: S-1-5-21-160562036-3150058255-2134394716-427342 > SID[270]: S-1-5-21-160562036-3150058255-2134394716-333794 > SID[271]: S-1-5-21-160562036-3150058255-2134394716-290460 > SID[272]: S-1-5-21-160562036-3150058255-2134394716-294091 > SID[273]: S-1-5-21-160562036-3150058255-2134394716-333793 > SID[274]: S-1-5-21-160562036-3150058255-2134394716-338207 > SID[275]: S-1-5-21-160562036-3150058255-2134394716-409571 > SID[276]: S-1-5-21-160562036-3150058255-2134394716-294054 > SID[277]: S-1-5-21-160562036-3150058255-2134394716-30854 > SID[278]: S-1-5-21-160562036-3150058255-2134394716-288547 > SID[279]: S-1-5-21-160562036-3150058255-2134394716-365347 > SID[280]: S-1-5-21-6776287-465249537-1446904402-4108 > SID[281]: S-1-5-21-160562036-3150058255-2134394716-58230 > SID[282]: S-1-5-21-160562036-3150058255-2134394716-357400 > SID[283]: S-1-5-21-160562036-3150058255-2134394716-343966 > SID[284]: S-1-5-21-160562036-3150058255-2134394716-104268 > SID[285]: S-1-5-21-160562036-3150058255-2134394716-334228 > SID[286]: S-1-5-21-160562036-3150058255-2134394716-357384 > SID[287]: S-1-5-21-160562036-3150058255-2134394716-64500 > SID[288]: S-1-5-21-160562036-3150058255-2134394716-291227 > SID[289]: S-1-5-21-160562036-3150058255-2134394716-62708 > SID[290]: S-1-5-21-160562036-3150058255-2134394716-266847 > SID[291]: S-1-5-21-160562036-3150058255-2134394716-313857 > SID[292]: S-1-5-21-160562036-3150058255-2134394716-350031 > SID[293]: S-1-5-21-160562036-3150058255-2134394716-373448 > SID[294]: S-1-5-21-160562036-3150058255-2134394716-420970 > SID[295]: S-1-5-21-160562036-3150058255-2134394716-351238 > SID[296]: S-1-5-21-160562036-3150058255-2134394716-11861 > SID[297]: S-1-5-21-160562036-3150058255-2134394716-353613 > SID[298]: S-1-5-21-160562036-3150058255-2134394716-322679 > SID[299]: S-1-5-21-160562036-3150058255-2134394716-253148 > SID[300]: S-1-5-21-160562036-3150058255-2134394716-277162 > SID[301]: S-1-5-21-160562036-3150058255-2134394716-304048 > SID[302]: S-1-5-21-160562036-3150058255-2134394716-288768 > SID[303]: S-1-5-21-160562036-3150058255-2134394716-62920 > SID[304]: S-1-5-21-160562036-3150058255-2134394716-62814 > SID[305]: S-1-5-21-160562036-3150058255-2134394716-338139 > SID[306]: S-1-5-21-160562036-3150058255-2134394716-266850 > SID[307]: S-1-5-21-160562036-3150058255-2134394716-74038 > SID[308]: S-1-5-21-160562036-3150058255-2134394716-62715 > SID[309]: S-1-5-21-160562036-3150058255-2134394716-357877 > SID[310]: S-1-5-21-160562036-3150058255-2134394716-252117 > SID[311]: S-1-5-21-160562036-3150058255-2134394716-322372 > SID[312]: S-1-5-21-160562036-3150058255-2134394716-65121 > SID[313]: S-1-5-21-160562036-3150058255-2134394716-62711 > SID[314]: S-1-5-21-160562036-3150058255-2134394716-267091 > SID[315]: S-1-5-21-160562036-3150058255-2134394716-24652 > SID[316]: S-1-5-21-160562036-3150058255-2134394716-360933 > SID[317]: S-1-5-21-160562036-3150058255-2134394716-354437 > SID[318]: S-1-5-21-160562036-3150058255-2134394716-249119 > SID[319]: S-1-5-21-160562036-3150058255-2134394716-248731 > SID[320]: S-1-5-21-160562036-3150058255-2134394716-64215 > SID[321]: S-1-5-21-160562036-3150058255-2134394716-373475 > SID[322]: S-1-5-21-160562036-3150058255-2134394716-250664 > SID[323]: S-1-5-21-160562036-3150058255-2134394716-267088 > SID[324]: S-1-5-21-160562036-3150058255-2134394716-50311 > SID[325]: S-1-5-21-160562036-3150058255-2134394716-62644 > SID[326]: S-1-5-21-160562036-3150058255-2134394716-69148 > SID[327]: S-1-5-21-160562036-3150058255-2134394716-360380 > SID[328]: S-1-5-21-160562036-3150058255-2134394716-52124 > SID[329]: S-1-5-21-160562036-3150058255-2134394716-351502 > SID[330]: S-1-5-21-160562036-3150058255-2134394716-317005 > SID[331]: S-1-5-21-160562036-3150058255-2134394716-62713 > SID[332]: S-1-5-21-160562036-3150058255-2134394716-313855 > SID[333]: S-1-5-21-160562036-3150058255-2134394716-53143 > SID[334]: S-1-5-21-160562036-3150058255-2134394716-349705 > SID[335]: S-1-5-21-160562036-3150058255-2134394716-357732 > SID[336]: S-1-5-21-160562036-3150058255-2134394716-402142 > SID[337]: S-1-5-21-160562036-3150058255-2134394716-50421 > SID[338]: S-1-5-21-160562036-3150058255-2134394716-357890 > SID[339]: S-1-5-21-160562036-3150058255-2134394716-416413 > SID[340]: S-1-5-21-160562036-3150058255-2134394716-255117 > SID[341]: S-1-5-21-160562036-3150058255-2134394716-73891 > SID[342]: S-1-5-21-160562036-3150058255-2134394716-377792 > SID[343]: S-1-5-21-160562036-3150058255-2134394716-63081 > SID[344]: S-1-5-21-160562036-3150058255-2134394716-386707 > SID[345]: S-1-5-21-160562036-3150058255-2134394716-64112 > SID[346]: S-1-5-21-160562036-3150058255-2134394716-256555 > SID[347]: S-1-5-21-160562036-3150058255-2134394716-361939 > SID[348]: S-1-5-21-160562036-3150058255-2134394716-62709 > SID[349]: S-1-5-21-160562036-3150058255-2134394716-248759 > SID[350]: S-1-5-21-160562036-3150058255-2134394716-359221 > SID[351]: S-1-5-21-160562036-3150058255-2134394716-310730 > SID[352]: S-1-5-21-160562036-3150058255-2134394716-109617 > SID[353]: S-1-5-21-160562036-3150058255-2134394716-60474 > SID[354]: S-1-5-21-160562036-3150058255-2134394716-402472 > SID[355]: S-1-5-21-160562036-3150058255-2134394716-55679 > SID[356]: S-1-5-21-160562036-3150058255-2134394716-69153 > SID[357]: S-1-5-21-160562036-3150058255-2134394716-22265 > SID[358]: S-1-5-21-160562036-3150058255-2134394716-423112 > SID[359]: S-1-5-21-160562036-3150058255-2134394716-289044 > SID[360]: S-1-5-21-160562036-3150058255-2134394716-67791 > SID[361]: S-1-5-21-160562036-3150058255-2134394716-69156 > SID[362]: S-1-5-21-160562036-3150058255-2134394716-62712 > SID[363]: S-1-5-21-160562036-3150058255-2134394716-360721 > SID[364]: S-1-5-21-160562036-3150058255-2134394716-435651 > SID[365]: S-1-5-21-160562036-3150058255-2134394716-69149 > SID[366]: S-1-5-21-160562036-3150058255-2134394716-73730 > SID[367]: S-1-5-21-160562036-3150058255-2134394716-243660 > SID[368]: S-1-5-21-160562036-3150058255-2134394716-104280 > SID[369]: S-1-5-21-160562036-3150058255-2134394716-430692 > SID[370]: S-1-5-21-160562036-3150058255-2134394716-256558 > SID[371]: S-1-5-21-160562036-3150058255-2134394716-54515 > SID[372]: S-1-5-21-160562036-3150058255-2134394716-334223 > SID[373]: S-1-5-21-160562036-3150058255-2134394716-304790 > SID[374]: S-1-5-21-160562036-3150058255-2134394716-373528 > SID[375]: S-1-5-21-160562036-3150058255-2134394716-375927 > SID[376]: S-1-5-21-160562036-3150058255-2134394716-74039 > SID[377]: S-1-5-21-160562036-3150058255-2134394716-62781 > SID[378]: S-1-5-21-160562036-3150058255-2134394716-69157 > SID[379]: S-1-5-21-160562036-3150058255-2134394716-309445 > SID[380]: S-1-5-21-160562036-3150058255-2134394716-62733 > SID[381]: S-1-5-21-160562036-3150058255-2134394716-418123 > SID[382]: S-1-5-21-160562036-3150058255-2134394716-64415 > SID[383]: S-1-5-21-160562036-3150058255-2134394716-414619 > SID[384]: S-1-5-21-160562036-3150058255-2134394716-373446 > SID[385]: S-1-5-21-160562036-3150058255-2134394716-289048 > SID[386]: S-1-5-21-160562036-3150058255-2134394716-69158 > SID[387]: S-1-5-21-160562036-3150058255-2134394716-373559 > SID[388]: S-1-5-21-160562036-3150058255-2134394716-110686 > SID[389]: S-1-5-21-160562036-3150058255-2134394716-260757 > SID[390]: S-1-5-21-160562036-3150058255-2134394716-249663 > SID[391]: S-1-5-21-160562036-3150058255-2134394716-249619 > SID[392]: S-1-5-21-160562036-3150058255-2134394716-321098 > SID[393]: S-1-5-21-160562036-3150058255-2134394716-64497 > SID[394]: S-1-5-21-160562036-3150058255-2134394716-112627 > SID[395]: S-1-5-21-160562036-3150058255-2134394716-62710 > SID[396]: S-1-5-21-160562036-3150058255-2134394716-360361 > SID[397]: S-1-5-21-160562036-3150058255-2134394716-353621 > SID[398]: S-1-5-21-160562036-3150058255-2134394716-365152 > SID[399]: S-1-5-21-160562036-3150058255-2134394716-69544 > SID[400]: S-1-5-21-160562036-3150058255-2134394716-249644 > SID[401]: S-1-5-21-160562036-3150058255-2134394716-55625 > SID[402]: S-1-1-0 > SID[403]: S-1-5-2 > SID[404]: S-1-5-11 > SID[405]: S-1-5-32-545 > SID[406]: S-1-22-1-10000 > SID[407]: S-1-22-2-10006 > SID[408]: S-1-22-2-10007 > SID[409]: S-1-22-2-10008 > SID[410]: S-1-22-2-10009 > SID[411]: S-1-22-2-10010 > SID[412]: S-1-22-2-10011 > SID[413]: S-1-22-2-10012 > SID[414]: S-1-22-2-10013 > SID[415]: S-1-22-2-10014 > SID[416]: S-1-22-2-10015 > SID[417]: S-1-22-2-10016 > SID[418]: S-1-22-2-10017 > SID[419]: S-1-22-2-10018 > SID[420]: S-1-22-2-10019 > SID[421]: S-1-22-2-10020 > SID[422]: S-1-22-2-10021 > SID[423]: S-1-22-2-10022 > SID[424]: S-1-22-2-10023 > SID[425]: S-1-22-2-10024 > SID[426]: S-1-22-2-10025 > SID[427]: S-1-22-2-10026 > SID[428]: S-1-22-2-10027 > SID[429]: S-1-22-2-10028 > SID[430]: S-1-22-2-10029 > SID[431]: S-1-22-2-10030 > SID[432]: S-1-22-2-10031 > SID[433]: S-1-22-2-10032 > SID[434]: S-1-22-2-10033 > SID[435]: S-1-22-2-10034 > SID[436]: S-1-22-2-10035 > SID[437]: S-1-22-2-10036 > SID[438]: S-1-22-2-10037 > SID[439]: S-1-22-2-10038 > SID[440]: S-1-22-2-10039 > SID[441]: S-1-22-2-10040 > SID[442]: S-1-22-2-10041 > SID[443]: S-1-22-2-10042 > SID[444]: S-1-22-2-10043 > SID[445]: S-1-22-2-10044 > SID[446]: S-1-22-2-10045 > SID[447]: S-1-22-2-10046 > SID[448]: S-1-22-2-10047 > SID[449]: S-1-22-2-10048 > SID[450]: S-1-22-2-10049 > SID[451]: S-1-22-2-10050 > SID[452]: S-1-22-2-10051 > SID[453]: S-1-22-2-10052 > SID[454]: S-1-22-2-10053 > SID[455]: S-1-22-2-10054 > SID[456]: S-1-22-2-10055 > SID[457]: S-1-22-2-10056 > SID[458]: S-1-22-2-10057 > SID[459]: S-1-22-2-10058 > SID[460]: S-1-22-2-10059 > SID[461]: S-1-22-2-10060 > SID[462]: S-1-22-2-10061 > SID[463]: S-1-22-2-10062 > SID[464]: S-1-22-2-10063 > SID[465]: S-1-22-2-10064 > SID[466]: S-1-22-2-10065 > SID[467]: S-1-22-2-10066 > SID[468]: S-1-22-2-10067 > SID[469]: S-1-22-2-10068 > SID[470]: S-1-22-2-10069 > SID[471]: S-1-22-2-10070 > SID[472]: S-1-22-2-10071 > SID[473]: S-1-22-2-10072 > SID[474]: S-1-22-2-10073 > SID[475]: S-1-22-2-10074 > SID[476]: S-1-22-2-10075 > SID[477]: S-1-22-2-10076 > SID[478]: S-1-22-2-10077 > SID[479]: S-1-22-2-10078 > SID[480]: S-1-22-2-10079 > SID[481]: S-1-22-2-10080 > SID[482]: S-1-22-2-10081 > SID[483]: S-1-22-2-10082 > SID[484]: S-1-22-2-10083 > SID[485]: S-1-22-2-10084 > SID[486]: S-1-22-2-10085 > SID[487]: S-1-22-2-10086 > SID[488]: S-1-22-2-10087 > SID[489]: S-1-22-2-10088 > SID[490]: S-1-22-2-10089 > SID[491]: S-1-22-2-10090 > SID[492]: S-1-22-2-10091 > SID[493]: S-1-22-2-10092 > SID[494]: S-1-22-2-10093 > SID[495]: S-1-22-2-10094 > SID[496]: S-1-22-2-10095 > SID[497]: S-1-22-2-10096 > SID[498]: S-1-22-2-10097 > SID[499]: S-1-22-2-10098 > SID[500]: S-1-22-2-10099 > SID[501]: S-1-22-2-10100 > SID[502]: S-1-22-2-10101 > SID[503]: S-1-22-2-10102 > SID[504]: S-1-22-2-10103 > SID[505]: S-1-22-2-10104 > SID[506]: S-1-22-2-10105 > SID[507]: S-1-22-2-10106 > SID[508]: S-1-22-2-10107 > SID[509]: S-1-22-2-10108 > SID[510]: S-1-22-2-10109 > SID[511]: S-1-22-2-10110 > SID[512]: S-1-22-2-10111 > SID[513]: S-1-22-2-10112 > SID[514]: S-1-22-2-10113 > SID[515]: S-1-22-2-10114 > SID[516]: S-1-22-2-10115 > SID[517]: S-1-22-2-10116 > SID[518]: S-1-22-2-10117 > SID[519]: S-1-22-2-10118 > SID[520]: S-1-22-2-10119 > SID[521]: S-1-22-2-10120 > SID[522]: S-1-22-2-10121 > SID[523]: S-1-22-2-10122 > SID[524]: S-1-22-2-10123 > SID[525]: S-1-22-2-10124 > SID[526]: S-1-22-2-10125 > SID[527]: S-1-22-2-10126 > SID[528]: S-1-22-2-10127 > SID[529]: S-1-22-2-10128 > SID[530]: S-1-22-2-10129 > SID[531]: S-1-22-2-10130 > SID[532]: S-1-22-2-10131 > SID[533]: S-1-22-2-10132 > SID[534]: S-1-22-2-10133 > SID[535]: S-1-22-2-10134 > SID[536]: S-1-22-2-10135 > SID[537]: S-1-22-2-10136 > SID[538]: S-1-22-2-10137 > SID[539]: S-1-22-2-10138 > SID[540]: S-1-22-2-10139 > SID[541]: S-1-22-2-10140 > SID[542]: S-1-22-2-10141 > SID[543]: S-1-22-2-10142 > SID[544]: S-1-22-2-10143 > SID[545]: S-1-22-2-10144 > SID[546]: S-1-22-2-10145 > SID[547]: S-1-22-2-10146 > SID[548]: S-1-22-2-10147 > SID[549]: S-1-22-2-10148 > SID[550]: S-1-22-2-10149 > SID[551]: S-1-22-2-10150 > SID[552]: S-1-22-2-10471 > SID[553]: S-1-22-2-10151 > SID[554]: S-1-22-2-10152 > SID[555]: S-1-22-2-10153 > SID[556]: S-1-22-2-10154 > SID[557]: S-1-22-2-10155 > SID[558]: S-1-22-2-10156 > SID[559]: S-1-22-2-10157 > SID[560]: S-1-22-2-10158 > SID[561]: S-1-22-2-10159 > SID[562]: S-1-22-2-10160 > SID[563]: S-1-22-2-10161 > SID[564]: S-1-22-2-10162 > SID[565]: S-1-22-2-10163 > SID[566]: S-1-22-2-10164 > SID[567]: S-1-22-2-10165 > SID[568]: S-1-22-2-10166 > SID[569]: S-1-22-2-10167 > SID[570]: S-1-22-2-10168 > SID[571]: S-1-22-2-10169 > SID[572]: S-1-22-2-10170 > SID[573]: S-1-22-2-10171 > SID[574]: S-1-22-2-10172 > SID[575]: S-1-22-2-10173 > SID[576]: S-1-22-2-10174 > SID[577]: S-1-22-2-10175 > SID[578]: S-1-22-2-10176 > SID[579]: S-1-22-2-10177 > SID[580]: S-1-22-2-10178 > SID[581]: S-1-22-2-10179 > SID[582]: S-1-22-2-10180 > SID[583]: S-1-22-2-10181 > SID[584]: S-1-22-2-10182 > SID[585]: S-1-22-2-10183 > SID[586]: S-1-22-2-10184 > SID[587]: S-1-22-2-10185 > SID[588]: S-1-22-2-10186 > SID[589]: S-1-22-2-10187 > SID[590]: S-1-22-2-10188 > SID[591]: S-1-22-2-10189 > SID[592]: S-1-22-2-10190 > SID[593]: S-1-22-2-10191 > SID[594]: S-1-22-2-10192 > SID[595]: S-1-22-2-10193 > SID[596]: S-1-22-2-10194 > SID[597]: S-1-22-2-10195 > SID[598]: S-1-22-2-10196 > SID[599]: S-1-22-2-10197 > SID[600]: S-1-22-2-10198 > SID[601]: S-1-22-2-10199 > SID[602]: S-1-22-2-10200 > SID[603]: S-1-22-2-10201 > SID[604]: S-1-22-2-10202 > SID[605]: S-1-22-2-10203 > SID[606]: S-1-22-2-10204 > SID[607]: S-1-22-2-10205 > SID[608]: S-1-22-2-10206 > SID[609]: S-1-22-2-10207 > SID[610]: S-1-22-2-10208 > SID[611]: S-1-22-2-10209 > SID[612]: S-1-22-2-10210 > SID[613]: S-1-22-2-10211 > SID[614]: S-1-22-2-10212 > SID[615]: S-1-22-2-10213 > SID[616]: S-1-22-2-10214 > SID[617]: S-1-22-2-10215 > SID[618]: S-1-22-2-10216 > SID[619]: S-1-22-2-10217 > SID[620]: S-1-22-2-10218 > SID[621]: S-1-22-2-10219 > SID[622]: S-1-22-2-10220 > SID[623]: S-1-22-2-10221 > SID[624]: S-1-22-2-10222 > SID[625]: S-1-22-2-10223 > SID[626]: S-1-22-2-10224 > SID[627]: S-1-22-2-10225 > SID[628]: S-1-22-2-10226 > SID[629]: S-1-22-2-10227 > SID[630]: S-1-22-2-10228 > SID[631]: S-1-22-2-10229 > SID[632]: S-1-22-2-10230 > SID[633]: S-1-22-2-10231 > SID[634]: S-1-22-2-10232 > SID[635]: S-1-22-2-10233 > SID[636]: S-1-22-2-10234 > SID[637]: S-1-22-2-10235 > SID[638]: S-1-22-2-10236 > SID[639]: S-1-22-2-10237 > SID[640]: S-1-22-2-10238 > SID[641]: S-1-22-2-10239 > SID[642]: S-1-22-2-10240 > SID[643]: S-1-22-2-10241 > SID[644]: S-1-22-2-10242 > SID[645]: S-1-22-2-10243 > SID[646]: S-1-22-2-10244 > SID[647]: S-1-22-2-10245 > SID[648]: S-1-22-2-10246 > SID[649]: S-1-22-2-10247 > SID[650]: S-1-22-2-10248 > SID[651]: S-1-22-2-10249 > SID[652]: S-1-22-2-10250 > SID[653]: S-1-22-2-10251 > SID[654]: S-1-22-2-10252 > SID[655]: S-1-22-2-10253 > SID[656]: S-1-22-2-10254 > SID[657]: S-1-22-2-10255 > SID[658]: S-1-22-2-10256 > SID[659]: S-1-22-2-10257 > SID[660]: S-1-22-2-10258 > SID[661]: S-1-22-2-10259 > SID[662]: S-1-22-2-10260 > SID[663]: S-1-22-2-10261 > SID[664]: S-1-22-2-10262 > SID[665]: S-1-22-2-10263 > SID[666]: S-1-22-2-10264 > SID[667]: S-1-22-2-10265 > SID[668]: S-1-22-2-10266 > SID[669]: S-1-22-2-10267 > SID[670]: S-1-22-2-10268 > SID[671]: S-1-22-2-10269 > SID[672]: S-1-22-2-10270 > SID[673]: S-1-22-2-10271 > SID[674]: S-1-22-2-10272 > SID[675]: S-1-22-2-10273 > SID[676]: S-1-22-2-10274 > SID[677]: S-1-22-2-10275 > SID[678]: S-1-22-2-10276 > SID[679]: S-1-22-2-10277 > SID[680]: S-1-22-2-10278 > SID[681]: S-1-22-2-10279 > SID[682]: S-1-22-2-10280 > SID[683]: S-1-22-2-10281 > SID[684]: S-1-22-2-10282 > SID[685]: S-1-22-2-10283 > SID[686]: S-1-22-2-10284 > SID[687]: S-1-22-2-10285 > SID[688]: S-1-22-2-10286 > SID[689]: S-1-22-2-10287 > SID[690]: S-1-22-2-10288 > SID[691]: S-1-22-2-10289 > SID[692]: S-1-22-2-10290 > SID[693]: S-1-22-2-10291 > SID[694]: S-1-22-2-10292 > SID[695]: S-1-22-2-10293 > SID[696]: S-1-22-2-10294 > SID[697]: S-1-22-2-10295 > SID[698]: S-1-22-2-10296 > SID[699]: S-1-22-2-10297 > SID[700]: S-1-22-2-10298 > SID[701]: S-1-22-2-10299 > SID[702]: S-1-22-2-10300 > SID[703]: S-1-22-2-10301 > SID[704]: S-1-22-2-10302 > SID[705]: S-1-22-2-10303 > SID[706]: S-1-22-2-10304 > SID[707]: S-1-22-2-10305 > SID[708]: S-1-22-2-10306 > SID[709]: S-1-22-2-10307 > SID[710]: S-1-22-2-10308 > SID[711]: S-1-22-2-10309 > SID[712]: S-1-22-2-10310 > SID[713]: S-1-22-2-10311 > SID[714]: S-1-22-2-10312 > SID[715]: S-1-22-2-10313 > SID[716]: S-1-22-2-10314 > SID[717]: S-1-22-2-10315 > SID[718]: S-1-22-2-10316 > SID[719]: S-1-22-2-10317 > SID[720]: S-1-22-2-10318 > SID[721]: S-1-22-2-10319 > SID[722]: S-1-22-2-10320 > SID[723]: S-1-22-2-10321 > SID[724]: S-1-22-2-10322 > SID[725]: S-1-22-2-10323 > SID[726]: S-1-22-2-10324 > SID[727]: S-1-22-2-10325 > SID[728]: S-1-22-2-10326 > SID[729]: S-1-22-2-10327 > SID[730]: S-1-22-2-10328 > SID[731]: S-1-22-2-10329 > SID[732]: S-1-22-2-10330 > SID[733]: S-1-22-2-10331 > SID[734]: S-1-22-2-10332 > SID[735]: S-1-22-2-10333 > SID[736]: S-1-22-2-10334 > SID[737]: S-1-22-2-10335 > SID[738]: S-1-22-2-10336 > SID[739]: S-1-22-2-10337 > SID[740]: S-1-22-2-10338 > SID[741]: S-1-22-2-10339 > SID[742]: S-1-22-2-10340 > SID[743]: S-1-22-2-10341 > SID[744]: S-1-22-2-10342 > SID[745]: S-1-22-2-10343 > SID[746]: S-1-22-2-10344 > SID[747]: S-1-22-2-10345 > SID[748]: S-1-22-2-10346 > SID[749]: S-1-22-2-10347 > SID[750]: S-1-22-2-10348 > SID[751]: S-1-22-2-10349 > SID[752]: S-1-22-2-10350 > SID[753]: S-1-22-2-10351 > SID[754]: S-1-22-2-10352 > SID[755]: S-1-22-2-10353 > SID[756]: S-1-22-2-10354 > SID[757]: S-1-22-2-10355 > SID[758]: S-1-22-2-10356 > SID[759]: S-1-22-2-10357 > SID[760]: S-1-22-2-10358 > SID[761]: S-1-22-2-10359 > SID[762]: S-1-22-2-10360 > SID[763]: S-1-22-2-10361 > SID[764]: S-1-22-2-10362 > SID[765]: S-1-22-2-10363 > SID[766]: S-1-22-2-10364 > SID[767]: S-1-22-2-10365 > SID[768]: S-1-22-2-10366 > SID[769]: S-1-22-2-10367 > SID[770]: S-1-22-2-10368 > SID[771]: S-1-22-2-10369 > SID[772]: S-1-22-2-10370 > SID[773]: S-1-22-2-10371 > SID[774]: S-1-22-2-10372 > SID[775]: S-1-22-2-10373 > SID[776]: S-1-22-2-10374 > SID[777]: S-1-22-2-10375 > SID[778]: S-1-22-2-10376 > SID[779]: S-1-22-2-10377 > SID[780]: S-1-22-2-10378 > SID[781]: S-1-22-2-10379 > SID[782]: S-1-22-2-10380 > SID[783]: S-1-22-2-10381 > SID[784]: S-1-22-2-10382 > SID[785]: S-1-22-2-10383 > SID[786]: S-1-22-2-10384 > SID[787]: S-1-22-2-10385 > SID[788]: S-1-22-2-10386 > SID[789]: S-1-22-2-10387 > SID[790]: S-1-22-2-10388 > SID[791]: S-1-22-2-10389 > SID[792]: S-1-22-2-10390 > SID[793]: S-1-22-2-10391 > SID[794]: S-1-22-2-10392 > SID[795]: S-1-22-2-10393 > SID[796]: S-1-22-2-10394 > SID[797]: S-1-22-2-10395 > SID[798]: S-1-22-2-10396 > SID[799]: S-1-22-2-10397 > SID[800]: S-1-22-2-10398 > SID[801]: S-1-22-2-10399 > SID[802]: S-1-22-2-10400 > SID[803]: S-1-22-2-10401 > SID[804]: S-1-22-2-10402 > SID[805]: S-1-22-2-10403 > SID[806]: S-1-22-2-10404 > SID[807]: S-1-22-2-10002 > SID[808]: S-1-22-2-10003 > SID[809]: S-1-22-2-10004 > SID[810]: S-1-22-2-10001 > Privileges (0x 20): > Privilege[ 0]: SePrintOperatorPrivilege > Rights (0x 0): >[2012/11/09 16:29:16.549887, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 10000 > Primary group is 71 and contains 404 supplementary groups > Group[ 0]: 10006 > Group[ 1]: 10007 > Group[ 2]: 10008 > Group[ 3]: 10009 > Group[ 4]: 10010 > Group[ 5]: 10011 > Group[ 6]: 10012 > Group[ 7]: 10013 > Group[ 8]: 10014 > Group[ 9]: 10015 > Group[ 10]: 10016 > Group[ 11]: 10017 > Group[ 12]: 10018 > Group[ 13]: 10019 > Group[ 14]: 10020 > Group[ 15]: 10021 > Group[ 16]: 10022 > Group[ 17]: 10023 > Group[ 18]: 10024 > Group[ 19]: 10025 > Group[ 20]: 10026 > Group[ 21]: 10027 > Group[ 22]: 10028 > Group[ 23]: 10029 > Group[ 24]: 10030 > Group[ 25]: 10031 > Group[ 26]: 10032 > Group[ 27]: 10033 > Group[ 28]: 10034 > Group[ 29]: 10035 > Group[ 30]: 10036 > Group[ 31]: 10037 > Group[ 32]: 10038 > Group[ 33]: 10039 > Group[ 34]: 10040 > Group[ 35]: 10041 > Group[ 36]: 10042 > Group[ 37]: 10043 > Group[ 38]: 10044 > Group[ 39]: 10045 > Group[ 40]: 10046 > Group[ 41]: 10047 > Group[ 42]: 10048 > Group[ 43]: 10049 > Group[ 44]: 10050 > Group[ 45]: 10051 > Group[ 46]: 10052 > Group[ 47]: 10053 > Group[ 48]: 10054 > Group[ 49]: 10055 > Group[ 50]: 10056 > Group[ 51]: 10057 > Group[ 52]: 10058 > Group[ 53]: 10059 > Group[ 54]: 10060 > Group[ 55]: 10061 > Group[ 56]: 10062 > Group[ 57]: 10063 > Group[ 58]: 10064 > Group[ 59]: 10065 > Group[ 60]: 10066 > Group[ 61]: 10067 > Group[ 62]: 10068 > Group[ 63]: 10069 > Group[ 64]: 10070 > Group[ 65]: 10071 > Group[ 66]: 10072 > Group[ 67]: 10073 > Group[ 68]: 10074 > Group[ 69]: 10075 > Group[ 70]: 10076 > Group[ 71]: 10077 > Group[ 72]: 10078 > Group[ 73]: 10079 > Group[ 74]: 10080 > Group[ 75]: 10081 > Group[ 76]: 10082 > Group[ 77]: 10083 > Group[ 78]: 10084 > Group[ 79]: 10085 > Group[ 80]: 10086 > Group[ 81]: 10087 > Group[ 82]: 10088 > Group[ 83]: 10089 > Group[ 84]: 10090 > Group[ 85]: 10091 > Group[ 86]: 10092 > Group[ 87]: 10093 > Group[ 88]: 10094 > Group[ 89]: 10095 > Group[ 90]: 10096 > Group[ 91]: 10097 > Group[ 92]: 10098 > Group[ 93]: 10099 > Group[ 94]: 10100 > Group[ 95]: 10101 > Group[ 96]: 10102 > Group[ 97]: 10103 > Group[ 98]: 10104 > Group[ 99]: 10105 > Group[100]: 10106 > Group[101]: 10107 > Group[102]: 10108 > Group[103]: 10109 > Group[104]: 10110 > Group[105]: 10111 > Group[106]: 10112 > Group[107]: 10113 > Group[108]: 10114 > Group[109]: 10115 > Group[110]: 10116 > Group[111]: 10117 > Group[112]: 10118 > Group[113]: 10119 > Group[114]: 10120 > Group[115]: 10121 > Group[116]: 10122 > Group[117]: 10123 > Group[118]: 10124 > Group[119]: 10125 > Group[120]: 10126 > Group[121]: 10127 > Group[122]: 10128 > Group[123]: 10129 > Group[124]: 10130 > Group[125]: 10131 > Group[126]: 10132 > Group[127]: 10133 > Group[128]: 10134 > Group[129]: 10135 > Group[130]: 10136 > Group[131]: 10137 > Group[132]: 10138 > Group[133]: 10139 > Group[134]: 10140 > Group[135]: 10141 > Group[136]: 10142 > Group[137]: 10143 > Group[138]: 10144 > Group[139]: 10145 > Group[140]: 10146 > Group[141]: 10147 > Group[142]: 10148 > Group[143]: 10149 > Group[144]: 10150 > Group[145]: 10471 > Group[146]: 10151 > Group[147]: 10152 > Group[148]: 10153 > Group[149]: 10154 > Group[150]: 10155 > Group[151]: 10156 > Group[152]: 10157 > Group[153]: 10158 > Group[154]: 10159 > Group[155]: 10160 > Group[156]: 10161 > Group[157]: 10162 > Group[158]: 10163 > Group[159]: 10164 > Group[160]: 10165 > Group[161]: 10166 > Group[162]: 10167 > Group[163]: 10168 > Group[164]: 10169 > Group[165]: 10170 > Group[166]: 10171 > Group[167]: 10172 > Group[168]: 10173 > Group[169]: 10174 > Group[170]: 10175 > Group[171]: 10176 > Group[172]: 10177 > Group[173]: 10178 > Group[174]: 10179 > Group[175]: 10180 > Group[176]: 10181 > Group[177]: 10182 > Group[178]: 10183 > Group[179]: 10184 > Group[180]: 10185 > Group[181]: 10186 > Group[182]: 10187 > Group[183]: 10188 > Group[184]: 10189 > Group[185]: 10190 > Group[186]: 10191 > Group[187]: 10192 > Group[188]: 10193 > Group[189]: 10194 > Group[190]: 10195 > Group[191]: 10196 > Group[192]: 10197 > Group[193]: 10198 > Group[194]: 10199 > Group[195]: 10200 > Group[196]: 10201 > Group[197]: 10202 > Group[198]: 10203 > Group[199]: 10204 > Group[200]: 10205 > Group[201]: 10206 > Group[202]: 10207 > Group[203]: 10208 > Group[204]: 10209 > Group[205]: 10210 > Group[206]: 10211 > Group[207]: 10212 > Group[208]: 10213 > Group[209]: 10214 > Group[210]: 10215 > Group[211]: 10216 > Group[212]: 10217 > Group[213]: 10218 > Group[214]: 10219 > Group[215]: 10220 > Group[216]: 10221 > Group[217]: 10222 > Group[218]: 10223 > Group[219]: 10224 > Group[220]: 10225 > Group[221]: 10226 > Group[222]: 10227 > Group[223]: 10228 > Group[224]: 10229 > Group[225]: 10230 > Group[226]: 10231 > Group[227]: 10232 > Group[228]: 10233 > Group[229]: 10234 > Group[230]: 10235 > Group[231]: 10236 > Group[232]: 10237 > Group[233]: 10238 > Group[234]: 10239 > Group[235]: 10240 > Group[236]: 10241 > Group[237]: 10242 > Group[238]: 10243 > Group[239]: 10244 > Group[240]: 10245 > Group[241]: 10246 > Group[242]: 10247 > Group[243]: 10248 > Group[244]: 10249 > Group[245]: 10250 > Group[246]: 10251 > Group[247]: 10252 > Group[248]: 10253 > Group[249]: 10254 > Group[250]: 10255 > Group[251]: 10256 > Group[252]: 10257 > Group[253]: 10258 > Group[254]: 10259 > Group[255]: 10260 > Group[256]: 10261 > Group[257]: 10262 > Group[258]: 10263 > Group[259]: 10264 > Group[260]: 10265 > Group[261]: 10266 > Group[262]: 10267 > Group[263]: 10268 > Group[264]: 10269 > Group[265]: 10270 > Group[266]: 10271 > Group[267]: 10272 > Group[268]: 10273 > Group[269]: 10274 > Group[270]: 10275 > Group[271]: 10276 > Group[272]: 10277 > Group[273]: 10278 > Group[274]: 10279 > Group[275]: 10280 > Group[276]: 10281 > Group[277]: 10282 > Group[278]: 10283 > Group[279]: 10284 > Group[280]: 10285 > Group[281]: 10286 > Group[282]: 10287 > Group[283]: 10288 > Group[284]: 10289 > Group[285]: 10290 > Group[286]: 10291 > Group[287]: 10292 > Group[288]: 10293 > Group[289]: 10294 > Group[290]: 10295 > Group[291]: 10296 > Group[292]: 10297 > Group[293]: 10298 > Group[294]: 10299 > Group[295]: 10300 > Group[296]: 10301 > Group[297]: 10302 > Group[298]: 10303 > Group[299]: 10304 > Group[300]: 10305 > Group[301]: 10306 > Group[302]: 10307 > Group[303]: 10308 > Group[304]: 10309 > Group[305]: 10310 > Group[306]: 10311 > Group[307]: 10312 > Group[308]: 10313 > Group[309]: 10314 > Group[310]: 10315 > Group[311]: 10316 > Group[312]: 10317 > Group[313]: 10318 > Group[314]: 10319 > Group[315]: 10320 > Group[316]: 10321 > Group[317]: 10322 > Group[318]: 10323 > Group[319]: 10324 > Group[320]: 10325 > Group[321]: 10326 > Group[322]: 10327 > Group[323]: 10328 > Group[324]: 10329 > Group[325]: 10330 > Group[326]: 10331 > Group[327]: 10332 > Group[328]: 10333 > Group[329]: 10334 > Group[330]: 10335 > Group[331]: 10336 > Group[332]: 10337 > Group[333]: 10338 > Group[334]: 10339 > Group[335]: 10340 > Group[336]: 10341 > Group[337]: 10342 > Group[338]: 10343 > Group[339]: 10344 > Group[340]: 10345 > Group[341]: 10346 > Group[342]: 10347 > Group[343]: 10348 > Group[344]: 10349 > Group[345]: 10350 > Group[346]: 10351 > Group[347]: 10352 > Group[348]: 10353 > Group[349]: 10354 > Group[350]: 10355 > Group[351]: 10356 > Group[352]: 10357 > Group[353]: 10358 > Group[354]: 10359 > Group[355]: 10360 > Group[356]: 10361 > Group[357]: 10362 > Group[358]: 10363 > Group[359]: 10364 > Group[360]: 10365 > Group[361]: 10366 > Group[362]: 10367 > Group[363]: 10368 > Group[364]: 10369 > Group[365]: 10370 > Group[366]: 10371 > Group[367]: 10372 > Group[368]: 10373 > Group[369]: 10374 > Group[370]: 10375 > Group[371]: 10376 > Group[372]: 10377 > Group[373]: 10378 > Group[374]: 10379 > Group[375]: 10380 > Group[376]: 10381 > Group[377]: 10382 > Group[378]: 10383 > Group[379]: 10384 > Group[380]: 10385 > Group[381]: 10386 > Group[382]: 10387 > Group[383]: 10388 > Group[384]: 10389 > Group[385]: 10390 > Group[386]: 10391 > Group[387]: 10392 > Group[388]: 10393 > Group[389]: 10394 > Group[390]: 10395 > Group[391]: 10396 > Group[392]: 10397 > Group[393]: 10398 > Group[394]: 10399 > Group[395]: 10400 > Group[396]: 10401 > Group[397]: 10402 > Group[398]: 10403 > Group[399]: 10404 > Group[400]: 10002 > Group[401]: 10003 > Group[402]: 10004 > Group[403]: 10001 >[2012/11/09 16:29:16.553827, 5] smbd/uid.c:317(change_to_user_internal) > Impersonated user: uid=(0,10000), gid=(0,71) >[2012/11/09 16:29:16.553883, 3] smbd/trans2.c:2286(call_trans2findfirst) > call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=1, close_if_end = 1 requires_resume_key = 1 level = 0x104, max_data_bytes = 16384 >[2012/11/09 16:29:16.553932, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/ps5ui.dll" >[2012/11/09 16:29:16.553981, 3] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [x64/3/ps5ui.dll] [/var/lib/samba/drivers] >[2012/11/09 16:29:16.554017, 3] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: x64/3/ps5ui.dll reduced to /var/lib/samba/drivers/x64/3/ps5ui.dll >[2012/11/09 16:29:16.554037, 5] smbd/trans2.c:2371(call_trans2findfirst) > dir=x64/3, mask = ps5ui.dll >[2012/11/09 16:29:16.554057, 5] smbd/dir.c:439(dptr_create) > dptr_create dir=x64/3 >[2012/11/09 16:29:16.554076, 3] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [x64/3] [/var/lib/samba/drivers] >[2012/11/09 16:29:16.554098, 3] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: x64/3 reduced to /var/lib/samba/drivers/x64/3 >[2012/11/09 16:29:16.554127, 3] smbd/dir.c:578(dptr_create) > creating new dirptr 256 for path x64/3, expect_close = 1 >[2012/11/09 16:29:16.554148, 4] smbd/trans2.c:2439(call_trans2findfirst) > dptr_num is 256, wcard = ps5ui.dll, attr = 22 >[2012/11/09 16:29:16.554167, 8] smbd/trans2.c:2448(call_trans2findfirst) > dirpath=<x64/3> dontdescend=<> >[2012/11/09 16:29:16.554193, 6] smbd/dir.c:969(smbd_dirptr_get_entry) > smbd_dirptr_get_entry: dirptr 0x7fa2eacbb820 now at offset -1 >[2012/11/09 16:29:16.554215, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/ps5ui.dll >[2012/11/09 16:29:16.554246, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.554267, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.554299, 3] smbd/dir.c:1041(smbd_dirptr_get_entry) > smbd_dirptr_get_entry mask=[ps5ui.dll] found x64/3/ps5ui.dll fname=ps5ui.dll (ps5ui.dll) >[2012/11/09 16:29:16.554327, 5] smbd/trans2.c:2505(call_trans2findfirst) > call_trans2findfirst - (2) closing dptr_num 256 >[2012/11/09 16:29:16.554367, 4] smbd/dir.c:257(dptr_close_internal) > closing dptr key 256 >[2012/11/09 16:29:16.554396, 9] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 10, data_sent_thistime = 112, useable_space = 131010 >[2012/11/09 16:29:16.554417, 9] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 10, data_to_send = 112, paramsize = 10, datasize = 112 >[2012/11/09 16:29:16.554435, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.554446, 5] lib/util.c:342(show_msg) > size=180 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=54400 > smt_wct=10 > smb_vwv[ 0]= 10 (0xA) > smb_vwv[ 1]= 112 (0x70) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 10 (0xA) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 112 (0x70) > smb_vwv[ 7]= 68 (0x44) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=125 >[2012/11/09 16:29:16.554641, 4] smbd/trans2.c:2549(call_trans2findfirst) > SMBtrans2 mask=ps5ui.dll directory=x64/3 dirtype=22 numentries=1 >[2012/11/09 16:29:16.557677, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x78 >[2012/11/09 16:29:16.557748, 3] smbd/process.c:1662(process_smb) > Transaction 101 of length 124 (0 toread) >[2012/11/09 16:29:16.557789, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.557811, 5] lib/util.c:342(show_msg) > size=120 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=54464 > smt_wct=15 > smb_vwv[ 0]= 52 (0x34) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 10 (0xA) > smb_vwv[ 3]=16384 (0x4000) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 52 (0x34) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 1 (0x1) > smb_bcc=55 >[2012/11/09 16:29:16.558168, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.558204, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.558247, 3] smbd/trans2.c:2286(call_trans2findfirst) > call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=1, close_if_end = 1 requires_resume_key = 1 level = 0x104, max_data_bytes = 16384 >[2012/11/09 16:29:16.558292, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/yyyp0708.ppd" >[2012/11/09 16:29:16.558324, 3] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [x64/3/yyyp0708.ppd] [/var/lib/samba/drivers] >[2012/11/09 16:29:16.558355, 3] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: x64/3/yyyp0708.ppd reduced to /var/lib/samba/drivers/x64/3/yyyp0708.ppd >[2012/11/09 16:29:16.558375, 5] smbd/trans2.c:2371(call_trans2findfirst) > dir=x64/3, mask = yyyp0708.ppd >[2012/11/09 16:29:16.558395, 5] smbd/dir.c:439(dptr_create) > dptr_create dir=x64/3 >[2012/11/09 16:29:16.558414, 3] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [x64/3] [/var/lib/samba/drivers] >[2012/11/09 16:29:16.558437, 3] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: x64/3 reduced to /var/lib/samba/drivers/x64/3 >[2012/11/09 16:29:16.558464, 3] smbd/dir.c:578(dptr_create) > creating new dirptr 256 for path x64/3, expect_close = 1 >[2012/11/09 16:29:16.558484, 4] smbd/trans2.c:2439(call_trans2findfirst) > dptr_num is 256, wcard = yyyp0708.ppd, attr = 22 >[2012/11/09 16:29:16.558503, 8] smbd/trans2.c:2448(call_trans2findfirst) > dirpath=<x64/3> dontdescend=<> >[2012/11/09 16:29:16.558547, 6] smbd/dir.c:969(smbd_dirptr_get_entry) > smbd_dirptr_get_entry: dirptr 0x7fa2eaca7500 now at offset -1 >[2012/11/09 16:29:16.558570, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/yyyp0708.ppd >[2012/11/09 16:29:16.558590, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.558609, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.558640, 3] smbd/dir.c:1041(smbd_dirptr_get_entry) > smbd_dirptr_get_entry mask=[yyyp0708.ppd] found x64/3/yyyp0708.ppd fname=yyyp0708.ppd (yyyp0708.ppd) >[2012/11/09 16:29:16.558668, 5] smbd/trans2.c:2505(call_trans2findfirst) > call_trans2findfirst - (2) closing dptr_num 256 >[2012/11/09 16:29:16.558688, 4] smbd/dir.c:257(dptr_close_internal) > closing dptr key 256 >[2012/11/09 16:29:16.558712, 9] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 10, data_sent_thistime = 120, useable_space = 131010 >[2012/11/09 16:29:16.558732, 9] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 10, data_to_send = 120, paramsize = 10, datasize = 120 >[2012/11/09 16:29:16.558750, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.558761, 5] lib/util.c:342(show_msg) > size=188 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=54464 > smt_wct=10 > smb_vwv[ 0]= 10 (0xA) > smb_vwv[ 1]= 120 (0x78) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 10 (0xA) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 120 (0x78) > smb_vwv[ 7]= 68 (0x44) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=133 >[2012/11/09 16:29:16.558939, 4] smbd/trans2.c:2549(call_trans2findfirst) > SMBtrans2 mask=yyyp0708.ppd directory=x64/3 dirtype=22 numentries=1 >[2012/11/09 16:29:16.562046, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x76 >[2012/11/09 16:29:16.562116, 3] smbd/process.c:1662(process_smb) > Transaction 102 of length 122 (0 toread) >[2012/11/09 16:29:16.562150, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.562170, 5] lib/util.c:342(show_msg) > size=118 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=54528 > smt_wct=15 > smb_vwv[ 0]= 50 (0x32) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 10 (0xA) > smb_vwv[ 3]=16384 (0x4000) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 50 (0x32) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 1 (0x1) > smb_bcc=53 >[2012/11/09 16:29:16.562527, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.562568, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.562612, 3] smbd/trans2.c:2286(call_trans2findfirst) > call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=1, close_if_end = 1 requires_resume_key = 1 level = 0x104, max_data_bytes = 16384 >[2012/11/09 16:29:16.562660, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/pscript.hlp" >[2012/11/09 16:29:16.562708, 3] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [x64/3/pscript.hlp] [/var/lib/samba/drivers] >[2012/11/09 16:29:16.562758, 3] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: x64/3/pscript.hlp reduced to /var/lib/samba/drivers/x64/3/pscript.hlp >[2012/11/09 16:29:16.562793, 5] smbd/trans2.c:2371(call_trans2findfirst) > dir=x64/3, mask = pscript.hlp >[2012/11/09 16:29:16.562827, 5] smbd/dir.c:439(dptr_create) > dptr_create dir=x64/3 >[2012/11/09 16:29:16.562860, 3] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [x64/3] [/var/lib/samba/drivers] >[2012/11/09 16:29:16.562900, 3] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: x64/3 reduced to /var/lib/samba/drivers/x64/3 >[2012/11/09 16:29:16.562965, 3] smbd/dir.c:578(dptr_create) > creating new dirptr 256 for path x64/3, expect_close = 1 >[2012/11/09 16:29:16.563000, 4] smbd/trans2.c:2439(call_trans2findfirst) > dptr_num is 256, wcard = pscript.hlp, attr = 22 >[2012/11/09 16:29:16.563032, 8] smbd/trans2.c:2448(call_trans2findfirst) > dirpath=<x64/3> dontdescend=<> >[2012/11/09 16:29:16.563073, 6] smbd/dir.c:969(smbd_dirptr_get_entry) > smbd_dirptr_get_entry: dirptr 0x7fa2eaca7500 now at offset -1 >[2012/11/09 16:29:16.563115, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/pscript.hlp >[2012/11/09 16:29:16.563153, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.563193, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.563243, 3] smbd/dir.c:1041(smbd_dirptr_get_entry) > smbd_dirptr_get_entry mask=[pscript.hlp] found x64/3/pscript.hlp fname=pscript.hlp (pscript.hlp) >[2012/11/09 16:29:16.563292, 5] smbd/trans2.c:2505(call_trans2findfirst) > call_trans2findfirst - (2) closing dptr_num 256 >[2012/11/09 16:29:16.563332, 4] smbd/dir.c:257(dptr_close_internal) > closing dptr key 256 >[2012/11/09 16:29:16.563380, 9] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 10, data_sent_thistime = 116, useable_space = 131010 >[2012/11/09 16:29:16.563422, 9] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 10, data_to_send = 116, paramsize = 10, datasize = 116 >[2012/11/09 16:29:16.563462, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.563485, 5] lib/util.c:342(show_msg) > size=184 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=54528 > smt_wct=10 > smb_vwv[ 0]= 10 (0xA) > smb_vwv[ 1]= 116 (0x74) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 10 (0xA) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 116 (0x74) > smb_vwv[ 7]= 68 (0x44) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=129 >[2012/11/09 16:29:16.563767, 4] smbd/trans2.c:2549(call_trans2findfirst) > SMBtrans2 mask=pscript.hlp directory=x64/3 dirtype=22 numentries=1 >[2012/11/09 16:29:16.566501, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x76 >[2012/11/09 16:29:16.566581, 3] smbd/process.c:1662(process_smb) > Transaction 103 of length 122 (0 toread) >[2012/11/09 16:29:16.566618, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.566635, 5] lib/util.c:342(show_msg) > size=118 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=54592 > smt_wct=15 > smb_vwv[ 0]= 50 (0x32) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 10 (0xA) > smb_vwv[ 3]=16384 (0x4000) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 50 (0x32) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 1 (0x1) > smb_bcc=53 >[2012/11/09 16:29:16.566924, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.566957, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.566991, 3] smbd/trans2.c:2286(call_trans2findfirst) > call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=1, close_if_end = 1 requires_resume_key = 1 level = 0x104, max_data_bytes = 16384 >[2012/11/09 16:29:16.567031, 5] smbd/filename.c:257(unix_convert) > unix_convert called on file "x64/3/pscript.ntf" >[2012/11/09 16:29:16.567077, 3] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [x64/3/pscript.ntf] [/var/lib/samba/drivers] >[2012/11/09 16:29:16.567124, 3] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: x64/3/pscript.ntf reduced to /var/lib/samba/drivers/x64/3/pscript.ntf >[2012/11/09 16:29:16.567157, 5] smbd/trans2.c:2371(call_trans2findfirst) > dir=x64/3, mask = pscript.ntf >[2012/11/09 16:29:16.567189, 5] smbd/dir.c:439(dptr_create) > dptr_create dir=x64/3 >[2012/11/09 16:29:16.567242, 3] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [x64/3] [/var/lib/samba/drivers] >[2012/11/09 16:29:16.567283, 3] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: x64/3 reduced to /var/lib/samba/drivers/x64/3 >[2012/11/09 16:29:16.567323, 3] smbd/dir.c:578(dptr_create) > creating new dirptr 256 for path x64/3, expect_close = 1 >[2012/11/09 16:29:16.567354, 4] smbd/trans2.c:2439(call_trans2findfirst) > dptr_num is 256, wcard = pscript.ntf, attr = 22 >[2012/11/09 16:29:16.567383, 8] smbd/trans2.c:2448(call_trans2findfirst) > dirpath=<x64/3> dontdescend=<> >[2012/11/09 16:29:16.567422, 6] smbd/dir.c:969(smbd_dirptr_get_entry) > smbd_dirptr_get_entry: dirptr 0x7fa2eaca7500 now at offset -1 >[2012/11/09 16:29:16.567456, 8] smbd/dosmode.c:621(dos_mode) > dos_mode: x64/3/pscript.ntf >[2012/11/09 16:29:16.567485, 8] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning >[2012/11/09 16:29:16.567507, 8] smbd/dosmode.c:672(dos_mode) > dos_mode returning >[2012/11/09 16:29:16.567537, 3] smbd/dir.c:1041(smbd_dirptr_get_entry) > smbd_dirptr_get_entry mask=[pscript.ntf] found x64/3/pscript.ntf fname=pscript.ntf (pscript.ntf) >[2012/11/09 16:29:16.567565, 5] smbd/trans2.c:2505(call_trans2findfirst) > call_trans2findfirst - (2) closing dptr_num 256 >[2012/11/09 16:29:16.567586, 4] smbd/dir.c:257(dptr_close_internal) > closing dptr key 256 >[2012/11/09 16:29:16.567611, 9] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 10, data_sent_thistime = 116, useable_space = 131010 >[2012/11/09 16:29:16.567640, 9] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 10, data_to_send = 116, paramsize = 10, datasize = 116 >[2012/11/09 16:29:16.567675, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.567696, 5] lib/util.c:342(show_msg) > size=184 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=5012 > smb_uid=101 > smb_mid=54592 > smt_wct=10 > smb_vwv[ 0]= 10 (0xA) > smb_vwv[ 1]= 116 (0x74) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 10 (0xA) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 116 (0x74) > smb_vwv[ 7]= 68 (0x44) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=129 >[2012/11/09 16:29:16.567959, 4] smbd/trans2.c:2549(call_trans2findfirst) > SMBtrans2 mask=pscript.ntf directory=x64/3 dirtype=22 numentries=1 >[2012/11/09 16:29:16.570123, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x29 >[2012/11/09 16:29:16.570167, 3] smbd/process.c:1662(process_smb) > Transaction 104 of length 45 (0 toread) >[2012/11/09 16:29:16.570188, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.570199, 5] lib/util.c:342(show_msg) > size=41 > smb_com=0x4 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=54656 > smt_wct=3 > smb_vwv[ 0]= 8219 (0x201B) > smb_vwv[ 1]=65535 (0xFFFF) > smb_vwv[ 2]=65535 (0xFFFF) > smb_bcc=0 >[2012/11/09 16:29:16.570315, 3] smbd/process.c:1467(switch_message) > switch message SMBclose (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.570336, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.570355, 3] smbd/reply.c:4848(reply_close) > close fd=37 fnum=8219 (numopen=7) >[2012/11/09 16:29:16.570375, 6] smbd/close.c:532(set_close_write_time) > close_write_time: Sun Feb 7 07:28:15 2106 >[2012/11/09 16:29:16.570427, 2] smbd/close.c:696(close_normal_file) > BROSE+pfoerfr closed file x64/3/pscript5.dll (numopen=6) NT_STATUS_OK >[2012/11/09 16:29:16.570453, 5] smbd/files.c:482(file_free) > freed files structure 8219 (8 used) >[2012/11/09 16:29:16.570474, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.570486, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0x4 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=54656 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.574066, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x29 >[2012/11/09 16:29:16.574170, 3] smbd/process.c:1662(process_smb) > Transaction 105 of length 45 (0 toread) >[2012/11/09 16:29:16.574208, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.574230, 5] lib/util.c:342(show_msg) > size=41 > smb_com=0x4 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=54720 > smt_wct=3 > smb_vwv[ 0]= 8213 (0x2015) > smb_vwv[ 1]=65535 (0xFFFF) > smb_vwv[ 2]=65535 (0xFFFF) > smb_bcc=0 >[2012/11/09 16:29:16.574431, 3] smbd/process.c:1467(switch_message) > switch message SMBclose (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.574462, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.574498, 3] smbd/reply.c:4848(reply_close) > close fd=32 fnum=8213 (numopen=6) >[2012/11/09 16:29:16.574531, 6] smbd/close.c:532(set_close_write_time) > close_write_time: Sun Feb 7 07:28:15 2106 >[2012/11/09 16:29:16.574620, 2] smbd/close.c:696(close_normal_file) > BROSE+pfoerfr closed file x64/3/pscript5.dll (numopen=5) NT_STATUS_OK >[2012/11/09 16:29:16.574662, 5] smbd/files.c:482(file_free) > freed files structure 8213 (7 used) >[2012/11/09 16:29:16.574702, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.574725, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0x4 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=54720 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.576164, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x29 >[2012/11/09 16:29:16.576221, 3] smbd/process.c:1662(process_smb) > Transaction 106 of length 45 (0 toread) >[2012/11/09 16:29:16.576258, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.576279, 5] lib/util.c:342(show_msg) > size=41 > smb_com=0x4 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=54784 > smt_wct=3 > smb_vwv[ 0]= 8221 (0x201D) > smb_vwv[ 1]=65535 (0xFFFF) > smb_vwv[ 2]=65535 (0xFFFF) > smb_bcc=0 >[2012/11/09 16:29:16.576500, 3] smbd/process.c:1467(switch_message) > switch message SMBclose (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.576538, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.576573, 3] smbd/reply.c:4848(reply_close) > close fd=38 fnum=8221 (numopen=5) >[2012/11/09 16:29:16.576611, 6] smbd/close.c:532(set_close_write_time) > close_write_time: Sun Feb 7 07:28:15 2106 >[2012/11/09 16:29:16.576691, 2] smbd/close.c:696(close_normal_file) > BROSE+pfoerfr closed file x64/3/ps5ui.dll (numopen=4) NT_STATUS_OK >[2012/11/09 16:29:16.576736, 5] smbd/files.c:482(file_free) > freed files structure 8221 (6 used) >[2012/11/09 16:29:16.576775, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.576797, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0x4 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=54784 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.578238, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x29 >[2012/11/09 16:29:16.578305, 3] smbd/process.c:1662(process_smb) > Transaction 107 of length 45 (0 toread) >[2012/11/09 16:29:16.578342, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.578363, 5] lib/util.c:342(show_msg) > size=41 > smb_com=0x4 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=54848 > smt_wct=3 > smb_vwv[ 0]= 8214 (0x2016) > smb_vwv[ 1]=65535 (0xFFFF) > smb_vwv[ 2]=65535 (0xFFFF) > smb_bcc=0 >[2012/11/09 16:29:16.578536, 3] smbd/process.c:1467(switch_message) > switch message SMBclose (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.578567, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.578597, 3] smbd/reply.c:4848(reply_close) > close fd=33 fnum=8214 (numopen=4) >[2012/11/09 16:29:16.578635, 6] smbd/close.c:532(set_close_write_time) > close_write_time: Sun Feb 7 07:28:15 2106 >[2012/11/09 16:29:16.578733, 2] smbd/close.c:696(close_normal_file) > BROSE+pfoerfr closed file x64/3/ps5ui.dll (numopen=3) NT_STATUS_OK >[2012/11/09 16:29:16.578773, 5] smbd/files.c:482(file_free) > freed files structure 8214 (5 used) >[2012/11/09 16:29:16.578806, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.578821, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0x4 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=54848 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.580174, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x29 >[2012/11/09 16:29:16.580221, 3] smbd/process.c:1662(process_smb) > Transaction 108 of length 45 (0 toread) >[2012/11/09 16:29:16.580248, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.580263, 5] lib/util.c:342(show_msg) > size=41 > smb_com=0x4 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=54912 > smt_wct=3 > smb_vwv[ 0]= 8215 (0x2017) > smb_vwv[ 1]=65535 (0xFFFF) > smb_vwv[ 2]=65535 (0xFFFF) > smb_bcc=0 >[2012/11/09 16:29:16.580429, 3] smbd/process.c:1467(switch_message) > switch message SMBclose (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.580457, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.580517, 3] smbd/reply.c:4848(reply_close) > close fd=34 fnum=8215 (numopen=3) >[2012/11/09 16:29:16.580549, 6] smbd/close.c:532(set_close_write_time) > close_write_time: Sun Feb 7 07:28:15 2106 >[2012/11/09 16:29:16.580606, 2] smbd/close.c:696(close_normal_file) > BROSE+pfoerfr closed file x64/3/yyyp0708.ppd (numopen=2) NT_STATUS_OK >[2012/11/09 16:29:16.580640, 5] smbd/files.c:482(file_free) > freed files structure 8215 (4 used) >[2012/11/09 16:29:16.580670, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.580686, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0x4 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=54912 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.582283, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x29 >[2012/11/09 16:29:16.582341, 3] smbd/process.c:1662(process_smb) > Transaction 109 of length 45 (0 toread) >[2012/11/09 16:29:16.582362, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.582374, 5] lib/util.c:342(show_msg) > size=41 > smb_com=0x4 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=54976 > smt_wct=3 > smb_vwv[ 0]= 8216 (0x2018) > smb_vwv[ 1]=65535 (0xFFFF) > smb_vwv[ 2]=65535 (0xFFFF) > smb_bcc=0 >[2012/11/09 16:29:16.582494, 3] smbd/process.c:1467(switch_message) > switch message SMBclose (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.582516, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.582537, 3] smbd/reply.c:4848(reply_close) > close fd=35 fnum=8216 (numopen=2) >[2012/11/09 16:29:16.582557, 6] smbd/close.c:532(set_close_write_time) > close_write_time: Sun Feb 7 07:28:15 2106 >[2012/11/09 16:29:16.582608, 2] smbd/close.c:696(close_normal_file) > BROSE+pfoerfr closed file x64/3/pscript.hlp (numopen=1) NT_STATUS_OK >[2012/11/09 16:29:16.582634, 5] smbd/files.c:482(file_free) > freed files structure 8216 (3 used) >[2012/11/09 16:29:16.582656, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.582668, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0x4 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=54976 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.583883, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x29 >[2012/11/09 16:29:16.583920, 3] smbd/process.c:1662(process_smb) > Transaction 110 of length 45 (0 toread) >[2012/11/09 16:29:16.583940, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.583951, 5] lib/util.c:342(show_msg) > size=41 > smb_com=0x4 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=55040 > smt_wct=3 > smb_vwv[ 0]= 8217 (0x2019) > smb_vwv[ 1]=65535 (0xFFFF) > smb_vwv[ 2]=65535 (0xFFFF) > smb_bcc=0 >[2012/11/09 16:29:16.584093, 3] smbd/process.c:1467(switch_message) > switch message SMBclose (pid 12629) conn 0x7fa2eacb8b60 >[2012/11/09 16:29:16.584114, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.584134, 3] smbd/reply.c:4848(reply_close) > close fd=36 fnum=8217 (numopen=1) >[2012/11/09 16:29:16.584154, 6] smbd/close.c:532(set_close_write_time) > close_write_time: Sun Feb 7 07:28:15 2106 >[2012/11/09 16:29:16.584196, 2] smbd/close.c:696(close_normal_file) > BROSE+pfoerfr closed file x64/3/pscript.ntf (numopen=0) NT_STATUS_OK >[2012/11/09 16:29:16.584221, 5] smbd/files.c:482(file_free) > freed files structure 8217 (2 used) >[2012/11/09 16:29:16.584243, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.584255, 5] lib/util.c:342(show_msg) > size=35 > smb_com=0x4 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=2 > smb_pid=65279 > smb_uid=101 > smb_mid=55040 > smt_wct=0 > smb_bcc=0 >[2012/11/09 16:29:16.742693, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x890 >[2012/11/09 16:29:16.742794, 3] smbd/process.c:1662(process_smb) > Transaction 111 of length 2196 (0 toread) >[2012/11/09 16:29:16.742826, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.742850, 5] lib/util.c:342(show_msg) > size=2192 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=55104 > smt_wct=16 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 2108 (0x83C) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 4280 (0x10B8) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 84 (0x54) > smb_vwv[11]= 2108 (0x83C) > smb_vwv[12]= 84 (0x54) > smb_vwv[13]= 2 (0x2) > smb_vwv[14]= 38 (0x26) > smb_vwv[15]= 8212 (0x2014) > smb_bcc=2125 >[2012/11/09 16:29:16.743192, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:16.743227, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:16.743266, 5] ../libcli/security/security_token.c:63(security_token_debug) > Security token SIDs (811): > SID[ 0]: S-1-5-21-160562036-3150058255-2134394716-19743 > SID[ 1]: S-1-5-21-160562036-3150058255-2134394716-513 > SID[ 2]: S-1-5-21-160562036-3150058255-2134394716-334230 > SID[ 3]: S-1-5-21-160562036-3150058255-2134394716-23353 > SID[ 4]: S-1-5-21-160562036-3150058255-2134394716-304793 > SID[ 5]: S-1-5-21-160562036-3150058255-2134394716-269408 > SID[ 6]: S-1-5-21-160562036-3150058255-2134394716-50420 > SID[ 7]: S-1-5-21-160562036-3150058255-2134394716-113634 > SID[ 8]: S-1-5-21-160562036-3150058255-2134394716-113662 > SID[ 9]: S-1-5-21-160562036-3150058255-2134394716-260755 > SID[ 10]: S-1-5-21-160562036-3150058255-2134394716-288770 > SID[ 11]: S-1-5-21-160562036-3150058255-2134394716-67892 > SID[ 12]: S-1-5-21-160562036-3150058255-2134394716-20800 > SID[ 13]: S-1-5-21-160562036-3150058255-2134394716-269744 > SID[ 14]: S-1-5-21-160562036-3150058255-2134394716-63803 > SID[ 15]: S-1-5-21-160562036-3150058255-2134394716-360934 > SID[ 16]: S-1-5-21-160562036-3150058255-2134394716-421750 > SID[ 17]: S-1-5-21-160562036-3150058255-2134394716-294313 > SID[ 18]: S-1-5-21-160562036-3150058255-2134394716-109619 > SID[ 19]: S-1-5-21-160562036-3150058255-2134394716-13623 > SID[ 20]: S-1-5-21-160562036-3150058255-2134394716-113660 > SID[ 21]: S-1-5-21-160562036-3150058255-2134394716-13846 > SID[ 22]: S-1-5-21-160562036-3150058255-2134394716-351693 > SID[ 23]: S-1-5-21-160562036-3150058255-2134394716-56178 > SID[ 24]: S-1-5-21-160562036-3150058255-2134394716-268914 > SID[ 25]: S-1-5-21-160562036-3150058255-2134394716-276389 > SID[ 26]: S-1-5-21-160562036-3150058255-2134394716-294265 > SID[ 27]: S-1-5-21-160562036-3150058255-2134394716-289050 > SID[ 28]: S-1-5-21-160562036-3150058255-2134394716-284074 > SID[ 29]: S-1-5-21-160562036-3150058255-2134394716-353623 > SID[ 30]: S-1-5-21-160562036-3150058255-2134394716-60632 > SID[ 31]: S-1-5-21-160562036-3150058255-2134394716-299617 > SID[ 32]: S-1-5-21-160562036-3150058255-2134394716-269875 > SID[ 33]: S-1-5-21-160562036-3150058255-2134394716-260777 > SID[ 34]: S-1-5-21-160562036-3150058255-2134394716-72011 > SID[ 35]: S-1-5-21-160562036-3150058255-2134394716-56174 > SID[ 36]: S-1-5-21-160562036-3150058255-2134394716-294145 > SID[ 37]: S-1-5-21-160562036-3150058255-2134394716-46643 > SID[ 38]: S-1-5-21-160562036-3150058255-2134394716-110684 > SID[ 39]: S-1-5-21-160562036-3150058255-2134394716-69476 > SID[ 40]: S-1-5-21-160562036-3150058255-2134394716-354438 > SID[ 41]: S-1-5-21-160562036-3150058255-2134394716-288215 > SID[ 42]: S-1-5-21-160562036-3150058255-2134394716-418124 > SID[ 43]: S-1-5-21-160562036-3150058255-2134394716-32947 > SID[ 44]: S-1-5-21-160562036-3150058255-2134394716-373447 > SID[ 45]: S-1-5-21-160562036-3150058255-2134394716-21119 > SID[ 46]: S-1-5-21-160562036-3150058255-2134394716-254283 > SID[ 47]: S-1-5-21-160562036-3150058255-2134394716-21918 > SID[ 48]: S-1-5-21-160562036-3150058255-2134394716-268915 > SID[ 49]: S-1-5-21-160562036-3150058255-2134394716-267093 > SID[ 50]: S-1-5-21-160562036-3150058255-2134394716-340888 > SID[ 51]: S-1-5-21-160562036-3150058255-2134394716-294363 > SID[ 52]: S-1-5-21-160562036-3150058255-2134394716-414620 > SID[ 53]: S-1-5-21-160562036-3150058255-2134394716-260959 > SID[ 54]: S-1-5-21-160562036-3150058255-2134394716-56176 > SID[ 55]: S-1-5-21-160562036-3150058255-2134394716-373472 > SID[ 56]: S-1-5-21-160562036-3150058255-2134394716-294492 > SID[ 57]: S-1-5-21-160562036-3150058255-2134394716-373554 > SID[ 58]: S-1-5-21-160562036-3150058255-2134394716-104382 > SID[ 59]: S-1-5-21-160562036-3150058255-2134394716-294361 > SID[ 60]: S-1-5-21-160562036-3150058255-2134394716-245149 > SID[ 61]: S-1-5-21-160562036-3150058255-2134394716-32807 > SID[ 62]: S-1-5-21-160562036-3150058255-2134394716-63805 > SID[ 63]: S-1-5-21-160562036-3150058255-2134394716-290135 > SID[ 64]: S-1-5-21-160562036-3150058255-2134394716-248439 > SID[ 65]: S-1-5-21-160562036-3150058255-2134394716-58745 > SID[ 66]: S-1-5-21-160562036-3150058255-2134394716-288316 > SID[ 67]: S-1-5-21-160562036-3150058255-2134394716-373441 > SID[ 68]: S-1-5-21-160562036-3150058255-2134394716-268916 > SID[ 69]: S-1-5-21-160562036-3150058255-2134394716-17597 > SID[ 70]: S-1-5-21-160562036-3150058255-2134394716-113654 > SID[ 71]: S-1-5-21-160562036-3150058255-2134394716-304050 > SID[ 72]: S-1-5-21-160562036-3150058255-2134394716-112626 > SID[ 73]: S-1-5-21-160562036-3150058255-2134394716-360946 > SID[ 74]: S-1-5-21-160562036-3150058255-2134394716-1116 > SID[ 75]: S-1-5-21-160562036-3150058255-2134394716-294490 > SID[ 76]: S-1-5-21-160562036-3150058255-2134394716-373442 > SID[ 77]: S-1-5-21-160562036-3150058255-2134394716-402137 > SID[ 78]: S-1-5-21-160562036-3150058255-2134394716-373470 > SID[ 79]: S-1-5-21-160562036-3150058255-2134394716-284963 > SID[ 80]: S-1-5-21-160562036-3150058255-2134394716-21963 > SID[ 81]: S-1-5-21-160562036-3150058255-2134394716-373556 > SID[ 82]: S-1-5-21-160562036-3150058255-2134394716-351504 > SID[ 83]: S-1-5-21-160562036-3150058255-2134394716-360382 > SID[ 84]: S-1-5-21-160562036-3150058255-2134394716-266966 > SID[ 85]: S-1-5-21-160562036-3150058255-2134394716-63797 > SID[ 86]: S-1-5-21-160562036-3150058255-2134394716-31306 > SID[ 87]: S-1-5-21-160562036-3150058255-2134394716-420969 > SID[ 88]: S-1-5-21-160562036-3150058255-2134394716-58439 > SID[ 89]: S-1-5-21-160562036-3150058255-2134394716-351240 > SID[ 90]: S-1-5-21-160562036-3150058255-2134394716-290160 > SID[ 91]: S-1-5-21-160562036-3150058255-2134394716-335340 > SID[ 92]: S-1-5-21-160562036-3150058255-2134394716-32819 > SID[ 93]: S-1-5-21-160562036-3150058255-2134394716-63801 > SID[ 94]: S-1-5-21-160562036-3150058255-2134394716-53171 > SID[ 95]: S-1-5-21-160562036-3150058255-2134394716-294243 > SID[ 96]: S-1-5-21-160562036-3150058255-2134394716-350032 > SID[ 97]: S-1-5-21-160562036-3150058255-2134394716-63737 > SID[ 98]: S-1-5-21-160562036-3150058255-2134394716-13863 > SID[ 99]: S-1-5-21-160562036-3150058255-2134394716-351719 > SID[100]: S-1-5-21-160562036-3150058255-2134394716-56165 > SID[101]: S-1-5-21-160562036-3150058255-2134394716-113646 > SID[102]: S-1-5-21-160562036-3150058255-2134394716-430811 > SID[103]: S-1-5-21-160562036-3150058255-2134394716-284081 > SID[104]: S-1-5-21-160562036-3150058255-2134394716-256696 > SID[105]: S-1-5-21-160562036-3150058255-2134394716-416414 > SID[106]: S-1-5-21-160562036-3150058255-2134394716-49609 > SID[107]: S-1-5-21-160562036-3150058255-2134394716-377791 > SID[108]: S-1-5-21-160562036-3150058255-2134394716-32821 > SID[109]: S-1-5-21-160562036-3150058255-2134394716-359223 > SID[110]: S-1-5-21-160562036-3150058255-2134394716-284091 > SID[111]: S-1-5-21-160562036-3150058255-2134394716-433713 > SID[112]: S-1-5-21-160562036-3150058255-2134394716-33100 > SID[113]: S-1-5-21-160562036-3150058255-2134394716-416203 > SID[114]: S-1-5-21-160562036-3150058255-2134394716-317007 > SID[115]: S-1-5-21-160562036-3150058255-2134394716-69542 > SID[116]: S-1-5-21-160562036-3150058255-2134394716-268918 > SID[117]: S-1-5-21-160562036-3150058255-2134394716-69428 > SID[118]: S-1-5-21-160562036-3150058255-2134394716-316764 > SID[119]: S-1-5-21-160562036-3150058255-2134394716-55705 > SID[120]: S-1-5-21-160562036-3150058255-2134394716-291229 > SID[121]: S-1-5-21-160562036-3150058255-2134394716-250116 > SID[122]: S-1-5-21-160562036-3150058255-2134394716-294315 > SID[123]: S-1-5-21-160562036-3150058255-2134394716-402469 > SID[124]: S-1-5-21-160562036-3150058255-2134394716-256697 > SID[125]: S-1-5-21-160562036-3150058255-2134394716-418438 > SID[126]: S-1-5-21-160562036-3150058255-2134394716-435652 > SID[127]: S-1-5-21-160562036-3150058255-2134394716-45010 > SID[128]: S-1-5-21-160562036-3150058255-2134394716-322368 > SID[129]: S-1-5-21-160562036-3150058255-2134394716-267090 > SID[130]: S-1-5-21-160562036-3150058255-2134394716-32825 > SID[131]: S-1-5-21-160562036-3150058255-2134394716-35099 > SID[132]: S-1-5-21-160562036-3150058255-2134394716-56157 > SID[133]: S-1-5-21-160562036-3150058255-2134394716-113648 > SID[134]: S-1-5-21-160562036-3150058255-2134394716-55709 > SID[135]: S-1-5-21-160562036-3150058255-2134394716-108789 > SID[136]: S-1-5-21-160562036-3150058255-2134394716-56159 > SID[137]: S-1-5-21-160562036-3150058255-2134394716-268919 > SID[138]: S-1-5-21-160562036-3150058255-2134394716-245147 > SID[139]: S-1-5-21-160562036-3150058255-2134394716-430693 > SID[140]: S-1-5-21-160562036-3150058255-2134394716-289617 > SID[141]: S-1-5-21-160562036-3150058255-2134394716-373445 > SID[142]: S-1-5-21-160562036-3150058255-2134394716-14282 > SID[143]: S-1-5-21-160562036-3150058255-2134394716-433712 > SID[144]: S-1-5-21-160562036-3150058255-2134394716-59232 > SID[145]: S-1-5-21-160562036-3150058255-2134394716-33429 > SID[146]: S-1-5-21-160562036-3150058255-2134394716-437634 > SID[147]: S-1-5-21-160562036-3150058255-2134394716-23354 > SID[148]: S-1-5-21-160562036-3150058255-2134394716-113636 > SID[149]: S-1-5-21-160562036-3150058255-2134394716-63799 > SID[150]: S-1-5-21-160562036-3150058255-2134394716-261009 > SID[151]: S-1-5-21-160562036-3150058255-2134394716-290498 > SID[152]: S-1-5-21-160562036-3150058255-2134394716-375928 > SID[153]: S-1-5-21-160562036-3150058255-2134394716-276407 > SID[154]: S-1-5-21-160562036-3150058255-2134394716-357401 > SID[155]: S-1-5-21-160562036-3150058255-2134394716-357385 > SID[156]: S-1-5-21-160562036-3150058255-2134394716-269404 > SID[157]: S-1-5-21-160562036-3150058255-2134394716-67790 > SID[158]: S-1-5-21-160562036-3150058255-2134394716-392120 > SID[159]: S-1-5-21-160562036-3150058255-2134394716-276395 > SID[160]: S-1-5-21-160562036-3150058255-2134394716-113343 > SID[161]: S-1-5-21-160562036-3150058255-2134394716-56172 > SID[162]: S-1-5-21-160562036-3150058255-2134394716-402467 > SID[163]: S-1-5-21-160562036-3150058255-2134394716-293007 > SID[164]: S-1-5-21-160562036-3150058255-2134394716-427942 > SID[165]: S-1-5-21-160562036-3150058255-2134394716-373529 > SID[166]: S-1-5-21-160562036-3150058255-2134394716-263163 > SID[167]: S-1-5-21-160562036-3150058255-2134394716-64111 > SID[168]: S-1-5-21-160562036-3150058255-2134394716-266852 > SID[169]: S-1-5-21-160562036-3150058255-2134394716-357892 > SID[170]: S-1-5-21-160562036-3150058255-2134394716-104429 > SID[171]: S-1-5-21-160562036-3150058255-2134394716-32813 > SID[172]: S-1-5-21-160562036-3150058255-2134394716-360722 > SID[173]: S-1-5-21-160562036-3150058255-2134394716-284092 > SID[174]: S-1-5-21-160562036-3150058255-2134394716-289619 > SID[175]: S-1-5-21-160562036-3150058255-2134394716-369316 > SID[176]: S-1-5-21-160562036-3150058255-2134394716-49542 > SID[177]: S-1-5-21-160562036-3150058255-2134394716-329659 > SID[178]: S-1-5-21-160562036-3150058255-2134394716-32809 > SID[179]: S-1-5-21-160562036-3150058255-2134394716-108767 > SID[180]: S-1-5-21-160562036-3150058255-2134394716-305399 > SID[181]: S-1-5-21-160562036-3150058255-2134394716-263161 > SID[182]: S-1-5-21-160562036-3150058255-2134394716-314050 > SID[183]: S-1-5-21-160562036-3150058255-2134394716-31001 > SID[184]: S-1-5-21-160562036-3150058255-2134394716-279682 > SID[185]: S-1-5-21-160562036-3150058255-2134394716-294147 > SID[186]: S-1-5-21-160562036-3150058255-2134394716-56163 > SID[187]: S-1-5-21-160562036-3150058255-2134394716-285751 > SID[188]: S-1-5-21-160562036-3150058255-2134394716-21723 > SID[189]: S-1-5-21-160562036-3150058255-2134394716-8332 > SID[190]: S-1-5-21-160562036-3150058255-2134394716-32827 > SID[191]: S-1-5-21-160562036-3150058255-2134394716-256460 > SID[192]: S-1-5-21-160562036-3150058255-2134394716-256183 > SID[193]: S-1-5-21-160562036-3150058255-2134394716-300424 > SID[194]: S-1-5-21-160562036-3150058255-2134394716-55677 > SID[195]: S-1-5-21-160562036-3150058255-2134394716-253145 > SID[196]: S-1-5-21-160562036-3150058255-2134394716-63804 > SID[197]: S-1-5-21-160562036-3150058255-2134394716-358866 > SID[198]: S-1-5-21-160562036-3150058255-2134394716-32823 > SID[199]: S-1-5-21-160562036-3150058255-2134394716-276620 > SID[200]: S-1-5-21-160562036-3150058255-2134394716-361940 > SID[201]: S-1-5-21-160562036-3150058255-2134394716-49274 > SID[202]: S-1-5-21-160562036-3150058255-2134394716-402177 > SID[203]: S-1-5-21-160562036-3150058255-2134394716-252230 > SID[204]: S-1-5-21-160562036-3150058255-2134394716-321100 > SID[205]: S-1-5-21-160562036-3150058255-2134394716-20801 > SID[206]: S-1-5-21-160562036-3150058255-2134394716-276621 > SID[207]: S-1-5-21-160562036-3150058255-2134394716-252010 > SID[208]: S-1-5-21-160562036-3150058255-2134394716-292766 > SID[209]: S-1-5-21-160562036-3150058255-2134394716-37331 > SID[210]: S-1-5-21-160562036-3150058255-2134394716-260776 > SID[211]: S-1-5-21-160562036-3150058255-2134394716-386708 > SID[212]: S-1-5-21-160562036-3150058255-2134394716-374616 > SID[213]: S-1-5-21-160562036-3150058255-2134394716-21084 > SID[214]: S-1-5-21-160562036-3150058255-2134394716-294267 > SID[215]: S-1-5-21-160562036-3150058255-2134394716-63802 > SID[216]: S-1-5-21-160562036-3150058255-2134394716-31186 > SID[217]: S-1-5-21-160562036-3150058255-2134394716-105575 > SID[218]: S-1-5-21-160562036-3150058255-2134394716-361874 > SID[219]: S-1-5-21-160562036-3150058255-2134394716-360362 > SID[220]: S-1-5-21-160562036-3150058255-2134394716-357734 > SID[221]: S-1-5-21-160562036-3150058255-2134394716-294241 > SID[222]: S-1-5-21-160562036-3150058255-2134394716-251778 > SID[223]: S-1-5-21-160562036-3150058255-2134394716-49510 > SID[224]: S-1-5-21-160562036-3150058255-2134394716-35015 > SID[225]: S-1-5-21-160562036-3150058255-2134394716-20749 > SID[226]: S-1-5-21-160562036-3150058255-2134394716-294291 > SID[227]: S-1-5-21-160562036-3150058255-2134394716-254469 > SID[228]: S-1-5-21-160562036-3150058255-2134394716-247296 > SID[229]: S-1-5-21-160562036-3150058255-2134394716-63798 > SID[230]: S-1-5-21-160562036-3150058255-2134394716-59035 > SID[231]: S-1-5-21-160562036-3150058255-2134394716-430331 > SID[232]: S-1-5-21-160562036-3150058255-2134394716-21301 > SID[233]: S-1-5-21-160562036-3150058255-2134394716-55627 > SID[234]: S-1-5-21-160562036-3150058255-2134394716-32815 > SID[235]: S-1-5-21-160562036-3150058255-2134394716-277164 > SID[236]: S-1-5-21-160562036-3150058255-2134394716-21552 > SID[237]: S-1-5-21-160562036-3150058255-2134394716-56622 > SID[238]: S-1-5-21-160562036-3150058255-2134394716-37315 > SID[239]: S-1-5-21-160562036-3150058255-2134394716-334225 > SID[240]: S-1-5-21-160562036-3150058255-2134394716-338141 > SID[241]: S-1-5-21-160562036-3150058255-2134394716-246169 > SID[242]: S-1-5-21-160562036-3150058255-2134394716-297835 > SID[243]: S-1-5-21-160562036-3150058255-2134394716-353615 > SID[244]: S-1-5-21-160562036-3150058255-2134394716-322371 > SID[245]: S-1-5-21-160562036-3150058255-2134394716-63235 > SID[246]: S-1-5-21-160562036-3150058255-2134394716-266849 > SID[247]: S-1-5-21-160562036-3150058255-2134394716-293998 > SID[248]: S-1-5-21-160562036-3150058255-2134394716-433714 > SID[249]: S-1-5-21-160562036-3150058255-2134394716-107694 > SID[250]: S-1-5-21-160562036-3150058255-2134394716-288317 > SID[251]: S-1-5-21-160562036-3150058255-2134394716-44135 > SID[252]: S-1-5-21-160562036-3150058255-2134394716-290560 > SID[253]: S-1-5-21-160562036-3150058255-2134394716-322681 > SID[254]: S-1-5-21-160562036-3150058255-2134394716-283109 > SID[255]: S-1-5-21-160562036-3150058255-2134394716-357879 > SID[256]: S-1-5-21-160562036-3150058255-2134394716-289046 > SID[257]: S-1-5-21-160562036-3150058255-2134394716-32803 > SID[258]: S-1-5-21-160562036-3150058255-2134394716-343968 > SID[259]: S-1-5-21-160562036-3150058255-2134394716-50792 > SID[260]: S-1-5-21-160562036-3150058255-2134394716-50518 > SID[261]: S-1-5-21-160562036-3150058255-2134394716-37238 > SID[262]: S-1-5-21-160562036-3150058255-2134394716-360465 > SID[263]: S-1-5-21-160562036-3150058255-2134394716-366652 > SID[264]: S-1-5-21-160562036-3150058255-2134394716-294094 > SID[265]: S-1-5-21-160562036-3150058255-2134394716-288540 > SID[266]: S-1-5-21-160562036-3150058255-2134394716-297984 > SID[267]: S-1-5-21-160562036-3150058255-2134394716-276427 > SID[268]: S-1-5-21-160562036-3150058255-2134394716-333792 > SID[269]: S-1-5-21-160562036-3150058255-2134394716-427342 > SID[270]: S-1-5-21-160562036-3150058255-2134394716-333794 > SID[271]: S-1-5-21-160562036-3150058255-2134394716-290460 > SID[272]: S-1-5-21-160562036-3150058255-2134394716-294091 > SID[273]: S-1-5-21-160562036-3150058255-2134394716-333793 > SID[274]: S-1-5-21-160562036-3150058255-2134394716-338207 > SID[275]: S-1-5-21-160562036-3150058255-2134394716-409571 > SID[276]: S-1-5-21-160562036-3150058255-2134394716-294054 > SID[277]: S-1-5-21-160562036-3150058255-2134394716-30854 > SID[278]: S-1-5-21-160562036-3150058255-2134394716-288547 > SID[279]: S-1-5-21-160562036-3150058255-2134394716-365347 > SID[280]: S-1-5-21-6776287-465249537-1446904402-4108 > SID[281]: S-1-5-21-160562036-3150058255-2134394716-58230 > SID[282]: S-1-5-21-160562036-3150058255-2134394716-357400 > SID[283]: S-1-5-21-160562036-3150058255-2134394716-343966 > SID[284]: S-1-5-21-160562036-3150058255-2134394716-104268 > SID[285]: S-1-5-21-160562036-3150058255-2134394716-334228 > SID[286]: S-1-5-21-160562036-3150058255-2134394716-357384 > SID[287]: S-1-5-21-160562036-3150058255-2134394716-64500 > SID[288]: S-1-5-21-160562036-3150058255-2134394716-291227 > SID[289]: S-1-5-21-160562036-3150058255-2134394716-62708 > SID[290]: S-1-5-21-160562036-3150058255-2134394716-266847 > SID[291]: S-1-5-21-160562036-3150058255-2134394716-313857 > SID[292]: S-1-5-21-160562036-3150058255-2134394716-350031 > SID[293]: S-1-5-21-160562036-3150058255-2134394716-373448 > SID[294]: S-1-5-21-160562036-3150058255-2134394716-420970 > SID[295]: S-1-5-21-160562036-3150058255-2134394716-351238 > SID[296]: S-1-5-21-160562036-3150058255-2134394716-11861 > SID[297]: S-1-5-21-160562036-3150058255-2134394716-353613 > SID[298]: S-1-5-21-160562036-3150058255-2134394716-322679 > SID[299]: S-1-5-21-160562036-3150058255-2134394716-253148 > SID[300]: S-1-5-21-160562036-3150058255-2134394716-277162 > SID[301]: S-1-5-21-160562036-3150058255-2134394716-304048 > SID[302]: S-1-5-21-160562036-3150058255-2134394716-288768 > SID[303]: S-1-5-21-160562036-3150058255-2134394716-62920 > SID[304]: S-1-5-21-160562036-3150058255-2134394716-62814 > SID[305]: S-1-5-21-160562036-3150058255-2134394716-338139 > SID[306]: S-1-5-21-160562036-3150058255-2134394716-266850 > SID[307]: S-1-5-21-160562036-3150058255-2134394716-74038 > SID[308]: S-1-5-21-160562036-3150058255-2134394716-62715 > SID[309]: S-1-5-21-160562036-3150058255-2134394716-357877 > SID[310]: S-1-5-21-160562036-3150058255-2134394716-252117 > SID[311]: S-1-5-21-160562036-3150058255-2134394716-322372 > SID[312]: S-1-5-21-160562036-3150058255-2134394716-65121 > SID[313]: S-1-5-21-160562036-3150058255-2134394716-62711 > SID[314]: S-1-5-21-160562036-3150058255-2134394716-267091 > SID[315]: S-1-5-21-160562036-3150058255-2134394716-24652 > SID[316]: S-1-5-21-160562036-3150058255-2134394716-360933 > SID[317]: S-1-5-21-160562036-3150058255-2134394716-354437 > SID[318]: S-1-5-21-160562036-3150058255-2134394716-249119 > SID[319]: S-1-5-21-160562036-3150058255-2134394716-248731 > SID[320]: S-1-5-21-160562036-3150058255-2134394716-64215 > SID[321]: S-1-5-21-160562036-3150058255-2134394716-373475 > SID[322]: S-1-5-21-160562036-3150058255-2134394716-250664 > SID[323]: S-1-5-21-160562036-3150058255-2134394716-267088 > SID[324]: S-1-5-21-160562036-3150058255-2134394716-50311 > SID[325]: S-1-5-21-160562036-3150058255-2134394716-62644 > SID[326]: S-1-5-21-160562036-3150058255-2134394716-69148 > SID[327]: S-1-5-21-160562036-3150058255-2134394716-360380 > SID[328]: S-1-5-21-160562036-3150058255-2134394716-52124 > SID[329]: S-1-5-21-160562036-3150058255-2134394716-351502 > SID[330]: S-1-5-21-160562036-3150058255-2134394716-317005 > SID[331]: S-1-5-21-160562036-3150058255-2134394716-62713 > SID[332]: S-1-5-21-160562036-3150058255-2134394716-313855 > SID[333]: S-1-5-21-160562036-3150058255-2134394716-53143 > SID[334]: S-1-5-21-160562036-3150058255-2134394716-349705 > SID[335]: S-1-5-21-160562036-3150058255-2134394716-357732 > SID[336]: S-1-5-21-160562036-3150058255-2134394716-402142 > SID[337]: S-1-5-21-160562036-3150058255-2134394716-50421 > SID[338]: S-1-5-21-160562036-3150058255-2134394716-357890 > SID[339]: S-1-5-21-160562036-3150058255-2134394716-416413 > SID[340]: S-1-5-21-160562036-3150058255-2134394716-255117 > SID[341]: S-1-5-21-160562036-3150058255-2134394716-73891 > SID[342]: S-1-5-21-160562036-3150058255-2134394716-377792 > SID[343]: S-1-5-21-160562036-3150058255-2134394716-63081 > SID[344]: S-1-5-21-160562036-3150058255-2134394716-386707 > SID[345]: S-1-5-21-160562036-3150058255-2134394716-64112 > SID[346]: S-1-5-21-160562036-3150058255-2134394716-256555 > SID[347]: S-1-5-21-160562036-3150058255-2134394716-361939 > SID[348]: S-1-5-21-160562036-3150058255-2134394716-62709 > SID[349]: S-1-5-21-160562036-3150058255-2134394716-248759 > SID[350]: S-1-5-21-160562036-3150058255-2134394716-359221 > SID[351]: S-1-5-21-160562036-3150058255-2134394716-310730 > SID[352]: S-1-5-21-160562036-3150058255-2134394716-109617 > SID[353]: S-1-5-21-160562036-3150058255-2134394716-60474 > SID[354]: S-1-5-21-160562036-3150058255-2134394716-402472 > SID[355]: S-1-5-21-160562036-3150058255-2134394716-55679 > SID[356]: S-1-5-21-160562036-3150058255-2134394716-69153 > SID[357]: S-1-5-21-160562036-3150058255-2134394716-22265 > SID[358]: S-1-5-21-160562036-3150058255-2134394716-423112 > SID[359]: S-1-5-21-160562036-3150058255-2134394716-289044 > SID[360]: S-1-5-21-160562036-3150058255-2134394716-67791 > SID[361]: S-1-5-21-160562036-3150058255-2134394716-69156 > SID[362]: S-1-5-21-160562036-3150058255-2134394716-62712 > SID[363]: S-1-5-21-160562036-3150058255-2134394716-360721 > SID[364]: S-1-5-21-160562036-3150058255-2134394716-435651 > SID[365]: S-1-5-21-160562036-3150058255-2134394716-69149 > SID[366]: S-1-5-21-160562036-3150058255-2134394716-73730 > SID[367]: S-1-5-21-160562036-3150058255-2134394716-243660 > SID[368]: S-1-5-21-160562036-3150058255-2134394716-104280 > SID[369]: S-1-5-21-160562036-3150058255-2134394716-430692 > SID[370]: S-1-5-21-160562036-3150058255-2134394716-256558 > SID[371]: S-1-5-21-160562036-3150058255-2134394716-54515 > SID[372]: S-1-5-21-160562036-3150058255-2134394716-334223 > SID[373]: S-1-5-21-160562036-3150058255-2134394716-304790 > SID[374]: S-1-5-21-160562036-3150058255-2134394716-373528 > SID[375]: S-1-5-21-160562036-3150058255-2134394716-375927 > SID[376]: S-1-5-21-160562036-3150058255-2134394716-74039 > SID[377]: S-1-5-21-160562036-3150058255-2134394716-62781 > SID[378]: S-1-5-21-160562036-3150058255-2134394716-69157 > SID[379]: S-1-5-21-160562036-3150058255-2134394716-309445 > SID[380]: S-1-5-21-160562036-3150058255-2134394716-62733 > SID[381]: S-1-5-21-160562036-3150058255-2134394716-418123 > SID[382]: S-1-5-21-160562036-3150058255-2134394716-64415 > SID[383]: S-1-5-21-160562036-3150058255-2134394716-414619 > SID[384]: S-1-5-21-160562036-3150058255-2134394716-373446 > SID[385]: S-1-5-21-160562036-3150058255-2134394716-289048 > SID[386]: S-1-5-21-160562036-3150058255-2134394716-69158 > SID[387]: S-1-5-21-160562036-3150058255-2134394716-373559 > SID[388]: S-1-5-21-160562036-3150058255-2134394716-110686 > SID[389]: S-1-5-21-160562036-3150058255-2134394716-260757 > SID[390]: S-1-5-21-160562036-3150058255-2134394716-249663 > SID[391]: S-1-5-21-160562036-3150058255-2134394716-249619 > SID[392]: S-1-5-21-160562036-3150058255-2134394716-321098 > SID[393]: S-1-5-21-160562036-3150058255-2134394716-64497 > SID[394]: S-1-5-21-160562036-3150058255-2134394716-112627 > SID[395]: S-1-5-21-160562036-3150058255-2134394716-62710 > SID[396]: S-1-5-21-160562036-3150058255-2134394716-360361 > SID[397]: S-1-5-21-160562036-3150058255-2134394716-353621 > SID[398]: S-1-5-21-160562036-3150058255-2134394716-365152 > SID[399]: S-1-5-21-160562036-3150058255-2134394716-69544 > SID[400]: S-1-5-21-160562036-3150058255-2134394716-249644 > SID[401]: S-1-5-21-160562036-3150058255-2134394716-55625 > SID[402]: S-1-1-0 > SID[403]: S-1-5-2 > SID[404]: S-1-5-11 > SID[405]: S-1-5-32-545 > SID[406]: S-1-22-1-10000 > SID[407]: S-1-22-2-10006 > SID[408]: S-1-22-2-10007 > SID[409]: S-1-22-2-10008 > SID[410]: S-1-22-2-10009 > SID[411]: S-1-22-2-10010 > SID[412]: S-1-22-2-10011 > SID[413]: S-1-22-2-10012 > SID[414]: S-1-22-2-10013 > SID[415]: S-1-22-2-10014 > SID[416]: S-1-22-2-10015 > SID[417]: S-1-22-2-10016 > SID[418]: S-1-22-2-10017 > SID[419]: S-1-22-2-10018 > SID[420]: S-1-22-2-10019 > SID[421]: S-1-22-2-10020 > SID[422]: S-1-22-2-10021 > SID[423]: S-1-22-2-10022 > SID[424]: S-1-22-2-10023 > SID[425]: S-1-22-2-10024 > SID[426]: S-1-22-2-10025 > SID[427]: S-1-22-2-10026 > SID[428]: S-1-22-2-10027 > SID[429]: S-1-22-2-10028 > SID[430]: S-1-22-2-10029 > SID[431]: S-1-22-2-10030 > SID[432]: S-1-22-2-10031 > SID[433]: S-1-22-2-10032 > SID[434]: S-1-22-2-10033 > SID[435]: S-1-22-2-10034 > SID[436]: S-1-22-2-10035 > SID[437]: S-1-22-2-10036 > SID[438]: S-1-22-2-10037 > SID[439]: S-1-22-2-10038 > SID[440]: S-1-22-2-10039 > SID[441]: S-1-22-2-10040 > SID[442]: S-1-22-2-10041 > SID[443]: S-1-22-2-10042 > SID[444]: S-1-22-2-10043 > SID[445]: S-1-22-2-10044 > SID[446]: S-1-22-2-10045 > SID[447]: S-1-22-2-10046 > SID[448]: S-1-22-2-10047 > SID[449]: S-1-22-2-10048 > SID[450]: S-1-22-2-10049 > SID[451]: S-1-22-2-10050 > SID[452]: S-1-22-2-10051 > SID[453]: S-1-22-2-10052 > SID[454]: S-1-22-2-10053 > SID[455]: S-1-22-2-10054 > SID[456]: S-1-22-2-10055 > SID[457]: S-1-22-2-10056 > SID[458]: S-1-22-2-10057 > SID[459]: S-1-22-2-10058 > SID[460]: S-1-22-2-10059 > SID[461]: S-1-22-2-10060 > SID[462]: S-1-22-2-10061 > SID[463]: S-1-22-2-10062 > SID[464]: S-1-22-2-10063 > SID[465]: S-1-22-2-10064 > SID[466]: S-1-22-2-10065 > SID[467]: S-1-22-2-10066 > SID[468]: S-1-22-2-10067 > SID[469]: S-1-22-2-10068 > SID[470]: S-1-22-2-10069 > SID[471]: S-1-22-2-10070 > SID[472]: S-1-22-2-10071 > SID[473]: S-1-22-2-10072 > SID[474]: S-1-22-2-10073 > SID[475]: S-1-22-2-10074 > SID[476]: S-1-22-2-10075 > SID[477]: S-1-22-2-10076 > SID[478]: S-1-22-2-10077 > SID[479]: S-1-22-2-10078 > SID[480]: S-1-22-2-10079 > SID[481]: S-1-22-2-10080 > SID[482]: S-1-22-2-10081 > SID[483]: S-1-22-2-10082 > SID[484]: S-1-22-2-10083 > SID[485]: S-1-22-2-10084 > SID[486]: S-1-22-2-10085 > SID[487]: S-1-22-2-10086 > SID[488]: S-1-22-2-10087 > SID[489]: S-1-22-2-10088 > SID[490]: S-1-22-2-10089 > SID[491]: S-1-22-2-10090 > SID[492]: S-1-22-2-10091 > SID[493]: S-1-22-2-10092 > SID[494]: S-1-22-2-10093 > SID[495]: S-1-22-2-10094 > SID[496]: S-1-22-2-10095 > SID[497]: S-1-22-2-10096 > SID[498]: S-1-22-2-10097 > SID[499]: S-1-22-2-10098 > SID[500]: S-1-22-2-10099 > SID[501]: S-1-22-2-10100 > SID[502]: S-1-22-2-10101 > SID[503]: S-1-22-2-10102 > SID[504]: S-1-22-2-10103 > SID[505]: S-1-22-2-10104 > SID[506]: S-1-22-2-10105 > SID[507]: S-1-22-2-10106 > SID[508]: S-1-22-2-10107 > SID[509]: S-1-22-2-10108 > SID[510]: S-1-22-2-10109 > SID[511]: S-1-22-2-10110 > SID[512]: S-1-22-2-10111 > SID[513]: S-1-22-2-10112 > SID[514]: S-1-22-2-10113 > SID[515]: S-1-22-2-10114 > SID[516]: S-1-22-2-10115 > SID[517]: S-1-22-2-10116 > SID[518]: S-1-22-2-10117 > SID[519]: S-1-22-2-10118 > SID[520]: S-1-22-2-10119 > SID[521]: S-1-22-2-10120 > SID[522]: S-1-22-2-10121 > SID[523]: S-1-22-2-10122 > SID[524]: S-1-22-2-10123 > SID[525]: S-1-22-2-10124 > SID[526]: S-1-22-2-10125 > SID[527]: S-1-22-2-10126 > SID[528]: S-1-22-2-10127 > SID[529]: S-1-22-2-10128 > SID[530]: S-1-22-2-10129 > SID[531]: S-1-22-2-10130 > SID[532]: S-1-22-2-10131 > SID[533]: S-1-22-2-10132 > SID[534]: S-1-22-2-10133 > SID[535]: S-1-22-2-10134 > SID[536]: S-1-22-2-10135 > SID[537]: S-1-22-2-10136 > SID[538]: S-1-22-2-10137 > SID[539]: S-1-22-2-10138 > SID[540]: S-1-22-2-10139 > SID[541]: S-1-22-2-10140 > SID[542]: S-1-22-2-10141 > SID[543]: S-1-22-2-10142 > SID[544]: S-1-22-2-10143 > SID[545]: S-1-22-2-10144 > SID[546]: S-1-22-2-10145 > SID[547]: S-1-22-2-10146 > SID[548]: S-1-22-2-10147 > SID[549]: S-1-22-2-10148 > SID[550]: S-1-22-2-10149 > SID[551]: S-1-22-2-10150 > SID[552]: S-1-22-2-10471 > SID[553]: S-1-22-2-10151 > SID[554]: S-1-22-2-10152 > SID[555]: S-1-22-2-10153 > SID[556]: S-1-22-2-10154 > SID[557]: S-1-22-2-10155 > SID[558]: S-1-22-2-10156 > SID[559]: S-1-22-2-10157 > SID[560]: S-1-22-2-10158 > SID[561]: S-1-22-2-10159 > SID[562]: S-1-22-2-10160 > SID[563]: S-1-22-2-10161 > SID[564]: S-1-22-2-10162 > SID[565]: S-1-22-2-10163 > SID[566]: S-1-22-2-10164 > SID[567]: S-1-22-2-10165 > SID[568]: S-1-22-2-10166 > SID[569]: S-1-22-2-10167 > SID[570]: S-1-22-2-10168 > SID[571]: S-1-22-2-10169 > SID[572]: S-1-22-2-10170 > SID[573]: S-1-22-2-10171 > SID[574]: S-1-22-2-10172 > SID[575]: S-1-22-2-10173 > SID[576]: S-1-22-2-10174 > SID[577]: S-1-22-2-10175 > SID[578]: S-1-22-2-10176 > SID[579]: S-1-22-2-10177 > SID[580]: S-1-22-2-10178 > SID[581]: S-1-22-2-10179 > SID[582]: S-1-22-2-10180 > SID[583]: S-1-22-2-10181 > SID[584]: S-1-22-2-10182 > SID[585]: S-1-22-2-10183 > SID[586]: S-1-22-2-10184 > SID[587]: S-1-22-2-10185 > SID[588]: S-1-22-2-10186 > SID[589]: S-1-22-2-10187 > SID[590]: S-1-22-2-10188 > SID[591]: S-1-22-2-10189 > SID[592]: S-1-22-2-10190 > SID[593]: S-1-22-2-10191 > SID[594]: S-1-22-2-10192 > SID[595]: S-1-22-2-10193 > SID[596]: S-1-22-2-10194 > SID[597]: S-1-22-2-10195 > SID[598]: S-1-22-2-10196 > SID[599]: S-1-22-2-10197 > SID[600]: S-1-22-2-10198 > SID[601]: S-1-22-2-10199 > SID[602]: S-1-22-2-10200 > SID[603]: S-1-22-2-10201 > SID[604]: S-1-22-2-10202 > SID[605]: S-1-22-2-10203 > SID[606]: S-1-22-2-10204 > SID[607]: S-1-22-2-10205 > SID[608]: S-1-22-2-10206 > SID[609]: S-1-22-2-10207 > SID[610]: S-1-22-2-10208 > SID[611]: S-1-22-2-10209 > SID[612]: S-1-22-2-10210 > SID[613]: S-1-22-2-10211 > SID[614]: S-1-22-2-10212 > SID[615]: S-1-22-2-10213 > SID[616]: S-1-22-2-10214 > SID[617]: S-1-22-2-10215 > SID[618]: S-1-22-2-10216 > SID[619]: S-1-22-2-10217 > SID[620]: S-1-22-2-10218 > SID[621]: S-1-22-2-10219 > SID[622]: S-1-22-2-10220 > SID[623]: S-1-22-2-10221 > SID[624]: S-1-22-2-10222 > SID[625]: S-1-22-2-10223 > SID[626]: S-1-22-2-10224 > SID[627]: S-1-22-2-10225 > SID[628]: S-1-22-2-10226 > SID[629]: S-1-22-2-10227 > SID[630]: S-1-22-2-10228 > SID[631]: S-1-22-2-10229 > SID[632]: S-1-22-2-10230 > SID[633]: S-1-22-2-10231 > SID[634]: S-1-22-2-10232 > SID[635]: S-1-22-2-10233 > SID[636]: S-1-22-2-10234 > SID[637]: S-1-22-2-10235 > SID[638]: S-1-22-2-10236 > SID[639]: S-1-22-2-10237 > SID[640]: S-1-22-2-10238 > SID[641]: S-1-22-2-10239 > SID[642]: S-1-22-2-10240 > SID[643]: S-1-22-2-10241 > SID[644]: S-1-22-2-10242 > SID[645]: S-1-22-2-10243 > SID[646]: S-1-22-2-10244 > SID[647]: S-1-22-2-10245 > SID[648]: S-1-22-2-10246 > SID[649]: S-1-22-2-10247 > SID[650]: S-1-22-2-10248 > SID[651]: S-1-22-2-10249 > SID[652]: S-1-22-2-10250 > SID[653]: S-1-22-2-10251 > SID[654]: S-1-22-2-10252 > SID[655]: S-1-22-2-10253 > SID[656]: S-1-22-2-10254 > SID[657]: S-1-22-2-10255 > SID[658]: S-1-22-2-10256 > SID[659]: S-1-22-2-10257 > SID[660]: S-1-22-2-10258 > SID[661]: S-1-22-2-10259 > SID[662]: S-1-22-2-10260 > SID[663]: S-1-22-2-10261 > SID[664]: S-1-22-2-10262 > SID[665]: S-1-22-2-10263 > SID[666]: S-1-22-2-10264 > SID[667]: S-1-22-2-10265 > SID[668]: S-1-22-2-10266 > SID[669]: S-1-22-2-10267 > SID[670]: S-1-22-2-10268 > SID[671]: S-1-22-2-10269 > SID[672]: S-1-22-2-10270 > SID[673]: S-1-22-2-10271 > SID[674]: S-1-22-2-10272 > SID[675]: S-1-22-2-10273 > SID[676]: S-1-22-2-10274 > SID[677]: S-1-22-2-10275 > SID[678]: S-1-22-2-10276 > SID[679]: S-1-22-2-10277 > SID[680]: S-1-22-2-10278 > SID[681]: S-1-22-2-10279 > SID[682]: S-1-22-2-10280 > SID[683]: S-1-22-2-10281 > SID[684]: S-1-22-2-10282 > SID[685]: S-1-22-2-10283 > SID[686]: S-1-22-2-10284 > SID[687]: S-1-22-2-10285 > SID[688]: S-1-22-2-10286 > SID[689]: S-1-22-2-10287 > SID[690]: S-1-22-2-10288 > SID[691]: S-1-22-2-10289 > SID[692]: S-1-22-2-10290 > SID[693]: S-1-22-2-10291 > SID[694]: S-1-22-2-10292 > SID[695]: S-1-22-2-10293 > SID[696]: S-1-22-2-10294 > SID[697]: S-1-22-2-10295 > SID[698]: S-1-22-2-10296 > SID[699]: S-1-22-2-10297 > SID[700]: S-1-22-2-10298 > SID[701]: S-1-22-2-10299 > SID[702]: S-1-22-2-10300 > SID[703]: S-1-22-2-10301 > SID[704]: S-1-22-2-10302 > SID[705]: S-1-22-2-10303 > SID[706]: S-1-22-2-10304 > SID[707]: S-1-22-2-10305 > SID[708]: S-1-22-2-10306 > SID[709]: S-1-22-2-10307 > SID[710]: S-1-22-2-10308 > SID[711]: S-1-22-2-10309 > SID[712]: S-1-22-2-10310 > SID[713]: S-1-22-2-10311 > SID[714]: S-1-22-2-10312 > SID[715]: S-1-22-2-10313 > SID[716]: S-1-22-2-10314 > SID[717]: S-1-22-2-10315 > SID[718]: S-1-22-2-10316 > SID[719]: S-1-22-2-10317 > SID[720]: S-1-22-2-10318 > SID[721]: S-1-22-2-10319 > SID[722]: S-1-22-2-10320 > SID[723]: S-1-22-2-10321 > SID[724]: S-1-22-2-10322 > SID[725]: S-1-22-2-10323 > SID[726]: S-1-22-2-10324 > SID[727]: S-1-22-2-10325 > SID[728]: S-1-22-2-10326 > SID[729]: S-1-22-2-10327 > SID[730]: S-1-22-2-10328 > SID[731]: S-1-22-2-10329 > SID[732]: S-1-22-2-10330 > SID[733]: S-1-22-2-10331 > SID[734]: S-1-22-2-10332 > SID[735]: S-1-22-2-10333 > SID[736]: S-1-22-2-10334 > SID[737]: S-1-22-2-10335 > SID[738]: S-1-22-2-10336 > SID[739]: S-1-22-2-10337 > SID[740]: S-1-22-2-10338 > SID[741]: S-1-22-2-10339 > SID[742]: S-1-22-2-10340 > SID[743]: S-1-22-2-10341 > SID[744]: S-1-22-2-10342 > SID[745]: S-1-22-2-10343 > SID[746]: S-1-22-2-10344 > SID[747]: S-1-22-2-10345 > SID[748]: S-1-22-2-10346 > SID[749]: S-1-22-2-10347 > SID[750]: S-1-22-2-10348 > SID[751]: S-1-22-2-10349 > SID[752]: S-1-22-2-10350 > SID[753]: S-1-22-2-10351 > SID[754]: S-1-22-2-10352 > SID[755]: S-1-22-2-10353 > SID[756]: S-1-22-2-10354 > SID[757]: S-1-22-2-10355 > SID[758]: S-1-22-2-10356 > SID[759]: S-1-22-2-10357 > SID[760]: S-1-22-2-10358 > SID[761]: S-1-22-2-10359 > SID[762]: S-1-22-2-10360 > SID[763]: S-1-22-2-10361 > SID[764]: S-1-22-2-10362 > SID[765]: S-1-22-2-10363 > SID[766]: S-1-22-2-10364 > SID[767]: S-1-22-2-10365 > SID[768]: S-1-22-2-10366 > SID[769]: S-1-22-2-10367 > SID[770]: S-1-22-2-10368 > SID[771]: S-1-22-2-10369 > SID[772]: S-1-22-2-10370 > SID[773]: S-1-22-2-10371 > SID[774]: S-1-22-2-10372 > SID[775]: S-1-22-2-10373 > SID[776]: S-1-22-2-10374 > SID[777]: S-1-22-2-10375 > SID[778]: S-1-22-2-10376 > SID[779]: S-1-22-2-10377 > SID[780]: S-1-22-2-10378 > SID[781]: S-1-22-2-10379 > SID[782]: S-1-22-2-10380 > SID[783]: S-1-22-2-10381 > SID[784]: S-1-22-2-10382 > SID[785]: S-1-22-2-10383 > SID[786]: S-1-22-2-10384 > SID[787]: S-1-22-2-10385 > SID[788]: S-1-22-2-10386 > SID[789]: S-1-22-2-10387 > SID[790]: S-1-22-2-10388 > SID[791]: S-1-22-2-10389 > SID[792]: S-1-22-2-10390 > SID[793]: S-1-22-2-10391 > SID[794]: S-1-22-2-10392 > SID[795]: S-1-22-2-10393 > SID[796]: S-1-22-2-10394 > SID[797]: S-1-22-2-10395 > SID[798]: S-1-22-2-10396 > SID[799]: S-1-22-2-10397 > SID[800]: S-1-22-2-10398 > SID[801]: S-1-22-2-10399 > SID[802]: S-1-22-2-10400 > SID[803]: S-1-22-2-10401 > SID[804]: S-1-22-2-10402 > SID[805]: S-1-22-2-10403 > SID[806]: S-1-22-2-10404 > SID[807]: S-1-22-2-10002 > SID[808]: S-1-22-2-10003 > SID[809]: S-1-22-2-10004 > SID[810]: S-1-22-2-10001 > Privileges (0x 20): > Privilege[ 0]: SePrintOperatorPrivilege > Rights (0x 0): >[2012/11/09 16:29:16.755753, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 10000 > Primary group is 10006 and contains 404 supplementary groups > Group[ 0]: 10006 > Group[ 1]: 10007 > Group[ 2]: 10008 > Group[ 3]: 10009 > Group[ 4]: 10010 > Group[ 5]: 10011 > Group[ 6]: 10012 > Group[ 7]: 10013 > Group[ 8]: 10014 > Group[ 9]: 10015 > Group[ 10]: 10016 > Group[ 11]: 10017 > Group[ 12]: 10018 > Group[ 13]: 10019 > Group[ 14]: 10020 > Group[ 15]: 10021 > Group[ 16]: 10022 > Group[ 17]: 10023 > Group[ 18]: 10024 > Group[ 19]: 10025 > Group[ 20]: 10026 > Group[ 21]: 10027 > Group[ 22]: 10028 > Group[ 23]: 10029 > Group[ 24]: 10030 > Group[ 25]: 10031 > Group[ 26]: 10032 > Group[ 27]: 10033 > Group[ 28]: 10034 > Group[ 29]: 10035 > Group[ 30]: 10036 > Group[ 31]: 10037 > Group[ 32]: 10038 > Group[ 33]: 10039 > Group[ 34]: 10040 > Group[ 35]: 10041 > Group[ 36]: 10042 > Group[ 37]: 10043 > Group[ 38]: 10044 > Group[ 39]: 10045 > Group[ 40]: 10046 > Group[ 41]: 10047 > Group[ 42]: 10048 > Group[ 43]: 10049 > Group[ 44]: 10050 > Group[ 45]: 10051 > Group[ 46]: 10052 > Group[ 47]: 10053 > Group[ 48]: 10054 > Group[ 49]: 10055 > Group[ 50]: 10056 > Group[ 51]: 10057 > Group[ 52]: 10058 > Group[ 53]: 10059 > Group[ 54]: 10060 > Group[ 55]: 10061 > Group[ 56]: 10062 > Group[ 57]: 10063 > Group[ 58]: 10064 > Group[ 59]: 10065 > Group[ 60]: 10066 > Group[ 61]: 10067 > Group[ 62]: 10068 > Group[ 63]: 10069 > Group[ 64]: 10070 > Group[ 65]: 10071 > Group[ 66]: 10072 > Group[ 67]: 10073 > Group[ 68]: 10074 > Group[ 69]: 10075 > Group[ 70]: 10076 > Group[ 71]: 10077 > Group[ 72]: 10078 > Group[ 73]: 10079 > Group[ 74]: 10080 > Group[ 75]: 10081 > Group[ 76]: 10082 > Group[ 77]: 10083 > Group[ 78]: 10084 > Group[ 79]: 10085 > Group[ 80]: 10086 > Group[ 81]: 10087 > Group[ 82]: 10088 > Group[ 83]: 10089 > Group[ 84]: 10090 > Group[ 85]: 10091 > Group[ 86]: 10092 > Group[ 87]: 10093 > Group[ 88]: 10094 > Group[ 89]: 10095 > Group[ 90]: 10096 > Group[ 91]: 10097 > Group[ 92]: 10098 > Group[ 93]: 10099 > Group[ 94]: 10100 > Group[ 95]: 10101 > Group[ 96]: 10102 > Group[ 97]: 10103 > Group[ 98]: 10104 > Group[ 99]: 10105 > Group[100]: 10106 > Group[101]: 10107 > Group[102]: 10108 > Group[103]: 10109 > Group[104]: 10110 > Group[105]: 10111 > Group[106]: 10112 > Group[107]: 10113 > Group[108]: 10114 > Group[109]: 10115 > Group[110]: 10116 > Group[111]: 10117 > Group[112]: 10118 > Group[113]: 10119 > Group[114]: 10120 > Group[115]: 10121 > Group[116]: 10122 > Group[117]: 10123 > Group[118]: 10124 > Group[119]: 10125 > Group[120]: 10126 > Group[121]: 10127 > Group[122]: 10128 > Group[123]: 10129 > Group[124]: 10130 > Group[125]: 10131 > Group[126]: 10132 > Group[127]: 10133 > Group[128]: 10134 > Group[129]: 10135 > Group[130]: 10136 > Group[131]: 10137 > Group[132]: 10138 > Group[133]: 10139 > Group[134]: 10140 > Group[135]: 10141 > Group[136]: 10142 > Group[137]: 10143 > Group[138]: 10144 > Group[139]: 10145 > Group[140]: 10146 > Group[141]: 10147 > Group[142]: 10148 > Group[143]: 10149 > Group[144]: 10150 > Group[145]: 10471 > Group[146]: 10151 > Group[147]: 10152 > Group[148]: 10153 > Group[149]: 10154 > Group[150]: 10155 > Group[151]: 10156 > Group[152]: 10157 > Group[153]: 10158 > Group[154]: 10159 > Group[155]: 10160 > Group[156]: 10161 > Group[157]: 10162 > Group[158]: 10163 > Group[159]: 10164 > Group[160]: 10165 > Group[161]: 10166 > Group[162]: 10167 > Group[163]: 10168 > Group[164]: 10169 > Group[165]: 10170 > Group[166]: 10171 > Group[167]: 10172 > Group[168]: 10173 > Group[169]: 10174 > Group[170]: 10175 > Group[171]: 10176 > Group[172]: 10177 > Group[173]: 10178 > Group[174]: 10179 > Group[175]: 10180 > Group[176]: 10181 > Group[177]: 10182 > Group[178]: 10183 > Group[179]: 10184 > Group[180]: 10185 > Group[181]: 10186 > Group[182]: 10187 > Group[183]: 10188 > Group[184]: 10189 > Group[185]: 10190 > Group[186]: 10191 > Group[187]: 10192 > Group[188]: 10193 > Group[189]: 10194 > Group[190]: 10195 > Group[191]: 10196 > Group[192]: 10197 > Group[193]: 10198 > Group[194]: 10199 > Group[195]: 10200 > Group[196]: 10201 > Group[197]: 10202 > Group[198]: 10203 > Group[199]: 10204 > Group[200]: 10205 > Group[201]: 10206 > Group[202]: 10207 > Group[203]: 10208 > Group[204]: 10209 > Group[205]: 10210 > Group[206]: 10211 > Group[207]: 10212 > Group[208]: 10213 > Group[209]: 10214 > Group[210]: 10215 > Group[211]: 10216 > Group[212]: 10217 > Group[213]: 10218 > Group[214]: 10219 > Group[215]: 10220 > Group[216]: 10221 > Group[217]: 10222 > Group[218]: 10223 > Group[219]: 10224 > Group[220]: 10225 > Group[221]: 10226 > Group[222]: 10227 > Group[223]: 10228 > Group[224]: 10229 > Group[225]: 10230 > Group[226]: 10231 > Group[227]: 10232 > Group[228]: 10233 > Group[229]: 10234 > Group[230]: 10235 > Group[231]: 10236 > Group[232]: 10237 > Group[233]: 10238 > Group[234]: 10239 > Group[235]: 10240 > Group[236]: 10241 > Group[237]: 10242 > Group[238]: 10243 > Group[239]: 10244 > Group[240]: 10245 > Group[241]: 10246 > Group[242]: 10247 > Group[243]: 10248 > Group[244]: 10249 > Group[245]: 10250 > Group[246]: 10251 > Group[247]: 10252 > Group[248]: 10253 > Group[249]: 10254 > Group[250]: 10255 > Group[251]: 10256 > Group[252]: 10257 > Group[253]: 10258 > Group[254]: 10259 > Group[255]: 10260 > Group[256]: 10261 > Group[257]: 10262 > Group[258]: 10263 > Group[259]: 10264 > Group[260]: 10265 > Group[261]: 10266 > Group[262]: 10267 > Group[263]: 10268 > Group[264]: 10269 > Group[265]: 10270 > Group[266]: 10271 > Group[267]: 10272 > Group[268]: 10273 > Group[269]: 10274 > Group[270]: 10275 > Group[271]: 10276 > Group[272]: 10277 > Group[273]: 10278 > Group[274]: 10279 > Group[275]: 10280 > Group[276]: 10281 > Group[277]: 10282 > Group[278]: 10283 > Group[279]: 10284 > Group[280]: 10285 > Group[281]: 10286 > Group[282]: 10287 > Group[283]: 10288 > Group[284]: 10289 > Group[285]: 10290 > Group[286]: 10291 > Group[287]: 10292 > Group[288]: 10293 > Group[289]: 10294 > Group[290]: 10295 > Group[291]: 10296 > Group[292]: 10297 > Group[293]: 10298 > Group[294]: 10299 > Group[295]: 10300 > Group[296]: 10301 > Group[297]: 10302 > Group[298]: 10303 > Group[299]: 10304 > Group[300]: 10305 > Group[301]: 10306 > Group[302]: 10307 > Group[303]: 10308 > Group[304]: 10309 > Group[305]: 10310 > Group[306]: 10311 > Group[307]: 10312 > Group[308]: 10313 > Group[309]: 10314 > Group[310]: 10315 > Group[311]: 10316 > Group[312]: 10317 > Group[313]: 10318 > Group[314]: 10319 > Group[315]: 10320 > Group[316]: 10321 > Group[317]: 10322 > Group[318]: 10323 > Group[319]: 10324 > Group[320]: 10325 > Group[321]: 10326 > Group[322]: 10327 > Group[323]: 10328 > Group[324]: 10329 > Group[325]: 10330 > Group[326]: 10331 > Group[327]: 10332 > Group[328]: 10333 > Group[329]: 10334 > Group[330]: 10335 > Group[331]: 10336 > Group[332]: 10337 > Group[333]: 10338 > Group[334]: 10339 > Group[335]: 10340 > Group[336]: 10341 > Group[337]: 10342 > Group[338]: 10343 > Group[339]: 10344 > Group[340]: 10345 > Group[341]: 10346 > Group[342]: 10347 > Group[343]: 10348 > Group[344]: 10349 > Group[345]: 10350 > Group[346]: 10351 > Group[347]: 10352 > Group[348]: 10353 > Group[349]: 10354 > Group[350]: 10355 > Group[351]: 10356 > Group[352]: 10357 > Group[353]: 10358 > Group[354]: 10359 > Group[355]: 10360 > Group[356]: 10361 > Group[357]: 10362 > Group[358]: 10363 > Group[359]: 10364 > Group[360]: 10365 > Group[361]: 10366 > Group[362]: 10367 > Group[363]: 10368 > Group[364]: 10369 > Group[365]: 10370 > Group[366]: 10371 > Group[367]: 10372 > Group[368]: 10373 > Group[369]: 10374 > Group[370]: 10375 > Group[371]: 10376 > Group[372]: 10377 > Group[373]: 10378 > Group[374]: 10379 > Group[375]: 10380 > Group[376]: 10381 > Group[377]: 10382 > Group[378]: 10383 > Group[379]: 10384 > Group[380]: 10385 > Group[381]: 10386 > Group[382]: 10387 > Group[383]: 10388 > Group[384]: 10389 > Group[385]: 10390 > Group[386]: 10391 > Group[387]: 10392 > Group[388]: 10393 > Group[389]: 10394 > Group[390]: 10395 > Group[391]: 10396 > Group[392]: 10397 > Group[393]: 10398 > Group[394]: 10399 > Group[395]: 10400 > Group[396]: 10401 > Group[397]: 10402 > Group[398]: 10403 > Group[399]: 10404 > Group[400]: 10002 > Group[401]: 10003 > Group[402]: 10004 > Group[403]: 10001 >[2012/11/09 16:29:16.759736, 5] smbd/uid.c:317(change_to_user_internal) > Impersonated user: uid=(0,10000), gid=(0,10006) >[2012/11/09 16:29:16.759784, 4] smbd/vfs.c:780(vfs_ChDir) > vfs_ChDir to /var/tmp >[2012/11/09 16:29:16.759828, 3] smbd/ipc.c:560(handle_trans) > trans <\PIPE\> data=2108 params=0 setup=2 >[2012/11/09 16:29:16.759862, 5] smbd/ipc.c:593(handle_trans) > calling named_pipe >[2012/11/09 16:29:16.759890, 3] smbd/ipc.c:511(named_pipe) > named pipe command on <> name >[2012/11/09 16:29:16.759919, 5] smbd/ipc.c:434(api_fd_reply) > api_fd_reply >[2012/11/09 16:29:16.759947, 3] smbd/ipc.c:475(api_fd_reply) > Got API command 0x26 on pipe "spoolss" (pnum 2014) >[2012/11/09 16:29:16.759980, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 2108 >[2012/11/09 16:29:16.760026, 5] rpc_server/srv_pipe.c:1571(api_pipe_request) > Requested \PIPE\\spoolss >[2012/11/09 16:29:16.760061, 4] rpc_server/srv_pipe.c:1611(api_rpcTNP) > api_rpcTNP: \spoolss op 0x8 - api_rpcTNP: rpc command: SPOOLSS_GETPRINTER >[2012/11/09 16:29:16.760095, 6] rpc_server/srv_pipe.c:1645(api_rpcTNP) > api_rpc_cmds[8].fn == 0x7fa2ea3e8e50 >[2012/11/09 16:29:16.760129, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 48 00 00 00 00 00 00 00 9D 50 47 21 ....H... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.760200, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 48 00 00 00 00 00 00 00 9D 50 47 21 ....H... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.760268, 4] rpc_server/spoolss/srv_spoolss_nt.c:504(get_printer_snum) > short name:yyyp0708 >[2012/11/09 16:29:16.760318, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \winreg >[2012/11/09 16:29:16.760359, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \winreg (pipes_open=0) >[2012/11/09 16:29:16.760405, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:16.760438, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(10000, 10006) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:16.760519, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(101) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:16.760556, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:16.760585, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:16.760613, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:16.760742, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:16.760820, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[1] [0000] 00 00 00 00 57 00 00 00 00 00 00 00 9D 50 4C 21 ....W... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.760917, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 57 00 00 00 00 00 00 00 9D 50 4C 21 ....W... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.760991, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:16.761056, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:16.761118, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:16.761181, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:16.761240, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:16.761295, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:16.761371, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0708] >[2012/11/09 16:29:16.761447, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.761543, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.761733, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.761808, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.761855, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.761918, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.761961, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.762041, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.762087, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.762151, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.762195, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.762259, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.762303, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.762366, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.762409, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.762474, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.762518, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.762580, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.762625, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.762688, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.762731, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.762795, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.762839, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.762904, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.762948, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.763023, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.763067, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.763130, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.763171, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.763232, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.763275, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.763340, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.763384, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.763449, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.763495, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.763561, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.763608, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.763672, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.763714, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.763777, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.763846, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.763910, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.763952, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:16.763998, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.764063, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.764091, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:16.764141, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:16.764200, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[3] [0000] 00 00 00 00 59 00 00 00 00 00 00 00 9D 50 4C 21 ....Y... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.764277, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 59 00 00 00 00 00 00 00 9D 50 4C 21 ....Y... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.764343, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:16.764395, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:16.764448, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:16.764529, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:16.764582, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:16.764629, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:16.764692, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0708] >[2012/11/09 16:29:16.764763, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[4] [0000] 00 00 00 00 5A 00 00 00 00 00 00 00 9D 50 4C 21 ....Z... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.764849, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5A 00 00 00 00 00 00 00 9D 50 4C 21 ....Z... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.764918, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.764946, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:16.765019, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5A 00 00 00 00 00 00 00 9D 50 4C 21 ....Z... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.765088, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.765115, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:16.765160, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5A 00 00 00 00 00 00 00 9D 50 4C 21 ....Z... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.765225, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5A 00 00 00 00 00 00 00 9D 50 4C 21 ....Z... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.765304, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:16.765346, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 59 00 00 00 00 00 00 00 9D 50 4C 21 ....Y... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.765415, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 59 00 00 00 00 00 00 00 9D 50 4C 21 ....Y... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.765484, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:16.765530, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.765605, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 58 00 00 00 00 00 00 00 9D 50 4C 21 ....X... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.765686, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:16.765735, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 57 00 00 00 00 00 00 00 9D 50 4C 21 ....W... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.765808, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 57 00 00 00 00 00 00 00 9D 50 4C 21 ....W... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.765875, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:16.765948, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \winreg >[2012/11/09 16:29:16.765998, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \winreg (pipes_open=0) >[2012/11/09 16:29:16.766043, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:16.766078, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(10000, 10006) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:16.766124, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(101) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:16.766161, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:16.766192, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:16.766220, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:16.766339, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:16.766410, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[1] [0000] 00 00 00 00 5B 00 00 00 00 00 00 00 9D 50 4C 21 ....[... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.766501, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5B 00 00 00 00 00 00 00 9D 50 4C 21 ....[... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.766574, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:16.766638, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:16.766698, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:16.766765, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:16.766848, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:16.766904, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:16.766977, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0708] >[2012/11/09 16:29:16.767054, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 5C 00 00 00 00 00 00 00 9D 50 4C 21 ....\... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.767145, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5C 00 00 00 00 00 00 00 9D 50 4C 21 ....\... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.767219, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.767250, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:16.767329, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5C 00 00 00 00 00 00 00 9D 50 4C 21 ....\... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.767405, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.767438, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:16.767487, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5C 00 00 00 00 00 00 00 9D 50 4C 21 ....\... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.767559, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5C 00 00 00 00 00 00 00 9D 50 4C 21 ....\... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.767628, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:16.767671, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5B 00 00 00 00 00 00 00 9D 50 4C 21 ....[... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.767743, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5B 00 00 00 00 00 00 00 9D 50 4C 21 ....[... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.767810, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:16.767872, 5] rpc_server/srv_pipe.c:1679(api_rpcTNP) > api_rpcTNP: called \spoolss successfully >[2012/11/09 16:29:16.767922, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 4280 >[2012/11/09 16:29:16.767962, 3] rpc_server/srv_pipe_hnd.c:121(free_pipe_context) > free_pipe_context: destroying talloc pool of size 7481 >[2012/11/09 16:29:16.768010, 5] smbd/ipc.c:62(copy_trans_params_and_data) > copy_trans_params_and_data: params[0..0] data[0..2088] (align 0) >[2012/11/09 16:29:16.768042, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.768060, 5] lib/util.c:342(show_msg) > size=2144 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=55104 > smt_wct=10 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 2088 (0x828) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 2088 (0x828) > smb_vwv[ 7]= 56 (0x38) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=2089 >[2012/11/09 16:29:16.769685, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x890 >[2012/11/09 16:29:16.769750, 3] smbd/process.c:1662(process_smb) > Transaction 112 of length 2196 (0 toread) >[2012/11/09 16:29:16.769771, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.769782, 5] lib/util.c:342(show_msg) > size=2192 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=55168 > smt_wct=16 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 2108 (0x83C) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 4280 (0x10B8) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 84 (0x54) > smb_vwv[11]= 2108 (0x83C) > smb_vwv[12]= 84 (0x54) > smb_vwv[13]= 2 (0x2) > smb_vwv[14]= 38 (0x26) > smb_vwv[15]= 8212 (0x2014) > smb_bcc=2125 >[2012/11/09 16:29:16.769990, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:16.770012, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.770037, 3] smbd/ipc.c:560(handle_trans) > trans <\PIPE\> data=2108 params=0 setup=2 >[2012/11/09 16:29:16.770060, 5] smbd/ipc.c:593(handle_trans) > calling named_pipe >[2012/11/09 16:29:16.770078, 3] smbd/ipc.c:511(named_pipe) > named pipe command on <> name >[2012/11/09 16:29:16.770097, 5] smbd/ipc.c:434(api_fd_reply) > api_fd_reply >[2012/11/09 16:29:16.770115, 3] smbd/ipc.c:475(api_fd_reply) > Got API command 0x26 on pipe "spoolss" (pnum 2014) >[2012/11/09 16:29:16.770136, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 2108 >[2012/11/09 16:29:16.770165, 5] rpc_server/srv_pipe.c:1571(api_pipe_request) > Requested \PIPE\\spoolss >[2012/11/09 16:29:16.770189, 4] rpc_server/srv_pipe.c:1611(api_rpcTNP) > api_rpcTNP: \spoolss op 0x8 - api_rpcTNP: rpc command: SPOOLSS_GETPRINTER >[2012/11/09 16:29:16.770209, 6] rpc_server/srv_pipe.c:1645(api_rpcTNP) > api_rpc_cmds[8].fn == 0x7fa2ea3e8e50 >[2012/11/09 16:29:16.770231, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 48 00 00 00 00 00 00 00 9D 50 47 21 ....H... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.770311, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 48 00 00 00 00 00 00 00 9D 50 47 21 ....H... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.770352, 4] rpc_server/spoolss/srv_spoolss_nt.c:504(get_printer_snum) > short name:yyyp0708 >[2012/11/09 16:29:16.770376, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \winreg >[2012/11/09 16:29:16.770404, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \winreg (pipes_open=0) >[2012/11/09 16:29:16.770435, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:16.770458, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(10000, 10006) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:16.770491, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(101) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:16.770516, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:16.770534, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:16.770552, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:16.770643, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:16.770696, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[1] [0000] 00 00 00 00 5D 00 00 00 00 00 00 00 9D 50 4C 21 ....]... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.770773, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5D 00 00 00 00 00 00 00 9D 50 4C 21 ....]... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.770817, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:16.770861, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:16.770903, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:16.770943, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:16.770983, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:16.771019, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:16.771066, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0708] >[2012/11/09 16:29:16.771115, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.771171, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.771259, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.771306, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.771339, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.771381, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.771413, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.771455, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.771487, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.771529, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.771560, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.771601, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.771637, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.771728, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.771779, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.771850, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.771898, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.771968, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.772016, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.772086, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.772133, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.772204, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.772251, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.772323, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.772375, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.772446, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.772527, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.772600, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.772647, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.772717, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.772777, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.772851, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.772902, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.772973, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.773021, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.773091, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.773141, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.773213, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.773262, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.773332, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.773407, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.773480, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.773510, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:16.773556, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.773627, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.773656, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:16.773710, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:16.773771, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[3] [0000] 00 00 00 00 5F 00 00 00 00 00 00 00 9D 50 4C 21 ...._... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.773857, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5F 00 00 00 00 00 00 00 9D 50 4C 21 ...._... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.773942, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:16.774000, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:16.774063, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:16.774122, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:16.774179, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:16.774232, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:16.774301, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0708] >[2012/11/09 16:29:16.774375, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[4] [0000] 00 00 00 00 60 00 00 00 00 00 00 00 9D 50 4C 21 ....`... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.774465, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 60 00 00 00 00 00 00 00 9D 50 4C 21 ....`... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.774537, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.774566, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:16.774650, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 60 00 00 00 00 00 00 00 9D 50 4C 21 ....`... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.774725, 7] rpc_server/winreg/srv_winreg_nt.c:262(_winreg_QueryValue) > _winreg_QueryValue: policy key name = [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.774755, 7] rpc_server/winreg/srv_winreg_nt.c:263(_winreg_QueryValue) > _winreg_QueryValue: policy key type = [00000000] >[2012/11/09 16:29:16.774804, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 60 00 00 00 00 00 00 00 9D 50 4C 21 ....`... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.774874, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 60 00 00 00 00 00 00 00 9D 50 4C 21 ....`... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.774940, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:16.774982, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5F 00 00 00 00 00 00 00 9D 50 4C 21 ...._... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.775052, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5F 00 00 00 00 00 00 00 9D 50 4C 21 ...._... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.775117, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:16.775157, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.775229, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5E 00 00 00 00 00 00 00 9D 50 4C 21 ....^... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.775312, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:16.775357, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5D 00 00 00 00 00 00 00 9D 50 4C 21 ....]... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.775428, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 5D 00 00 00 00 00 00 00 9D 50 4C 21 ....]... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.775495, 3] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2012/11/09 16:29:16.775594, 5] rpc_server/srv_pipe.c:1679(api_rpcTNP) > api_rpcTNP: called \spoolss successfully >[2012/11/09 16:29:16.775663, 6] rpc_server/srv_pipe_hnd.c:284(read_from_internal_pipe) > name: \spoolss len: 4280 >[2012/11/09 16:29:16.775702, 3] rpc_server/srv_pipe_hnd.c:121(free_pipe_context) > free_pipe_context: destroying talloc pool of size 8991 >[2012/11/09 16:29:16.775749, 5] smbd/ipc.c:62(copy_trans_params_and_data) > copy_trans_params_and_data: params[0..0] data[0..36] (align 0) >[2012/11/09 16:29:16.775780, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.775798, 5] lib/util.c:342(show_msg) > size=92 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=51203 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=55168 > smt_wct=10 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 36 (0x24) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 36 (0x24) > smb_vwv[ 7]= 56 (0x38) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=37 >[2012/11/09 16:29:16.777323, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x10f8 >[2012/11/09 16:29:16.777396, 3] smbd/process.c:1662(process_smb) > Transaction 113 of length 4348 (0 toread) >[2012/11/09 16:29:16.777427, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.777447, 5] lib/util.c:342(show_msg) > size=4344 > smb_com=0x2f > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=65279 > smb_uid=101 > smb_mid=55232 > smt_wct=14 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]=57054 (0xDEDE) > smb_vwv[ 2]= 8212 (0x2014) > smb_vwv[ 3]= 0 (0x0) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]=65535 (0xFFFF) > smb_vwv[ 6]=65535 (0xFFFF) > smb_vwv[ 7]= 8 (0x8) > smb_vwv[ 8]= 4280 (0x10B8) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 4280 (0x10B8) > smb_vwv[11]= 64 (0x40) > smb_vwv[12]= 0 (0x0) > smb_vwv[13]= 0 (0x0) > smb_bcc=4281 >[2012/11/09 16:29:16.777754, 3] smbd/process.c:1467(switch_message) > switch message SMBwriteX (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:16.777789, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.777825, 6] smbd/pipes.c:300(reply_pipe_write_and_X) > reply_pipe_write_and_X: 2014 name: spoolss len: 4280 >[2012/11/09 16:29:16.777857, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 4280 >[2012/11/09 16:29:16.777909, 3] smbd/pipes.c:361(pipe_write_andx_done) > writeX-IPC nwritten=4280 >[2012/11/09 16:29:16.778869, 6] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x138 >[2012/11/09 16:29:16.778915, 3] smbd/process.c:1662(process_smb) > Transaction 114 of length 316 (0 toread) >[2012/11/09 16:29:16.778947, 5] lib/util.c:332(show_msg) >[2012/11/09 16:29:16.778965, 5] lib/util.c:342(show_msg) > size=312 > smb_com=0x25 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=24 > smb_flg2=51223 > smb_tid=1 > smb_pid=5012 > smb_uid=101 > smb_mid=55296 > smt_wct=16 > smb_vwv[ 0]= 0 (0x0) > smb_vwv[ 1]= 228 (0xE4) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 4280 (0x10B8) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 84 (0x54) > smb_vwv[11]= 228 (0xE4) > smb_vwv[12]= 84 (0x54) > smb_vwv[13]= 2 (0x2) > smb_vwv[14]= 38 (0x26) > smb_vwv[15]= 8212 (0x2014) > smb_bcc=245 >[2012/11/09 16:29:16.779307, 3] smbd/process.c:1467(switch_message) > switch message SMBtrans (pid 12629) conn 0x7fa2eac856c0 >[2012/11/09 16:29:16.779337, 4] smbd/uid.c:351(change_to_user) > Skipping user change - already user >[2012/11/09 16:29:16.779370, 3] smbd/ipc.c:560(handle_trans) > trans <\PIPE\> data=228 params=0 setup=2 >[2012/11/09 16:29:16.779404, 5] smbd/ipc.c:593(handle_trans) > calling named_pipe >[2012/11/09 16:29:16.779430, 3] smbd/ipc.c:511(named_pipe) > named pipe command on <> name >[2012/11/09 16:29:16.779455, 5] smbd/ipc.c:434(api_fd_reply) > api_fd_reply >[2012/11/09 16:29:16.779480, 3] smbd/ipc.c:475(api_fd_reply) > Got API command 0x26 on pipe "spoolss" (pnum 2014) >[2012/11/09 16:29:16.779506, 6] rpc_server/srv_pipe_hnd.c:520(np_write_send) > np_write_send: len: 228 >[2012/11/09 16:29:16.779547, 5] rpc_server/srv_pipe.c:1571(api_pipe_request) > Requested \PIPE\\spoolss >[2012/11/09 16:29:16.779579, 4] rpc_server/srv_pipe.c:1611(api_rpcTNP) > api_rpcTNP: \spoolss op 0x8 - api_rpcTNP: rpc command: SPOOLSS_GETPRINTER >[2012/11/09 16:29:16.779607, 6] rpc_server/srv_pipe.c:1645(api_rpcTNP) > api_rpc_cmds[8].fn == 0x7fa2ea3e8e50 >[2012/11/09 16:29:16.779636, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 48 00 00 00 00 00 00 00 9D 50 47 21 ....H... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.779704, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 48 00 00 00 00 00 00 00 9D 50 47 21 ....H... .....PG! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.779770, 4] rpc_server/spoolss/srv_spoolss_nt.c:504(get_printer_snum) > short name:yyyp0708 >[2012/11/09 16:29:16.779801, 4] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \winreg >[2012/11/09 16:29:16.779836, 4] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \winreg (pipes_open=0) >[2012/11/09 16:29:16.779883, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2012/11/09 16:29:16.779922, 4] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(10000, 10006) : sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:16.779968, 4] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(101) : conn_ctx_stack_ndx = 0 >[2012/11/09 16:29:16.780005, 4] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2012/11/09 16:29:16.780042, 5] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2012/11/09 16:29:16.780079, 5] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2012/11/09 16:29:16.780215, 4] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (10000, 10006) - sec_ctx_stack_ndx = 0 >[2012/11/09 16:29:16.780316, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[1] [0000] 00 00 00 00 61 00 00 00 00 00 00 00 9D 50 4C 21 ....a... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.780422, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 61 00 00 00 00 00 00 00 9D 50 4C 21 ....a... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.780529, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2012/11/09 16:29:16.780607, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Microsoft] >[2012/11/09 16:29:16.780673, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Windows NT] >[2012/11/09 16:29:16.780742, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentVersion] >[2012/11/09 16:29:16.780808, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Print] >[2012/11/09 16:29:16.780885, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Printers] >[2012/11/09 16:29:16.780963, 7] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [yyyp0708] >[2012/11/09 16:29:16.781045, 4] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 62 00 00 00 00 00 00 00 9D 50 4C 21 ....b... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.781143, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 62 00 00 00 00 00 00 00 9D 50 4C 21 ....b... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.781284, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 62 00 00 00 00 00 00 00 9D 50 4C 21 ....b... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.781359, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.781410, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 62 00 00 00 00 00 00 00 9D 50 4C 21 ....b... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.781484, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.781534, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 62 00 00 00 00 00 00 00 9D 50 4C 21 ....b... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.781606, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.781660, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 62 00 00 00 00 00 00 00 9D 50 4C 21 ....b... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.781736, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.781785, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 62 00 00 00 00 00 00 00 9D 50 4C 21 ....b... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.781855, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.781904, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 62 00 00 00 00 00 00 00 9D 50 4C 21 ....b... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.781972, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.782023, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 62 00 00 00 00 00 00 00 9D 50 4C 21 ....b... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.782093, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.782159, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 62 00 00 00 00 00 00 00 9D 50 4C 21 ....b... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.782232, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.782281, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 62 00 00 00 00 00 00 00 9D 50 4C 21 ....b... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.782353, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.782402, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 62 00 00 00 00 00 00 00 9D 50 4C 21 ....b... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.782477, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.782533, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 62 00 00 00 00 00 00 00 9D 50 4C 21 ....b... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.782604, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.782663, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 62 00 00 00 00 00 00 00 9D 50 4C 21 ....b... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.782733, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.782780, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 62 00 00 00 00 00 00 00 9D 50 4C 21 ....b... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.782850, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.782897, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 62 00 00 00 00 00 00 00 9D 50 4C 21 ....b... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.782966, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.783014, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 62 00 00 00 00 00 00 00 9D 50 4C 21 ....b... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.783084, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enumerating values for key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\yyyp0708] >[2012/11/09 16:29:16.783130, 4] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 62 00 00 00 00 00 00 00 9D 50 4C 21 ....b... .....PL! > [0010] 55 31 00 00 U1.. >[2012/11/09 16:29:16.783202, 8] rpc_server/winreg/srv_winreg_nt.c:450(_winreg_EnumValue) > _winreg_EnumValue: enu