Script started on Thu 22 Nov 2012 11:26:28 AM EST ]0;root@salusa:/tmp[?1034h[root@salusa tmp]# smbd -i -d10 Maximum core file size limits now 16777216(soft) -1(hard) smbd version 3.6.8-95.fc17 started. Copyright Andrew Tridgell and the Samba Team 1992-2011 uid=0 gid=0 euid=0 egid=0 Build environment: Built by: mockbuild@ Built on: Fri Oct 26 19:21:09 UTC 2012 Built using: gcc Build host: Linux buildvm-35.phx2.fedoraproject.org 2.6.32-279.9.1.el6.x86_64 #1 SMP Fri Aug 31 09:04:24 EDT 2012 x86_64 x86_64 x86_64 GNU/Linux SRCDIR: /builddir/build/BUILD/samba-3.6.8/source3 BUILDDIR: /builddir/build/BUILD/samba-3.6.8/source3 Paths: SBINDIR: /usr/sbin BINDIR: /usr/bin SWATDIR: /usr/share/swat CONFIGFILE: /etc/samba/smb.conf LOGFILEBASE: /var/log/samba LMHOSTSFILE: /etc/samba/lmhosts LIBDIR: /usr/lib64 MODULESDIR: /usr/lib64/samba SHLIBEXT: so LOCKDIR: /var/lib/samba STATEDIR: /var/lib/samba CACHEDIR: /var/lib/samba PIDDIR: /run SMB_PASSWD_FILE: /var/lib/samba/private/smbpasswd PRIVATE_DIR: /var/lib/samba/private NCALRPCDIR: /var/ncalrpc NMBDSOCKETDIR: /var/run/nmbd System Headers: HAVE_SYS_ACL_H HAVE_SYS_CAPABILITY_H HAVE_SYS_CDEFS_H HAVE_SYS_EPOLL_H HAVE_SYS_FCNTL_H HAVE_SYS_FILE_H HAVE_SYS_INOTIFY_H HAVE_SYS_IOCTL_H HAVE_SYS_IPC_H HAVE_SYS_MMAN_H HAVE_SYS_MOUNT_H HAVE_SYS_PARAM_H HAVE_SYS_PRCTL_H HAVE_SYS_QUOTA_H HAVE_SYS_RESOURCE_H HAVE_SYS_SELECT_H HAVE_SYS_SHM_H HAVE_SYS_SOCKET_H HAVE_SYS_STATFS_H HAVE_SYS_STATVFS_H HAVE_SYS_STAT_H HAVE_SYS_SYSCALL_H HAVE_SYS_SYSCTL_H HAVE_SYS_SYSLOG_H HAVE_SYS_SYSMACROS_H HAVE_SYS_TIME_H HAVE_SYS_TYPES_H HAVE_SYS_UIO_H HAVE_SYS_UNISTD_H HAVE_SYS_UN_H HAVE_SYS_VFS_H HAVE_SYS_WAIT_H HAVE_SYS_XATTR_H Headers: HAVE_ACL_LIBACL_H HAVE_AIO_H HAVE_ALLOCA_H HAVE_ARPA_INET_H HAVE_ASM_TYPES_H HAVE_ASM_UNISTD_H HAVE_ATTR_XATTR_H HAVE_COM_ERR_H HAVE_CRYPT_H HAVE_CTDB_H HAVE_CTDB_PRIVATE_H HAVE_CTYPE_H HAVE_CUPS_CUPS_H HAVE_CUPS_LANGUAGE_H HAVE_DIRENT_H HAVE_DLFCN_H HAVE_EXECINFO_H HAVE_FCNTL_H HAVE_FLOAT_H HAVE_FNMATCH_H HAVE_GLOB_H HAVE_GRP_H HAVE_GSSAPI_GSSAPI_EXT_H HAVE_GSSAPI_GSSAPI_GENERIC_H HAVE_GSSAPI_GSSAPI_H HAVE_GSSAPI_H HAVE_IFADDRS_H HAVE_KRB5_H HAVE_KRB5_LOCATE_PLUGIN_H HAVE_LANGINFO_H HAVE_LASTLOG_H HAVE_LBER_H HAVE_LDAP_H HAVE_LIBINTL_H HAVE_LIMITS_H HAVE_LINUX_DQBLK_XFS_H HAVE_LINUX_FALLOC_H HAVE_LINUX_INOTIFY_H HAVE_LINUX_NETLINK_H HAVE_LINUX_RTNETLINK_H HAVE_LINUX_TYPES_H HAVE_LOCALE_H HAVE_MEMORY_H HAVE_MNTENT_H HAVE_NETDB_H HAVE_NETINET_IN_H HAVE_NETINET_IN_SYSTM_H HAVE_NETINET_IP_H HAVE_NETINET_TCP_H HAVE_NET_IF_H HAVE_NSS_H HAVE_POLL_H HAVE_PTHREAD_H HAVE_PWD_H HAVE_READLINE_HISTORY_H HAVE_READLINE_READLINE_H HAVE_RPCSVC_NIS_H HAVE_RPCSVC_YPCLNT_H HAVE_RPCSVC_YP_PROT_H HAVE_RPC_RPC_H HAVE_SECURITY_PAM_APPL_H HAVE_SECURITY_PAM_EXT_H HAVE_SECURITY_PAM_MODULES_H HAVE_SECURITY__PAM_MACROS_H HAVE_SETJMP_H HAVE_SHADOW_H HAVE_STDARG_H HAVE_STDBOOL_H HAVE_STDINT_H HAVE_STDIO_H HAVE_STDLIB_H HAVE_STRINGS_H HAVE_STRING_H HAVE_SYSCALL_H HAVE_SYSLOG_H HAVE_TERMIOS_H HAVE_TERMIO_H HAVE_TIME_H HAVE_UNISTD_H HAVE_UTIME_H HAVE_UUID_UUID_H HAVE_ZLIB_H UTMP Options: HAVE_GETUTMPX HAVE_UTMPX_H HAVE_UTMP_H HAVE_UT_UT_ADDR HAVE_UT_UT_ADDR_V6 HAVE_UT_UT_EXIT HAVE_UT_UT_HOST HAVE_UT_UT_ID HAVE_UT_UT_NAME HAVE_UT_UT_PID HAVE_UT_UT_TIME HAVE_UT_UT_TYPE HAVE_UT_UT_USER PUTUTLINE_RETURNS_UTMP WITH_UTMP HAVE_* Defines: HAVE_ADDRTYPE_IN_KRB5_ADDRESS HAVE_AP_OPTS_USE_SUBKEY HAVE_ASPRINTF HAVE_ATEXIT HAVE_BACKTRACE_SYMBOLS HAVE_BER_SCANF HAVE_BER_SOCKBUF_ADD_IO HAVE_BINDTEXTDOMAIN HAVE_BLKCNT_T HAVE_BLKSIZE_T HAVE_BOOL HAVE_BZERO HAVE_C99_VSNPRINTF HAVE_CAP_GET_PROC HAVE_CHMOD HAVE_CHOWN HAVE_CHROOT HAVE_CLOCK_GETTIME HAVE_CLOCK_MONOTONIC HAVE_CLOCK_PROCESS_CPUTIME_ID HAVE_CLOCK_REALTIME HAVE_COMPARISON_FN_T HAVE_COMPILER_WILL_OPTIMIZE_OUT_FNS HAVE_CONNECT HAVE_CREAT64 HAVE_CRYPT HAVE_CTDB_CONTROL_SCHEDULE_FOR_DELETION_DECL HAVE_CTDB_CONTROL_TRANS3_COMMIT_DECL HAVE_CUPS HAVE_DECL_ASPRINTF HAVE_DECL_KRB5_AUTH_CON_SET_REQ_CKSUMTYPE HAVE_DECL_KRB5_GET_CREDENTIALS_FOR_USER HAVE_DECL_RL_EVENT_HOOK HAVE_DECL_SNPRINTF HAVE_DECL_VASPRINTF HAVE_DECL_VSNPRINTF HAVE_DEVICE_MAJOR_FN HAVE_DEVICE_MINOR_FN HAVE_DGETTEXT HAVE_DIRENT_D_OFF HAVE_DIRFD HAVE_DIRFD_DECL HAVE_DLCLOSE HAVE_DLERROR HAVE_DLOPEN HAVE_DLSYM HAVE_DPRINTF HAVE_DUP2 HAVE_ENCTYPE_ARCFOUR_HMAC HAVE_ENDMNTENT HAVE_ENDNETGRENT HAVE_ENDNETGRENT_PROTOTYPE HAVE_ENVIRON_DECL HAVE_EPOLL HAVE_EPOLL_CREATE HAVE_ERRNO_DECL HAVE_EXECL HAVE_EXPLICIT_LARGEFILE_SUPPORT HAVE_FALLOCATE HAVE_FALLOCATE64 HAVE_FCHMOD HAVE_FCHOWN HAVE_FCNTL_LOCK HAVE_FCVT HAVE_FDATASYNC HAVE_FDATASYNC_DECL HAVE_FDOPENDIR HAVE_FGETXATTR HAVE_FLISTXATTR HAVE_FOPEN64 HAVE_FREEADDRINFO HAVE_FREEIFADDRS HAVE_FREMOVEXATTR HAVE_FRSIZE HAVE_FSEEKO HAVE_FSEEKO64 HAVE_FSETXATTR HAVE_FSID_INT HAVE_FSTAT64 HAVE_FSYNC HAVE_FTELLO64 HAVE_FTRUNCATE HAVE_FTRUNCATE64 HAVE_FTRUNCATE_EXTEND HAVE_FUNCTION_ATTRIBUTE_DESTRUCTOR HAVE_FUNCTION_MACRO HAVE_FUTIMENS HAVE_FUTIMES HAVE_GAI_STRERROR HAVE_GETADDRINFO HAVE_GETCWD HAVE_GETDIRENTRIES HAVE_GETGRENT HAVE_GETGRENT_R HAVE_GETGRENT_R_DECL HAVE_GETGRGID_R HAVE_GETGRNAM HAVE_GETGRNAM_R HAVE_GETGROUPLIST HAVE_GETHOSTBYNAME HAVE_GETIFADDRS HAVE_GETMNTENT HAVE_GETNAMEINFO HAVE_GETNETGRENT HAVE_GETNETGRENT_PROTOTYPE HAVE_GETPAGESIZE HAVE_GETPGRP HAVE_GETPWENT_R HAVE_GETPWENT_R_DECL HAVE_GETPWNAM_R HAVE_GETPWUID_R HAVE_GETRLIMIT HAVE_GETSPNAM HAVE_GETTEXT HAVE_GETTIMEOFDAY_TZ HAVE_GETUTXENT HAVE_GETXATTR HAVE_GET_CURRENT_DIR_NAME HAVE_GLOB HAVE_GRANTPT HAVE_GSSAPI HAVE_GSS_DISPLAY_STATUS HAVE_GSS_GET_NAME_ATTRIBUTE HAVE_GSS_WRAP_IOV HAVE_HISTORY_LIST HAVE_HSTRERROR HAVE_HTTPCONNECT HAVE_HTTPCONNECTENCRYPT HAVE_ICONV HAVE_IFACE_GETIFADDRS HAVE_IF_NAMETOINDEX HAVE_IMMEDIATE_STRUCTURES HAVE_INET_ATON HAVE_INET_NTOA HAVE_INET_NTOP HAVE_INET_PTON HAVE_INITGROUPS HAVE_INITIALIZE_KRB5_ERROR_TABLE HAVE_INNETGR HAVE_INOTIFY HAVE_INOTIFY_INIT HAVE_INTPTR_T HAVE_IPRINT HAVE_IPV6 HAVE_ISATTY HAVE_KERNEL_CHANGE_NOTIFY HAVE_KERNEL_OPLOCKS_LINUX HAVE_KERNEL_SHARE_MODES HAVE_KRB5 HAVE_KRB5_AUTH_CON_SETUSERUSERKEY HAVE_KRB5_AUTH_CON_SET_REQ_CKSUMTYPE HAVE_KRB5_C_ENCTYPE_COMPARE HAVE_KRB5_C_VERIFY_CHECKSUM HAVE_KRB5_DEPRECATED_WITH_IDENTIFIER HAVE_KRB5_ENCRYPT_BLOCK HAVE_KRB5_ENCRYPT_DATA HAVE_KRB5_ENCTYPE_TO_STRING HAVE_KRB5_ENCTYPE_TO_STRING_WITH_SIZE_T_ARG HAVE_KRB5_FREE_DATA_CONTENTS HAVE_KRB5_FREE_HOST_REALM HAVE_KRB5_FREE_KEYTAB_ENTRY_CONTENTS HAVE_KRB5_FREE_UNPARSED_NAME HAVE_KRB5_FWD_TGT_CREDS HAVE_KRB5_GET_CREDENTIALS_FOR_USER HAVE_KRB5_GET_HOST_REALM HAVE_KRB5_GET_INIT_CREDS_OPT_ALLOC HAVE_KRB5_GET_INIT_CREDS_OPT_FREE HAVE_KRB5_GET_PERMITTED_ENCTYPES HAVE_KRB5_GET_RENEWED_CREDS HAVE_KRB5_KEYBLOCK_IN_CREDS HAVE_KRB5_KEYTAB_ENTRY_KEY HAVE_KRB5_KEYUSAGE_APP_DATA_CKSUM HAVE_KRB5_KT_FREE_ENTRY HAVE_KRB5_MK_REQ_EXTENDED HAVE_KRB5_PRINCIPAL2SALT HAVE_KRB5_PRINCIPAL_COMPARE_ANY_REALM HAVE_KRB5_PRINC_COMPONENT HAVE_KRB5_PRINC_REALM HAVE_KRB5_SET_DEFAULT_TGS_ENCTYPES HAVE_KRB5_SET_DEFAULT_TGS_KTYPES HAVE_KRB5_SET_REAL_TIME HAVE_KRB5_STRING_TO_KEY HAVE_KRB5_TKT_ENC_PART2 HAVE_KRB5_USE_ENCTYPE HAVE_KRB5_VERIFY_CHECKSUM HAVE_KV5M_KEYTAB HAVE_LBER_LOG_PRINT_FN HAVE_LCHOWN HAVE_LDAP HAVE_LDAP_ADD_RESULT_ENTRY HAVE_LDAP_INIT HAVE_LDAP_INITIALIZE HAVE_LDAP_SASL_WRAPPING HAVE_LDAP_SET_REBIND_PROC HAVE_LGETXATTR HAVE_LIBCOM_ERR HAVE_LIBCUPS HAVE_LIBGSSAPI_KRB5 HAVE_LIBK5CRYPTO HAVE_LIBKRB5 HAVE_LIBLBER HAVE_LIBLDAP HAVE_LIBPAM HAVE_LIBREADLINE HAVE_LIBRESOLV HAVE_LIBZ HAVE_LINK HAVE_LINUX_FALLOCATE HAVE_LINUX_FALLOCATE64 HAVE_LINUX_READAHEAD HAVE_LINUX_SPLICE HAVE_LINUX_XFS_QUOTAS HAVE_LISTXATTR HAVE_LLISTXATTR HAVE_LLSEEK HAVE_LONGLONG HAVE_LONG_LONG HAVE_LREMOVEXATTR HAVE_LSEEK64 HAVE_LSETXATTR HAVE_LSTAT HAVE_LSTAT64 HAVE_LUTIMES HAVE_MAGIC_IN_KRB5_ADDRESS HAVE_MAKEDEV HAVE_MEMALIGN HAVE_MEMCPY HAVE_MEMMEM HAVE_MEMMOVE HAVE_MEMSET HAVE_MKDIR_MODE HAVE_MKDTEMP HAVE_MKNOD HAVE_MKTIME HAVE_MLOCK HAVE_MLOCKALL HAVE_MMAP HAVE_MSGHDR_MSG_CONTROL HAVE_MUNLOCK HAVE_MUNLOCKALL HAVE_NANOSLEEP HAVE_NATIVE_ICONV HAVE_NEW_LIBREADLINE HAVE_NFS_QUOTAS HAVE_NL_LANGINFO HAVE_NO_AIO HAVE_OPEN64 HAVE_PAM_GET_DATA HAVE_PAM_RADIO_TYPE HAVE_PAM_RHOST HAVE_PAM_TTY HAVE_PAM_VSYSLOG HAVE_PATHCONF HAVE_PEERCRED HAVE_PIPE HAVE_POLL HAVE_POSIX_ACLS HAVE_POSIX_CAPABILITIES HAVE_POSIX_FADVISE HAVE_POSIX_FALLOCATE HAVE_POSIX_FALLOCATE64 HAVE_POSIX_MEMALIGN HAVE_PRCTL HAVE_PREAD HAVE_PREAD64 HAVE_PRINTF HAVE_PTHREAD HAVE_PTRDIFF_T HAVE_PUTUTLINE HAVE_PUTUTXLINE HAVE_PWRITE HAVE_PWRITE64 HAVE_QUOTACTL_LINUX HAVE_RAND HAVE_RANDOM HAVE_READAHEAD_DECL HAVE_READDIR64 HAVE_READLINK HAVE_REALPATH HAVE_REMOVEXATTR HAVE_RENAME HAVE_SA_FAMILY_T HAVE_SECURE_MKSTEMP HAVE_SELECT HAVE_SENDFILE64 HAVE_SETBUFFER HAVE_SETEGID HAVE_SETENV HAVE_SETENV_DECL HAVE_SETEUID HAVE_SETGROUPS HAVE_SETLINEBUF HAVE_SETLOCALE HAVE_SETMNTENT HAVE_SETNETGRENT HAVE_SETNETGRENT_PROTOTYPE HAVE_SETPGID HAVE_SETRESGID HAVE_SETRESGID_DECL HAVE_SETRESUID HAVE_SETRESUID_DECL HAVE_SETSID HAVE_SETXATTR HAVE_SHMGET HAVE_SHORT_KRB5_MK_ERROR_INTERFACE HAVE_SIGACTION HAVE_SIGBLOCK HAVE_SIGPROCMASK HAVE_SIGSET HAVE_SIG_ATOMIC_T_TYPE HAVE_SNPRINTF HAVE_SOCKETPAIR HAVE_SOCKLEN_T HAVE_SPLICE_DECL HAVE_SRAND HAVE_SRANDOM HAVE_SS_FAMILY HAVE_STAT64 HAVE_STATVFS_F_FLAG HAVE_STAT_HIRES_TIMESTAMPS HAVE_STAT_ST_BLKSIZE HAVE_STAT_ST_BLOCKS HAVE_STRCASECMP HAVE_STRCASESTR HAVE_STRCHR HAVE_STRDUP HAVE_STRERROR HAVE_STRERROR_R HAVE_STRFTIME HAVE_STRNDUP HAVE_STRNLEN HAVE_STRPBRK HAVE_STRSIGNAL HAVE_STRTOK_R HAVE_STRTOL HAVE_STRTOLL HAVE_STRTOQ HAVE_STRTOULL HAVE_STRTOUQ HAVE_STRUCT_ADDRINFO HAVE_STRUCT_CTDB_CONTROL_TCP HAVE_STRUCT_CTDB_CONTROL_TCP_ADDR HAVE_STRUCT_DIRENT64 HAVE_STRUCT_FLOCK64 HAVE_STRUCT_IFADDRS HAVE_STRUCT_SIGEVENT HAVE_STRUCT_SIGEVENT_SIGEV_VALUE_SIVAL_PTR HAVE_STRUCT_SOCKADDR HAVE_STRUCT_SOCKADDR_IN6 HAVE_STRUCT_SOCKADDR_STORAGE HAVE_STRUCT_STAT_ST_MTIM_TV_NSEC HAVE_STRUCT_STAT_ST_RDEV HAVE_STRUCT_TIMESPEC HAVE_ST_RDEV HAVE_SYMLINK HAVE_SYSCONF HAVE_SYSLOG HAVE_SYS_KERNEL_PROC_CORE_PATTERN HAVE_SYS_QUOTAS HAVE_TEXTDOMAIN HAVE_TICKET_POINTER_IN_KRB5_AP_REQ HAVE_TIMEGM HAVE_UINTPTR_T HAVE_UNIXSOCKET HAVE_UNSETENV HAVE_UPDWTMP HAVE_UPDWTMPX HAVE_USLEEP HAVE_UTIMBUF HAVE_UTIME HAVE_UTIMENSAT HAVE_UTIMES HAVE_VASPRINTF HAVE_VA_COPY HAVE_VDPRINTF HAVE_VOLATILE HAVE_VSNPRINTF HAVE_VSYSLOG HAVE_WAIT4 HAVE_WAITPID HAVE_WRFILE_KEYTAB HAVE_YP_GET_DEFAULT_DOMAIN HAVE_ZLIBVERSION HAVE__Bool HAVE__ET_LIST HAVE__VA_ARGS__MACRO HAVE___CLOSE HAVE___DUP2 HAVE___FCNTL HAVE___FORK HAVE___FSTAT HAVE___FXSTAT HAVE___LSEEK HAVE___LSTAT HAVE___LXSTAT HAVE___NR_INOTIFY_INIT_DECL HAVE___OPEN HAVE___OPEN64 HAVE___PREAD64 HAVE___PWRITE64 HAVE___READ HAVE___STAT HAVE___WRITE HAVE___XSTAT --with Options: WITH_ADS WITH_AUTOMOUNT WITH_DNS_UPDATES WITH_PAM WITH_PAM_MODULES WITH_QUOTAS WITH_SENDFILE WITH_SYSLOG WITH_UTMP WITH_WINBIND Build Options: CLUSTER_SUPPORT COMPILER_SUPPORTS_LL CONFIG_H_IS_FROM_SAMBA DEFAULT_DISPLAY_CHARSET DEFAULT_DOS_CHARSET DEFAULT_UNIX_CHARSET KRB5_CREDS_OPT_FREE_REQUIRES_CONTEXT KRB5_TICKET_HAS_KEYINFO KRB5_VERIFY_CHECKSUM_ARGS LDAP_SET_REBIND_PROC_ARGS LIBREPLACE_NETWORK_CHECKS LINUX LINUX_SENDFILE_API PACKAGE_BUGREPORT PACKAGE_NAME PACKAGE_STRING PACKAGE_TARNAME PACKAGE_URL PACKAGE_VERSION REALPATH_TAKES_NULL REPLACE_GETPASS RETSIGTYPE SEEKDIR_RETURNS_VOID SHLIBEXT SIZEOF_CHAR SIZEOF_DEV_T SIZEOF_INO_T SIZEOF_INT SIZEOF_LONG SIZEOF_LONG_LONG SIZEOF_OFF_T SIZEOF_SHORT SIZEOF_SIZE_T SIZEOF_SSIZE_T SIZEOF_TIME_T STAT_STATVFS64 STAT_ST_BLOCKSIZE STDC_HEADERS STRING_STATIC_MODULES SYSCONF_SC_NGROUPS_MAX SYSCONF_SC_NPROCESSORS_ONLN SYSCONF_SC_PAGESIZE TIME_T_MAX TIME_WITH_SYS_TIME USE_SETREUID WITH_ADS WITH_AUTOMOUNT WITH_DNS_UPDATES WITH_PAM WITH_PAM_MODULES WITH_QUOTAS WITH_SENDFILE WITH_SYSLOG WITH_WINBIND _FILE_OFFSET_BITS _GNU_SOURCE _LARGEFILE64_SOURCE _POSIX_C_SOURCE _POSIX_SOURCE auth_script_init charset_CP437_init charset_CP850_init idmap_ad_init idmap_adex_init idmap_autorid_init idmap_hash_init idmap_rid_init idmap_tdb2_init offset_t static_decl_auth static_decl_charset static_decl_gpext static_decl_idmap static_decl_nss_info static_decl_pdb static_decl_perfcount static_decl_vfs static_init_auth static_init_charset static_init_gpext static_init_idmap static_init_nss_info static_init_pdb static_init_perfcount static_init_vfs vfs_acl_tdb_init vfs_acl_xattr_init vfs_audit_init vfs_cap_init vfs_catia_init vfs_crossrename_init vfs_default_quota_init vfs_dirsort_init vfs_expand_msdfs_init vfs_extd_audit_init vfs_fake_perms_init vfs_fileid_init vfs_full_audit_init vfs_linux_xfs_sgid_init vfs_netatalk_init vfs_preopen_init vfs_readahead_init vfs_readonly_init vfs_recycle_init vfs_scannedonly_init vfs_shadow_copy2_init vfs_shadow_copy_init vfs_smb_traffic_analyzer_init vfs_streams_depot_init vfs_streams_xattr_init vfs_syncops_init vfs_time_audit_init vfs_xattr_tdb_init Type sizes: sizeof(char): 1 sizeof(int): 4 sizeof(long): 8 sizeof(long long): 8 sizeof(uint8): 1 sizeof(uint16): 2 sizeof(uint32): 4 sizeof(short): 2 sizeof(void*): 8 sizeof(size_t): 8 sizeof(off_t): 8 sizeof(ino_t): 8 sizeof(dev_t): 8 Builtin modules: pdb_ldap pdb_smbpasswd pdb_tdbsam pdb_wbc_sam idmap_ldap idmap_tdb idmap_passdb idmap_nss nss_info_template auth_sam auth_unix auth_winbind auth_wbc auth_server auth_domain auth_builtin vfs_default vfs_posixacl lp_load_ex: refreshing parameters Initialising global parameters rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) INFO: Current debug levels: all: 10 tdb: 10 printdrivers: 10 lanman: 10 smb: 10 rpc_parse: 10 rpc_srv: 10 rpc_cli: 10 passdb: 10 sam: 10 auth: 10 winbind: 10 vfs: 10 idmap: 10 quota: 10 acls: 10 locking: 10 msdfs: 10 dmapi: 10 registry: 10 params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" Processing section "[global]" doing parameter workgroup = POOCHIEREDS doing parameter server string = Samba Server Version %v doing parameter log file = /var/log/samba/log.%m doing parameter max log size = 50 doing parameter realm = POOCHIEREDS.NET doing parameter security = user doing parameter kerberos method = dedicated keytab doing parameter dedicated keytab file = /etc/samba/samba.keytab doing parameter load printers = yes doing parameter max open files = 50000 doing parameter server signing = auto doing parameter lanman auth = yes doing parameter min receivefile size = 4096 doing parameter max protocol = SMB2 pm_process() returned Yes lp_servicenumber: couldn't find homes set_server_role: role = ROLE_STANDALONE Substituting charset 'UTF-8' for LOCALE get_current_groups: user is in 7 groups: 0, 1, 2, 3, 4, 6, 10 Registered MSG_REQ_POOL_USAGE Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED lp_load_ex: refreshing parameters Initialising global parameters rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) INFO: Current debug levels: all: 10 tdb: 10 printdrivers: 10 lanman: 10 smb: 10 rpc_parse: 10 rpc_srv: 10 rpc_cli: 10 passdb: 10 sam: 10 auth: 10 winbind: 10 vfs: 10 idmap: 10 quota: 10 acls: 10 locking: 10 msdfs: 10 dmapi: 10 registry: 10 params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" Processing section "[global]" doing parameter workgroup = POOCHIEREDS doing parameter server string = Samba Server Version %v doing parameter log file = /var/log/samba/log.%m doing parameter max log size = 50 doing parameter realm = POOCHIEREDS.NET doing parameter security = user doing parameter kerberos method = dedicated keytab doing parameter dedicated keytab file = /etc/samba/samba.keytab doing parameter load printers = yes doing parameter max open files = 50000 doing parameter server signing = auto doing parameter lanman auth = yes doing parameter min receivefile size = 4096 doing parameter max protocol = SMB2 Processing section "[scratch]" add_a_service: Creating snum = 0 for scratch hash_a_service: creating servicehash hash_a_service: hashing index 0 for service name scratch doing parameter path = /scratch doing parameter comment = Scratch Directory doing parameter browsable = yes doing parameter public = yes doing parameter guest ok = yes doing parameter writable = yes doing parameter map archive = no doing parameter ea support = yes doing parameter vfs objects = streams_xattr Processing section "[homes]" add_a_service: Creating snum = 1 for homes hash_a_service: hashing index 1 for service name homes doing parameter comment = Home Directories doing parameter browseable = no doing parameter writable = yes Processing section "[music]" add_a_service: Creating snum = 2 for music hash_a_service: hashing index 2 for service name music doing parameter comment = Music Files doing parameter path = /music doing parameter browsable = yes doing parameter writeable = no doing parameter public = yes Processing section "[printers]" add_a_service: Creating snum = 3 for printers hash_a_service: hashing index 3 for service name printers doing parameter comment = All Printers doing parameter path = /var/spool/samba doing parameter browseable = no doing parameter guest ok = yes doing parameter writable = no doing parameter printable = yes Processing section "[dfsroot]" add_a_service: Creating snum = 4 for dfsroot hash_a_service: hashing index 4 for service name dfsroot doing parameter path = /scratch/dfsroot doing parameter comment = dfs root doing parameter msdfs root = yes doing parameter browseable = yes doing parameter writable = no doing parameter guest ok = yes Processing section "[dfsproxy]" add_a_service: Creating snum = 5 for dfsproxy hash_a_service: hashing index 5 for service name dfsproxy doing parameter path = /scratch/dfsroot doing parameter msdfs proxy = \salusa.poochiereds.net\dfsroot doing parameter comment = dfs root doing parameter msdfs root = yes doing parameter browseable = yes doing parameter writable = no doing parameter guest ok = yes pm_process() returned Yes add_a_service: Creating snum = 6 for IPC$ hash_a_service: hashing index 6 for service name IPC$ adding IPC service set_server_role: role = ROLE_STANDALONE Substituting charset 'UTF-8' for LOCALE lp_file_list_changed() file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Wed Oct 10 14:32:36 2012 added interface br0 ip=2001:470:8:d63:21b:21ff:fec6:d685 bcast=2001:470:8:d63:ffff:ffff:ffff:ffff netmask=ffff:ffff:ffff:ffff:: added interface br0 ip=fe80::21b:21ff:fec6:d685%br0 bcast=fe80::ffff:ffff:ffff:ffff%br0 netmask=ffff:ffff:ffff:ffff:: added interface vnet0 ip=fe80::fc54:ff:fe9b:3976%vnet0 bcast=fe80::ffff:ffff:ffff:ffff%vnet0 netmask=ffff:ffff:ffff:ffff:: added interface br0 ip=192.168.1.2 bcast=192.168.1.255 netmask=255.255.255.0 loaded services Netbios name list:- my_netbios_names[0]="SALUSA" fcntl_lock 8 6 0 1 1 fcntl_lock: Lock call successful Attempting to register passdb backend ldapsam Successfully added passdb backend 'ldapsam' Attempting to register passdb backend ldapsam_compat Successfully added passdb backend 'ldapsam_compat' Attempting to register passdb backend NDS_ldapsam Successfully added passdb backend 'NDS_ldapsam' Attempting to register passdb backend NDS_ldapsam_compat Successfully added passdb backend 'NDS_ldapsam_compat' Attempting to register passdb backend IPA_ldapsam Successfully added passdb backend 'IPA_ldapsam' Attempting to register passdb backend smbpasswd Successfully added passdb backend 'smbpasswd' Attempting to register passdb backend tdbsam Successfully added passdb backend 'tdbsam' Attempting to register passdb backend wbc_sam Successfully added passdb backend 'wbc_sam' Attempting to find a passdb backend to match tdbsam (tdbsam) Found pdb backend tdbsam pdb backend tdbsam has a valid init regdb_init: registry db openend. refcount reset (1) reghook_cache_init: new tree with default ops 0x7f51e36192e0 for key [] regdb_fetch_values: Looking for values of key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports] regdb_unpack_values: value[0]: name[Samba Printer Port] len[2] regdb_fetch_values: Looking for values of key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers] regdb_unpack_values: value[0]: name[DefaultSpoolDirectory] len[70] regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] regdb_unpack_values: value[0]: name[DisplayName] len[20] regdb_unpack_values: value[1]: name[ErrorControl] len[4] regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] regdb_unpack_values: value[0]: name[DisplayName] len[20] regdb_unpack_values: value[1]: name[ErrorControl] len[4] reghook_cache_add: Adding ops 0x7f51e3619440 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Printers] pathtree_add: Enter pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Control\Print\Printers] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0x7f51e36192e0 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers] pathtree_add: Enter pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0x7f51e36192e0 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports] pathtree_add: Enter pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0x7f51e36194a0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares] pathtree_add: Enter pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0x7f51e36193e0 for key [\HKLM\SOFTWARE\Samba\smbconf] pathtree_add: Enter pathtree_add: Successfully added node [HKLM\SOFTWARE\Samba\smbconf] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0x7f51e3619500 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] pathtree_add: Enter pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0x7f51e3619560 for key [\HKLM\SYSTEM\CurrentControlSet\Control\ProductOptions] pathtree_add: Enter pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Control\ProductOptions] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0x7f51e36195c0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] pathtree_add: Enter pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0x7f51e3619620 for key [\HKPT] pathtree_add: Enter pathtree_add: Successfully added node [HKPT] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0x7f51e3619680 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion] pathtree_add: Enter pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion] to tree pathtree_add: Exit reghook_cache_add: Adding ops 0x7f51e36196e0 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib] pathtree_add: Enter pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib] to tree pathtree_add: Exit regdb_close: decrementing refcount (1->0) Finding user SALUSA\root Trying _Get_Pwnam(), username as lowercase is salusa\root Trying _Get_Pwnam(), username as given is SALUSA\root Trying _Get_Pwnam(), username as uppercase is SALUSA\ROOT Checking combinations of 0 uppercase letters in salusa\root Get_Pwnam_internals didn't find user [SALUSA\root]! Finding user root Trying _Get_Pwnam(), username as lowercase is root Get_Pwnam_internals did find user [root]! lookup_name: SALUSA\root => domain=[SALUSA], name=[root] lookup_name: flags = 0x073 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups tdbsam_open: successfully opened /var/lib/samba/private/passdb.tdb pdb_getsampwnam (TDB): error fetching database. Key: USER_root pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 lookup_name: Unix User\root => domain=[Unix User], name=[root] lookup_name: flags = 0x073 Finding user root Trying _Get_Pwnam(), username as lowercase is root Get_Pwnam_internals did find user [root]! sid S-1-22-1-0 -> uid 0 sys_getgrouplist: user [root] Opening cache file at /var/lib/samba/gencache.tdb Opening cache file at /var/lib/samba/gencache_notrans.tdb gid_to_sid: winbind failed to find a sid for gid 0 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: gid 0 -> sid S-1-22-2-0 gid_to_sid: winbind failed to find a sid for gid 1 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: gid 1 -> sid S-1-22-2-1 gid_to_sid: winbind failed to find a sid for gid 2 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: gid 2 -> sid S-1-22-2-2 gid_to_sid: winbind failed to find a sid for gid 3 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: gid 3 -> sid S-1-22-2-3 gid_to_sid: winbind failed to find a sid for gid 4 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: gid 4 -> sid S-1-22-2-4 gid_to_sid: winbind failed to find a sid for gid 6 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: gid 6 -> sid S-1-22-2-6 gid_to_sid: winbind failed to find a sid for gid 10 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: gid 10 -> sid S-1-22-2-10 Create local NT token for S-1-22-1-0 winbind failed to find a gid for sid S-1-5-32-544 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-32-544 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups Failed to fetch domain sid for POOCHIEREDS pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 winbind failed to find a gid for sid S-1-5-32-545 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-32-545 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups Failed to fetch domain sid for POOCHIEREDS pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 get_privileges: No privileges assigned to SID [S-1-22-1-0] get_privileges: No privileges assigned to SID [S-1-22-2-0] get_privileges: No privileges assigned to SID [S-1-22-2-1] get_privileges: No privileges assigned to SID [S-1-22-2-2] get_privileges: No privileges assigned to SID [S-1-22-2-3] get_privileges: No privileges assigned to SID [S-1-22-2-4] get_privileges: No privileges assigned to SID [S-1-22-2-6] get_privileges: No privileges assigned to SID [S-1-22-2-10] get_privileges_for_sids: sid = S-1-1-0 Privilege set: 0x0 get_privileges: No privileges assigned to SID [S-1-5-2] get_privileges: No privileges assigned to SID [S-1-5-11] wbcSidsToUnixIds returned WBC_ERR_WINBIND_NOT_AVAILABLE push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-1-0 LEGACY: mapping failed for sid S-1-1-0 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-2 LEGACY: mapping failed for sid S-1-5-2 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-11 LEGACY: mapping failed for sid S-1-5-11 Could not convert SID S-1-1-0 to gid, ignoring it Could not convert SID S-1-5-2 to gid, ignoring it Could not convert SID S-1-5-11 to gid, ignoring it Security token SIDs (11): SID[ 0]: S-1-22-1-0 SID[ 1]: S-1-22-2-0 SID[ 2]: S-1-22-2-1 SID[ 3]: S-1-22-2-2 SID[ 4]: S-1-22-2-3 SID[ 5]: S-1-22-2-4 SID[ 6]: S-1-22-2-6 SID[ 7]: S-1-22-2-10 SID[ 8]: S-1-1-0 SID[ 9]: S-1-5-2 SID[ 10]: S-1-5-11 Privileges (0x 0): Rights (0x 0): UNIX token of user 0 Primary group is 0 and contains 7 supplementary groups Group[ 0]: 0 Group[ 1]: 1 Group[ 2]: 2 Group[ 3]: 3 Group[ 4]: 4 Group[ 5]: 6 Group[ 6]: 10 Finding user nobody Trying _Get_Pwnam(), username as lowercase is nobody Get_Pwnam_internals did find user [nobody]! Finding user SALUSA\nobody Trying _Get_Pwnam(), username as lowercase is salusa\nobody Trying _Get_Pwnam(), username as given is SALUSA\nobody Trying _Get_Pwnam(), username as uppercase is SALUSA\NOBODY Checking combinations of 0 uppercase letters in salusa\nobody Get_Pwnam_internals didn't find user [SALUSA\nobody]! Finding user nobody Trying _Get_Pwnam(), username as lowercase is nobody Get_Pwnam_internals did find user [nobody]! Create local NT token for nobody winbind failed to find a gid for sid S-1-5-32-544 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-32-544 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups Failed to fetch domain sid for POOCHIEREDS pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 winbind failed to find a gid for sid S-1-5-32-545 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-32-545 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups Failed to fetch domain sid for POOCHIEREDS pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 get_privileges: No privileges assigned to SID [S-1-5-21-3135586876-1748606125-3800271425-501] get_privileges: No privileges assigned to SID [S-1-5-21-3135586876-1748606125-3800271425-514] get_privileges_for_sids: sid = S-1-1-0 Privilege set: 0x0 get_privileges: No privileges assigned to SID [S-1-5-2] get_privileges: No privileges assigned to SID [S-1-5-32-546] wbcSidsToUnixIds returned WBC_ERR_WINBIND_NOT_AVAILABLE push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups lookup_global_sam_rid: looking up RID 501. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 push_conn_ctx(0) : conn_ctx_stack_ndx = 1 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pdb_getsampwsid: Building guest account Finding user nobody Trying _Get_Pwnam(), username as lowercase is nobody Get_Pwnam_internals did find user [nobody]! pdb_set_username: setting username nobody, was pdb_set_full_name: setting full name Nobody, was pdb_set_domain: setting domain SALUSA, was pdb_set_user_sid: setting user sid S-1-5-21-3135586876-1748606125-3800271425-501 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3135586876-1748606125-3800271425-501 from rid 501 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 Finding user nobody Trying _Get_Pwnam(), username as lowercase is nobody Get_Pwnam_internals did find user [nobody]! pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: sid S-1-5-21-3135586876-1748606125-3800271425-501 is a User, expected a group push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups lookup_global_sam_rid: looking up RID 501. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 push_conn_ctx(0) : conn_ctx_stack_ndx = 1 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pdb_getsampwsid: Building guest account Finding user nobody Trying _Get_Pwnam(), username as lowercase is nobody Get_Pwnam_internals did find user [nobody]! pdb_set_username: setting username nobody, was pdb_set_full_name: setting full name Nobody, was pdb_set_domain: setting domain SALUSA, was pdb_set_user_sid: setting user sid S-1-5-21-3135586876-1748606125-3800271425-501 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3135586876-1748606125-3800271425-501 from rid 501 pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 Finding user nobody Trying _Get_Pwnam(), username as lowercase is nobody Get_Pwnam_internals did find user [nobody]! pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: sid S-1-5-21-3135586876-1748606125-3800271425-501 -> uid 99 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups lookup_global_sam_rid: looking up RID 514. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 push_conn_ctx(0) : conn_ctx_stack_ndx = 1 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pdb_getsampwrid (TDB): error looking up RID 514 by key RID_00000202. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 Can't find a unix id for an unmapped group pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-21-3135586876-1748606125-3800271425-514 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups lookup_global_sam_rid: looking up RID 514. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 push_conn_ctx(0) : conn_ctx_stack_ndx = 1 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pdb_getsampwrid (TDB): error looking up RID 514 by key RID_00000202. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 Can't find a unix id for an unmapped group pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-21-3135586876-1748606125-3800271425-514 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-1-0 LEGACY: mapping failed for sid S-1-1-0 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-2 LEGACY: mapping failed for sid S-1-5-2 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-32-546 LEGACY: mapping failed for sid S-1-5-32-546 Could not convert SID S-1-5-21-3135586876-1748606125-3800271425-514 to gid, ignoring it Could not convert SID S-1-1-0 to gid, ignoring it Could not convert SID S-1-5-2 to gid, ignoring it Could not convert SID S-1-5-32-546 to gid, ignoring it Security token SIDs (6): SID[ 0]: S-1-5-21-3135586876-1748606125-3800271425-501 SID[ 1]: S-1-5-21-3135586876-1748606125-3800271425-514 SID[ 2]: S-1-1-0 SID[ 3]: S-1-5-2 SID[ 4]: S-1-5-32-546 SID[ 5]: S-1-22-1-99 Privileges (0x 0): Rights (0x 0): UNIX token of user 99 Primary group is 99 and contains 0 supplementary groups Initialise the svcctl registry keys if needed. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 regdb_open: registry db opened. refcount reset (1) Create pipe requested \winreg init_pipe_handle_list: created handle list for pipe \winreg init_pipe_handle_list: pipe_handles ref count = 1 for pipe \winreg Created internal pipe \winreg (pipes_open=0) winreg_OpenHKLM: struct winreg_OpenHKLM in: struct winreg_OpenHKLM system_name : NULL access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY regkey_open_onelevel: name = [HKLM] regdb_open: incrementing refcount (1->2) reghook_cache_find: Searching for keyname [\HKLM] pathtree_find: Enter [\HKLM] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM] Opened policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. winreg_OpenHKLM: struct winreg_OpenHKLM out: struct winreg_OpenHKLM handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-ae50-3b52dd340000 result : WERR_OK Substituting charset 'UTF-8' for LOCALE winreg_OpenKey: struct winreg_OpenKey in: struct winreg_OpenKey parent_handle : * parent_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-ae50-3b52dd340000 keyname: struct winreg_String name_len : 0x0044 (68) name_size : 0x0044 (68) name : * name : 'SYSTEM\CurrentControlSet\Services' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY Found policy hnd[0] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (2->3) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] pathtree_find: Enter [\HKLM\SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM] regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (3->4) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet] regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet\Services] regdb_close: decrementing refcount (5->4) regdb_close: decrementing refcount (4->3) Opened policy hnd[2] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. winreg_OpenKey: struct winreg_OpenKey out: struct winreg_OpenKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-ae50-3b52dd340000 result : WERR_OK winreg_QueryInfoKey: struct winreg_QueryInfoKey in: struct winreg_QueryInfoKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-ae50-3b52dd340000 classname : * classname: struct winreg_String name_len : 0x0000 (0) name_size : 0x0000 (0) name : NULL Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services' (ops 0x7f51e36192e0) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services] winreg_QueryInfoKey: struct winreg_QueryInfoKey out: struct winreg_QueryInfoKey classname : * classname: struct winreg_String name_len : 0x0000 (0) name_size : 0x0000 (0) name : NULL num_subkeys : * num_subkeys : 0x00000007 (7) max_subkeylen : * max_subkeylen : 0x0000001c (28) max_classlen : * max_classlen : 0x00000000 (0) num_values : * num_values : 0x00000000 (0) max_valnamelen : * max_valnamelen : 0x00000002 (2) max_valbufsize : * max_valbufsize : 0x00000000 (0) secdescsize : * secdescsize : 0x00000078 (120) last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK winreg_EnumKey: struct winreg_EnumKey in: struct winreg_EnumKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-ae50-3b52dd340000 enum_index : 0x00000000 (0) name : * name: struct winreg_StringBuf length : 0x0000 (0) size : 0x001e (30) name : * name : '' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] winreg_EnumKey: struct winreg_EnumKey out: struct winreg_EnumKey name : * name: struct winreg_StringBuf length : 0x001a (26) size : 0x001e (30) name : * name : 'LanmanServer' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK winreg_EnumKey: struct winreg_EnumKey in: struct winreg_EnumKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-ae50-3b52dd340000 enum_index : 0x00000001 (1) name : * name: struct winreg_StringBuf length : 0x0000 (0) size : 0x001e (30) name : * name : '' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] winreg_EnumKey: struct winreg_EnumKey out: struct winreg_EnumKey name : * name: struct winreg_StringBuf length : 0x0012 (18) size : 0x001e (30) name : * name : 'Eventlog' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK winreg_EnumKey: struct winreg_EnumKey in: struct winreg_EnumKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-ae50-3b52dd340000 enum_index : 0x00000002 (2) name : * name: struct winreg_StringBuf length : 0x0000 (0) size : 0x001e (30) name : * name : '' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] winreg_EnumKey: struct winreg_EnumKey out: struct winreg_EnumKey name : * name: struct winreg_StringBuf length : 0x000c (12) size : 0x001e (30) name : * name : 'Tcpip' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK winreg_EnumKey: struct winreg_EnumKey in: struct winreg_EnumKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-ae50-3b52dd340000 enum_index : 0x00000003 (3) name : * name: struct winreg_StringBuf length : 0x0000 (0) size : 0x001e (30) name : * name : '' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] winreg_EnumKey: struct winreg_EnumKey out: struct winreg_EnumKey name : * name: struct winreg_StringBuf length : 0x0012 (18) size : 0x001e (30) name : * name : 'Netlogon' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK winreg_EnumKey: struct winreg_EnumKey in: struct winreg_EnumKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-ae50-3b52dd340000 enum_index : 0x00000004 (4) name : * name: struct winreg_StringBuf length : 0x0000 (0) size : 0x001e (30) name : * name : '' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] winreg_EnumKey: struct winreg_EnumKey out: struct winreg_EnumKey name : * name: struct winreg_StringBuf length : 0x0010 (16) size : 0x001e (30) name : * name : 'Spooler' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK winreg_EnumKey: struct winreg_EnumKey in: struct winreg_EnumKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-ae50-3b52dd340000 enum_index : 0x00000005 (5) name : * name: struct winreg_StringBuf length : 0x0000 (0) size : 0x001e (30) name : * name : '' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] winreg_EnumKey: struct winreg_EnumKey out: struct winreg_EnumKey name : * name: struct winreg_StringBuf length : 0x001e (30) size : 0x001e (30) name : * name : 'RemoteRegistry' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK winreg_EnumKey: struct winreg_EnumKey in: struct winreg_EnumKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-ae50-3b52dd340000 enum_index : 0x00000006 (6) name : * name: struct winreg_StringBuf length : 0x0000 (0) size : 0x001e (30) name : * name : '' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] winreg_EnumKey: struct winreg_EnumKey out: struct winreg_EnumKey name : * name: struct winreg_StringBuf length : 0x000a (10) size : 0x001e (30) name : * name : 'WINS' keyclass : * keyclass: struct winreg_StringBuf length : 0x0000 (0) size : 0x0002 (2) name : * name : '' last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0054 (84) name_size : 0x0054 (84) name : * name : 'SYSTEM\CurrentControlSet\Services\Spooler' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_ACTION_NONE (0) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\Spooler' tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3->4) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] pathtree_find: Enter [\HKLM\SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet] regdb_close: decrementing refcount (5->4) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet\Services] regdb_close: decrementing refcount (5->4) regkey_open_onelevel: name = [Spooler] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] regdb_close: decrementing refcount (5->4) Opened policy hnd[3] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-ae50-3b52dd340000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x000c (12) name_size : 0x000c (12) name : * name : 'Start' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x02 (2) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:Start] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\Spooler' (ops 0x7f51e36192e0) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler] regdb_unpack_values: value[0]: name[Start] len[4] regdb_unpack_values: value[1]: name[Type] len[4] regdb_unpack_values: value[2]: name[ErrorControl] len[4] regdb_unpack_values: value[3]: name[ObjectName] len[24] regdb_unpack_values: value[4]: name[DisplayName] len[28] regdb_unpack_values: value[5]: name[ImagePath] len[58] regdb_unpack_values: value[6]: name[Description] len[106] winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x000a (10) name_size : 0x000a (10) name : * name : 'Type' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x10 (16) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:Type] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x001a (26) name_size : 0x001a (26) name : * name : 'ErrorControl' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:ErrorControl] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0016 (22) name_size : 0x0016 (22) name : * name : 'ObjectName' type : REG_SZ (1) data : * data: ARRAY(24) [0] : 0x4c (76) [1] : 0x00 (0) [2] : 0x6f (111) [3] : 0x00 (0) [4] : 0x63 (99) [5] : 0x00 (0) [6] : 0x61 (97) [7] : 0x00 (0) [8] : 0x6c (108) [9] : 0x00 (0) [10] : 0x53 (83) [11] : 0x00 (0) [12] : 0x79 (121) [13] : 0x00 (0) [14] : 0x73 (115) [15] : 0x00 (0) [16] : 0x74 (116) [17] : 0x00 (0) [18] : 0x65 (101) [19] : 0x00 (0) [20] : 0x6d (109) [21] : 0x00 (0) [22] : 0x00 (0) [23] : 0x00 (0) size : 0x00000018 (24) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:ObjectName] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'DisplayName' type : REG_SZ (1) data : * data: ARRAY(28) [0] : 0x50 (80) [1] : 0x00 (0) [2] : 0x72 (114) [3] : 0x00 (0) [4] : 0x69 (105) [5] : 0x00 (0) [6] : 0x6e (110) [7] : 0x00 (0) [8] : 0x74 (116) [9] : 0x00 (0) [10] : 0x20 (32) [11] : 0x00 (0) [12] : 0x53 (83) [13] : 0x00 (0) [14] : 0x70 (112) [15] : 0x00 (0) [16] : 0x6f (111) [17] : 0x00 (0) [18] : 0x6f (111) [19] : 0x00 (0) [20] : 0x6c (108) [21] : 0x00 (0) [22] : 0x65 (101) [23] : 0x00 (0) [24] : 0x72 (114) [25] : 0x00 (0) [26] : 0x00 (0) [27] : 0x00 (0) size : 0x0000001c (28) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:DisplayName] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0014 (20) name_size : 0x0014 (20) name : * name : 'ImagePath' type : REG_SZ (1) data : * data: ARRAY(58) [0] : 0x2f (47) [1] : 0x00 (0) [2] : 0x75 (117) [3] : 0x00 (0) [4] : 0x73 (115) [5] : 0x00 (0) [6] : 0x72 (114) [7] : 0x00 (0) [8] : 0x2f (47) [9] : 0x00 (0) [10] : 0x6c (108) [11] : 0x00 (0) [12] : 0x69 (105) [13] : 0x00 (0) [14] : 0x62 (98) [15] : 0x00 (0) [16] : 0x36 (54) [17] : 0x00 (0) [18] : 0x34 (52) [19] : 0x00 (0) [20] : 0x2f (47) [21] : 0x00 (0) [22] : 0x73 (115) [23] : 0x00 (0) [24] : 0x61 (97) [25] : 0x00 (0) [26] : 0x6d (109) [27] : 0x00 (0) [28] : 0x62 (98) [29] : 0x00 (0) [30] : 0x61 (97) [31] : 0x00 (0) [32] : 0x2f (47) [33] : 0x00 (0) [34] : 0x73 (115) [35] : 0x00 (0) [36] : 0x76 (118) [37] : 0x00 (0) [38] : 0x63 (99) [39] : 0x00 (0) [40] : 0x63 (99) [41] : 0x00 (0) [42] : 0x74 (116) [43] : 0x00 (0) [44] : 0x6c (108) [45] : 0x00 (0) [46] : 0x2f (47) [47] : 0x00 (0) [48] : 0x73 (115) [49] : 0x00 (0) [50] : 0x6d (109) [51] : 0x00 (0) [52] : 0x62 (98) [53] : 0x00 (0) [54] : 0x64 (100) [55] : 0x00 (0) [56] : 0x00 (0) [57] : 0x00 (0) size : 0x0000003a (58) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:ImagePath] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'Description' type : REG_SZ (1) data : * data: ARRAY(106) [0] : 0x49 (73) [1] : 0x00 (0) [2] : 0x6e (110) [3] : 0x00 (0) [4] : 0x74 (116) [5] : 0x00 (0) [6] : 0x65 (101) [7] : 0x00 (0) [8] : 0x72 (114) [9] : 0x00 (0) [10] : 0x6e (110) [11] : 0x00 (0) [12] : 0x61 (97) [13] : 0x00 (0) [14] : 0x6c (108) [15] : 0x00 (0) [16] : 0x20 (32) [17] : 0x00 (0) [18] : 0x73 (115) [19] : 0x00 (0) [20] : 0x65 (101) [21] : 0x00 (0) [22] : 0x72 (114) [23] : 0x00 (0) [24] : 0x76 (118) [25] : 0x00 (0) [26] : 0x69 (105) [27] : 0x00 (0) [28] : 0x63 (99) [29] : 0x00 (0) [30] : 0x65 (101) [31] : 0x00 (0) [32] : 0x20 (32) [33] : 0x00 (0) [34] : 0x66 (102) [35] : 0x00 (0) [36] : 0x6f (111) [37] : 0x00 (0) [38] : 0x72 (114) [39] : 0x00 (0) [40] : 0x20 (32) [41] : 0x00 (0) [42] : 0x73 (115) [43] : 0x00 (0) [44] : 0x70 (112) [45] : 0x00 (0) [46] : 0x6f (111) [47] : 0x00 (0) [48] : 0x6f (111) [49] : 0x00 (0) [50] : 0x6c (108) [51] : 0x00 (0) [52] : 0x69 (105) [53] : 0x00 (0) [54] : 0x6e (110) [55] : 0x00 (0) [56] : 0x67 (103) [57] : 0x00 (0) [58] : 0x20 (32) [59] : 0x00 (0) [60] : 0x66 (102) [61] : 0x00 (0) [62] : 0x69 (105) [63] : 0x00 (0) [64] : 0x6c (108) [65] : 0x00 (0) [66] : 0x65 (101) [67] : 0x00 (0) [68] : 0x73 (115) [69] : 0x00 (0) [70] : 0x20 (32) [71] : 0x00 (0) [72] : 0x74 (116) [73] : 0x00 (0) [74] : 0x6f (111) [75] : 0x00 (0) [76] : 0x20 (32) [77] : 0x00 (0) [78] : 0x70 (112) [79] : 0x00 (0) [80] : 0x72 (114) [81] : 0x00 (0) [82] : 0x69 (105) [83] : 0x00 (0) [84] : 0x6e (110) [85] : 0x00 (0) [86] : 0x74 (116) [87] : 0x00 (0) [88] : 0x20 (32) [89] : 0x00 (0) [90] : 0x64 (100) [91] : 0x00 (0) [92] : 0x65 (101) [93] : 0x00 (0) [94] : 0x76 (118) [95] : 0x00 (0) [96] : 0x69 (105) [97] : 0x00 (0) [98] : 0x63 (99) [99] : 0x00 (0) [100] : 0x65 (101) [101] : 0x00 (0) [102] : 0x73 (115) [103] : 0x00 (0) [104] : 0x00 (0) [105] : 0x00 (0) size : 0x0000006a (106) Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:Description] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000003-0000-0000-ae50-3b52dd340000 Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Closed policy regdb_close: decrementing refcount (4->3) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0066 (102) name_size : 0x0066 (102) name : * name : 'SYSTEM\CurrentControlSet\Services\Spooler\Security' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\Spooler\Security' tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3->4) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] pathtree_find: Enter [\HKLM\SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet] regdb_close: decrementing refcount (5->4) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet\Services] regdb_close: decrementing refcount (5->4) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [Spooler] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] regdb_close: decrementing refcount (5->4) regkey_open_onelevel: name = [Security] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security] regdb_fetch_keys: no subkeys found for key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security] regdb_close: decrementing refcount (5->4) Opened policy hnd[3] [0000] 00 00 00 00 04 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000004-0000-0000-ae50-3b52dd340000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000004-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0012 (18) name_size : 0x0012 (18) name : * name : 'Security' type : REG_BINARY (3) data : * data: ARRAY(120) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x04 (4) [3] : 0x80 (128) [4] : 0x00 (0) [5] : 0x00 (0) [6] : 0x00 (0) [7] : 0x00 (0) [8] : 0x00 (0) [9] : 0x00 (0) [10] : 0x00 (0) [11] : 0x00 (0) [12] : 0x00 (0) [13] : 0x00 (0) [14] : 0x00 (0) [15] : 0x00 (0) [16] : 0x14 (20) [17] : 0x00 (0) [18] : 0x00 (0) [19] : 0x00 (0) [20] : 0x02 (2) [21] : 0x00 (0) [22] : 0x64 (100) [23] : 0x00 (0) [24] : 0x04 (4) [25] : 0x00 (0) [26] : 0x00 (0) [27] : 0x00 (0) [28] : 0x00 (0) [29] : 0x00 (0) [30] : 0x14 (20) [31] : 0x00 (0) [32] : 0x8d (141) [33] : 0x01 (1) [34] : 0x02 (2) [35] : 0x00 (0) [36] : 0x01 (1) [37] : 0x01 (1) [38] : 0x00 (0) [39] : 0x00 (0) [40] : 0x00 (0) [41] : 0x00 (0) [42] : 0x00 (0) [43] : 0x01 (1) [44] : 0x00 (0) [45] : 0x00 (0) [46] : 0x00 (0) [47] : 0x00 (0) [48] : 0x00 (0) [49] : 0x00 (0) [50] : 0x18 (24) [51] : 0x00 (0) [52] : 0xfd (253) [53] : 0x01 (1) [54] : 0x02 (2) [55] : 0x00 (0) [56] : 0x01 (1) [57] : 0x02 (2) [58] : 0x00 (0) [59] : 0x00 (0) [60] : 0x00 (0) [61] : 0x00 (0) [62] : 0x00 (0) [63] : 0x05 (5) [64] : 0x20 (32) [65] : 0x00 (0) [66] : 0x00 (0) [67] : 0x00 (0) [68] : 0x23 (35) [69] : 0x02 (2) [70] : 0x00 (0) [71] : 0x00 (0) [72] : 0x00 (0) [73] : 0x00 (0) [74] : 0x18 (24) [75] : 0x00 (0) [76] : 0xff (255) [77] : 0x01 (1) [78] : 0x0f (15) [79] : 0x00 (0) [80] : 0x01 (1) [81] : 0x02 (2) [82] : 0x00 (0) [83] : 0x00 (0) [84] : 0x00 (0) [85] : 0x00 (0) [86] : 0x00 (0) [87] : 0x05 (5) [88] : 0x20 (32) [89] : 0x00 (0) [90] : 0x00 (0) [91] : 0x00 (0) [92] : 0x25 (37) [93] : 0x02 (2) [94] : 0x00 (0) [95] : 0x00 (0) [96] : 0x00 (0) [97] : 0x00 (0) [98] : 0x18 (24) [99] : 0x00 (0) [100] : 0xff (255) [101] : 0x01 (1) [102] : 0x0f (15) [103] : 0x00 (0) [104] : 0x01 (1) [105] : 0x02 (2) [106] : 0x00 (0) [107] : 0x00 (0) [108] : 0x00 (0) [109] : 0x00 (0) [110] : 0x00 (0) [111] : 0x05 (5) [112] : 0x20 (32) [113] : 0x00 (0) [114] : 0x00 (0) [115] : 0x00 (0) [116] : 0x20 (32) [117] : 0x02 (2) [118] : 0x00 (0) [119] : 0x00 (0) size : 0x00000078 (120) Found policy hnd[0] [0000] 00 00 00 00 04 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security:Security] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security' (ops 0x7f51e36192e0) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security] regdb_unpack_values: value[0]: name[Security] len[120] winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000004-0000-0000-ae50-3b52dd340000 Found policy hnd[0] [0000] 00 00 00 00 04 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Found policy hnd[0] [0000] 00 00 00 00 04 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Closed policy regdb_close: decrementing refcount (4->3) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0056 (86) name_size : 0x0056 (86) name : * name : 'SYSTEM\CurrentControlSet\Services\NETLOGON' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_ACTION_NONE (0) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\NETLOGON' tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3->4) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] pathtree_find: Enter [\HKLM\SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet] regdb_close: decrementing refcount (5->4) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet\Services] regdb_close: decrementing refcount (5->4) regkey_open_onelevel: name = [NETLOGON] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] regdb_close: decrementing refcount (5->4) Opened policy hnd[3] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-ae50-3b52dd340000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x000c (12) name_size : 0x000c (12) name : * name : 'Start' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x02 (2) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:Start] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON' (ops 0x7f51e36192e0) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] regdb_unpack_values: value[0]: name[Start] len[4] regdb_unpack_values: value[1]: name[Type] len[4] regdb_unpack_values: value[2]: name[ErrorControl] len[4] regdb_unpack_values: value[3]: name[ObjectName] len[24] regdb_unpack_values: value[4]: name[DisplayName] len[20] regdb_unpack_values: value[5]: name[ImagePath] len[58] regdb_unpack_values: value[6]: name[Description] len[164] winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x000a (10) name_size : 0x000a (10) name : * name : 'Type' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x10 (16) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:Type] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x001a (26) name_size : 0x001a (26) name : * name : 'ErrorControl' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:ErrorControl] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0016 (22) name_size : 0x0016 (22) name : * name : 'ObjectName' type : REG_SZ (1) data : * data: ARRAY(24) [0] : 0x4c (76) [1] : 0x00 (0) [2] : 0x6f (111) [3] : 0x00 (0) [4] : 0x63 (99) [5] : 0x00 (0) [6] : 0x61 (97) [7] : 0x00 (0) [8] : 0x6c (108) [9] : 0x00 (0) [10] : 0x53 (83) [11] : 0x00 (0) [12] : 0x79 (121) [13] : 0x00 (0) [14] : 0x73 (115) [15] : 0x00 (0) [16] : 0x74 (116) [17] : 0x00 (0) [18] : 0x65 (101) [19] : 0x00 (0) [20] : 0x6d (109) [21] : 0x00 (0) [22] : 0x00 (0) [23] : 0x00 (0) size : 0x00000018 (24) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:ObjectName] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'DisplayName' type : REG_SZ (1) data : * data: ARRAY(20) [0] : 0x4e (78) [1] : 0x00 (0) [2] : 0x65 (101) [3] : 0x00 (0) [4] : 0x74 (116) [5] : 0x00 (0) [6] : 0x20 (32) [7] : 0x00 (0) [8] : 0x4c (76) [9] : 0x00 (0) [10] : 0x6f (111) [11] : 0x00 (0) [12] : 0x67 (103) [13] : 0x00 (0) [14] : 0x6f (111) [15] : 0x00 (0) [16] : 0x6e (110) [17] : 0x00 (0) [18] : 0x00 (0) [19] : 0x00 (0) size : 0x00000014 (20) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:DisplayName] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0014 (20) name_size : 0x0014 (20) name : * name : 'ImagePath' type : REG_SZ (1) data : * data: ARRAY(58) [0] : 0x2f (47) [1] : 0x00 (0) [2] : 0x75 (117) [3] : 0x00 (0) [4] : 0x73 (115) [5] : 0x00 (0) [6] : 0x72 (114) [7] : 0x00 (0) [8] : 0x2f (47) [9] : 0x00 (0) [10] : 0x6c (108) [11] : 0x00 (0) [12] : 0x69 (105) [13] : 0x00 (0) [14] : 0x62 (98) [15] : 0x00 (0) [16] : 0x36 (54) [17] : 0x00 (0) [18] : 0x34 (52) [19] : 0x00 (0) [20] : 0x2f (47) [21] : 0x00 (0) [22] : 0x73 (115) [23] : 0x00 (0) [24] : 0x61 (97) [25] : 0x00 (0) [26] : 0x6d (109) [27] : 0x00 (0) [28] : 0x62 (98) [29] : 0x00 (0) [30] : 0x61 (97) [31] : 0x00 (0) [32] : 0x2f (47) [33] : 0x00 (0) [34] : 0x73 (115) [35] : 0x00 (0) [36] : 0x76 (118) [37] : 0x00 (0) [38] : 0x63 (99) [39] : 0x00 (0) [40] : 0x63 (99) [41] : 0x00 (0) [42] : 0x74 (116) [43] : 0x00 (0) [44] : 0x6c (108) [45] : 0x00 (0) [46] : 0x2f (47) [47] : 0x00 (0) [48] : 0x73 (115) [49] : 0x00 (0) [50] : 0x6d (109) [51] : 0x00 (0) [52] : 0x62 (98) [53] : 0x00 (0) [54] : 0x64 (100) [55] : 0x00 (0) [56] : 0x00 (0) [57] : 0x00 (0) size : 0x0000003a (58) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:ImagePath] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'Description' type : REG_SZ (1) data : * data: ARRAY(164) [0] : 0x46 (70) [1] : 0x00 (0) [2] : 0x69 (105) [3] : 0x00 (0) [4] : 0x6c (108) [5] : 0x00 (0) [6] : 0x65 (101) [7] : 0x00 (0) [8] : 0x20 (32) [9] : 0x00 (0) [10] : 0x73 (115) [11] : 0x00 (0) [12] : 0x65 (101) [13] : 0x00 (0) [14] : 0x72 (114) [15] : 0x00 (0) [16] : 0x76 (118) [17] : 0x00 (0) [18] : 0x69 (105) [19] : 0x00 (0) [20] : 0x63 (99) [21] : 0x00 (0) [22] : 0x65 (101) [23] : 0x00 (0) [24] : 0x20 (32) [25] : 0x00 (0) [26] : 0x70 (112) [27] : 0x00 (0) [28] : 0x72 (114) [29] : 0x00 (0) [30] : 0x6f (111) [31] : 0x00 (0) [32] : 0x76 (118) [33] : 0x00 (0) [34] : 0x69 (105) [35] : 0x00 (0) [36] : 0x64 (100) [37] : 0x00 (0) [38] : 0x69 (105) [39] : 0x00 (0) [40] : 0x6e (110) [41] : 0x00 (0) [42] : 0x67 (103) [43] : 0x00 (0) [44] : 0x20 (32) [45] : 0x00 (0) [46] : 0x61 (97) [47] : 0x00 (0) [48] : 0x63 (99) [49] : 0x00 (0) [50] : 0x63 (99) [51] : 0x00 (0) [52] : 0x65 (101) [53] : 0x00 (0) [54] : 0x73 (115) [55] : 0x00 (0) [56] : 0x73 (115) [57] : 0x00 (0) [58] : 0x20 (32) [59] : 0x00 (0) [60] : 0x74 (116) [61] : 0x00 (0) [62] : 0x6f (111) [63] : 0x00 (0) [64] : 0x20 (32) [65] : 0x00 (0) [66] : 0x70 (112) [67] : 0x00 (0) [68] : 0x6f (111) [69] : 0x00 (0) [70] : 0x6c (108) [71] : 0x00 (0) [72] : 0x69 (105) [73] : 0x00 (0) [74] : 0x63 (99) [75] : 0x00 (0) [76] : 0x79 (121) [77] : 0x00 (0) [78] : 0x20 (32) [79] : 0x00 (0) [80] : 0x61 (97) [81] : 0x00 (0) [82] : 0x6e (110) [83] : 0x00 (0) [84] : 0x64 (100) [85] : 0x00 (0) [86] : 0x20 (32) [87] : 0x00 (0) [88] : 0x70 (112) [89] : 0x00 (0) [90] : 0x72 (114) [91] : 0x00 (0) [92] : 0x6f (111) [93] : 0x00 (0) [94] : 0x66 (102) [95] : 0x00 (0) [96] : 0x69 (105) [97] : 0x00 (0) [98] : 0x6c (108) [99] : 0x00 (0) [100] : 0x65 (101) [101] : 0x00 (0) [102] : 0x20 (32) [103] : 0x00 (0) [104] : 0x64 (100) [105] : 0x00 (0) [106] : 0x61 (97) [107] : 0x00 (0) [108] : 0x74 (116) [109] : 0x00 (0) [110] : 0x61 (97) [111] : 0x00 (0) [112] : 0x20 (32) [113] : 0x00 (0) [114] : 0x28 (40) [115] : 0x00 (0) [116] : 0x6e (110) [117] : 0x00 (0) [118] : 0x6f (111) [119] : 0x00 (0) [120] : 0x74 (116) [121] : 0x00 (0) [122] : 0x72 (114) [123] : 0x00 (0) [124] : 0x65 (101) [125] : 0x00 (0) [126] : 0x6d (109) [127] : 0x00 (0) [128] : 0x6f (111) [129] : 0x00 (0) [130] : 0x74 (116) [131] : 0x00 (0) [132] : 0x65 (101) [133] : 0x00 (0) [134] : 0x6c (108) [135] : 0x00 (0) [136] : 0x79 (121) [137] : 0x00 (0) [138] : 0x20 (32) [139] : 0x00 (0) [140] : 0x6d (109) [141] : 0x00 (0) [142] : 0x61 (97) [143] : 0x00 (0) [144] : 0x6e (110) [145] : 0x00 (0) [146] : 0x61 (97) [147] : 0x00 (0) [148] : 0x67 (103) [149] : 0x00 (0) [150] : 0x65 (101) [151] : 0x00 (0) [152] : 0x61 (97) [153] : 0x00 (0) [154] : 0x62 (98) [155] : 0x00 (0) [156] : 0x6c (108) [157] : 0x00 (0) [158] : 0x65 (101) [159] : 0x00 (0) [160] : 0x29 (41) [161] : 0x00 (0) [162] : 0x00 (0) [163] : 0x00 (0) size : 0x000000a4 (164) Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:Description] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000005-0000-0000-ae50-3b52dd340000 Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Closed policy regdb_close: decrementing refcount (4->3) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0068 (104) name_size : 0x0068 (104) name : * name : 'SYSTEM\CurrentControlSet\Services\NETLOGON\Security' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\NETLOGON\Security' tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3->4) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] pathtree_find: Enter [\HKLM\SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet] regdb_close: decrementing refcount (5->4) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet\Services] regdb_close: decrementing refcount (5->4) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [NETLOGON] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] regdb_close: decrementing refcount (5->4) regkey_open_onelevel: name = [Security] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security] regdb_fetch_keys: no subkeys found for key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security] regdb_close: decrementing refcount (5->4) Opened policy hnd[3] [0000] 00 00 00 00 06 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000006-0000-0000-ae50-3b52dd340000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000006-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0012 (18) name_size : 0x0012 (18) name : * name : 'Security' type : REG_BINARY (3) data : * data: ARRAY(120) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x04 (4) [3] : 0x80 (128) [4] : 0x00 (0) [5] : 0x00 (0) [6] : 0x00 (0) [7] : 0x00 (0) [8] : 0x00 (0) [9] : 0x00 (0) [10] : 0x00 (0) [11] : 0x00 (0) [12] : 0x00 (0) [13] : 0x00 (0) [14] : 0x00 (0) [15] : 0x00 (0) [16] : 0x14 (20) [17] : 0x00 (0) [18] : 0x00 (0) [19] : 0x00 (0) [20] : 0x02 (2) [21] : 0x00 (0) [22] : 0x64 (100) [23] : 0x00 (0) [24] : 0x04 (4) [25] : 0x00 (0) [26] : 0x00 (0) [27] : 0x00 (0) [28] : 0x00 (0) [29] : 0x00 (0) [30] : 0x14 (20) [31] : 0x00 (0) [32] : 0x8d (141) [33] : 0x01 (1) [34] : 0x02 (2) [35] : 0x00 (0) [36] : 0x01 (1) [37] : 0x01 (1) [38] : 0x00 (0) [39] : 0x00 (0) [40] : 0x00 (0) [41] : 0x00 (0) [42] : 0x00 (0) [43] : 0x01 (1) [44] : 0x00 (0) [45] : 0x00 (0) [46] : 0x00 (0) [47] : 0x00 (0) [48] : 0x00 (0) [49] : 0x00 (0) [50] : 0x18 (24) [51] : 0x00 (0) [52] : 0xfd (253) [53] : 0x01 (1) [54] : 0x02 (2) [55] : 0x00 (0) [56] : 0x01 (1) [57] : 0x02 (2) [58] : 0x00 (0) [59] : 0x00 (0) [60] : 0x00 (0) [61] : 0x00 (0) [62] : 0x00 (0) [63] : 0x05 (5) [64] : 0x20 (32) [65] : 0x00 (0) [66] : 0x00 (0) [67] : 0x00 (0) [68] : 0x23 (35) [69] : 0x02 (2) [70] : 0x00 (0) [71] : 0x00 (0) [72] : 0x00 (0) [73] : 0x00 (0) [74] : 0x18 (24) [75] : 0x00 (0) [76] : 0xff (255) [77] : 0x01 (1) [78] : 0x0f (15) [79] : 0x00 (0) [80] : 0x01 (1) [81] : 0x02 (2) [82] : 0x00 (0) [83] : 0x00 (0) [84] : 0x00 (0) [85] : 0x00 (0) [86] : 0x00 (0) [87] : 0x05 (5) [88] : 0x20 (32) [89] : 0x00 (0) [90] : 0x00 (0) [91] : 0x00 (0) [92] : 0x25 (37) [93] : 0x02 (2) [94] : 0x00 (0) [95] : 0x00 (0) [96] : 0x00 (0) [97] : 0x00 (0) [98] : 0x18 (24) [99] : 0x00 (0) [100] : 0xff (255) [101] : 0x01 (1) [102] : 0x0f (15) [103] : 0x00 (0) [104] : 0x01 (1) [105] : 0x02 (2) [106] : 0x00 (0) [107] : 0x00 (0) [108] : 0x00 (0) [109] : 0x00 (0) [110] : 0x00 (0) [111] : 0x05 (5) [112] : 0x20 (32) [113] : 0x00 (0) [114] : 0x00 (0) [115] : 0x00 (0) [116] : 0x20 (32) [117] : 0x02 (2) [118] : 0x00 (0) [119] : 0x00 (0) size : 0x00000078 (120) Found policy hnd[0] [0000] 00 00 00 00 06 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security:Security] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security' (ops 0x7f51e36192e0) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security] regdb_unpack_values: value[0]: name[Security] len[120] winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000006-0000-0000-ae50-3b52dd340000 Found policy hnd[0] [0000] 00 00 00 00 06 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Found policy hnd[0] [0000] 00 00 00 00 06 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Closed policy regdb_close: decrementing refcount (4->3) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0062 (98) name_size : 0x0062 (98) name : * name : 'SYSTEM\CurrentControlSet\Services\RemoteRegistry' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_ACTION_NONE (0) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\RemoteRegistry' tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3->4) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] pathtree_find: Enter [\HKLM\SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet] regdb_close: decrementing refcount (5->4) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet\Services] regdb_close: decrementing refcount (5->4) regkey_open_onelevel: name = [RemoteRegistry] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] regdb_close: decrementing refcount (5->4) Opened policy hnd[3] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-ae50-3b52dd340000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x000c (12) name_size : 0x000c (12) name : * name : 'Start' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x02 (2) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:Start] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry' (ops 0x7f51e36192e0) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] regdb_unpack_values: value[0]: name[Start] len[4] regdb_unpack_values: value[1]: name[Type] len[4] regdb_unpack_values: value[2]: name[ErrorControl] len[4] regdb_unpack_values: value[3]: name[ObjectName] len[24] regdb_unpack_values: value[4]: name[DisplayName] len[48] regdb_unpack_values: value[5]: name[ImagePath] len[58] regdb_unpack_values: value[6]: name[Description] len[126] winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x000a (10) name_size : 0x000a (10) name : * name : 'Type' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x10 (16) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:Type] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x001a (26) name_size : 0x001a (26) name : * name : 'ErrorControl' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:ErrorControl] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0016 (22) name_size : 0x0016 (22) name : * name : 'ObjectName' type : REG_SZ (1) data : * data: ARRAY(24) [0] : 0x4c (76) [1] : 0x00 (0) [2] : 0x6f (111) [3] : 0x00 (0) [4] : 0x63 (99) [5] : 0x00 (0) [6] : 0x61 (97) [7] : 0x00 (0) [8] : 0x6c (108) [9] : 0x00 (0) [10] : 0x53 (83) [11] : 0x00 (0) [12] : 0x79 (121) [13] : 0x00 (0) [14] : 0x73 (115) [15] : 0x00 (0) [16] : 0x74 (116) [17] : 0x00 (0) [18] : 0x65 (101) [19] : 0x00 (0) [20] : 0x6d (109) [21] : 0x00 (0) [22] : 0x00 (0) [23] : 0x00 (0) size : 0x00000018 (24) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:ObjectName] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'DisplayName' type : REG_SZ (1) data : * data: ARRAY(48) [0] : 0x52 (82) [1] : 0x00 (0) [2] : 0x65 (101) [3] : 0x00 (0) [4] : 0x6d (109) [5] : 0x00 (0) [6] : 0x6f (111) [7] : 0x00 (0) [8] : 0x74 (116) [9] : 0x00 (0) [10] : 0x65 (101) [11] : 0x00 (0) [12] : 0x20 (32) [13] : 0x00 (0) [14] : 0x52 (82) [15] : 0x00 (0) [16] : 0x65 (101) [17] : 0x00 (0) [18] : 0x67 (103) [19] : 0x00 (0) [20] : 0x69 (105) [21] : 0x00 (0) [22] : 0x73 (115) [23] : 0x00 (0) [24] : 0x74 (116) [25] : 0x00 (0) [26] : 0x72 (114) [27] : 0x00 (0) [28] : 0x79 (121) [29] : 0x00 (0) [30] : 0x20 (32) [31] : 0x00 (0) [32] : 0x53 (83) [33] : 0x00 (0) [34] : 0x65 (101) [35] : 0x00 (0) [36] : 0x72 (114) [37] : 0x00 (0) [38] : 0x76 (118) [39] : 0x00 (0) [40] : 0x69 (105) [41] : 0x00 (0) [42] : 0x63 (99) [43] : 0x00 (0) [44] : 0x65 (101) [45] : 0x00 (0) [46] : 0x00 (0) [47] : 0x00 (0) size : 0x00000030 (48) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:DisplayName] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0014 (20) name_size : 0x0014 (20) name : * name : 'ImagePath' type : REG_SZ (1) data : * data: ARRAY(58) [0] : 0x2f (47) [1] : 0x00 (0) [2] : 0x75 (117) [3] : 0x00 (0) [4] : 0x73 (115) [5] : 0x00 (0) [6] : 0x72 (114) [7] : 0x00 (0) [8] : 0x2f (47) [9] : 0x00 (0) [10] : 0x6c (108) [11] : 0x00 (0) [12] : 0x69 (105) [13] : 0x00 (0) [14] : 0x62 (98) [15] : 0x00 (0) [16] : 0x36 (54) [17] : 0x00 (0) [18] : 0x34 (52) [19] : 0x00 (0) [20] : 0x2f (47) [21] : 0x00 (0) [22] : 0x73 (115) [23] : 0x00 (0) [24] : 0x61 (97) [25] : 0x00 (0) [26] : 0x6d (109) [27] : 0x00 (0) [28] : 0x62 (98) [29] : 0x00 (0) [30] : 0x61 (97) [31] : 0x00 (0) [32] : 0x2f (47) [33] : 0x00 (0) [34] : 0x73 (115) [35] : 0x00 (0) [36] : 0x76 (118) [37] : 0x00 (0) [38] : 0x63 (99) [39] : 0x00 (0) [40] : 0x63 (99) [41] : 0x00 (0) [42] : 0x74 (116) [43] : 0x00 (0) [44] : 0x6c (108) [45] : 0x00 (0) [46] : 0x2f (47) [47] : 0x00 (0) [48] : 0x73 (115) [49] : 0x00 (0) [50] : 0x6d (109) [51] : 0x00 (0) [52] : 0x62 (98) [53] : 0x00 (0) [54] : 0x64 (100) [55] : 0x00 (0) [56] : 0x00 (0) [57] : 0x00 (0) size : 0x0000003a (58) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:ImagePath] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'Description' type : REG_SZ (1) data : * data: ARRAY(126) [0] : 0x49 (73) [1] : 0x00 (0) [2] : 0x6e (110) [3] : 0x00 (0) [4] : 0x74 (116) [5] : 0x00 (0) [6] : 0x65 (101) [7] : 0x00 (0) [8] : 0x72 (114) [9] : 0x00 (0) [10] : 0x6e (110) [11] : 0x00 (0) [12] : 0x61 (97) [13] : 0x00 (0) [14] : 0x6c (108) [15] : 0x00 (0) [16] : 0x20 (32) [17] : 0x00 (0) [18] : 0x73 (115) [19] : 0x00 (0) [20] : 0x65 (101) [21] : 0x00 (0) [22] : 0x72 (114) [23] : 0x00 (0) [24] : 0x76 (118) [25] : 0x00 (0) [26] : 0x69 (105) [27] : 0x00 (0) [28] : 0x63 (99) [29] : 0x00 (0) [30] : 0x65 (101) [31] : 0x00 (0) [32] : 0x20 (32) [33] : 0x00 (0) [34] : 0x70 (112) [35] : 0x00 (0) [36] : 0x72 (114) [37] : 0x00 (0) [38] : 0x6f (111) [39] : 0x00 (0) [40] : 0x76 (118) [41] : 0x00 (0) [42] : 0x69 (105) [43] : 0x00 (0) [44] : 0x64 (100) [45] : 0x00 (0) [46] : 0x69 (105) [47] : 0x00 (0) [48] : 0x6e (110) [49] : 0x00 (0) [50] : 0x67 (103) [51] : 0x00 (0) [52] : 0x20 (32) [53] : 0x00 (0) [54] : 0x72 (114) [55] : 0x00 (0) [56] : 0x65 (101) [57] : 0x00 (0) [58] : 0x6d (109) [59] : 0x00 (0) [60] : 0x6f (111) [61] : 0x00 (0) [62] : 0x74 (116) [63] : 0x00 (0) [64] : 0x65 (101) [65] : 0x00 (0) [66] : 0x20 (32) [67] : 0x00 (0) [68] : 0x61 (97) [69] : 0x00 (0) [70] : 0x63 (99) [71] : 0x00 (0) [72] : 0x63 (99) [73] : 0x00 (0) [74] : 0x65 (101) [75] : 0x00 (0) [76] : 0x73 (115) [77] : 0x00 (0) [78] : 0x73 (115) [79] : 0x00 (0) [80] : 0x20 (32) [81] : 0x00 (0) [82] : 0x74 (116) [83] : 0x00 (0) [84] : 0x6f (111) [85] : 0x00 (0) [86] : 0x20 (32) [87] : 0x00 (0) [88] : 0x74 (116) [89] : 0x00 (0) [90] : 0x68 (104) [91] : 0x00 (0) [92] : 0x65 (101) [93] : 0x00 (0) [94] : 0x20 (32) [95] : 0x00 (0) [96] : 0x53 (83) [97] : 0x00 (0) [98] : 0x61 (97) [99] : 0x00 (0) [100] : 0x6d (109) [101] : 0x00 (0) [102] : 0x62 (98) [103] : 0x00 (0) [104] : 0x61 (97) [105] : 0x00 (0) [106] : 0x20 (32) [107] : 0x00 (0) [108] : 0x72 (114) [109] : 0x00 (0) [110] : 0x65 (101) [111] : 0x00 (0) [112] : 0x67 (103) [113] : 0x00 (0) [114] : 0x69 (105) [115] : 0x00 (0) [116] : 0x73 (115) [117] : 0x00 (0) [118] : 0x74 (116) [119] : 0x00 (0) [120] : 0x72 (114) [121] : 0x00 (0) [122] : 0x79 (121) [123] : 0x00 (0) [124] : 0x00 (0) [125] : 0x00 (0) size : 0x0000007e (126) Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:Description] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000007-0000-0000-ae50-3b52dd340000 Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Closed policy regdb_close: decrementing refcount (4->3) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0074 (116) name_size : 0x0074 (116) name : * name : 'SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security' tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3->4) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] pathtree_find: Enter [\HKLM\SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet] regdb_close: decrementing refcount (5->4) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet\Services] regdb_close: decrementing refcount (5->4) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [RemoteRegistry] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] regdb_close: decrementing refcount (5->4) regkey_open_onelevel: name = [Security] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security] regdb_fetch_keys: no subkeys found for key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security] regdb_close: decrementing refcount (5->4) Opened policy hnd[3] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000008-0000-0000-ae50-3b52dd340000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000008-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0012 (18) name_size : 0x0012 (18) name : * name : 'Security' type : REG_BINARY (3) data : * data: ARRAY(120) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x04 (4) [3] : 0x80 (128) [4] : 0x00 (0) [5] : 0x00 (0) [6] : 0x00 (0) [7] : 0x00 (0) [8] : 0x00 (0) [9] : 0x00 (0) [10] : 0x00 (0) [11] : 0x00 (0) [12] : 0x00 (0) [13] : 0x00 (0) [14] : 0x00 (0) [15] : 0x00 (0) [16] : 0x14 (20) [17] : 0x00 (0) [18] : 0x00 (0) [19] : 0x00 (0) [20] : 0x02 (2) [21] : 0x00 (0) [22] : 0x64 (100) [23] : 0x00 (0) [24] : 0x04 (4) [25] : 0x00 (0) [26] : 0x00 (0) [27] : 0x00 (0) [28] : 0x00 (0) [29] : 0x00 (0) [30] : 0x14 (20) [31] : 0x00 (0) [32] : 0x8d (141) [33] : 0x01 (1) [34] : 0x02 (2) [35] : 0x00 (0) [36] : 0x01 (1) [37] : 0x01 (1) [38] : 0x00 (0) [39] : 0x00 (0) [40] : 0x00 (0) [41] : 0x00 (0) [42] : 0x00 (0) [43] : 0x01 (1) [44] : 0x00 (0) [45] : 0x00 (0) [46] : 0x00 (0) [47] : 0x00 (0) [48] : 0x00 (0) [49] : 0x00 (0) [50] : 0x18 (24) [51] : 0x00 (0) [52] : 0xfd (253) [53] : 0x01 (1) [54] : 0x02 (2) [55] : 0x00 (0) [56] : 0x01 (1) [57] : 0x02 (2) [58] : 0x00 (0) [59] : 0x00 (0) [60] : 0x00 (0) [61] : 0x00 (0) [62] : 0x00 (0) [63] : 0x05 (5) [64] : 0x20 (32) [65] : 0x00 (0) [66] : 0x00 (0) [67] : 0x00 (0) [68] : 0x23 (35) [69] : 0x02 (2) [70] : 0x00 (0) [71] : 0x00 (0) [72] : 0x00 (0) [73] : 0x00 (0) [74] : 0x18 (24) [75] : 0x00 (0) [76] : 0xff (255) [77] : 0x01 (1) [78] : 0x0f (15) [79] : 0x00 (0) [80] : 0x01 (1) [81] : 0x02 (2) [82] : 0x00 (0) [83] : 0x00 (0) [84] : 0x00 (0) [85] : 0x00 (0) [86] : 0x00 (0) [87] : 0x05 (5) [88] : 0x20 (32) [89] : 0x00 (0) [90] : 0x00 (0) [91] : 0x00 (0) [92] : 0x25 (37) [93] : 0x02 (2) [94] : 0x00 (0) [95] : 0x00 (0) [96] : 0x00 (0) [97] : 0x00 (0) [98] : 0x18 (24) [99] : 0x00 (0) [100] : 0xff (255) [101] : 0x01 (1) [102] : 0x0f (15) [103] : 0x00 (0) [104] : 0x01 (1) [105] : 0x02 (2) [106] : 0x00 (0) [107] : 0x00 (0) [108] : 0x00 (0) [109] : 0x00 (0) [110] : 0x00 (0) [111] : 0x05 (5) [112] : 0x20 (32) [113] : 0x00 (0) [114] : 0x00 (0) [115] : 0x00 (0) [116] : 0x20 (32) [117] : 0x02 (2) [118] : 0x00 (0) [119] : 0x00 (0) size : 0x00000078 (120) Found policy hnd[0] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security:Security] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security' (ops 0x7f51e36192e0) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security] regdb_unpack_values: value[0]: name[Security] len[120] winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000008-0000-0000-ae50-3b52dd340000 Found policy hnd[0] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Found policy hnd[0] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Closed policy regdb_close: decrementing refcount (4->3) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x004e (78) name_size : 0x004e (78) name : * name : 'SYSTEM\CurrentControlSet\Services\WINS' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_ACTION_NONE (0) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\WINS' tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3->4) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] pathtree_find: Enter [\HKLM\SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet] regdb_close: decrementing refcount (5->4) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet\Services] regdb_close: decrementing refcount (5->4) regkey_open_onelevel: name = [WINS] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] regdb_close: decrementing refcount (5->4) Opened policy hnd[3] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-ae50-3b52dd340000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x000c (12) name_size : 0x000c (12) name : * name : 'Start' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x02 (2) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:Start] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\WINS' (ops 0x7f51e36192e0) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\WINS] regdb_unpack_values: value[0]: name[Start] len[4] regdb_unpack_values: value[1]: name[Type] len[4] regdb_unpack_values: value[2]: name[ErrorControl] len[4] regdb_unpack_values: value[3]: name[ObjectName] len[24] regdb_unpack_values: value[4]: name[DisplayName] len[74] regdb_unpack_values: value[5]: name[ImagePath] len[58] regdb_unpack_values: value[6]: name[Description] len[178] winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x000a (10) name_size : 0x000a (10) name : * name : 'Type' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x10 (16) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:Type] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x001a (26) name_size : 0x001a (26) name : * name : 'ErrorControl' type : REG_DWORD (4) data : * data: ARRAY(4) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x00 (0) [3] : 0x00 (0) size : 0x00000004 (4) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:ErrorControl] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0016 (22) name_size : 0x0016 (22) name : * name : 'ObjectName' type : REG_SZ (1) data : * data: ARRAY(24) [0] : 0x4c (76) [1] : 0x00 (0) [2] : 0x6f (111) [3] : 0x00 (0) [4] : 0x63 (99) [5] : 0x00 (0) [6] : 0x61 (97) [7] : 0x00 (0) [8] : 0x6c (108) [9] : 0x00 (0) [10] : 0x53 (83) [11] : 0x00 (0) [12] : 0x79 (121) [13] : 0x00 (0) [14] : 0x73 (115) [15] : 0x00 (0) [16] : 0x74 (116) [17] : 0x00 (0) [18] : 0x65 (101) [19] : 0x00 (0) [20] : 0x6d (109) [21] : 0x00 (0) [22] : 0x00 (0) [23] : 0x00 (0) size : 0x00000018 (24) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:ObjectName] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'DisplayName' type : REG_SZ (1) data : * data: ARRAY(74) [0] : 0x57 (87) [1] : 0x00 (0) [2] : 0x69 (105) [3] : 0x00 (0) [4] : 0x6e (110) [5] : 0x00 (0) [6] : 0x64 (100) [7] : 0x00 (0) [8] : 0x6f (111) [9] : 0x00 (0) [10] : 0x77 (119) [11] : 0x00 (0) [12] : 0x73 (115) [13] : 0x00 (0) [14] : 0x20 (32) [15] : 0x00 (0) [16] : 0x49 (73) [17] : 0x00 (0) [18] : 0x6e (110) [19] : 0x00 (0) [20] : 0x74 (116) [21] : 0x00 (0) [22] : 0x65 (101) [23] : 0x00 (0) [24] : 0x72 (114) [25] : 0x00 (0) [26] : 0x6e (110) [27] : 0x00 (0) [28] : 0x65 (101) [29] : 0x00 (0) [30] : 0x74 (116) [31] : 0x00 (0) [32] : 0x20 (32) [33] : 0x00 (0) [34] : 0x4e (78) [35] : 0x00 (0) [36] : 0x61 (97) [37] : 0x00 (0) [38] : 0x6d (109) [39] : 0x00 (0) [40] : 0x65 (101) [41] : 0x00 (0) [42] : 0x20 (32) [43] : 0x00 (0) [44] : 0x53 (83) [45] : 0x00 (0) [46] : 0x65 (101) [47] : 0x00 (0) [48] : 0x72 (114) [49] : 0x00 (0) [50] : 0x76 (118) [51] : 0x00 (0) [52] : 0x69 (105) [53] : 0x00 (0) [54] : 0x63 (99) [55] : 0x00 (0) [56] : 0x65 (101) [57] : 0x00 (0) [58] : 0x20 (32) [59] : 0x00 (0) [60] : 0x28 (40) [61] : 0x00 (0) [62] : 0x57 (87) [63] : 0x00 (0) [64] : 0x49 (73) [65] : 0x00 (0) [66] : 0x4e (78) [67] : 0x00 (0) [68] : 0x53 (83) [69] : 0x00 (0) [70] : 0x29 (41) [71] : 0x00 (0) [72] : 0x00 (0) [73] : 0x00 (0) size : 0x0000004a (74) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:DisplayName] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0014 (20) name_size : 0x0014 (20) name : * name : 'ImagePath' type : REG_SZ (1) data : * data: ARRAY(58) [0] : 0x2f (47) [1] : 0x00 (0) [2] : 0x75 (117) [3] : 0x00 (0) [4] : 0x73 (115) [5] : 0x00 (0) [6] : 0x72 (114) [7] : 0x00 (0) [8] : 0x2f (47) [9] : 0x00 (0) [10] : 0x6c (108) [11] : 0x00 (0) [12] : 0x69 (105) [13] : 0x00 (0) [14] : 0x62 (98) [15] : 0x00 (0) [16] : 0x36 (54) [17] : 0x00 (0) [18] : 0x34 (52) [19] : 0x00 (0) [20] : 0x2f (47) [21] : 0x00 (0) [22] : 0x73 (115) [23] : 0x00 (0) [24] : 0x61 (97) [25] : 0x00 (0) [26] : 0x6d (109) [27] : 0x00 (0) [28] : 0x62 (98) [29] : 0x00 (0) [30] : 0x61 (97) [31] : 0x00 (0) [32] : 0x2f (47) [33] : 0x00 (0) [34] : 0x73 (115) [35] : 0x00 (0) [36] : 0x76 (118) [37] : 0x00 (0) [38] : 0x63 (99) [39] : 0x00 (0) [40] : 0x63 (99) [41] : 0x00 (0) [42] : 0x74 (116) [43] : 0x00 (0) [44] : 0x6c (108) [45] : 0x00 (0) [46] : 0x2f (47) [47] : 0x00 (0) [48] : 0x6e (110) [49] : 0x00 (0) [50] : 0x6d (109) [51] : 0x00 (0) [52] : 0x62 (98) [53] : 0x00 (0) [54] : 0x64 (100) [55] : 0x00 (0) [56] : 0x00 (0) [57] : 0x00 (0) size : 0x0000003a (58) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:ImagePath] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0018 (24) name_size : 0x0018 (24) name : * name : 'Description' type : REG_SZ (1) data : * data: ARRAY(178) [0] : 0x49 (73) [1] : 0x00 (0) [2] : 0x6e (110) [3] : 0x00 (0) [4] : 0x74 (116) [5] : 0x00 (0) [6] : 0x65 (101) [7] : 0x00 (0) [8] : 0x72 (114) [9] : 0x00 (0) [10] : 0x6e (110) [11] : 0x00 (0) [12] : 0x61 (97) [13] : 0x00 (0) [14] : 0x6c (108) [15] : 0x00 (0) [16] : 0x20 (32) [17] : 0x00 (0) [18] : 0x73 (115) [19] : 0x00 (0) [20] : 0x65 (101) [21] : 0x00 (0) [22] : 0x72 (114) [23] : 0x00 (0) [24] : 0x76 (118) [25] : 0x00 (0) [26] : 0x69 (105) [27] : 0x00 (0) [28] : 0x63 (99) [29] : 0x00 (0) [30] : 0x65 (101) [31] : 0x00 (0) [32] : 0x20 (32) [33] : 0x00 (0) [34] : 0x70 (112) [35] : 0x00 (0) [36] : 0x72 (114) [37] : 0x00 (0) [38] : 0x6f (111) [39] : 0x00 (0) [40] : 0x76 (118) [41] : 0x00 (0) [42] : 0x69 (105) [43] : 0x00 (0) [44] : 0x64 (100) [45] : 0x00 (0) [46] : 0x69 (105) [47] : 0x00 (0) [48] : 0x6e (110) [49] : 0x00 (0) [50] : 0x67 (103) [51] : 0x00 (0) [52] : 0x20 (32) [53] : 0x00 (0) [54] : 0x61 (97) [55] : 0x00 (0) [56] : 0x20 (32) [57] : 0x00 (0) [58] : 0x4e (78) [59] : 0x00 (0) [60] : 0x65 (101) [61] : 0x00 (0) [62] : 0x74 (116) [63] : 0x00 (0) [64] : 0x42 (66) [65] : 0x00 (0) [66] : 0x49 (73) [67] : 0x00 (0) [68] : 0x4f (79) [69] : 0x00 (0) [70] : 0x53 (83) [71] : 0x00 (0) [72] : 0x20 (32) [73] : 0x00 (0) [74] : 0x70 (112) [75] : 0x00 (0) [76] : 0x6f (111) [77] : 0x00 (0) [78] : 0x69 (105) [79] : 0x00 (0) [80] : 0x6e (110) [81] : 0x00 (0) [82] : 0x74 (116) [83] : 0x00 (0) [84] : 0x2d (45) [85] : 0x00 (0) [86] : 0x74 (116) [87] : 0x00 (0) [88] : 0x6f (111) [89] : 0x00 (0) [90] : 0x2d (45) [91] : 0x00 (0) [92] : 0x70 (112) [93] : 0x00 (0) [94] : 0x6f (111) [95] : 0x00 (0) [96] : 0x69 (105) [97] : 0x00 (0) [98] : 0x6e (110) [99] : 0x00 (0) [100] : 0x74 (116) [101] : 0x00 (0) [102] : 0x20 (32) [103] : 0x00 (0) [104] : 0x6e (110) [105] : 0x00 (0) [106] : 0x61 (97) [107] : 0x00 (0) [108] : 0x6d (109) [109] : 0x00 (0) [110] : 0x65 (101) [111] : 0x00 (0) [112] : 0x20 (32) [113] : 0x00 (0) [114] : 0x73 (115) [115] : 0x00 (0) [116] : 0x65 (101) [117] : 0x00 (0) [118] : 0x72 (114) [119] : 0x00 (0) [120] : 0x76 (118) [121] : 0x00 (0) [122] : 0x65 (101) [123] : 0x00 (0) [124] : 0x72 (114) [125] : 0x00 (0) [126] : 0x28 (40) [127] : 0x00 (0) [128] : 0x6e (110) [129] : 0x00 (0) [130] : 0x6f (111) [131] : 0x00 (0) [132] : 0x74 (116) [133] : 0x00 (0) [134] : 0x20 (32) [135] : 0x00 (0) [136] : 0x72 (114) [137] : 0x00 (0) [138] : 0x65 (101) [139] : 0x00 (0) [140] : 0x6d (109) [141] : 0x00 (0) [142] : 0x6f (111) [143] : 0x00 (0) [144] : 0x74 (116) [145] : 0x00 (0) [146] : 0x65 (101) [147] : 0x00 (0) [148] : 0x6c (108) [149] : 0x00 (0) [150] : 0x79 (121) [151] : 0x00 (0) [152] : 0x20 (32) [153] : 0x00 (0) [154] : 0x6d (109) [155] : 0x00 (0) [156] : 0x61 (97) [157] : 0x00 (0) [158] : 0x6e (110) [159] : 0x00 (0) [160] : 0x61 (97) [161] : 0x00 (0) [162] : 0x67 (103) [163] : 0x00 (0) [164] : 0x65 (101) [165] : 0x00 (0) [166] : 0x61 (97) [167] : 0x00 (0) [168] : 0x62 (98) [169] : 0x00 (0) [170] : 0x6c (108) [171] : 0x00 (0) [172] : 0x65 (101) [173] : 0x00 (0) [174] : 0x29 (41) [175] : 0x00 (0) [176] : 0x00 (0) [177] : 0x00 (0) size : 0x000000b2 (178) Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:Description] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000009-0000-0000-ae50-3b52dd340000 Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Closed policy regdb_close: decrementing refcount (4->3) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK winreg_CreateKey: struct winreg_CreateKey in: struct winreg_CreateKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000001-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0060 (96) name_size : 0x0060 (96) name : * name : 'SYSTEM\CurrentControlSet\Services\WINS\Security' keyclass: struct winreg_String name_len : 0x0002 (2) name_size : 0x0002 (2) name : * name : '' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY secdesc : NULL action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\WINS\Security' tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (3->4) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] pathtree_find: Enter [\HKLM\SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet] regdb_close: decrementing refcount (5->4) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet\Services] regdb_close: decrementing refcount (5->4) tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 regkey_open_onelevel: name = [WINS] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] regdb_close: decrementing refcount (5->4) regkey_open_onelevel: name = [Security] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security] regdb_fetch_keys: no subkeys found for key [HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security] regdb_close: decrementing refcount (5->4) Opened policy hnd[3] [0000] 00 00 00 00 0A 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. winreg_CreateKey: struct winreg_CreateKey out: struct winreg_CreateKey new_handle : * new_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000a-0000-0000-ae50-3b52dd340000 action_taken : * action_taken : REG_OPENED_EXISTING_KEY (2) result : WERR_OK winreg_SetValue: struct winreg_SetValue in: struct winreg_SetValue handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000a-0000-0000-ae50-3b52dd340000 name: struct winreg_String name_len : 0x0012 (18) name_size : 0x0012 (18) name : * name : 'Security' type : REG_BINARY (3) data : * data: ARRAY(120) [0] : 0x01 (1) [1] : 0x00 (0) [2] : 0x04 (4) [3] : 0x80 (128) [4] : 0x00 (0) [5] : 0x00 (0) [6] : 0x00 (0) [7] : 0x00 (0) [8] : 0x00 (0) [9] : 0x00 (0) [10] : 0x00 (0) [11] : 0x00 (0) [12] : 0x00 (0) [13] : 0x00 (0) [14] : 0x00 (0) [15] : 0x00 (0) [16] : 0x14 (20) [17] : 0x00 (0) [18] : 0x00 (0) [19] : 0x00 (0) [20] : 0x02 (2) [21] : 0x00 (0) [22] : 0x64 (100) [23] : 0x00 (0) [24] : 0x04 (4) [25] : 0x00 (0) [26] : 0x00 (0) [27] : 0x00 (0) [28] : 0x00 (0) [29] : 0x00 (0) [30] : 0x14 (20) [31] : 0x00 (0) [32] : 0x8d (141) [33] : 0x01 (1) [34] : 0x02 (2) [35] : 0x00 (0) [36] : 0x01 (1) [37] : 0x01 (1) [38] : 0x00 (0) [39] : 0x00 (0) [40] : 0x00 (0) [41] : 0x00 (0) [42] : 0x00 (0) [43] : 0x01 (1) [44] : 0x00 (0) [45] : 0x00 (0) [46] : 0x00 (0) [47] : 0x00 (0) [48] : 0x00 (0) [49] : 0x00 (0) [50] : 0x18 (24) [51] : 0x00 (0) [52] : 0xfd (253) [53] : 0x01 (1) [54] : 0x02 (2) [55] : 0x00 (0) [56] : 0x01 (1) [57] : 0x02 (2) [58] : 0x00 (0) [59] : 0x00 (0) [60] : 0x00 (0) [61] : 0x00 (0) [62] : 0x00 (0) [63] : 0x05 (5) [64] : 0x20 (32) [65] : 0x00 (0) [66] : 0x00 (0) [67] : 0x00 (0) [68] : 0x23 (35) [69] : 0x02 (2) [70] : 0x00 (0) [71] : 0x00 (0) [72] : 0x00 (0) [73] : 0x00 (0) [74] : 0x18 (24) [75] : 0x00 (0) [76] : 0xff (255) [77] : 0x01 (1) [78] : 0x0f (15) [79] : 0x00 (0) [80] : 0x01 (1) [81] : 0x02 (2) [82] : 0x00 (0) [83] : 0x00 (0) [84] : 0x00 (0) [85] : 0x00 (0) [86] : 0x00 (0) [87] : 0x05 (5) [88] : 0x20 (32) [89] : 0x00 (0) [90] : 0x00 (0) [91] : 0x00 (0) [92] : 0x25 (37) [93] : 0x02 (2) [94] : 0x00 (0) [95] : 0x00 (0) [96] : 0x00 (0) [97] : 0x00 (0) [98] : 0x18 (24) [99] : 0x00 (0) [100] : 0xff (255) [101] : 0x01 (1) [102] : 0x0f (15) [103] : 0x00 (0) [104] : 0x01 (1) [105] : 0x02 (2) [106] : 0x00 (0) [107] : 0x00 (0) [108] : 0x00 (0) [109] : 0x00 (0) [110] : 0x00 (0) [111] : 0x05 (5) [112] : 0x20 (32) [113] : 0x00 (0) [114] : 0x00 (0) [115] : 0x00 (0) [116] : 0x20 (32) [117] : 0x02 (2) [118] : 0x00 (0) [119] : 0x00 (0) size : 0x00000078 (120) Found policy hnd[0] [0000] 00 00 00 00 0A 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security:Security] tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security' (ops 0x7f51e36192e0) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security] regdb_unpack_values: value[0]: name[Security] len[120] winreg_SetValue: struct winreg_SetValue out: struct winreg_SetValue result : WERR_OK winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000a-0000-0000-ae50-3b52dd340000 Found policy hnd[0] [0000] 00 00 00 00 0A 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Found policy hnd[0] [0000] 00 00 00 00 0A 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Closed policy regdb_close: decrementing refcount (4->3) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000002-0000-0000-ae50-3b52dd340000 Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Closed policy regdb_close: decrementing refcount (3->2) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK regdb_close: decrementing refcount (2->1) Initialise the eventlog registry keys if needed. Create pipe requested \winreg init_pipe_handle_list: pipe_handles ref count = 2 for pipe \winreg Created internal pipe \winreg (pipes_open=0) winreg_OpenHKLM: struct winreg_OpenHKLM in: struct winreg_OpenHKLM system_name : NULL access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY regkey_open_onelevel: name = [HKLM] regdb_open: incrementing refcount (1->2) reghook_cache_find: Searching for keyname [\HKLM] pathtree_find: Enter [\HKLM] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM] Opened policy hnd[2] [0000] 00 00 00 00 0B 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. winreg_OpenHKLM: struct winreg_OpenHKLM out: struct winreg_OpenHKLM handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000b-0000-0000-ae50-3b52dd340000 result : WERR_OK winreg_OpenKey: struct winreg_OpenKey in: struct winreg_OpenKey parent_handle : * parent_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000b-0000-0000-ae50-3b52dd340000 keyname: struct winreg_String name_len : 0x0056 (86) name_size : 0x0056 (86) name : * name : 'SYSTEM\CurrentControlSet\Services\Eventlog' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY Found policy hnd[0] [0000] 00 00 00 00 0B 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. regkey_open_onelevel: name = [SYSTEM] regdb_open: incrementing refcount (2->3) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] pathtree_find: Enter [\HKLM\SYSTEM] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM] regkey_open_onelevel: name = [CurrentControlSet] regdb_open: incrementing refcount (3->4) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet] regkey_open_onelevel: name = [Services] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet\Services] regkey_open_onelevel: name = [Eventlog] regdb_open: incrementing refcount (5->6) reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] regdb_close: decrementing refcount (6->5) regdb_close: decrementing refcount (5->4) regdb_close: decrementing refcount (4->3) Opened policy hnd[3] [0000] 00 00 00 00 0C 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. winreg_OpenKey: struct winreg_OpenKey out: struct winreg_OpenKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000c-0000-0000-ae50-3b52dd340000 result : WERR_OK winreg_QueryInfoKey: struct winreg_QueryInfoKey in: struct winreg_QueryInfoKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000c-0000-0000-ae50-3b52dd340000 classname : * classname: struct winreg_String name_len : 0x0000 (0) name_size : 0x0000 (0) name : NULL Found policy hnd[0] [0000] 00 00 00 00 0C 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\Eventlog' (ops 0x7f51e36192e0) regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] regdb_unpack_values: value[0]: name[DisplayName] len[20] regdb_unpack_values: value[1]: name[ErrorControl] len[4] regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] winreg_QueryInfoKey: struct winreg_QueryInfoKey out: struct winreg_QueryInfoKey classname : * classname: struct winreg_String name_len : 0x0000 (0) name_size : 0x0000 (0) name : NULL num_subkeys : * num_subkeys : 0x00000000 (0) max_subkeylen : * max_subkeylen : 0x00000000 (0) max_classlen : * max_classlen : 0x00000000 (0) num_values : * num_values : 0x00000002 (2) max_valnamelen : * max_valnamelen : 0x0000001a (26) max_valbufsize : * max_valbufsize : 0x00000014 (20) secdescsize : * secdescsize : 0x00000078 (120) last_changed_time : * last_changed_time : NTTIME(0) result : WERR_OK winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000c-0000-0000-ae50-3b52dd340000 Found policy hnd[0] [0000] 00 00 00 00 0C 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Found policy hnd[0] [0000] 00 00 00 00 0C 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Closed policy regdb_close: decrementing refcount (3->2) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK reloading printcap cache Locking key 5052494E5445524C4953 Allocated locked data 0x0x7f51e3995c20 Unlocking key 5052494E5445524C4953 cups_pcap_load_async: asynchronously loading cups printers cups_pcap_load_async: child pid = 13534 cups_cache_reload: async read on fd 24 reload status: ok bind succeeded on port 445 Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 0 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_SNDBUF = 16384 SO_RCVBUF = 87380 SO_SNDLOWAT = 1 reloading cups printcap cache SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_SNDBUF = 16384 SO_RCVBUF = 87380 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 bind succeeded on port 139 Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 0 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_SNDBUF = 16384 SO_RCVBUF = 87380 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_SNDBUF = 16384 SO_RCVBUF = 87380 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 connecting to cups server /var/run/cups/cups.sock:631 bind succeeded on port 445 Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 0 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_SNDBUF = 16384 SO_RCVBUF = 87380 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_SNDBUF = 16384 SO_RCVBUF = 87380 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 bind succeeded on port 139 Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 0 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_SNDBUF = 16384 SO_RCVBUF = 87380 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_SNDBUF = 16384 SO_RCVBUF = 87380 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 Locking key DD340000FFFFFFFF Allocated locked data 0x0x7f51e398fcc0 Unlocking key DD340000FFFFFFFF event_add_idle: idle_evt(parent_housekeeping) 0x7f51e398fde0 Overriding messaging pointer for type 1 - private_data=(nil) regdb_close: decrementing refcount (2->1) regdb_close: decrementing refcount (1->0) close_policy_by_pipe: deleted handle list for pipe \winreg waiting for connections successfully sent blob of len 141 cups_async_callback: callback received for printer data. fd = 24 successfully recvd blob of len 141 Locking key 5052494E5445524C4953 Allocated locked data 0x0x7f51e398f3c0 Unlocking key 5052494E5445524C4953 Locking key 5052494E5445524C4953 Allocated locked data 0x0x7f51e3989d40 Unlocking key 5052494E5445524C4953 lp_servicenumber: couldn't find HP_LaserJet_CM1415fnw add_a_service: Creating snum = 7 for HP_LaserJet_CM1415fnw hash_a_service: hashing index 7 for service name HP_LaserJet_CM1415fnw adding printer service HP_LaserJet_CM1415fnw reloading printer services from pcap cache Adding default registry entry for printer [HP_LaserJet_CM1415fnw], if it doesn't exist. Create pipe requested \winreg init_pipe_handle_list: created handle list for pipe \winreg init_pipe_handle_list: pipe_handles ref count = 1 for pipe \winreg Created internal pipe \winreg (pipes_open=0) winreg_OpenHKLM: struct winreg_OpenHKLM in: struct winreg_OpenHKLM system_name : NULL access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY regkey_open_onelevel: name = [HKLM] push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 regdb_open: registry db opened. refcount reset (1) reghook_cache_find: Searching for keyname [\HKLM] pathtree_find: Enter [\HKLM] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM] Opened policy hnd[1] [0000] 00 00 00 00 0D 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. winreg_OpenHKLM: struct winreg_OpenHKLM out: struct winreg_OpenHKLM handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000d-0000-0000-ae50-3b52dd340000 result : WERR_OK winreg_OpenKey: struct winreg_OpenKey in: struct winreg_OpenKey parent_handle : * parent_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000d-0000-0000-ae50-3b52dd340000 keyname: struct winreg_String name_len : 0x00a4 (164) name_size : 0x00a4 (164) name : * name : 'SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\HP_LaserJet_CM1415fnw' options : 0x00000000 (0) 0: REG_OPTION_VOLATILE 0: REG_OPTION_CREATE_LINK 0: REG_OPTION_BACKUP_RESTORE 0: REG_OPTION_OPEN_LINK access_mask : 0x02000000 (33554432) 0: KEY_QUERY_VALUE 0: KEY_SET_VALUE 0: KEY_CREATE_SUB_KEY 0: KEY_ENUMERATE_SUB_KEYS 0: KEY_NOTIFY 0: KEY_CREATE_LINK 0: KEY_WOW64_64KEY 0: KEY_WOW64_32KEY Found policy hnd[0] [0000] 00 00 00 00 0D 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. regkey_open_onelevel: name = [SOFTWARE] regdb_open: incrementing refcount (1->2) reghook_cache_find: Searching for keyname [\HKLM\SOFTWARE] pathtree_find: Enter [\HKLM\SOFTWARE] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SOFTWARE] regkey_open_onelevel: name = [Microsoft] regdb_open: incrementing refcount (2->3) reghook_cache_find: Searching for keyname [\HKLM\SOFTWARE\Microsoft] pathtree_find: Enter [\HKLM\SOFTWARE\Microsoft] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SOFTWARE\Microsoft] regkey_open_onelevel: name = [Windows NT] regdb_open: incrementing refcount (3->4) reghook_cache_find: Searching for keyname [\HKLM\SOFTWARE\Microsoft\Windows NT] pathtree_find: Enter [\HKLM\SOFTWARE\Microsoft\Windows NT] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SOFTWARE\Microsoft\Windows NT] regkey_open_onelevel: name = [CurrentVersion] regdb_open: incrementing refcount (4->5) reghook_cache_find: Searching for keyname [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion] pathtree_find: Enter [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e3619680 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion] regkey_open_onelevel: name = [Print] regdb_open: incrementing refcount (5->6) reghook_cache_find: Searching for keyname [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print] pathtree_find: Enter [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e3619680 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print] regkey_open_onelevel: name = [Printers] regdb_open: incrementing refcount (6->7) reghook_cache_find: Searching for keyname [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers] pathtree_find: Enter [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers] regkey_open_onelevel: name = [HP_LaserJet_CM1415fnw] regdb_open: incrementing refcount (7->8) reghook_cache_find: Searching for keyname [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\HP_LaserJet_CM1415fnw] pathtree_find: Enter [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\HP_LaserJet_CM1415fnw] pathtree_find: Exit reghook_cache_find: found ops 0x7f51e36192e0 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\HP_LaserJet_CM1415fnw] regdb_close: decrementing refcount (8->7) regdb_close: decrementing refcount (7->6) regdb_close: decrementing refcount (6->5) regdb_close: decrementing refcount (5->4) regdb_close: decrementing refcount (4->3) regdb_close: decrementing refcount (3->2) Opened policy hnd[2] [0000] 00 00 00 00 0E 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. winreg_OpenKey: struct winreg_OpenKey out: struct winreg_OpenKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000e-0000-0000-ae50-3b52dd340000 result : WERR_OK winreg_create_printer: Skipping, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers\HP_LaserJet_CM1415fnw already exists winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000e-0000-0000-ae50-3b52dd340000 Found policy hnd[0] [0000] 00 00 00 00 0E 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Found policy hnd[0] [0000] 00 00 00 00 0E 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Closed policy regdb_close: decrementing refcount (2->1) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK winreg_CloseKey: struct winreg_CloseKey in: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0000000d-0000-0000-ae50-3b52dd340000 Found policy hnd[0] [0000] 00 00 00 00 0D 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Found policy hnd[0] [0000] 00 00 00 00 0D 00 00 00 00 00 00 00 AE 50 3B 52 ........ .....P;R [0010] DD 34 00 00 .4.. Closed policy regdb_close: decrementing refcount (1->0) winreg_CloseKey: struct winreg_CloseKey out: struct winreg_CloseKey handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 result : WERR_OK close_policy_by_pipe: deleted handle list for pipe \winreg Could not find child 13534 -- ignoring Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_SNDBUF = 23400 SO_RCVBUF = 87380 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 Socket options: SO_KEEPALIVE = 1 SO_REUSEADDR = 1 SO_BROADCAST = 0 TCP_NODELAY = 1 TCP_KEEPCNT = 9 TCP_KEEPIDLE = 7200 TCP_KEEPINTVL = 75 IPTOS_LOWDELAY = 0 IPTOS_THROUGHPUT = 0 SO_SNDBUF = 23400 SO_RCVBUF = 87380 SO_SNDLOWAT = 1 SO_RCVLOWAT = 1 SO_SNDTIMEO = 0 SO_RCVTIMEO = 0 TCP_QUICKACK = 1 lp_file_list_changed() file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Wed Oct 10 14:32:36 2012 Allowed connection from 192.168.1.22 (192.168.1.22) Connection allowed from ipv4:192.168.1.22:38031 to ipv4:192.168.1.2:445 init_oplocks: initializing messages. Linux kernel oplocks enabled Deregistering messaging pointer for type 1 - private_data=(nil) event_add_idle: idle_evt(keepalive) 0x7f51e3986900 event_add_idle: idle_evt(deadtime) 0x7f51e3996520 event_add_idle: idle_evt(housekeeping) 0x7f51e3983bc0 got smb length of 78 got message type 0x0 of len 0x4e Transaction 0 of length 82 (0 toread) size=78 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=51201 smb_tid=0 smb_pid=6595 smb_uid=0 smb_mid=1838 smt_wct=0 smb_bcc=43 [0000] 02 4C 4D 31 2E 32 58 30 30 32 00 02 4C 41 4E 4D .LM1.2X0 02..LANM [0010] 41 4E 32 2E 31 00 02 4E 54 20 4C 4D 20 30 2E 31 AN2.1..N T LM 0.1 [0020] 32 00 02 50 4F 53 49 58 20 32 00 2..POSIX 2. switch message SMBnegprot (pid 13533) conn 0x0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups change_to_root_user: now uid=(0,0) gid=(0,0) Requested protocol [LM1.2X002] Requested protocol [LANMAN2.1] Requested protocol [NT LM 0.12] Requested protocol [POSIX 2] set_remote_arch: Client arch is 'CIFSFS' lp_file_list_changed() file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Wed Oct 10 14:32:36 2012 Locking key DD340000FFFFFFFF Allocated locked data 0x0x7f51e399a930 Unlocking key DD340000FFFFFFFF lp_file_list_changed() file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Wed Oct 10 14:32:36 2012 set_remote_arch: Client arch is 'Vista' using SPNEGO Selected protocol NT LM 0.12 negprot index=2 size=181 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=128 smb_flg2=51201 smb_tid=0 smb_pid=6595 smb_uid=0 smb_mid=1838 smt_wct=17 smb_vwv[ 0]= 2 (0x2) smb_vwv[ 1]=12807 (0x3207) smb_vwv[ 2]= 256 (0x100) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 65 (0x41) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 256 (0x100) smb_vwv[ 7]=56576 (0xDD00) smb_vwv[ 8]= 52 (0x34) smb_vwv[ 9]=64512 (0xFC00) smb_vwv[10]=33011 (0x80F3) smb_vwv[11]=51328 (0xC880) smb_vwv[12]=40209 (0x9D11) smb_vwv[13]=52774 (0xCE26) smb_vwv[14]=52680 (0xCDC8) smb_vwv[15]=11265 (0x2C01) smb_vwv[16]= 1 (0x1) smb_bcc=112 [0000] 73 61 6C 75 73 61 00 00 00 00 00 00 00 00 00 00 salusa.. ........ [0010] 60 5E 06 06 2B 06 01 05 05 02 A0 54 30 52 A0 24 `^..+... ...T0R.$ [0020] 30 22 06 09 2A 86 48 86 F7 12 01 02 02 06 09 2A 0"..*.H. .......* [0030] 86 48 82 F7 12 01 02 02 06 0A 2B 06 01 04 01 82 .H...... ..+..... [0040] 37 02 02 0A A3 2A 30 28 A0 26 1B 24 6E 6F 74 5F 7....*0( .&.$not_ [0050] 64 65 66 69 6E 65 64 5F 69 6E 5F 52 46 43 34 31 defined_ in_RFC41 [0060] 37 38 40 70 6C 65 61 73 65 5F 69 67 6E 6F 72 65 78@pleas e_ignore got smb length of 876 got message type 0x0 of len 0x36c Transaction 1 of length 880 (0 toread) size=876 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=55297 smb_tid=0 smb_pid=6595 smb_uid=0 smb_mid=1839 smt_wct=12 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]=16468 (0x4054) smb_vwv[ 3]= 50 (0x32) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 672 (0x2A0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]=53468 (0xD0DC) smb_vwv[11]=32896 (0x8080) smb_bcc=817 [0000] 60 82 02 9C 06 06 2B 06 01 05 05 02 A0 82 02 90 `.....+. ........ [0010] 30 82 02 8C A0 0D 30 0B 06 09 2A 86 48 86 F7 12 0.....0. ..*.H... [0020] 01 02 02 A2 82 02 79 04 82 02 75 60 82 02 71 06 ......y. ..u`..q. [0030] 09 2A 86 48 86 F7 12 01 02 02 01 00 6E 82 02 60 .*.H.... ....n..` [0040] 30 82 02 5C A0 03 02 01 05 A1 03 02 01 0E A2 07 0..\.... ........ [0050] 03 05 00 00 00 00 00 A3 82 01 79 61 82 01 75 30 ........ ..ya..u0 [0060] 82 01 71 A0 03 02 01 05 A1 11 1B 0F 50 4F 4F 43 ..q..... ....POOC [0070] 48 49 45 52 45 44 53 2E 4E 45 54 A2 29 30 27 A0 HIEREDS. NET.)0'. [0080] 03 02 01 00 A1 20 30 1E 1B 04 63 69 66 73 1B 16 ..... 0. ..cifs.. [0090] 73 61 6C 75 73 61 2E 70 6F 6F 63 68 69 65 72 65 salusa.p oochiere [00A0] 64 73 2E 6E 65 74 A3 82 01 2A 30 82 01 26 A0 03 ds.net.. .*0..&.. [00B0] 02 01 12 A1 03 02 01 02 A2 82 01 18 04 82 01 14 ........ ........ [00C0] 0C 95 AE 8B BE 42 D2 8D 57 F4 B5 5F E6 38 76 F8 .....B.. W.._.8v. [00D0] E5 5A 83 D4 4C 1D 1C 70 57 17 39 65 12 BF 60 BB .Z..L..p W.9e..`. [00E0] 1A 7A 42 95 FA F7 5C FC 07 00 B8 E1 C9 E2 3E 86 .zB...\. ......>. [00F0] B9 42 1D 71 C5 5A 16 D5 0B E5 70 27 98 80 ED 30 .B.q.Z.. ..p'...0 [0100] 7E FD 8A 30 39 00 D1 C5 B4 55 2E FC 30 CB 82 C4 ~..09... .U..0... [0110] BD 34 C0 4F 7C A1 1C FB 94 B0 94 92 5F D4 C1 A0 .4.O|... ...._... [0120] 5E 4F 79 0C BF 59 9F 64 7D CB D0 D4 2D C7 D0 C1 ^Oy..Y.d }...-... [0130] E5 EC 70 5E 64 69 01 3C 6A 40 A5 A4 A4 C6 89 00 ..p^di.< j@...... [0140] 19 9D 9D 03 AE 1D 9A A3 BC 40 3A A2 23 22 3E 6C ........ .@:.#">l [0150] F3 22 98 F9 E2 13 F8 03 30 62 B6 47 E2 A9 B8 4C ."...... 0b.G...L [0160] 74 97 11 2F F4 67 00 7C 4A 01 57 89 28 ED 12 28 t../.g.| J.W.(..( [0170] 69 92 86 D4 7A 51 99 12 24 E4 44 55 D0 EA C3 74 i...zQ.. $.DU...t [0180] 98 A8 A8 71 84 16 D5 6E 36 EC 24 D4 2C 45 33 39 ...q...n 6.$.,E39 [0190] E5 47 56 D6 AA CD 49 AE C5 DE 09 92 AA 9A 7F 81 .GV...I. ........ [01A0] 63 E2 47 EE EB BC CB AB 7B 5C 01 6E DF 5C 17 A1 c.G..... {\.n.\.. [01B0] 1B 3C 95 54 A3 F7 6D D1 18 20 E7 94 94 B4 70 A0 .<.T..m. . ....p. [01C0] 55 55 A7 B9 56 19 8D 38 58 D0 76 20 AD E2 41 AD UU..V..8 X.v ..A. [01D0] 7D 18 5A D2 A4 81 C9 30 81 C6 A0 03 02 01 12 A2 }.Z....0 ........ [01E0] 81 BE 04 81 BB 5C 69 E3 64 E8 60 93 94 7D 00 FF .....\i. d.`..}.. [01F0] C1 04 EC E0 1C F1 F1 0C 8B C6 8D 06 3D 1C 28 6C ........ ....=.(l switch message SMBsesssetupX (pid 13533) conn 0x0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups change_to_root_user: now uid=(0,0) gid=(0,0) wct=12 flg2=0xd801 setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. Doing spnego session setup NativeOS=[Linux version 3.7.0-0.rc5.git1.3.fc19.x86_64] NativeLanMan=[CIFS VFS Client for Linux] PrimaryDomain=[] register_initial_vuid: allocated vuid = 100 parse_spnego_mechanisms: Got OID 1.2.840.113554.1.2.2 reply_spnego_negotiate: Got secblob of size 629 smb_krb5_open_keytab: resolving: WRFILE:/etc/samba/samba.keytab Got KRB5 session key of length 32 authorization data is not a Windows PAC (type: 512) libads/kerberos_verify.c:678: did not retrieve auth data. continuing without PAC Kerberos ticket principal name is [root@POOCHIEREDS.NET] Mapping [POOCHIEREDS.NET] to short name using winbindd Could not find short name: WBC_ERR_WINBIND_NOT_AVAILABLE Domain is [POOCHIEREDS.NET] (using Winbind) Finding user POOCHIEREDS.NET\root Trying _Get_Pwnam(), username as lowercase is poochiereds.net\root Trying _Get_Pwnam(), username as given is POOCHIEREDS.NET\root Trying _Get_Pwnam(), username as uppercase is POOCHIEREDS.NET\ROOT Checking combinations of 0 uppercase letters in poochiereds.net\root Get_Pwnam_internals didn't find user [POOCHIEREDS.NET\root]! Finding user root Trying _Get_Pwnam(), username as lowercase is root Get_Pwnam_internals did find user [root]! lp_file_list_changed() file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Wed Oct 10 14:32:36 2012 pdb_getsampwnam (TDB): error fetching database. Key: USER_root didn't find user root in passdb, calling make_server_info_pw lookup_name: Unix User\root => domain=[Unix User], name=[root] lookup_name: flags = 0x073 Finding user root Trying _Get_Pwnam(), username as lowercase is root Get_Pwnam_internals did find user [root]! pdb_set_username: setting username root, was pdb_set_full_name: setting full name root, was pdb_set_domain: setting domain SALUSA, was Home server: salusa pdb_set_profile_path: setting profile path \\salusa\root\profile, was Home server: salusa pdb_set_homedir: setting home dir \\salusa\root, was pdb_set_dir_drive: setting dir drive , was NULL pdb_set_logon_script: setting logon script , was pdb_set_user_sid: setting user sid S-1-5-21-3135586876-1748606125-3800271425-1000 pdb_set_user_sid_from_rid: setting user sid S-1-5-21-3135586876-1748606125-3800271425-1000 from rid 1000 pdb_set_username: setting username root, was root pdb_set_user_sid: setting user sid S-1-22-1-0 Forcing Primary Group to 'Domain Users' for root Unix User found in struct samu. Rid marked as special and sid (S-1-22-1-0) saved as extra sid Finding user root Trying _Get_Pwnam(), username as lowercase is root Get_Pwnam_internals did find user [root]! sys_getgrouplist: user [root] Create local NT token for root winbind failed to find a gid for sid S-1-5-32-544 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-32-544 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups Failed to fetch domain sid for POOCHIEREDS pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 winbind failed to find a gid for sid S-1-5-32-545 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-32-545 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups Failed to fetch domain sid for POOCHIEREDS pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 get_privileges: No privileges assigned to SID [S-1-22-1-0] get_privileges: No privileges assigned to SID [S-1-5-21-3135586876-1748606125-3800271425-513] get_privileges: No privileges assigned to SID [S-1-22-2-0] get_privileges: No privileges assigned to SID [S-1-22-2-1] get_privileges: No privileges assigned to SID [S-1-22-2-2] get_privileges: No privileges assigned to SID [S-1-22-2-3] get_privileges: No privileges assigned to SID [S-1-22-2-4] get_privileges: No privileges assigned to SID [S-1-22-2-6] get_privileges: No privileges assigned to SID [S-1-22-2-10] get_privileges_for_sids: sid = S-1-1-0 Privilege set: 0x0 get_privileges: No privileges assigned to SID [S-1-5-2] get_privileges: No privileges assigned to SID [S-1-5-11] wbcSidsToUnixIds returned WBC_ERR_WINBIND_NOT_AVAILABLE push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups lookup_global_sam_rid: looking up RID 513. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 push_conn_ctx(0) : conn_ctx_stack_ndx = 1 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pdb_getsampwrid (TDB): error looking up RID 513 by key RID_00000201. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 Can't find a unix id for an unmapped group pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-21-3135586876-1748606125-3800271425-513 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups lookup_global_sam_rid: looking up RID 513. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 push_conn_ctx(0) : conn_ctx_stack_ndx = 1 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pdb_getsampwrid (TDB): error looking up RID 513 by key RID_00000201. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 Can't find a unix id for an unmapped group pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-21-3135586876-1748606125-3800271425-513 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-1-0 LEGACY: mapping failed for sid S-1-1-0 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-2 LEGACY: mapping failed for sid S-1-5-2 push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 push_conn_ctx(0) : conn_ctx_stack_ndx = 0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 LEGACY: mapping failed for sid S-1-5-11 LEGACY: mapping failed for sid S-1-5-11 Could not convert SID S-1-5-21-3135586876-1748606125-3800271425-513 to gid, ignoring it Could not convert SID S-1-1-0 to gid, ignoring it Could not convert SID S-1-5-2 to gid, ignoring it Could not convert SID S-1-5-11 to gid, ignoring it Security token SIDs (12): SID[ 0]: S-1-22-1-0 SID[ 1]: S-1-5-21-3135586876-1748606125-3800271425-513 SID[ 2]: S-1-22-2-0 SID[ 3]: S-1-22-2-1 SID[ 4]: S-1-22-2-2 SID[ 5]: S-1-22-2-3 SID[ 6]: S-1-22-2-4 SID[ 7]: S-1-22-2-6 SID[ 8]: S-1-22-2-10 SID[ 9]: S-1-1-0 SID[ 10]: S-1-5-2 SID[ 11]: S-1-5-11 Privileges (0x 0): Rights (0x 0): UNIX token of user 0 Primary group is 0 and contains 7 supplementary groups Group[ 0]: 0 Group[ 1]: 1 Group[ 2]: 2 Group[ 3]: 3 Group[ 4]: 4 Group[ 5]: 6 Group[ 6]: 10 register_initial_vuid: allocated vuid = 101 register_existing_vuid: (0,0) root root POOCHIEREDS.NET guest=0 register_existing_vuid: User name: root Real name: root register_existing_vuid: UNIX uid 0 is UNIX user root, and will be vuid 101 Locking key 49442F31333533332F31 Allocated locked data 0x0x7f51e39912c0 Unlocking key 49442F31333533332F31 lp_servicenumber: couldn't find root Finding user root Trying _Get_Pwnam(), username as lowercase is root Get_Pwnam_internals did find user [root]! Adding homes service for user 'root' using home directory: '/root' add_a_service: Creating snum = 8 for root hash_a_service: hashing index 8 for service name root adding home's share [root] for user 'root' at '/root' smb_signing_activate: user_session_key [0000] 16 F5 D2 03 53 65 B1 B8 C2 99 D1 FF 77 EA C0 04 ....Se.. ....w... [0010] 49 D8 47 05 4D 9D 90 D5 21 F8 6F 94 DC 9F 4E D4 I.G.M... !.o...N. smb_signing_activate: NULL response_data srv_set_signing: turning on SMB signing: signing negotiated = 1, mandatory_signing = 0. lp_file_list_changed() file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Wed Oct 10 14:32:36 2012 size=294 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=128 smb_flg2=51203 smb_tid=0 smb_pid=6595 smb_uid=101 smb_mid=1839 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 177 (0xB1) smb_bcc=251 [0000] A1 81 AE 30 81 AB A0 03 0A 01 00 A1 0B 06 09 2A ...0.... .......* [0010] 86 48 86 F7 12 01 02 02 A2 81 96 04 81 93 60 81 .H...... ......`. [0020] 90 06 09 2A 86 48 86 F7 12 01 02 02 02 00 6F 81 ...*.H.. ......o. [0030] 80 30 7E A0 03 02 01 05 A1 03 02 01 0F A2 72 30 .0~..... ......r0 [0040] 70 A0 03 02 01 12 A2 69 04 67 18 2B 02 6B 94 2F p......i .g.+.k./ [0050] 1C 6D 18 54 F8 23 48 95 09 FC F1 B2 A7 2C C3 69 .m.T.#H. .....,.i [0060] 28 DE 39 94 E7 74 42 85 37 03 8A 88 49 23 BD D4 (.9..tB. 7...I#.. [0070] FB 53 5E F8 D9 28 48 C6 27 73 FB E9 9D C5 93 D4 .S^..(H. 's...... [0080] F3 FA 91 A3 7F 4C FC 0E F0 ED 01 ED 88 C9 08 AA .....L.. ........ [0090] B0 69 67 FF C7 23 6E 85 46 34 50 A4 F7 F0 83 3C .ig..#n. F4P....< [00A0] BE B6 2F 70 35 04 88 8A A6 D3 D6 ED D2 44 92 1A ../p5... .....D.. [00B0] 45 55 00 6E 00 69 00 78 00 00 00 53 00 61 00 6D EU.n.i.x ...S.a.m [00C0] 00 62 00 61 00 20 00 33 00 2E 00 36 00 2E 00 38 .b.a. .3 ...6...8 [00D0] 00 2D 00 39 00 35 00 2E 00 66 00 63 00 31 00 37 .-.9.5.. .f.c.1.7 [00E0] 00 00 00 50 00 4F 00 4F 00 43 00 48 00 49 00 45 ...P.O.O .C.H.I.E [00F0] 00 52 00 45 00 44 00 53 00 00 00 .R.E.D.S ... smb_signing_md5: sequence number 1 smb_signing_sign_pdu: sent SMB signature of [0000] 27 F7 7B CE 96 61 1F 3B '.{..a.; got smb length of 116 smb_signing_md5: sequence number 2 smb_signing_check_pdu: BAD SIG: wanted SMB signature of [0000] 86 B9 71 10 E1 85 34 85 ..q...4. smb_signing_check_pdu: BAD SIG: got SMB signature of [0000] 00 00 00 00 00 00 00 00 ........ smb_signing_md5: sequence number 4294967293 smb_signing_md5: sequence number 4294967294 smb_signing_md5: sequence number 4294967295 smb_signing_md5: sequence number 0 smb_signing_md5: sequence number 1 smb_signing_md5: sequence number 2 smb_signing_md5: sequence number 3 smb_signing_md5: sequence number 4 smb_signing_md5: sequence number 5 smb_signing_md5: sequence number 6 smb_signing_good: signing negotiated but not required and peer isn't sending correct signatures. Turning off. got message type 0x0 of len 0x74 Transaction 2 of length 120 (0 toread) size=116 smb_com=0x75 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=53249 smb_tid=0 smb_pid=6595 smb_uid=101 smb_mid=1840 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 8 (0x8) smb_vwv[ 3]= 1 (0x1) smb_bcc=73 [0000] 00 5C 00 5C 00 73 00 61 00 6C 00 75 00 73 00 61 .\.\.s.a .l.u.s.a [0010] 00 2E 00 70 00 6F 00 6F 00 63 00 68 00 69 00 65 ...p.o.o .c.h.i.e [0020] 00 72 00 65 00 64 00 73 00 2E 00 6E 00 65 00 74 .r.e.d.s ...n.e.t [0030] 00 5C 00 73 00 63 00 72 00 61 00 74 00 63 00 68 .\.s.c.r .a.t.c.h [0040] 00 00 00 3F 3F 3F 3F 3F 00 ...????? . switch message SMBtconX (pid 13533) conn 0x0 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups change_to_root_user: now uid=(0,0) gid=(0,0) Client requested device type [?????] for share [scratch] making a connection to 'normal' service scratch Allowed connection from 192.168.1.22 (192.168.1.22) user_ok_token: share scratch is ok for unix user root Finding user root Trying _Get_Pwnam(), username as lowercase is root Get_Pwnam_internals did find user [root]! set_conn_connectpath: service scratch, connectpath = /scratch Connect path is '/scratch' for service [scratch] se_map_generic(): mapped mask 0x10000000 to 0x001f01ff se_access_check: MAX desired = 0x2000000, granted = 0x101f01ff, remaining = 0x101f01ff Initialising default vfs hooks vfs_find_backend_entry called for /[Default VFS]/ Successfully added vfs backend '/[Default VFS]/' vfs_find_backend_entry called for posixacl Successfully added vfs backend 'posixacl' Initialising custom vfs hooks from [/[Default VFS]/] vfs_find_backend_entry called for /[Default VFS]/ Successfully loaded vfs module [/[Default VFS]/] with the new modules system Initialising custom vfs hooks from [streams_xattr] vfs_find_backend_entry called for streams_xattr vfs module [streams_xattr] not loaded - trying to load... Probing module 'streams_xattr' Probing module 'streams_xattr': Trying to load from /usr/lib64/samba/vfs/streams_xattr.so Module '/usr/lib64/samba/vfs/streams_xattr.so' loaded vfs_find_backend_entry called for streams_xattr Successfully added vfs backend 'streams_xattr' vfs_find_backend_entry called for streams_xattr Successfully loaded vfs module [streams_xattr] with the new modules system claiming [scratch] Locking key DD340000FFFFFFFF88DB Allocated locked data 0x0x7f51e399afd0 Unlocking key DD340000FFFFFFFF88DB set_conn_connectpath: service scratch, connectpath = /scratch user_ok_token: share scratch is ok for unix user root is_share_read_only_for_user: share scratch is read-write for unix user root se_map_generic(): mapped mask 0x10000000 to 0x001f01ff se_map_generic(): mapped mask 0x10000000 to 0x001f01ff setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 Security token SIDs (12): SID[ 0]: S-1-22-1-0 SID[ 1]: S-1-5-21-3135586876-1748606125-3800271425-513 SID[ 2]: S-1-22-2-0 SID[ 3]: S-1-22-2-1 SID[ 4]: S-1-22-2-2 SID[ 5]: S-1-22-2-3 SID[ 6]: S-1-22-2-4 SID[ 7]: S-1-22-2-6 SID[ 8]: S-1-22-2-10 SID[ 9]: S-1-1-0 SID[ 10]: S-1-5-2 SID[ 11]: S-1-5-11 Privileges (0x 0): Rights (0x 0): UNIX token of user 0 Primary group is 0 and contains 7 supplementary groups Group[ 0]: 0 Group[ 1]: 1 Group[ 2]: 2 Group[ 3]: 3 Group[ 4]: 4 Group[ 5]: 6 Group[ 6]: 10 Impersonated user: uid=(0,0), gid=(0,0) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups change_to_root_user: now uid=(0,0) gid=(0,0) set_conn_connectpath: service scratch, connectpath = /scratch vfswrap_fs_capabilities: timestamp resolution of sec available on share scratch, directory /scratch 192.168.1.22 (192.168.1.22) connect to service scratch initially as user root (uid=0, gid=0) (pid 13533) tconX service=scratch got smb length of 68 got message type 0x0 of len 0x44 Transaction 3 of length 72 (0 toread) size=68 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=49153 smb_tid=1 smb_pid=6595 smb_uid=101 smb_mid=1841 smt_wct=15 smb_vwv[ 0]= 2 (0x2) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 2 (0x2) smb_vwv[ 3]= 100 (0x64) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 2 (0x2) smb_vwv[10]= 66 (0x42) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 3 (0x3) smb_bcc=3 [0000] 00 00 02 ... switch message SMBtrans2 (pid 13533) conn 0x7f51e3987d90 setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 Security token SIDs (12): SID[ 0]: S-1-22-1-0 SID[ 1]: S-1-5-21-3135586876-1748606125-3800271425-513 SID[ 2]: S-1-22-2-0 SID[ 3]: S-1-22-2-1 SID[ 4]: S-1-22-2-2 SID[ 5]: S-1-22-2-3 SID[ 6]: S-1-22-2-4 SID[ 7]: S-1-22-2-6 SID[ 8]: S-1-22-2-10 SID[ 9]: S-1-1-0 SID[ 10]: S-1-5-2 SID[ 11]: S-1-5-11 Privileges (0x 0): Rights (0x 0): UNIX token of user 0 Primary group is 0 and contains 7 supplementary groups Group[ 0]: 0 Group[ 1]: 1 Group[ 2]: 2 Group[ 3]: 3 Group[ 4]: 4 Group[ 5]: 6 Group[ 6]: 10 Impersonated user: uid=(0,0), gid=(0,0) vfs_ChDir to /scratch call_trans2qfsinfo: level = 512 smbd_do_qfsinfo: level = 512 t2_rep: params_sent_thistime = 0, data_sent_thistime = 12, useable_space = 131012 t2_rep: params_to_send = 0, data_to_send = 12, paramsize = 0, datasize = 12 size=68 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=128 smb_flg2=51203 smb_tid=1 smb_pid=6595 smb_uid=101 smb_mid=1841 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 12 (0xC) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 12 (0xC) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=13 [0000] 00 01 00 00 00 FB 01 00 00 00 00 00 00 ........ ..... SMBtrans2 info_level = 512 got smb length of 82 got message type 0x0 of len 0x52 Transaction 4 of length 86 (0 toread) size=82 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=49153 smb_tid=1 smb_pid=6595 smb_uid=101 smb_mid=1842 smt_wct=15 smb_vwv[ 0]= 4 (0x4) smb_vwv[ 1]= 12 (0xC) smb_vwv[ 2]= 4 (0x4) smb_vwv[ 3]= 100 (0x64) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 4 (0x4) smb_vwv[10]= 66 (0x42) smb_vwv[11]= 12 (0xC) smb_vwv[12]= 70 (0x46) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 4 (0x4) smb_bcc=17 [0000] 00 00 00 00 02 01 00 00 00 DB 01 00 00 00 00 00 ........ ........ [0010] 00 . switch message SMBtrans2 (pid 13533) conn 0x7f51e3987d90 Skipping user change - already user call_trans2setfsinfo: for service [scratch] call_trans2setfsinfo: set unix info. major = 1, minor = 0 cap_low = 0x1db, cap_high = 0x0 size=55 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=128 smb_flg2=51203 smb_tid=1 smb_pid=6595 smb_uid=101 smb_mid=1842 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=0 got smb length of 90 got message type 0x0 of len 0x5a Transaction 5 of length 94 (0 toread) size=90 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=49153 smb_tid=1 smb_pid=6595 smb_uid=101 smb_mid=1843 smt_wct=15 smb_vwv[ 0]= 24 (0x18) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]= 2 (0x2) smb_vwv[ 3]= 4000 (0xFA0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 24 (0x18) smb_vwv[10]= 66 (0x42) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 5 (0x5) smb_bcc=25 [0000] 00 00 02 00 00 00 00 2F 00 64 00 64 00 5F 00 66 ......./ .d.d._.f [0010] 00 69 00 6C 00 65 00 00 00 .i.l.e.. . switch message SMBtrans2 (pid 13533) conn 0x7f51e3987d90 Skipping user change - already user call_trans2qfilepathinfo: TRANSACT2_QPATHINFO: level = 512 unix_convert called on file "dd_file" stat_cache_lookup: lookup failed for name [DD_FILE] unix_convert begin: name = dd_file, dirpath = , start = dd_file stat_cache_add: Added entry (7f51e399a7c0:size 7) DD_FILE -> dd_file conversion of base_name finished dd_file -> dd_file check_reduced_name [dd_file] [/scratch] check_reduced_name realpath [dd_file] -> [/scratch/dd_file] check_reduced_name: dd_file reduced to /scratch/dd_file file_name_hash: /scratch/dd_file hash 0x9a5b19d7 fetch_share_mode_unlocked: no share_mode record around (file not open) call_trans2qfilepathinfo dd_file (fnum = -1) level=512 call=5 total_data=0 smbd_do_qfilepathinfo: dd_file (fnum = -1) level=512 max_data=4000 dos_mode: dd_file dos_mode_from_sbuf returning dos_mode returning store_file_unix_basic: SMB_QUERY_FILE_UNIX_BASIC store_file_unix_basic: st_mode=100664 smbd_do_qfilepathinfo: SMB_QUERY_FILE_UNIX_BASIC [0000] 00 00 10 00 00 00 00 00 00 00 10 00 00 00 00 00 ........ ........ [0010] A9 AF 27 C5 A8 C8 CD 01 50 93 4B F0 A8 C8 CD 01 ..'..... P.K..... [0020] A9 AF 27 C5 A8 C8 CD 01 5F 11 00 00 00 00 00 00 ..'..... _....... [0030] 5F 11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 _....... ........ [0040] 00 00 00 00 00 00 00 00 00 00 00 00 C3 EF 09 21 ........ .......! [0050] 00 00 00 00 B4 01 00 00 00 00 00 00 01 00 00 00 ........ ........ [0060] 00 00 00 00 .... t2_rep: params_sent_thistime = 2, data_sent_thistime = 100, useable_space = 131010 t2_rep: params_to_send = 2, data_to_send = 100, paramsize = 2, datasize = 100 size=160 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=128 smb_flg2=51203 smb_tid=1 smb_pid=6595 smb_uid=101 smb_mid=1843 smt_wct=10 smb_vwv[ 0]= 2 (0x2) smb_vwv[ 1]= 100 (0x64) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 2 (0x2) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 100 (0x64) smb_vwv[ 7]= 60 (0x3C) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=105 [0000] 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 10 ........ ........ [0010] 00 00 00 00 00 A9 AF 27 C5 A8 C8 CD 01 50 93 4B .......' .....P.K [0020] F0 A8 C8 CD 01 A9 AF 27 C5 A8 C8 CD 01 5F 11 00 .......' ....._.. [0030] 00 00 00 00 00 5F 11 00 00 00 00 00 00 00 00 00 ....._.. ........ [0040] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0050] 00 C3 EF 09 21 00 00 00 00 B4 01 00 00 00 00 00 ....!... ........ [0060] 00 01 00 00 00 00 00 00 00 ........ . got smb length of 110 got message type 0x0 of len 0x6e Transaction 6 of length 114 (0 toread) size=110 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=49153 smb_tid=1 smb_pid=6595 smb_uid=101 smb_mid=1844 smt_wct=15 smb_vwv[ 0]= 24 (0x18) smb_vwv[ 1]= 18 (0x12) smb_vwv[ 2]= 2 (0x2) smb_vwv[ 3]= 1000 (0x3E8) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 24 (0x18) smb_vwv[10]= 68 (0x44) smb_vwv[11]= 18 (0x12) smb_vwv[12]= 92 (0x5C) smb_vwv[13]= 1 (0x1) smb_vwv[14]= 6 (0x6) smb_bcc=45 [0000] 00 00 00 09 02 00 00 00 00 2F 00 64 00 64 00 5F ........ ./.d.d._ [0010] 00 66 00 69 00 6C 00 65 00 00 00 02 00 00 00 01 .f.i.l.e ........ [0020] 00 00 00 ED 01 00 00 00 00 00 00 00 02 ........ ..... switch message SMBtrans2 (pid 13533) conn 0x7f51e3987d90 Skipping user change - already user unix_convert called on file "dd_file" stat_cache_lookup: lookup succeeded for name [DD_FILE] -> [dd_file] check_reduced_name [dd_file] [/scratch] check_reduced_name realpath [dd_file] -> [/scratch/dd_file] check_reduced_name: dd_file reduced to /scratch/dd_file call_trans2setfilepathinfo(6) dd_file (fnum -1) info_level=521 totdata=18 smbd_do_setfilepathinfo: dd_file (fnum -1) info_level=521 totdata=18 smb_posix_open: file dd_file, smb_posix_flags = 0, mode 0755 create_file: access_mask = 0x89 file_attributes = 0x10001ed, share_access = 0x7, create_disposition = 0x1 create_options = 0x40 oplock_request = 0x1 private_flags = 0x0 root_dir_fid = 0x0, ea_list = 0x(nil), sd = 0x(nil), fname = dd_file create_file_unixpath: access_mask = 0x89 file_attributes = 0x10001ed, share_access = 0x7, create_disposition = 0x1 create_options = 0x40 oplock_request = 0x1 private_flags = 0x0 ea_list = 0x(nil), sd = 0x(nil), fname = dd_file allocated file structure 6813, fnum = 10909 (1 used) file_name_hash: /scratch/dd_file hash 0x9a5b19d7 open_file_ntcreate: fname=dd_file, dos_attrs=0x0 access_mask=0x89 share_access=0x7 create_disposition = 0x1 create_options=0x40 unix mode=0755 oplock_request=1 private_flags = 0x0 open_file_ntcreate: fname=dd_file, after mapping access_mask=0x89 Locking key 2400000000000000C3EF Allocated locked data 0x0x7f51e399ac90 brl_get_locks_internal: 0 current locks on file_id 24:2109efc3:0 Unlocking key 2400000000000000C3EF Locking key 2400000000000000C3EF Allocated locked data 0x0x7f51e399aed0 grant_fsp_oplock_type: oplock type 0x1 on file dd_file calling open_file with flags=0x0 flags2=0x0 mode=0755, access_mask = 0x89, open_access_mask = 0x89 streams_xattr_open called for dd_file fd_open: name dd_file, flags = 0400000 mode = 0755, fd = 30. root opened file dd_file read=Yes write=No (numopen=1) linux_set_kernel_oplock: got kernel oplock on file dd_file, file_id = 24:2109efc3:0 gen_id = 4272201716 set_file_oplock: granted oplock on file dd_file, 24:2109efc3:0/4272201716, tv_sec = 50ae5240, tv_usec = 22db8 unparse_share_modes: owrt: Thu Nov 22 06:59:05 AM 2012 EST cwrt: Wed Dec 31 07:00:00 PM 1969 EST, ntok: 0, num: 1 print_share_mode_table: share_mode_entry[0]: pid = 13533, share_access = 0x7, private_options = 0x0, access_mask = 0x89, mid = 0x734, type= 0x1, gen_id = 4272201716, uid = 0, flags = 1, file_id 24:2109efc3:0, name_hash = 0x9a5b19d7 Unlocking key 2400000000000000C3EF create_file_unixpath: info=1 create_file: info=1 store_file_unix_basic: SMB_QUERY_FILE_UNIX_BASIC store_file_unix_basic: st_mode=100664 t2_rep: params_sent_thistime = 2, data_sent_thistime = 112, useable_space = 131010 t2_rep: params_to_send = 2, data_to_send = 112, paramsize = 2, datasize = 112 size=172 smb_com=0x32 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=128 smb_flg2=51203 smb_tid=1 smb_pid=6595 smb_uid=101 smb_mid=1844 smt_wct=10 smb_vwv[ 0]= 2 (0x2) smb_vwv[ 1]= 112 (0x70) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 2 (0x2) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 112 (0x70) smb_vwv[ 7]= 60 (0x3C) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=117 [0000] 00 00 00 00 00 01 00 9D 2A 01 00 00 00 00 02 00 ........ *....... [0010] 00 00 00 10 00 00 00 00 00 00 00 10 00 00 00 00 ........ ........ [0020] 00 A9 AF 27 C5 A8 C8 CD 01 50 93 4B F0 A8 C8 CD ...'.... .P.K.... [0030] 01 A9 AF 27 C5 A8 C8 CD 01 5F 11 00 00 00 00 00 ...'.... ._...... [0040] 00 5F 11 00 00 00 00 00 00 00 00 00 00 00 00 00 ._...... ........ [0050] 00 00 00 00 00 00 00 00 00 00 00 00 00 C3 EF 09 ........ ........ [0060] 21 00 00 00 00 B4 01 00 00 00 00 00 00 01 00 00 !....... ........ [0070] 00 00 00 00 00 ..... got smb length of 59 got message type 0x0 of len 0x3b Transaction 7 of length 63 (0 toread) size=59 smb_com=0x2e smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=0 smb_flg2=49153 smb_tid=1 smb_pid=6595 smb_uid=101 smb_mid=1845 smt_wct=12 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 0 (0x0) smb_vwv[ 2]=10909 (0x2A9D) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]=65477 (0xFFC5) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 1 (0x1) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_bcc=0 switch message SMBreadX (pid 13533) conn 0x7f51e3987d90 Skipping user change - already user streams_xattr_fstat called for 30 is_locked: optimisation - exclusive oplock on file dd_file strict_lock_default: flavour = POSIX_LOCK brl start=0 len=131013 unlocked for fnum 10909 file dd_file streams_xattr_pread: offset=0, size=131013 read_file (dd_file): pos = 0, size = 131013, returned 131013 send_file_readX fnum=10909 max=131013 nread=131013 read_fd_with_timeout: blocking read. EOF from client. receive_smb_raw_talloc failed for client 192.168.1.22 read error = NT_STATUS_END_OF_FILE. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups change_to_root_user: now uid=(0,0) gid=(0,0) linux_release_kernel_oplock: file dd_file, file_id = 24:2109efc3:0 gen_id = 4272201716 has kernel oplock state of 1. Locking key 2400000000000000C3EF Allocated locked data 0x0x7f51e39a4610 parse_share_modes: owrt: Thu Nov 22 06:59:05 AM 2012 EST, cwrt: Wed Dec 31 07:00:00 PM 1969 EST, ntok: 0, num_share_modes: 1 parse_share_modes: share_mode_entry[0]: pid = 13533, share_access = 0x7, private_options = 0x0, access_mask = 0x89, mid = 0x734, type= 0x1, gen_id = 4272201716, uid = 0, flags = 1, file_id 24:2109efc3:0, name_hash = 0x9a5b19d7 get_delete_on_close_token: name_hash = 0x9a5b19d7 Unlocking key 2400000000000000C3EF get_windows_lock_count for file dd_file = 0 delete_windows_lock_ref_count for file dd_file root closed file dd_file (numopen=0) NT_STATUS_OK freed files structure 10909 (0 used) setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups change_to_root_user: now uid=(0,0) gid=(0,0) 192.168.1.22 (192.168.1.22) closed connection to service scratch Yielding connection to scratch Locking key DD340000FFFFFFFF88DB Allocated locked data 0x0x7f51e39a4c50 Unlocking key DD340000FFFFFFFF88DB vfs_ChDir to / setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 Security token: (NULL) UNIX token of user 0 Primary group is 0 and contains 0 supplementary groups change_to_root_user: now uid=(0,0) gid=(0,0) Deregistering messaging pointer for type 784 - private_data=0x7f51e3983910 Locking key 49442F31333533332F31 Allocated locked data 0x0x7f51e39896f0 Unlocking key 49442F31333533332F31 Locking key DD340000FFFFFFFF Allocated locked data 0x0x7f51e39a4d10 Unlocking key DD340000FFFFFFFF Server exit (failed to receive smb request) Terminated ]0;root@salusa:/tmp[root@salusa tmp]# exit Script done on Thu 22 Nov 2012 11:26:42 AM EST