The Samba-Bugzilla – Attachment 8591 Details for
Bug 9637
Renaming directories as guest user in security share mode doesn't work.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
log.smbd with smbclient -U%
log.smbd (text/plain), 449.13 KB, created by
Andreas Schneider
on 2013-02-27 07:55:47 UTC
(
hide
)
Description:
log.smbd with smbclient -U%
Filename:
MIME Type:
Creator:
Andreas Schneider
Created:
2013-02-27 07:55:47 UTC
Size:
449.13 KB
patch
obsolete
>[2013/02/27 08:52:35, 0] smbd/server.c:1026(main) > smbd version 3.6.13-GIT-b76501d-test started. > Copyright Andrew Tridgell and the Samba Team 1992-2011 >[2013/02/27 08:52:35, 5] ../lib/util/debug.c:330(debug_dump_status) > INFO: Current debug levels: > all: 10 > tdb: 10 > printdrivers: 10 > lanman: 10 > smb: 10 > rpc_parse: 10 > rpc_srv: 10 > rpc_cli: 10 > passdb: 10 > sam: 10 > auth: 10 > winbind: 10 > vfs: 10 > idmap: 10 > quota: 10 > acls: 10 > locking: 10 > msdfs: 10 > dmapi: 10 > registry: 10 > doing parameter debug pid = yes >[2013/02/27 08:52:35, 4] param/loadparm.c:9608(lp_load_ex) > pm_process() returned Yes >[2013/02/27 08:52:35, 7] param/loadparm.c:9834(lp_servicenumber) > lp_servicenumber: couldn't find homes >[2013/02/27 08:52:35, 10] param/loadparm_server_role.c:101(set_server_role) > set_server_role: role = ROLE_STANDALONE >[2013/02/27 08:52:35, 1] param/loadparm.c:9670(lp_load_ex) > WARNING: The security=share option is deprecated >[2013/02/27 08:52:35, 5] ../lib/util/charset/codepoints.c:235(map_locale) > Substituting charset 'UTF-8' for LOCALE >[2013/02/27 08:52:35, 4] smbd/sec_ctx.c:174(get_current_groups) > get_current_groups: user is in 1 groups: 0 >[2013/02/27 08:52:35, 2] lib/tallocmsg.c:124(register_msg_pool_usage) > Registered MSG_REQ_POOL_USAGE >[2013/02/27 08:52:35, 2] lib/dmallocmsg.c:78(register_dmalloc_msgs) > Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED >[2013/02/27 08:52:35.560540, 3, pid=21839] param/loadparm.c:9572(lp_load_ex) > lp_load_ex: refreshing parameters >[2013/02/27 08:52:35.560600, 3, pid=21839] param/loadparm.c:5192(init_globals) > Initialising global parameters >[2013/02/27 08:52:35.560639, 2, pid=21839] param/loadparm.c:4985(max_open_files) > rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) >[2013/02/27 08:52:35.560733, 3, pid=21839] ../lib/util/params.c:550(pm_process) > params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" >[2013/02/27 08:52:35.560775, 3, pid=21839] param/loadparm.c:8310(do_section) > Processing section "[global]" > doing parameter workgroup = DISCWORLD > doing parameter security = share > doing parameter debug level = 10 >[2013/02/27 08:52:35.560866, 5, pid=21839] ../lib/util/debug.c:330(debug_dump_status) > INFO: Current debug levels: > all: 10 > tdb: 10 > printdrivers: 10 > lanman: 10 > smb: 10 > rpc_parse: 10 > rpc_srv: 10 > rpc_cli: 10 > passdb: 10 > sam: 10 > auth: 10 > winbind: 10 > vfs: 10 > idmap: 10 > quota: 10 > acls: 10 > locking: 10 > msdfs: 10 > dmapi: 10 > registry: 10 > doing parameter debug pid = yes >[2013/02/27 08:52:35.561103, 2, pid=21839] param/loadparm.c:8327(do_section) > Processing section "[guru]" >[2013/02/27 08:52:35.561155, 8, pid=21839] param/loadparm.c:6480(add_a_service) > add_a_service: Creating snum = 0 for guru >[2013/02/27 08:52:35.561180, 10, pid=21839] param/loadparm.c:6518(hash_a_service) > hash_a_service: creating servicehash >[2013/02/27 08:52:35.561206, 10, pid=21839] param/loadparm.c:6527(hash_a_service) > hash_a_service: hashing index 0 for service name guru > doing parameter path = /srv/samba/tmp > doing parameter read only = no > doing parameter guest ok = yes >[2013/02/27 08:52:35.561283, 4, pid=21839] param/loadparm.c:9608(lp_load_ex) > pm_process() returned Yes >[2013/02/27 08:52:35.561318, 7, pid=21839] param/loadparm.c:9834(lp_servicenumber) > lp_servicenumber: couldn't find homes >[2013/02/27 08:52:35.561373, 8, pid=21839] param/loadparm.c:6480(add_a_service) > add_a_service: Creating snum = 1 for IPC$ >[2013/02/27 08:52:35.561398, 10, pid=21839] param/loadparm.c:6527(hash_a_service) > hash_a_service: hashing index 1 for service name IPC$ >[2013/02/27 08:52:35.561426, 3, pid=21839] param/loadparm.c:6630(lp_add_ipc) > adding IPC service >[2013/02/27 08:52:35.561450, 10, pid=21839] param/loadparm_server_role.c:101(set_server_role) > set_server_role: role = ROLE_STANDALONE >[2013/02/27 08:52:35.561474, 1, pid=21839] param/loadparm.c:9670(lp_load_ex) > WARNING: The security=share option is deprecated >[2013/02/27 08:52:35.561504, 5, pid=21839] ../lib/util/charset/codepoints.c:235(map_locale) > Substituting charset 'UTF-8' for LOCALE >[2013/02/27 08:52:35.561537, 6, pid=21839] param/loadparm.c:7490(lp_file_list_changed) > lp_file_list_changed() > file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Wed Feb 27 08:52:30 2013 > >[2013/02/27 08:52:35.561759, 2, pid=21839] lib/interface.c:341(add_interface) > added interface vnet0 ip=fdfe::3 bcast=fdfe::ffff:ffff:ffff:ffff netmask=ffff:ffff:ffff:ffff:: >[2013/02/27 08:52:35.561801, 2, pid=21839] lib/interface.c:341(add_interface) > added interface eth1 ip=fe80::223:54ff:fe33:63ed%eth1 bcast=fe80::ffff:ffff:ffff:ffff%eth1 netmask=ffff:ffff:ffff:ffff:: >[2013/02/27 08:52:35.561868, 2, pid=21839] lib/interface.c:341(add_interface) > added interface vnet0 ip=192.168.52.1 bcast=192.168.52.255 netmask=255.255.255.0 >[2013/02/27 08:52:35.561898, 2, pid=21839] lib/interface.c:341(add_interface) > added interface eth1 ip=192.168.178.30 bcast=192.168.178.255 netmask=255.255.255.0 >[2013/02/27 08:52:35.561938, 3, pid=21839] smbd/server.c:1061(main) > loaded services >[2013/02/27 08:52:35.561966, 5, pid=21839] lib/util.c:242(init_names) > Netbios name list:- > my_netbios_names[0]="MAGRATHEA" >[2013/02/27 08:52:35.562029, 0, pid=21839] smbd/server.c:1082(main) > standard input is not a socket, assuming -D option >[2013/02/27 08:52:35.562083, 3, pid=21839] smbd/server.c:1093(main) > Becoming a daemon. >[2013/02/27 08:52:35.562625, 8, pid=21840] ../lib/util/util.c:263(fcntl_lock) > fcntl_lock 10 6 0 1 1 >[2013/02/27 08:52:35.562767, 8, pid=21840] ../lib/util/util.c:298(fcntl_lock) > fcntl_lock: Lock call successful >[2013/02/27 08:52:35.563039, 5, pid=21840] passdb/pdb_interface.c:71(smb_register_passdb) > Attempting to register passdb backend ldapsam >[2013/02/27 08:52:35.563072, 5, pid=21840] passdb/pdb_interface.c:84(smb_register_passdb) > Successfully added passdb backend 'ldapsam' >[2013/02/27 08:52:35.563097, 5, pid=21840] passdb/pdb_interface.c:71(smb_register_passdb) > Attempting to register passdb backend ldapsam_compat >[2013/02/27 08:52:35.563123, 5, pid=21840] passdb/pdb_interface.c:84(smb_register_passdb) > Successfully added passdb backend 'ldapsam_compat' >[2013/02/27 08:52:35.563149, 5, pid=21840] passdb/pdb_interface.c:71(smb_register_passdb) > Attempting to register passdb backend NDS_ldapsam >[2013/02/27 08:52:35.563174, 5, pid=21840] passdb/pdb_interface.c:84(smb_register_passdb) > Successfully added passdb backend 'NDS_ldapsam' >[2013/02/27 08:52:35.563199, 5, pid=21840] passdb/pdb_interface.c:71(smb_register_passdb) > Attempting to register passdb backend NDS_ldapsam_compat >[2013/02/27 08:52:35.563223, 5, pid=21840] passdb/pdb_interface.c:84(smb_register_passdb) > Successfully added passdb backend 'NDS_ldapsam_compat' >[2013/02/27 08:52:35.563249, 5, pid=21840] passdb/pdb_interface.c:71(smb_register_passdb) > Attempting to register passdb backend IPA_ldapsam >[2013/02/27 08:52:35.563274, 5, pid=21840] passdb/pdb_interface.c:84(smb_register_passdb) > Successfully added passdb backend 'IPA_ldapsam' >[2013/02/27 08:52:35.563300, 5, pid=21840] passdb/pdb_interface.c:71(smb_register_passdb) > Attempting to register passdb backend ads >[2013/02/27 08:52:35.563325, 5, pid=21840] passdb/pdb_interface.c:84(smb_register_passdb) > Successfully added passdb backend 'ads' >[2013/02/27 08:52:35.563351, 5, pid=21840] passdb/pdb_interface.c:71(smb_register_passdb) > Attempting to register passdb backend smbpasswd >[2013/02/27 08:52:35.563376, 5, pid=21840] passdb/pdb_interface.c:84(smb_register_passdb) > Successfully added passdb backend 'smbpasswd' >[2013/02/27 08:52:35.563402, 5, pid=21840] passdb/pdb_interface.c:71(smb_register_passdb) > Attempting to register passdb backend tdbsam >[2013/02/27 08:52:35.563427, 5, pid=21840] passdb/pdb_interface.c:84(smb_register_passdb) > Successfully added passdb backend 'tdbsam' >[2013/02/27 08:52:35.563452, 5, pid=21840] passdb/pdb_interface.c:71(smb_register_passdb) > Attempting to register passdb backend wbc_sam >[2013/02/27 08:52:35.563481, 5, pid=21840] passdb/pdb_interface.c:84(smb_register_passdb) > Successfully added passdb backend 'wbc_sam' >[2013/02/27 08:52:35.563506, 5, pid=21840] passdb/pdb_interface.c:141(make_pdb_method_name) > Attempting to find a passdb backend to match tdbsam (tdbsam) >[2013/02/27 08:52:35.563530, 5, pid=21840] passdb/pdb_interface.c:162(make_pdb_method_name) > Found pdb backend tdbsam >[2013/02/27 08:52:35.563559, 5, pid=21840] passdb/pdb_interface.c:173(make_pdb_method_name) > pdb backend tdbsam has a valid init >[2013/02/27 08:52:35.564117, 10, pid=21840] registry/reg_backend_db.c:526(regdb_init) > regdb_init: registry db openend. refcount reset (1) >[2013/02/27 08:52:35.564156, 10, pid=21840] registry/reg_cachehook.c:70(reghook_cache_init) > reghook_cache_init: new tree with default ops 0x12be520 for key [] >[2013/02/27 08:52:35.564326, 10, pid=21840] registry/reg_backend_db.c:1789(regdb_fetch_values_internal) > regdb_fetch_values: Looking for values of key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports] >[2013/02/27 08:52:35.564373, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[0]: name[Samba Printer Port] len[2] >[2013/02/27 08:52:35.564402, 10, pid=21840] registry/reg_backend_db.c:1789(regdb_fetch_values_internal) > regdb_fetch_values: Looking for values of key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers] >[2013/02/27 08:52:35.564441, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[0]: name[DefaultSpoolDirectory] len[70] >[2013/02/27 08:52:35.564469, 10, pid=21840] registry/reg_backend_db.c:1789(regdb_fetch_values_internal) > regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] >[2013/02/27 08:52:35.564505, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[0]: name[DisplayName] len[20] >[2013/02/27 08:52:35.564532, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[1]: name[ErrorControl] len[4] >[2013/02/27 08:52:35.564560, 10, pid=21840] registry/reg_backend_db.c:1789(regdb_fetch_values_internal) > regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] >[2013/02/27 08:52:35.564596, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[0]: name[DisplayName] len[20] >[2013/02/27 08:52:35.564623, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[1]: name[ErrorControl] len[4] >[2013/02/27 08:52:35.564651, 10, pid=21840] registry/reg_cachehook.c:94(reghook_cache_add) > reghook_cache_add: Adding ops 0x12be640 for key [\HKLM\SYSTEM\CurrentControlSet\Control\Print\Printers] >[2013/02/27 08:52:35.564678, 8, pid=21840] lib/adt_tree.c:215(pathtree_add) > pathtree_add: Enter >[2013/02/27 08:52:35.564717, 10, pid=21840] lib/adt_tree.c:282(pathtree_add) > pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Control\Print\Printers] to tree >[2013/02/27 08:52:35.564745, 8, pid=21840] lib/adt_tree.c:284(pathtree_add) > pathtree_add: Exit >[2013/02/27 08:52:35.564770, 10, pid=21840] registry/reg_cachehook.c:94(reghook_cache_add) > reghook_cache_add: Adding ops 0x12be520 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers] >[2013/02/27 08:52:35.564795, 8, pid=21840] lib/adt_tree.c:215(pathtree_add) > pathtree_add: Enter >[2013/02/27 08:52:35.564823, 10, pid=21840] lib/adt_tree.c:282(pathtree_add) > pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers] to tree >[2013/02/27 08:52:35.564849, 8, pid=21840] lib/adt_tree.c:284(pathtree_add) > pathtree_add: Exit >[2013/02/27 08:52:35.564874, 10, pid=21840] registry/reg_cachehook.c:94(reghook_cache_add) > reghook_cache_add: Adding ops 0x12be520 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports] >[2013/02/27 08:52:35.564899, 8, pid=21840] lib/adt_tree.c:215(pathtree_add) > pathtree_add: Enter >[2013/02/27 08:52:35.564928, 10, pid=21840] lib/adt_tree.c:282(pathtree_add) > pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports] to tree >[2013/02/27 08:52:35.564954, 8, pid=21840] lib/adt_tree.c:284(pathtree_add) > pathtree_add: Exit >[2013/02/27 08:52:35.564980, 10, pid=21840] registry/reg_cachehook.c:94(reghook_cache_add) > reghook_cache_add: Adding ops 0x12be6a0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares] >[2013/02/27 08:52:35.565005, 8, pid=21840] lib/adt_tree.c:215(pathtree_add) > pathtree_add: Enter >[2013/02/27 08:52:35.565031, 10, pid=21840] lib/adt_tree.c:282(pathtree_add) > pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares] to tree >[2013/02/27 08:52:35.565056, 8, pid=21840] lib/adt_tree.c:284(pathtree_add) > pathtree_add: Exit >[2013/02/27 08:52:35.565081, 10, pid=21840] registry/reg_cachehook.c:94(reghook_cache_add) > reghook_cache_add: Adding ops 0x12be580 for key [\HKLM\SOFTWARE\Samba\smbconf] >[2013/02/27 08:52:35.565105, 8, pid=21840] lib/adt_tree.c:215(pathtree_add) > pathtree_add: Enter >[2013/02/27 08:52:35.565131, 10, pid=21840] lib/adt_tree.c:282(pathtree_add) > pathtree_add: Successfully added node [HKLM\SOFTWARE\Samba\smbconf] to tree >[2013/02/27 08:52:35.565155, 8, pid=21840] lib/adt_tree.c:284(pathtree_add) > pathtree_add: Exit >[2013/02/27 08:52:35.565180, 10, pid=21840] registry/reg_cachehook.c:94(reghook_cache_add) > reghook_cache_add: Adding ops 0x12be700 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] >[2013/02/27 08:52:35.565205, 8, pid=21840] lib/adt_tree.c:215(pathtree_add) > pathtree_add: Enter >[2013/02/27 08:52:35.565232, 10, pid=21840] lib/adt_tree.c:282(pathtree_add) > pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters] to tree >[2013/02/27 08:52:35.565256, 8, pid=21840] lib/adt_tree.c:284(pathtree_add) > pathtree_add: Exit >[2013/02/27 08:52:35.565283, 10, pid=21840] registry/reg_cachehook.c:94(reghook_cache_add) > reghook_cache_add: Adding ops 0x12be760 for key [\HKLM\SYSTEM\CurrentControlSet\Control\ProductOptions] >[2013/02/27 08:52:35.565308, 8, pid=21840] lib/adt_tree.c:215(pathtree_add) > pathtree_add: Enter >[2013/02/27 08:52:35.565334, 10, pid=21840] lib/adt_tree.c:282(pathtree_add) > pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Control\ProductOptions] to tree >[2013/02/27 08:52:35.565359, 8, pid=21840] lib/adt_tree.c:284(pathtree_add) > pathtree_add: Exit >[2013/02/27 08:52:35.565384, 10, pid=21840] registry/reg_cachehook.c:94(reghook_cache_add) > reghook_cache_add: Adding ops 0x12be7c0 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] >[2013/02/27 08:52:35.565409, 8, pid=21840] lib/adt_tree.c:215(pathtree_add) > pathtree_add: Enter >[2013/02/27 08:52:35.565435, 10, pid=21840] lib/adt_tree.c:282(pathtree_add) > pathtree_add: Successfully added node [HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters] to tree >[2013/02/27 08:52:35.565459, 8, pid=21840] lib/adt_tree.c:284(pathtree_add) > pathtree_add: Exit >[2013/02/27 08:52:35.565484, 10, pid=21840] registry/reg_cachehook.c:94(reghook_cache_add) > reghook_cache_add: Adding ops 0x12be820 for key [\HKPT] >[2013/02/27 08:52:35.565508, 8, pid=21840] lib/adt_tree.c:215(pathtree_add) > pathtree_add: Enter >[2013/02/27 08:52:35.565533, 10, pid=21840] lib/adt_tree.c:282(pathtree_add) > pathtree_add: Successfully added node [HKPT] to tree >[2013/02/27 08:52:35.565557, 8, pid=21840] lib/adt_tree.c:284(pathtree_add) > pathtree_add: Exit >[2013/02/27 08:52:35.565582, 10, pid=21840] registry/reg_cachehook.c:94(reghook_cache_add) > reghook_cache_add: Adding ops 0x12be880 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion] >[2013/02/27 08:52:35.565607, 8, pid=21840] lib/adt_tree.c:215(pathtree_add) > pathtree_add: Enter >[2013/02/27 08:52:35.565632, 10, pid=21840] lib/adt_tree.c:282(pathtree_add) > pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion] to tree >[2013/02/27 08:52:35.565656, 8, pid=21840] lib/adt_tree.c:284(pathtree_add) > pathtree_add: Exit >[2013/02/27 08:52:35.565685, 10, pid=21840] registry/reg_cachehook.c:94(reghook_cache_add) > reghook_cache_add: Adding ops 0x12be8e0 for key [\HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib] >[2013/02/27 08:52:35.565715, 8, pid=21840] lib/adt_tree.c:215(pathtree_add) > pathtree_add: Enter >[2013/02/27 08:52:35.565741, 10, pid=21840] lib/adt_tree.c:282(pathtree_add) > pathtree_add: Successfully added node [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib] to tree >[2013/02/27 08:52:35.565766, 8, pid=21840] lib/adt_tree.c:284(pathtree_add) > pathtree_add: Exit >[2013/02/27 08:52:35.565790, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (1->0) >[2013/02/27 08:52:35.565966, 5, pid=21840] lib/username.c:171(Get_Pwnam_alloc) > Finding user MAGRATHEA\root >[2013/02/27 08:52:35.566005, 5, pid=21840] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is magrathea\root >[2013/02/27 08:52:35.566061, 5, pid=21840] lib/username.c:124(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as given is MAGRATHEA\root >[2013/02/27 08:52:35.566110, 5, pid=21840] lib/username.c:134(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as uppercase is MAGRATHEA\ROOT >[2013/02/27 08:52:35.566158, 5, pid=21840] lib/username.c:143(Get_Pwnam_internals) > Checking combinations of 0 uppercase letters in magrathea\root >[2013/02/27 08:52:35.566184, 5, pid=21840] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals didn't find user [MAGRATHEA\root]! >[2013/02/27 08:52:35.566210, 5, pid=21840] lib/username.c:171(Get_Pwnam_alloc) > Finding user root >[2013/02/27 08:52:35.566234, 5, pid=21840] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is root >[2013/02/27 08:52:35.566287, 5, pid=21840] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [root]! >[2013/02/27 08:52:35.566327, 10, pid=21840] passdb/lookup_sid.c:76(lookup_name) > lookup_name: MAGRATHEA\root => domain=[MAGRATHEA], name=[root] >[2013/02/27 08:52:35.566357, 10, pid=21840] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x073 >[2013/02/27 08:52:35.566388, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.566419, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.566446, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.566472, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.566497, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.566570, 4, pid=21840] passdb/pdb_tdb.c:523(tdbsam_open) > tdbsam_open: successfully opened /etc/samba/passdb.tdb >[2013/02/27 08:52:35.566600, 5, pid=21840] passdb/pdb_tdb.c:562(tdbsam_getsampwnam) > pdb_getsampwnam (TDB): error fetching database. > Key: USER_root >[2013/02/27 08:52:35.566638, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.566663, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.566688, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.566730, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.566755, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.566779, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.566858, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.566893, 10, pid=21840] passdb/lookup_sid.c:76(lookup_name) > lookup_name: Unix User\root => domain=[Unix User], name=[root] >[2013/02/27 08:52:35.566918, 10, pid=21840] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x073 >[2013/02/27 08:52:35.566982, 5, pid=21840] lib/username.c:171(Get_Pwnam_alloc) > Finding user root >[2013/02/27 08:52:35.567008, 5, pid=21840] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is root >[2013/02/27 08:52:35.567033, 5, pid=21840] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [root]! >[2013/02/27 08:52:35.567065, 10, pid=21840] passdb/lookup_sid.c:1544(sid_to_uid) > sid S-1-22-1-0 -> uid 0 >[2013/02/27 08:52:35.567143, 10, pid=21840] lib/system_smbd.c:175(sys_getgrouplist) > sys_getgrouplist: user [root] >[2013/02/27 08:52:35.567247, 5, pid=21840] lib/gencache.c:68(gencache_init) > Opening cache file at /var/lib/samba/gencache.tdb >[2013/02/27 08:52:35.567306, 5, pid=21840] lib/gencache.c:111(gencache_init) > Opening cache file at /var/lib/samba/gencache_notrans.tdb >[2013/02/27 08:52:35.567383, 5, pid=21840] passdb/lookup_sid.c:1384(gid_to_sid) > gid_to_sid: winbind failed to find a sid for gid 0 >[2013/02/27 08:52:35.567410, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.567435, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.567459, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.567483, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.567507, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.567551, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.567576, 10, pid=21840] passdb/lookup_sid.c:1181(legacy_gid_to_sid) > LEGACY: gid 0 -> sid S-1-22-2-0 >[2013/02/27 08:52:35.567607, 10, pid=21840] auth/token_util.c:339(create_local_nt_token) > Create local NT token for S-1-22-1-0 >[2013/02/27 08:52:35.567648, 10, pid=21840] passdb/lookup_sid.c:1628(sid_to_gid) > winbind failed to find a gid for sid S-1-5-32-544 >[2013/02/27 08:52:35.567675, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.567704, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.567730, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.567754, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.567778, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.567823, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.567848, 10, pid=21840] passdb/lookup_sid.c:1253(legacy_sid_to_gid) > LEGACY: mapping failed for sid S-1-5-32-544 >[2013/02/27 08:52:35.567874, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.567898, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.567922, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.567947, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.567970, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.568023, 10, pid=21840] passdb/lookup_sid.c:1628(sid_to_gid) > winbind failed to find a gid for sid S-1-5-32-544 >[2013/02/27 08:52:35.568053, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 >[2013/02/27 08:52:35.568078, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.568103, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 >[2013/02/27 08:52:35.568127, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.568150, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.568194, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.568220, 10, pid=21840] passdb/lookup_sid.c:1253(legacy_sid_to_gid) > LEGACY: mapping failed for sid S-1-5-32-544 >[2013/02/27 08:52:35.568251, 5, pid=21840] passdb/pdb_util.c:128(create_builtin_administrators) > create_builtin_administrators: Failed to create Administrators >[2013/02/27 08:52:35.568279, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.568314, 10, pid=21840] passdb/lookup_sid.c:1628(sid_to_gid) > winbind failed to find a gid for sid S-1-5-32-545 >[2013/02/27 08:52:35.568340, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.568365, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.568389, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.568413, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.568437, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.568482, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.568507, 10, pid=21840] passdb/lookup_sid.c:1253(legacy_sid_to_gid) > LEGACY: mapping failed for sid S-1-5-32-545 >[2013/02/27 08:52:35.568533, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.568558, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.568582, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.568606, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.568630, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.568680, 10, pid=21840] passdb/lookup_sid.c:1628(sid_to_gid) > winbind failed to find a gid for sid S-1-5-32-545 >[2013/02/27 08:52:35.568717, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 >[2013/02/27 08:52:35.568742, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.568766, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 >[2013/02/27 08:52:35.568791, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.568814, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.568858, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.568884, 10, pid=21840] passdb/lookup_sid.c:1253(legacy_sid_to_gid) > LEGACY: mapping failed for sid S-1-5-32-545 >[2013/02/27 08:52:35.568911, 5, pid=21840] passdb/pdb_util.c:99(create_builtin_users) > create_builtin_users: Failed to create Users >[2013/02/27 08:52:35.568942, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.568967, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.568991, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.569015, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.569039, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.569063, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.569131, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.569193, 4, pid=21840] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-22-1-0] >[2013/02/27 08:52:35.569225, 4, pid=21840] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-22-2-0] >[2013/02/27 08:52:35.569255, 5, pid=21840] lib/privileges.c:175(get_privileges_for_sids) > get_privileges_for_sids: sid = S-1-1-0 > Privilege set: 0x0 >[2013/02/27 08:52:35.569293, 4, pid=21840] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-2] >[2013/02/27 08:52:35.569323, 4, pid=21840] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-11] >[2013/02/27 08:52:35.569388, 10, pid=21840] passdb/lookup_sid.c:1468(sids_to_unix_ids) > wbcSidsToUnixIds returned WBC_ERR_WINBIND_NOT_AVAILABLE >[2013/02/27 08:52:35.569416, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.569441, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.569465, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.569490, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.569513, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.569559, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.569584, 10, pid=21840] passdb/lookup_sid.c:1253(legacy_sid_to_gid) > LEGACY: mapping failed for sid S-1-1-0 >[2013/02/27 08:52:35.569610, 10, pid=21840] passdb/lookup_sid.c:1218(legacy_sid_to_uid) > LEGACY: mapping failed for sid S-1-1-0 >[2013/02/27 08:52:35.569636, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.569661, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.569685, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.569722, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.569746, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.569790, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.569816, 10, pid=21840] passdb/lookup_sid.c:1253(legacy_sid_to_gid) > LEGACY: mapping failed for sid S-1-5-2 >[2013/02/27 08:52:35.569841, 10, pid=21840] passdb/lookup_sid.c:1218(legacy_sid_to_uid) > LEGACY: mapping failed for sid S-1-5-2 >[2013/02/27 08:52:35.569867, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.569892, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.569920, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.569944, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.569968, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.570011, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.570036, 10, pid=21840] passdb/lookup_sid.c:1253(legacy_sid_to_gid) > LEGACY: mapping failed for sid S-1-5-11 >[2013/02/27 08:52:35.570062, 10, pid=21840] passdb/lookup_sid.c:1218(legacy_sid_to_uid) > LEGACY: mapping failed for sid S-1-5-11 >[2013/02/27 08:52:35.570088, 10, pid=21840] auth/auth_util.c:505(create_local_token) > Could not convert SID S-1-1-0 to gid, ignoring it >[2013/02/27 08:52:35.570113, 10, pid=21840] auth/auth_util.c:505(create_local_token) > Could not convert SID S-1-5-2 to gid, ignoring it >[2013/02/27 08:52:35.570138, 10, pid=21840] auth/auth_util.c:505(create_local_token) > Could not convert SID S-1-5-11 to gid, ignoring it >[2013/02/27 08:52:35.570164, 10, pid=21840] ../libcli/security/security_token.c:63(security_token_debug) > Security token SIDs (5): > SID[ 0]: S-1-22-1-0 > SID[ 1]: S-1-22-2-0 > SID[ 2]: S-1-1-0 > SID[ 3]: S-1-5-2 > SID[ 4]: S-1-5-11 > Privileges (0x 0): > Rights (0x 0): >[2013/02/27 08:52:35.570266, 10, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 1 supplementary groups > Group[ 0]: 0 >[2013/02/27 08:52:35.570316, 5, pid=21840] lib/username.c:171(Get_Pwnam_alloc) > Finding user nobody >[2013/02/27 08:52:35.570340, 5, pid=21840] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is nobody >[2013/02/27 08:52:35.570395, 5, pid=21840] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [nobody]! >[2013/02/27 08:52:35.570433, 5, pid=21840] lib/username.c:171(Get_Pwnam_alloc) > Finding user MAGRATHEA\nobody >[2013/02/27 08:52:35.570459, 5, pid=21840] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is magrathea\nobody >[2013/02/27 08:52:35.570520, 5, pid=21840] lib/username.c:124(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as given is MAGRATHEA\nobody >[2013/02/27 08:52:35.570571, 5, pid=21840] lib/username.c:134(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as uppercase is MAGRATHEA\NOBODY >[2013/02/27 08:52:35.570621, 5, pid=21840] lib/username.c:143(Get_Pwnam_internals) > Checking combinations of 0 uppercase letters in magrathea\nobody >[2013/02/27 08:52:35.570648, 5, pid=21840] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals didn't find user [MAGRATHEA\nobody]! >[2013/02/27 08:52:35.570673, 5, pid=21840] lib/username.c:171(Get_Pwnam_alloc) > Finding user nobody >[2013/02/27 08:52:35.570707, 5, pid=21840] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is nobody >[2013/02/27 08:52:35.570736, 5, pid=21840] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [nobody]! >[2013/02/27 08:52:35.570764, 10, pid=21840] auth/token_util.c:223(create_local_nt_token_from_info3) > Create local NT token for nobody >[2013/02/27 08:52:35.570800, 10, pid=21840] passdb/lookup_sid.c:1628(sid_to_gid) > winbind failed to find a gid for sid S-1-5-32-544 >[2013/02/27 08:52:35.570827, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.570852, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.570876, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.570901, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.570928, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.570974, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.571000, 10, pid=21840] passdb/lookup_sid.c:1253(legacy_sid_to_gid) > LEGACY: mapping failed for sid S-1-5-32-544 >[2013/02/27 08:52:35.571025, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.571050, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.571074, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.571098, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.571122, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.571178, 10, pid=21840] passdb/lookup_sid.c:1628(sid_to_gid) > winbind failed to find a gid for sid S-1-5-32-544 >[2013/02/27 08:52:35.571205, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 >[2013/02/27 08:52:35.571230, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.571254, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 >[2013/02/27 08:52:35.571278, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.571301, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.571346, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.571371, 10, pid=21840] passdb/lookup_sid.c:1253(legacy_sid_to_gid) > LEGACY: mapping failed for sid S-1-5-32-544 >[2013/02/27 08:52:35.571399, 5, pid=21840] passdb/pdb_util.c:128(create_builtin_administrators) > create_builtin_administrators: Failed to create Administrators >[2013/02/27 08:52:35.571427, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.571461, 10, pid=21840] passdb/lookup_sid.c:1628(sid_to_gid) > winbind failed to find a gid for sid S-1-5-32-545 >[2013/02/27 08:52:35.571487, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.571512, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.571537, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.571561, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.571584, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.571631, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.571656, 10, pid=21840] passdb/lookup_sid.c:1253(legacy_sid_to_gid) > LEGACY: mapping failed for sid S-1-5-32-545 >[2013/02/27 08:52:35.571682, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.571722, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.571747, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.571772, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.571796, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.571850, 10, pid=21840] passdb/lookup_sid.c:1628(sid_to_gid) > winbind failed to find a gid for sid S-1-5-32-545 >[2013/02/27 08:52:35.571877, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 >[2013/02/27 08:52:35.571902, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.571926, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 >[2013/02/27 08:52:35.571950, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.571974, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.572018, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.572043, 10, pid=21840] passdb/lookup_sid.c:1253(legacy_sid_to_gid) > LEGACY: mapping failed for sid S-1-5-32-545 >[2013/02/27 08:52:35.572071, 5, pid=21840] passdb/pdb_util.c:99(create_builtin_users) > create_builtin_users: Failed to create Users >[2013/02/27 08:52:35.572097, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.572122, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.572147, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.572170, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.572194, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.572218, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.572285, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.572314, 4, pid=21840] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-1406987565-2067085585-2387977275-501] >[2013/02/27 08:52:35.572345, 4, pid=21840] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-21-1406987565-2067085585-2387977275-514] >[2013/02/27 08:52:35.572376, 5, pid=21840] lib/privileges.c:175(get_privileges_for_sids) > get_privileges_for_sids: sid = S-1-1-0 > Privilege set: 0x0 >[2013/02/27 08:52:35.572413, 4, pid=21840] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-2] >[2013/02/27 08:52:35.572442, 4, pid=21840] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-32-546] >[2013/02/27 08:52:35.572518, 10, pid=21840] passdb/lookup_sid.c:1468(sids_to_unix_ids) > wbcSidsToUnixIds returned WBC_ERR_WINBIND_NOT_AVAILABLE >[2013/02/27 08:52:35.572544, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.572569, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.572593, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.572617, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.572641, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.572680, 5, pid=21840] passdb/pdb_interface.c:1606(lookup_global_sam_rid) > lookup_global_sam_rid: looking up RID 501. >[2013/02/27 08:52:35.572720, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 >[2013/02/27 08:52:35.572745, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.572772, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 >[2013/02/27 08:52:35.572796, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.572819, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.572855, 6, pid=21840] passdb/pdb_interface.c:401(pdb_getsampwsid) > pdb_getsampwsid: Building guest account >[2013/02/27 08:52:35.572880, 5, pid=21840] lib/username.c:171(Get_Pwnam_alloc) > Finding user nobody >[2013/02/27 08:52:35.572903, 5, pid=21840] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is nobody >[2013/02/27 08:52:35.572929, 5, pid=21840] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [nobody]! >[2013/02/27 08:52:35.572954, 10, pid=21840] passdb/pdb_get_set.c:575(pdb_set_username) > pdb_set_username: setting username nobody, was >[2013/02/27 08:52:35.572984, 10, pid=21840] passdb/pdb_get_set.c:644(pdb_set_fullname) > pdb_set_full_name: setting full name nobody, was >[2013/02/27 08:52:35.573009, 10, pid=21840] passdb/pdb_get_set.c:598(pdb_set_domain) > pdb_set_domain: setting domain MAGRATHEA, was >[2013/02/27 08:52:35.573035, 10, pid=21840] passdb/pdb_get_set.c:500(pdb_set_user_sid) > pdb_set_user_sid: setting user sid S-1-5-21-1406987565-2067085585-2387977275-501 >[2013/02/27 08:52:35.573062, 10, pid=21840] passdb/pdb_compat.c:73(pdb_set_user_sid_from_rid) > pdb_set_user_sid_from_rid: > setting user sid S-1-5-21-1406987565-2067085585-2387977275-501 from rid 501 >[2013/02/27 08:52:35.573103, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.573130, 5, pid=21840] lib/username.c:171(Get_Pwnam_alloc) > Finding user nobody >[2013/02/27 08:52:35.573154, 5, pid=21840] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is nobody >[2013/02/27 08:52:35.573180, 5, pid=21840] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [nobody]! >[2013/02/27 08:52:35.573208, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.573233, 5, pid=21840] passdb/lookup_sid.c:1269(legacy_sid_to_gid) > LEGACY: sid S-1-5-21-1406987565-2067085585-2387977275-501 is a User, expected a group >[2013/02/27 08:52:35.573260, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.573285, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.573310, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.573334, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.573358, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.573395, 5, pid=21840] passdb/pdb_interface.c:1606(lookup_global_sam_rid) > lookup_global_sam_rid: looking up RID 501. >[2013/02/27 08:52:35.573421, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 >[2013/02/27 08:52:35.573446, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.573470, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 >[2013/02/27 08:52:35.573494, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.573518, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.573554, 6, pid=21840] passdb/pdb_interface.c:401(pdb_getsampwsid) > pdb_getsampwsid: Building guest account >[2013/02/27 08:52:35.573582, 5, pid=21840] lib/username.c:171(Get_Pwnam_alloc) > Finding user nobody >[2013/02/27 08:52:35.573606, 5, pid=21840] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is nobody >[2013/02/27 08:52:35.573632, 5, pid=21840] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [nobody]! >[2013/02/27 08:52:35.573656, 10, pid=21840] passdb/pdb_get_set.c:575(pdb_set_username) > pdb_set_username: setting username nobody, was >[2013/02/27 08:52:35.573682, 10, pid=21840] passdb/pdb_get_set.c:644(pdb_set_fullname) > pdb_set_full_name: setting full name nobody, was >[2013/02/27 08:52:35.573713, 10, pid=21840] passdb/pdb_get_set.c:598(pdb_set_domain) > pdb_set_domain: setting domain MAGRATHEA, was >[2013/02/27 08:52:35.573740, 10, pid=21840] passdb/pdb_get_set.c:500(pdb_set_user_sid) > pdb_set_user_sid: setting user sid S-1-5-21-1406987565-2067085585-2387977275-501 >[2013/02/27 08:52:35.573767, 10, pid=21840] passdb/pdb_compat.c:73(pdb_set_user_sid_from_rid) > pdb_set_user_sid_from_rid: > setting user sid S-1-5-21-1406987565-2067085585-2387977275-501 from rid 501 >[2013/02/27 08:52:35.573807, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.573834, 5, pid=21840] lib/username.c:171(Get_Pwnam_alloc) > Finding user nobody >[2013/02/27 08:52:35.573858, 5, pid=21840] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is nobody >[2013/02/27 08:52:35.573883, 5, pid=21840] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [nobody]! >[2013/02/27 08:52:35.573911, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.573936, 10, pid=21840] passdb/lookup_sid.c:1223(legacy_sid_to_uid) > LEGACY: sid S-1-5-21-1406987565-2067085585-2387977275-501 -> uid 65534 >[2013/02/27 08:52:35.573965, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.573990, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.574014, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.574038, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.574062, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.574101, 5, pid=21840] passdb/pdb_interface.c:1606(lookup_global_sam_rid) > lookup_global_sam_rid: looking up RID 514. >[2013/02/27 08:52:35.574126, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 >[2013/02/27 08:52:35.574151, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.574175, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 >[2013/02/27 08:52:35.574199, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.574223, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.574266, 5, pid=21840] passdb/pdb_tdb.c:614(tdbsam_getsampwrid) > pdb_getsampwrid (TDB): error looking up RID 514 by key RID_00000202. >[2013/02/27 08:52:35.574301, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.574326, 5, pid=21840] passdb/pdb_interface.c:1668(lookup_global_sam_rid) > Can't find a unix id for an unmapped group >[2013/02/27 08:52:35.574353, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.574378, 10, pid=21840] passdb/lookup_sid.c:1280(legacy_sid_to_gid) > LEGACY: mapping failed for sid S-1-5-21-1406987565-2067085585-2387977275-514 >[2013/02/27 08:52:35.574408, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.574434, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.574458, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.574482, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.574506, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.574543, 5, pid=21840] passdb/pdb_interface.c:1606(lookup_global_sam_rid) > lookup_global_sam_rid: looking up RID 514. >[2013/02/27 08:52:35.574569, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 >[2013/02/27 08:52:35.574593, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.574618, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 >[2013/02/27 08:52:35.574642, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.574665, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.574709, 5, pid=21840] passdb/pdb_tdb.c:614(tdbsam_getsampwrid) > pdb_getsampwrid (TDB): error looking up RID 514 by key RID_00000202. >[2013/02/27 08:52:35.574746, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.574771, 5, pid=21840] passdb/pdb_interface.c:1668(lookup_global_sam_rid) > Can't find a unix id for an unmapped group >[2013/02/27 08:52:35.574798, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.574823, 10, pid=21840] passdb/lookup_sid.c:1218(legacy_sid_to_uid) > LEGACY: mapping failed for sid S-1-5-21-1406987565-2067085585-2387977275-514 >[2013/02/27 08:52:35.574850, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.574875, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.574900, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.574924, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.574948, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.574991, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.575017, 10, pid=21840] passdb/lookup_sid.c:1253(legacy_sid_to_gid) > LEGACY: mapping failed for sid S-1-1-0 >[2013/02/27 08:52:35.575043, 10, pid=21840] passdb/lookup_sid.c:1218(legacy_sid_to_uid) > LEGACY: mapping failed for sid S-1-1-0 >[2013/02/27 08:52:35.575068, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.575094, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.575118, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.575142, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.575166, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.575209, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.575234, 10, pid=21840] passdb/lookup_sid.c:1253(legacy_sid_to_gid) > LEGACY: mapping failed for sid S-1-5-2 >[2013/02/27 08:52:35.575263, 10, pid=21840] passdb/lookup_sid.c:1218(legacy_sid_to_uid) > LEGACY: mapping failed for sid S-1-5-2 >[2013/02/27 08:52:35.575289, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.575314, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.575338, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.575362, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.575386, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.575430, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.575455, 10, pid=21840] passdb/lookup_sid.c:1253(legacy_sid_to_gid) > LEGACY: mapping failed for sid S-1-5-32-546 >[2013/02/27 08:52:35.575481, 10, pid=21840] passdb/lookup_sid.c:1218(legacy_sid_to_uid) > LEGACY: mapping failed for sid S-1-5-32-546 >[2013/02/27 08:52:35.575507, 10, pid=21840] auth/auth_util.c:505(create_local_token) > Could not convert SID S-1-5-21-1406987565-2067085585-2387977275-514 to gid, ignoring it >[2013/02/27 08:52:35.575533, 10, pid=21840] auth/auth_util.c:505(create_local_token) > Could not convert SID S-1-1-0 to gid, ignoring it >[2013/02/27 08:52:35.575559, 10, pid=21840] auth/auth_util.c:505(create_local_token) > Could not convert SID S-1-5-2 to gid, ignoring it >[2013/02/27 08:52:35.575584, 10, pid=21840] auth/auth_util.c:505(create_local_token) > Could not convert SID S-1-5-32-546 to gid, ignoring it >[2013/02/27 08:52:35.575612, 10, pid=21840] ../libcli/security/security_token.c:63(security_token_debug) > Security token SIDs (6): > SID[ 0]: S-1-5-21-1406987565-2067085585-2387977275-501 > SID[ 1]: S-1-5-21-1406987565-2067085585-2387977275-514 > SID[ 2]: S-1-1-0 > SID[ 3]: S-1-5-2 > SID[ 4]: S-1-5-32-546 > SID[ 5]: S-1-22-1-65534 > Privileges (0x 0): > Rights (0x 0): >[2013/02/27 08:52:35.575730, 10, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 65534 > Primary group is 65533 and contains 0 supplementary groups >[2013/02/27 08:52:35.575839, 3, pid=21840] rpc_server/svcctl/srv_svcctl_reg.c:565(svcctl_init_winreg) > Initialise the svcctl registry keys if needed. >[2013/02/27 08:52:35.575868, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.575893, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.575918, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.575942, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.575966, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.576028, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.576054, 10, pid=21840] registry/reg_backend_db.c:602(regdb_open) > regdb_open: registry db opened. refcount reset (1) >[2013/02/27 08:52:35.576091, 4, pid=21840] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \winreg >[2013/02/27 08:52:35.576134, 10, pid=21840] rpc_server/rpc_handles.c:116(init_pipe_handles) > init_pipe_handle_list: created handle list for pipe \winreg >[2013/02/27 08:52:35.576161, 10, pid=21840] rpc_server/rpc_handles.c:133(init_pipe_handles) > init_pipe_handle_list: pipe_handles ref count = 1 for pipe \winreg >[2013/02/27 08:52:35.576190, 4, pid=21840] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \winreg (pipes_open=0) >[2013/02/27 08:52:35.576247, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_OpenHKLM: struct winreg_OpenHKLM > in: struct winreg_OpenHKLM > system_name : NULL > access_mask : 0x02000000 (33554432) > 0: KEY_QUERY_VALUE > 0: KEY_SET_VALUE > 0: KEY_CREATE_SUB_KEY > 0: KEY_ENUMERATE_SUB_KEYS > 0: KEY_NOTIFY > 0: KEY_CREATE_LINK > 0: KEY_WOW64_64KEY > 0: KEY_WOW64_32KEY >[2013/02/27 08:52:35.576405, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2013/02/27 08:52:35.576432, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (1->2) >[2013/02/27 08:52:35.576458, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM] >[2013/02/27 08:52:35.576482, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM] >[2013/02/27 08:52:35.576507, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.576530, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM] >[2013/02/27 08:52:35.576573, 4, pid=21840] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.576627, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_OpenHKLM: struct winreg_OpenHKLM > out: struct winreg_OpenHKLM > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000001-0000-0000-2d51-43bb50550000 > result : WERR_OK >[2013/02/27 08:52:35.576816, 5, pid=21840] ../lib/util/charset/codepoints.c:235(map_locale) > Substituting charset 'UTF-8' for LOCALE >[2013/02/27 08:52:35.576855, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_OpenKey: struct winreg_OpenKey > in: struct winreg_OpenKey > parent_handle : * > parent_handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000001-0000-0000-2d51-43bb50550000 > keyname: struct winreg_String > name_len : 0x0044 (68) > name_size : 0x0044 (68) > name : * > name : 'SYSTEM\CurrentControlSet\Services' > options : 0x00000000 (0) > 0: REG_OPTION_VOLATILE > 0: REG_OPTION_CREATE_LINK > 0: REG_OPTION_BACKUP_RESTORE > 0: REG_OPTION_OPEN_LINK > access_mask : 0x02000000 (33554432) > 0: KEY_QUERY_VALUE > 0: KEY_SET_VALUE > 0: KEY_CREATE_SUB_KEY > 0: KEY_ENUMERATE_SUB_KEYS > 0: KEY_NOTIFY > 0: KEY_CREATE_LINK > 0: KEY_WOW64_64KEY > 0: KEY_WOW64_32KEY >[2013/02/27 08:52:35.577154, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.577207, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SYSTEM] >[2013/02/27 08:52:35.577236, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (2->3) >[2013/02/27 08:52:35.577262, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] >[2013/02/27 08:52:35.577289, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM] >[2013/02/27 08:52:35.577314, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.577337, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM] >[2013/02/27 08:52:35.577374, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentControlSet] >[2013/02/27 08:52:35.577401, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (3->4) >[2013/02/27 08:52:35.577429, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.577457, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.577482, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.577506, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.577542, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Services] >[2013/02/27 08:52:35.577567, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.577594, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.577618, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.577643, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.577667, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.577725, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.577754, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (4->3) >[2013/02/27 08:52:35.577780, 4, pid=21840] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.577832, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_OpenKey: struct winreg_OpenKey > out: struct winreg_OpenKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000002-0000-0000-2d51-43bb50550000 > result : WERR_OK >[2013/02/27 08:52:35.577948, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_QueryInfoKey: struct winreg_QueryInfoKey > in: struct winreg_QueryInfoKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000002-0000-0000-2d51-43bb50550000 > classname : * > classname: struct winreg_String > name_len : 0x0000 (0) > name_size : 0x0000 (0) > name : NULL >[2013/02/27 08:52:35.578098, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.578154, 10, pid=21840] registry/reg_dispatcher.c:150(fetch_reg_values) > fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services' (ops 0x12be520) >[2013/02/27 08:52:35.578179, 10, pid=21840] registry/reg_backend_db.c:1789(regdb_fetch_values_internal) > regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.578213, 10, pid=21840] registry/reg_backend_db.c:1926(regdb_get_secdesc) > regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.578250, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_QueryInfoKey: struct winreg_QueryInfoKey > out: struct winreg_QueryInfoKey > classname : * > classname: struct winreg_String > name_len : 0x0000 (0) > name_size : 0x0000 (0) > name : NULL > num_subkeys : * > num_subkeys : 0x00000007 (7) > max_subkeylen : * > max_subkeylen : 0x0000001c (28) > max_classlen : * > max_classlen : 0x00000000 (0) > num_values : * > num_values : 0x00000000 (0) > max_valnamelen : * > max_valnamelen : 0x00000002 (2) > max_valbufsize : * > max_valbufsize : 0x00000000 (0) > secdescsize : * > secdescsize : 0x00000078 (120) > last_changed_time : * > last_changed_time : NTTIME(0) > result : WERR_OK >[2013/02/27 08:52:35.578559, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_EnumKey: struct winreg_EnumKey > in: struct winreg_EnumKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000002-0000-0000-2d51-43bb50550000 > enum_index : 0x00000000 (0) > name : * > name: struct winreg_StringBuf > length : 0x0000 (0) > size : 0x001e (30) > name : * > name : '' > keyclass : * > keyclass: struct winreg_StringBuf > length : 0x0000 (0) > size : 0x0002 (2) > name : * > name : '' > last_changed_time : * > last_changed_time : NTTIME(0) >[2013/02/27 08:52:35.578817, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.578869, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:420(_winreg_EnumKey) > _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.578895, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_EnumKey: struct winreg_EnumKey > out: struct winreg_EnumKey > name : * > name: struct winreg_StringBuf > length : 0x001a (26) > size : 0x001e (30) > name : * > name : 'LanmanServer' > keyclass : * > keyclass: struct winreg_StringBuf > length : 0x0000 (0) > size : 0x0002 (2) > name : * > name : '' > last_changed_time : * > last_changed_time : NTTIME(0) > result : WERR_OK >[2013/02/27 08:52:35.579121, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_EnumKey: struct winreg_EnumKey > in: struct winreg_EnumKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000002-0000-0000-2d51-43bb50550000 > enum_index : 0x00000001 (1) > name : * > name: struct winreg_StringBuf > length : 0x0000 (0) > size : 0x001e (30) > name : * > name : '' > keyclass : * > keyclass: struct winreg_StringBuf > length : 0x0000 (0) > size : 0x0002 (2) > name : * > name : '' > last_changed_time : * > last_changed_time : NTTIME(0) >[2013/02/27 08:52:35.579374, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.579426, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:420(_winreg_EnumKey) > _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.579452, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_EnumKey: struct winreg_EnumKey > out: struct winreg_EnumKey > name : * > name: struct winreg_StringBuf > length : 0x0012 (18) > size : 0x001e (30) > name : * > name : 'Eventlog' > keyclass : * > keyclass: struct winreg_StringBuf > length : 0x0000 (0) > size : 0x0002 (2) > name : * > name : '' > last_changed_time : * > last_changed_time : NTTIME(0) > result : WERR_OK >[2013/02/27 08:52:35.579674, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_EnumKey: struct winreg_EnumKey > in: struct winreg_EnumKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000002-0000-0000-2d51-43bb50550000 > enum_index : 0x00000002 (2) > name : * > name: struct winreg_StringBuf > length : 0x0000 (0) > size : 0x001e (30) > name : * > name : '' > keyclass : * > keyclass: struct winreg_StringBuf > length : 0x0000 (0) > size : 0x0002 (2) > name : * > name : '' > last_changed_time : * > last_changed_time : NTTIME(0) >[2013/02/27 08:52:35.579934, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.579986, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:420(_winreg_EnumKey) > _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.580011, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_EnumKey: struct winreg_EnumKey > out: struct winreg_EnumKey > name : * > name: struct winreg_StringBuf > length : 0x000c (12) > size : 0x001e (30) > name : * > name : 'Tcpip' > keyclass : * > keyclass: struct winreg_StringBuf > length : 0x0000 (0) > size : 0x0002 (2) > name : * > name : '' > last_changed_time : * > last_changed_time : NTTIME(0) > result : WERR_OK >[2013/02/27 08:52:35.580232, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_EnumKey: struct winreg_EnumKey > in: struct winreg_EnumKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000002-0000-0000-2d51-43bb50550000 > enum_index : 0x00000003 (3) > name : * > name: struct winreg_StringBuf > length : 0x0000 (0) > size : 0x001e (30) > name : * > name : '' > keyclass : * > keyclass: struct winreg_StringBuf > length : 0x0000 (0) > size : 0x0002 (2) > name : * > name : '' > last_changed_time : * > last_changed_time : NTTIME(0) >[2013/02/27 08:52:35.580483, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.580535, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:420(_winreg_EnumKey) > _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.580560, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_EnumKey: struct winreg_EnumKey > out: struct winreg_EnumKey > name : * > name: struct winreg_StringBuf > length : 0x0012 (18) > size : 0x001e (30) > name : * > name : 'Netlogon' > keyclass : * > keyclass: struct winreg_StringBuf > length : 0x0000 (0) > size : 0x0002 (2) > name : * > name : '' > last_changed_time : * > last_changed_time : NTTIME(0) > result : WERR_OK >[2013/02/27 08:52:35.580817, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_EnumKey: struct winreg_EnumKey > in: struct winreg_EnumKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000002-0000-0000-2d51-43bb50550000 > enum_index : 0x00000004 (4) > name : * > name: struct winreg_StringBuf > length : 0x0000 (0) > size : 0x001e (30) > name : * > name : '' > keyclass : * > keyclass: struct winreg_StringBuf > length : 0x0000 (0) > size : 0x0002 (2) > name : * > name : '' > last_changed_time : * > last_changed_time : NTTIME(0) >[2013/02/27 08:52:35.581070, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.581123, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:420(_winreg_EnumKey) > _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.581148, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_EnumKey: struct winreg_EnumKey > out: struct winreg_EnumKey > name : * > name: struct winreg_StringBuf > length : 0x0010 (16) > size : 0x001e (30) > name : * > name : 'Spooler' > keyclass : * > keyclass: struct winreg_StringBuf > length : 0x0000 (0) > size : 0x0002 (2) > name : * > name : '' > last_changed_time : * > last_changed_time : NTTIME(0) > result : WERR_OK >[2013/02/27 08:52:35.581372, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_EnumKey: struct winreg_EnumKey > in: struct winreg_EnumKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000002-0000-0000-2d51-43bb50550000 > enum_index : 0x00000005 (5) > name : * > name: struct winreg_StringBuf > length : 0x0000 (0) > size : 0x001e (30) > name : * > name : '' > keyclass : * > keyclass: struct winreg_StringBuf > length : 0x0000 (0) > size : 0x0002 (2) > name : * > name : '' > last_changed_time : * > last_changed_time : NTTIME(0) >[2013/02/27 08:52:35.581629, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.581681, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:420(_winreg_EnumKey) > _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.581717, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_EnumKey: struct winreg_EnumKey > out: struct winreg_EnumKey > name : * > name: struct winreg_StringBuf > length : 0x001e (30) > size : 0x001e (30) > name : * > name : 'RemoteRegistry' > keyclass : * > keyclass: struct winreg_StringBuf > length : 0x0000 (0) > size : 0x0002 (2) > name : * > name : '' > last_changed_time : * > last_changed_time : NTTIME(0) > result : WERR_OK >[2013/02/27 08:52:35.581941, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_EnumKey: struct winreg_EnumKey > in: struct winreg_EnumKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000002-0000-0000-2d51-43bb50550000 > enum_index : 0x00000006 (6) > name : * > name: struct winreg_StringBuf > length : 0x0000 (0) > size : 0x001e (30) > name : * > name : '' > keyclass : * > keyclass: struct winreg_StringBuf > length : 0x0000 (0) > size : 0x0002 (2) > name : * > name : '' > last_changed_time : * > last_changed_time : NTTIME(0) >[2013/02/27 08:52:35.582194, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.582247, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:420(_winreg_EnumKey) > _winreg_EnumKey: enumerating key [HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.582272, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_EnumKey: struct winreg_EnumKey > out: struct winreg_EnumKey > name : * > name: struct winreg_StringBuf > length : 0x000a (10) > size : 0x001e (30) > name : * > name : 'WINS' > keyclass : * > keyclass: struct winreg_StringBuf > length : 0x0000 (0) > size : 0x0002 (2) > name : * > name : '' > last_changed_time : * > last_changed_time : NTTIME(0) > result : WERR_OK >[2013/02/27 08:52:35.582516, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CreateKey: struct winreg_CreateKey > in: struct winreg_CreateKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000001-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0054 (84) > name_size : 0x0054 (84) > name : * > name : 'SYSTEM\CurrentControlSet\Services\Spooler' > keyclass: struct winreg_String > name_len : 0x0002 (2) > name_size : 0x0002 (2) > name : * > name : '' > options : 0x00000000 (0) > 0: REG_OPTION_VOLATILE > 0: REG_OPTION_CREATE_LINK > 0: REG_OPTION_BACKUP_RESTORE > 0: REG_OPTION_OPEN_LINK > access_mask : 0x02000000 (33554432) > 0: KEY_QUERY_VALUE > 0: KEY_SET_VALUE > 0: KEY_CREATE_SUB_KEY > 0: KEY_ENUMERATE_SUB_KEYS > 0: KEY_NOTIFY > 0: KEY_CREATE_LINK > 0: KEY_WOW64_64KEY > 0: KEY_WOW64_32KEY > secdesc : NULL > action_taken : * > action_taken : REG_ACTION_NONE (0) >[2013/02/27 08:52:35.582916, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.582970, 10, pid=21840] rpc_server/winreg/srv_winreg_nt.c:782(_winreg_CreateKey) > _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\Spooler' >[2013/02/27 08:52:35.582999, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.583026, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.583051, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SYSTEM] >[2013/02/27 08:52:35.583076, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (3->4) >[2013/02/27 08:52:35.583102, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] >[2013/02/27 08:52:35.583127, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM] >[2013/02/27 08:52:35.583151, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.583175, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM] >[2013/02/27 08:52:35.583210, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.583236, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentControlSet] >[2013/02/27 08:52:35.583262, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.583288, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.583313, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.583341, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.583364, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.583402, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.583428, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.583453, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Services] >[2013/02/27 08:52:35.583478, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.583504, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.583528, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.583554, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.583577, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.583624, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.583650, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Spooler] >[2013/02/27 08:52:35.583675, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.583705, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] >[2013/02/27 08:52:35.583731, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] >[2013/02/27 08:52:35.583757, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.583781, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] >[2013/02/27 08:52:35.583818, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.583844, 4, pid=21840] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[3] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.583897, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CreateKey: struct winreg_CreateKey > out: struct winreg_CreateKey > new_handle : * > new_handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000003-0000-0000-2d51-43bb50550000 > action_taken : * > action_taken : REG_OPENED_EXISTING_KEY (2) > result : WERR_OK >[2013/02/27 08:52:35.584040, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000003-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x000c (12) > name_size : 0x000c (12) > name : * > name : 'Start' > type : REG_DWORD (4) > data : * > data: ARRAY(4) > [0] : 0x02 (2) > [1] : 0x00 (0) > [2] : 0x00 (0) > [3] : 0x00 (0) > size : 0x00000004 (4) >[2013/02/27 08:52:35.584279, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.584331, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:Start] >[2013/02/27 08:52:35.584357, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.584382, 10, pid=21840] registry/reg_dispatcher.c:150(fetch_reg_values) > fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\Spooler' (ops 0x12be520) >[2013/02/27 08:52:35.584407, 10, pid=21840] registry/reg_backend_db.c:1789(regdb_fetch_values_internal) > regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler] >[2013/02/27 08:52:35.584442, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[0]: name[Start] len[4] >[2013/02/27 08:52:35.584469, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[1]: name[Type] len[4] >[2013/02/27 08:52:35.584495, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[2]: name[ErrorControl] len[4] >[2013/02/27 08:52:35.584521, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[3]: name[ObjectName] len[24] >[2013/02/27 08:52:35.584547, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[4]: name[DisplayName] len[28] >[2013/02/27 08:52:35.584574, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[5]: name[ImagePath] len[46] >[2013/02/27 08:52:35.584600, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[6]: name[Description] len[106] >[2013/02/27 08:52:35.584626, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.584689, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000003-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x000a (10) > name_size : 0x000a (10) > name : * > name : 'Type' > type : REG_DWORD (4) > data : * > data: ARRAY(4) > [0] : 0x10 (16) > [1] : 0x00 (0) > [2] : 0x00 (0) > [3] : 0x00 (0) > size : 0x00000004 (4) >[2013/02/27 08:52:35.584928, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.584984, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:Type] >[2013/02/27 08:52:35.585010, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.585036, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.585098, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000003-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x001a (26) > name_size : 0x001a (26) > name : * > name : 'ErrorControl' > type : REG_DWORD (4) > data : * > data: ARRAY(4) > [0] : 0x01 (1) > [1] : 0x00 (0) > [2] : 0x00 (0) > [3] : 0x00 (0) > size : 0x00000004 (4) >[2013/02/27 08:52:35.585332, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.585384, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:ErrorControl] >[2013/02/27 08:52:35.585410, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.585436, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.585506, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000003-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0016 (22) > name_size : 0x0016 (22) > name : * > name : 'ObjectName' > type : REG_SZ (1) > data : * > data: ARRAY(24) > [0] : 0x4c (76) > [1] : 0x00 (0) > [2] : 0x6f (111) > [3] : 0x00 (0) > [4] : 0x63 (99) > [5] : 0x00 (0) > [6] : 0x61 (97) > [7] : 0x00 (0) > [8] : 0x6c (108) > [9] : 0x00 (0) > [10] : 0x53 (83) > [11] : 0x00 (0) > [12] : 0x79 (121) > [13] : 0x00 (0) > [14] : 0x73 (115) > [15] : 0x00 (0) > [16] : 0x74 (116) > [17] : 0x00 (0) > [18] : 0x65 (101) > [19] : 0x00 (0) > [20] : 0x6d (109) > [21] : 0x00 (0) > [22] : 0x00 (0) > [23] : 0x00 (0) > size : 0x00000018 (24) >[2013/02/27 08:52:35.585986, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.586037, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:ObjectName] >[2013/02/27 08:52:35.586063, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.586089, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.586156, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000003-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0018 (24) > name_size : 0x0018 (24) > name : * > name : 'DisplayName' > type : REG_SZ (1) > data : * > data: ARRAY(28) > [0] : 0x50 (80) > [1] : 0x00 (0) > [2] : 0x72 (114) > [3] : 0x00 (0) > [4] : 0x69 (105) > [5] : 0x00 (0) > [6] : 0x6e (110) > [7] : 0x00 (0) > [8] : 0x74 (116) > [9] : 0x00 (0) > [10] : 0x20 (32) > [11] : 0x00 (0) > [12] : 0x53 (83) > [13] : 0x00 (0) > [14] : 0x70 (112) > [15] : 0x00 (0) > [16] : 0x6f (111) > [17] : 0x00 (0) > [18] : 0x6f (111) > [19] : 0x00 (0) > [20] : 0x6c (108) > [21] : 0x00 (0) > [22] : 0x65 (101) > [23] : 0x00 (0) > [24] : 0x72 (114) > [25] : 0x00 (0) > [26] : 0x00 (0) > [27] : 0x00 (0) > size : 0x0000001c (28) >[2013/02/27 08:52:35.586676, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.586734, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:DisplayName] >[2013/02/27 08:52:35.586760, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.586785, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.586850, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000003-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0014 (20) > name_size : 0x0014 (20) > name : * > name : 'ImagePath' > type : REG_SZ (1) > data : * > data: ARRAY(46) > [0] : 0x2f (47) > [1] : 0x00 (0) > [2] : 0x75 (117) > [3] : 0x00 (0) > [4] : 0x73 (115) > [5] : 0x00 (0) > [6] : 0x72 (114) > [7] : 0x00 (0) > [8] : 0x2f (47) > [9] : 0x00 (0) > [10] : 0x6c (108) > [11] : 0x00 (0) > [12] : 0x69 (105) > [13] : 0x00 (0) > [14] : 0x62 (98) > [15] : 0x00 (0) > [16] : 0x36 (54) > [17] : 0x00 (0) > [18] : 0x34 (52) > [19] : 0x00 (0) > [20] : 0x2f (47) > [21] : 0x00 (0) > [22] : 0x73 (115) > [23] : 0x00 (0) > [24] : 0x76 (118) > [25] : 0x00 (0) > [26] : 0x63 (99) > [27] : 0x00 (0) > [28] : 0x63 (99) > [29] : 0x00 (0) > [30] : 0x74 (116) > [31] : 0x00 (0) > [32] : 0x6c (108) > [33] : 0x00 (0) > [34] : 0x2f (47) > [35] : 0x00 (0) > [36] : 0x73 (115) > [37] : 0x00 (0) > [38] : 0x6d (109) > [39] : 0x00 (0) > [40] : 0x62 (98) > [41] : 0x00 (0) > [42] : 0x64 (100) > [43] : 0x00 (0) > [44] : 0x00 (0) > [45] : 0x00 (0) > size : 0x0000002e (46) >[2013/02/27 08:52:35.587580, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.587632, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:ImagePath] >[2013/02/27 08:52:35.587658, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.587683, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.587753, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000003-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0018 (24) > name_size : 0x0018 (24) > name : * > name : 'Description' > type : REG_SZ (1) > data : * > data: ARRAY(106) > [0] : 0x49 (73) > [1] : 0x00 (0) > [2] : 0x6e (110) > [3] : 0x00 (0) > [4] : 0x74 (116) > [5] : 0x00 (0) > [6] : 0x65 (101) > [7] : 0x00 (0) > [8] : 0x72 (114) > [9] : 0x00 (0) > [10] : 0x6e (110) > [11] : 0x00 (0) > [12] : 0x61 (97) > [13] : 0x00 (0) > [14] : 0x6c (108) > [15] : 0x00 (0) > [16] : 0x20 (32) > [17] : 0x00 (0) > [18] : 0x73 (115) > [19] : 0x00 (0) > [20] : 0x65 (101) > [21] : 0x00 (0) > [22] : 0x72 (114) > [23] : 0x00 (0) > [24] : 0x76 (118) > [25] : 0x00 (0) > [26] : 0x69 (105) > [27] : 0x00 (0) > [28] : 0x63 (99) > [29] : 0x00 (0) > [30] : 0x65 (101) > [31] : 0x00 (0) > [32] : 0x20 (32) > [33] : 0x00 (0) > [34] : 0x66 (102) > [35] : 0x00 (0) > [36] : 0x6f (111) > [37] : 0x00 (0) > [38] : 0x72 (114) > [39] : 0x00 (0) > [40] : 0x20 (32) > [41] : 0x00 (0) > [42] : 0x73 (115) > [43] : 0x00 (0) > [44] : 0x70 (112) > [45] : 0x00 (0) > [46] : 0x6f (111) > [47] : 0x00 (0) > [48] : 0x6f (111) > [49] : 0x00 (0) > [50] : 0x6c (108) > [51] : 0x00 (0) > [52] : 0x69 (105) > [53] : 0x00 (0) > [54] : 0x6e (110) > [55] : 0x00 (0) > [56] : 0x67 (103) > [57] : 0x00 (0) > [58] : 0x20 (32) > [59] : 0x00 (0) > [60] : 0x66 (102) > [61] : 0x00 (0) > [62] : 0x69 (105) > [63] : 0x00 (0) > [64] : 0x6c (108) > [65] : 0x00 (0) > [66] : 0x65 (101) > [67] : 0x00 (0) > [68] : 0x73 (115) > [69] : 0x00 (0) > [70] : 0x20 (32) > [71] : 0x00 (0) > [72] : 0x74 (116) > [73] : 0x00 (0) > [74] : 0x6f (111) > [75] : 0x00 (0) > [76] : 0x20 (32) > [77] : 0x00 (0) > [78] : 0x70 (112) > [79] : 0x00 (0) > [80] : 0x72 (114) > [81] : 0x00 (0) > [82] : 0x69 (105) > [83] : 0x00 (0) > [84] : 0x6e (110) > [85] : 0x00 (0) > [86] : 0x74 (116) > [87] : 0x00 (0) > [88] : 0x20 (32) > [89] : 0x00 (0) > [90] : 0x64 (100) > [91] : 0x00 (0) > [92] : 0x65 (101) > [93] : 0x00 (0) > [94] : 0x76 (118) > [95] : 0x00 (0) > [96] : 0x69 (105) > [97] : 0x00 (0) > [98] : 0x63 (99) > [99] : 0x00 (0) > [100] : 0x65 (101) > [101] : 0x00 (0) > [102] : 0x73 (115) > [103] : 0x00 (0) > [104] : 0x00 (0) > [105] : 0x00 (0) > size : 0x0000006a (106) >[2013/02/27 08:52:35.589193, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.589245, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler:Description] >[2013/02/27 08:52:35.589271, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.589297, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.589360, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CloseKey: struct winreg_CloseKey > in: struct winreg_CloseKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000003-0000-0000-2d51-43bb50550000 >[2013/02/27 08:52:35.589446, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.589498, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 03 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.589549, 3, pid=21840] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2013/02/27 08:52:35.589576, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (4->3) >[2013/02/27 08:52:35.589601, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CloseKey: struct winreg_CloseKey > out: struct winreg_CloseKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000000-0000-0000-0000-000000000000 > result : WERR_OK >[2013/02/27 08:52:35.589718, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CreateKey: struct winreg_CreateKey > in: struct winreg_CreateKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000001-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0066 (102) > name_size : 0x0066 (102) > name : * > name : 'SYSTEM\CurrentControlSet\Services\Spooler\Security' > keyclass: struct winreg_String > name_len : 0x0002 (2) > name_size : 0x0002 (2) > name : * > name : '' > options : 0x00000000 (0) > 0: REG_OPTION_VOLATILE > 0: REG_OPTION_CREATE_LINK > 0: REG_OPTION_BACKUP_RESTORE > 0: REG_OPTION_OPEN_LINK > access_mask : 0x02000000 (33554432) > 0: KEY_QUERY_VALUE > 0: KEY_SET_VALUE > 0: KEY_CREATE_SUB_KEY > 0: KEY_ENUMERATE_SUB_KEYS > 0: KEY_NOTIFY > 0: KEY_CREATE_LINK > 0: KEY_WOW64_64KEY > 0: KEY_WOW64_32KEY > secdesc : NULL > action_taken : * > action_taken : REG_OPENED_EXISTING_KEY (2) >[2013/02/27 08:52:35.590110, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.590161, 10, pid=21840] rpc_server/winreg/srv_winreg_nt.c:782(_winreg_CreateKey) > _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\Spooler\Security' >[2013/02/27 08:52:35.590188, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.590214, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.590239, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SYSTEM] >[2013/02/27 08:52:35.590263, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (3->4) >[2013/02/27 08:52:35.590289, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] >[2013/02/27 08:52:35.590313, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM] >[2013/02/27 08:52:35.590338, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.590361, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM] >[2013/02/27 08:52:35.590396, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.590422, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentControlSet] >[2013/02/27 08:52:35.590447, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.590474, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.590497, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.590522, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.590545, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.590582, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.590609, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.590634, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Services] >[2013/02/27 08:52:35.590659, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.590685, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.590720, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.590746, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.590770, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.590822, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.590850, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.590875, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Spooler] >[2013/02/27 08:52:35.590900, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.590926, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] >[2013/02/27 08:52:35.590950, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] >[2013/02/27 08:52:35.590976, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.590999, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler] >[2013/02/27 08:52:35.591036, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.591062, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Security] >[2013/02/27 08:52:35.591087, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.591113, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security] >[2013/02/27 08:52:35.591138, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security] >[2013/02/27 08:52:35.591163, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.591187, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security] >[2013/02/27 08:52:35.591220, 10, pid=21840] registry/reg_backend_db.c:1656(regdb_fetch_keys_internal) > regdb_fetch_keys: no subkeys found for key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security] >[2013/02/27 08:52:35.591247, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.591273, 4, pid=21840] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[3] [0000] 00 00 00 00 04 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.591325, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CreateKey: struct winreg_CreateKey > out: struct winreg_CreateKey > new_handle : * > new_handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000004-0000-0000-2d51-43bb50550000 > action_taken : * > action_taken : REG_OPENED_EXISTING_KEY (2) > result : WERR_OK >[2013/02/27 08:52:35.591475, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000004-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0012 (18) > name_size : 0x0012 (18) > name : * > name : 'Security' > type : REG_BINARY (3) > data : * > data: ARRAY(120) > [0] : 0x01 (1) > [1] : 0x00 (0) > [2] : 0x04 (4) > [3] : 0x80 (128) > [4] : 0x00 (0) > [5] : 0x00 (0) > [6] : 0x00 (0) > [7] : 0x00 (0) > [8] : 0x00 (0) > [9] : 0x00 (0) > [10] : 0x00 (0) > [11] : 0x00 (0) > [12] : 0x00 (0) > [13] : 0x00 (0) > [14] : 0x00 (0) > [15] : 0x00 (0) > [16] : 0x14 (20) > [17] : 0x00 (0) > [18] : 0x00 (0) > [19] : 0x00 (0) > [20] : 0x02 (2) > [21] : 0x00 (0) > [22] : 0x64 (100) > [23] : 0x00 (0) > [24] : 0x04 (4) > [25] : 0x00 (0) > [26] : 0x00 (0) > [27] : 0x00 (0) > [28] : 0x00 (0) > [29] : 0x00 (0) > [30] : 0x14 (20) > [31] : 0x00 (0) > [32] : 0x8d (141) > [33] : 0x01 (1) > [34] : 0x02 (2) > [35] : 0x00 (0) > [36] : 0x01 (1) > [37] : 0x01 (1) > [38] : 0x00 (0) > [39] : 0x00 (0) > [40] : 0x00 (0) > [41] : 0x00 (0) > [42] : 0x00 (0) > [43] : 0x01 (1) > [44] : 0x00 (0) > [45] : 0x00 (0) > [46] : 0x00 (0) > [47] : 0x00 (0) > [48] : 0x00 (0) > [49] : 0x00 (0) > [50] : 0x18 (24) > [51] : 0x00 (0) > [52] : 0xfd (253) > [53] : 0x01 (1) > [54] : 0x02 (2) > [55] : 0x00 (0) > [56] : 0x01 (1) > [57] : 0x02 (2) > [58] : 0x00 (0) > [59] : 0x00 (0) > [60] : 0x00 (0) > [61] : 0x00 (0) > [62] : 0x00 (0) > [63] : 0x05 (5) > [64] : 0x20 (32) > [65] : 0x00 (0) > [66] : 0x00 (0) > [67] : 0x00 (0) > [68] : 0x23 (35) > [69] : 0x02 (2) > [70] : 0x00 (0) > [71] : 0x00 (0) > [72] : 0x00 (0) > [73] : 0x00 (0) > [74] : 0x18 (24) > [75] : 0x00 (0) > [76] : 0xff (255) > [77] : 0x01 (1) > [78] : 0x0f (15) > [79] : 0x00 (0) > [80] : 0x01 (1) > [81] : 0x02 (2) > [82] : 0x00 (0) > [83] : 0x00 (0) > [84] : 0x00 (0) > [85] : 0x00 (0) > [86] : 0x00 (0) > [87] : 0x05 (5) > [88] : 0x20 (32) > [89] : 0x00 (0) > [90] : 0x00 (0) > [91] : 0x00 (0) > [92] : 0x25 (37) > [93] : 0x02 (2) > [94] : 0x00 (0) > [95] : 0x00 (0) > [96] : 0x00 (0) > [97] : 0x00 (0) > [98] : 0x18 (24) > [99] : 0x00 (0) > [100] : 0xff (255) > [101] : 0x01 (1) > [102] : 0x0f (15) > [103] : 0x00 (0) > [104] : 0x01 (1) > [105] : 0x02 (2) > [106] : 0x00 (0) > [107] : 0x00 (0) > [108] : 0x00 (0) > [109] : 0x00 (0) > [110] : 0x00 (0) > [111] : 0x05 (5) > [112] : 0x20 (32) > [113] : 0x00 (0) > [114] : 0x00 (0) > [115] : 0x00 (0) > [116] : 0x20 (32) > [117] : 0x02 (2) > [118] : 0x00 (0) > [119] : 0x00 (0) > size : 0x00000078 (120) >[2013/02/27 08:52:35.593084, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 04 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.593136, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security:Security] >[2013/02/27 08:52:35.593163, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.593189, 10, pid=21840] registry/reg_dispatcher.c:150(fetch_reg_values) > fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security' (ops 0x12be520) >[2013/02/27 08:52:35.593214, 10, pid=21840] registry/reg_backend_db.c:1789(regdb_fetch_values_internal) > regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Spooler\Security] >[2013/02/27 08:52:35.593252, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[0]: name[Security] len[120] >[2013/02/27 08:52:35.593279, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.593340, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CloseKey: struct winreg_CloseKey > in: struct winreg_CloseKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000004-0000-0000-2d51-43bb50550000 >[2013/02/27 08:52:35.593426, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 04 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.593478, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 04 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.593529, 3, pid=21840] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2013/02/27 08:52:35.593554, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (4->3) >[2013/02/27 08:52:35.593579, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CloseKey: struct winreg_CloseKey > out: struct winreg_CloseKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000000-0000-0000-0000-000000000000 > result : WERR_OK >[2013/02/27 08:52:35.593695, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CreateKey: struct winreg_CreateKey > in: struct winreg_CreateKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000001-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0056 (86) > name_size : 0x0056 (86) > name : * > name : 'SYSTEM\CurrentControlSet\Services\NETLOGON' > keyclass: struct winreg_String > name_len : 0x0002 (2) > name_size : 0x0002 (2) > name : * > name : '' > options : 0x00000000 (0) > 0: REG_OPTION_VOLATILE > 0: REG_OPTION_CREATE_LINK > 0: REG_OPTION_BACKUP_RESTORE > 0: REG_OPTION_OPEN_LINK > access_mask : 0x02000000 (33554432) > 0: KEY_QUERY_VALUE > 0: KEY_SET_VALUE > 0: KEY_CREATE_SUB_KEY > 0: KEY_ENUMERATE_SUB_KEYS > 0: KEY_NOTIFY > 0: KEY_CREATE_LINK > 0: KEY_WOW64_64KEY > 0: KEY_WOW64_32KEY > secdesc : NULL > action_taken : * > action_taken : REG_ACTION_NONE (0) >[2013/02/27 08:52:35.594088, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.594144, 10, pid=21840] rpc_server/winreg/srv_winreg_nt.c:782(_winreg_CreateKey) > _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\NETLOGON' >[2013/02/27 08:52:35.594171, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.594196, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.594221, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SYSTEM] >[2013/02/27 08:52:35.594246, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (3->4) >[2013/02/27 08:52:35.594273, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] >[2013/02/27 08:52:35.594297, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM] >[2013/02/27 08:52:35.594321, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.594345, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM] >[2013/02/27 08:52:35.594380, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.594407, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentControlSet] >[2013/02/27 08:52:35.594432, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.594458, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.594483, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.594508, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.594532, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.594569, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.594595, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.594620, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Services] >[2013/02/27 08:52:35.594645, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.594671, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.594695, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.594726, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.594750, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.594797, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.594824, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [NETLOGON] >[2013/02/27 08:52:35.594849, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.594875, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] >[2013/02/27 08:52:35.594903, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] >[2013/02/27 08:52:35.594928, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.594952, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] >[2013/02/27 08:52:35.594991, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.595017, 4, pid=21840] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[3] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.595069, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CreateKey: struct winreg_CreateKey > out: struct winreg_CreateKey > new_handle : * > new_handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000005-0000-0000-2d51-43bb50550000 > action_taken : * > action_taken : REG_OPENED_EXISTING_KEY (2) > result : WERR_OK >[2013/02/27 08:52:35.595204, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000005-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x000c (12) > name_size : 0x000c (12) > name : * > name : 'Start' > type : REG_DWORD (4) > data : * > data: ARRAY(4) > [0] : 0x02 (2) > [1] : 0x00 (0) > [2] : 0x00 (0) > [3] : 0x00 (0) > size : 0x00000004 (4) >[2013/02/27 08:52:35.595437, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.595489, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:Start] >[2013/02/27 08:52:35.595515, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.595540, 10, pid=21840] registry/reg_dispatcher.c:150(fetch_reg_values) > fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON' (ops 0x12be520) >[2013/02/27 08:52:35.595565, 10, pid=21840] registry/reg_backend_db.c:1789(regdb_fetch_values_internal) > regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] >[2013/02/27 08:52:35.595600, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[0]: name[Start] len[4] >[2013/02/27 08:52:35.595627, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[1]: name[Type] len[4] >[2013/02/27 08:52:35.595653, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[2]: name[ErrorControl] len[4] >[2013/02/27 08:52:35.595679, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[3]: name[ObjectName] len[24] >[2013/02/27 08:52:35.595714, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[4]: name[DisplayName] len[20] >[2013/02/27 08:52:35.595741, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[5]: name[ImagePath] len[46] >[2013/02/27 08:52:35.595767, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[6]: name[Description] len[164] >[2013/02/27 08:52:35.595793, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.595858, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000005-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x000a (10) > name_size : 0x000a (10) > name : * > name : 'Type' > type : REG_DWORD (4) > data : * > data: ARRAY(4) > [0] : 0x10 (16) > [1] : 0x00 (0) > [2] : 0x00 (0) > [3] : 0x00 (0) > size : 0x00000004 (4) >[2013/02/27 08:52:35.596093, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.596145, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:Type] >[2013/02/27 08:52:35.596171, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.596197, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.596259, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000005-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x001a (26) > name_size : 0x001a (26) > name : * > name : 'ErrorControl' > type : REG_DWORD (4) > data : * > data: ARRAY(4) > [0] : 0x01 (1) > [1] : 0x00 (0) > [2] : 0x00 (0) > [3] : 0x00 (0) > size : 0x00000004 (4) >[2013/02/27 08:52:35.596493, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.596548, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:ErrorControl] >[2013/02/27 08:52:35.596574, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.596600, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.596663, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000005-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0016 (22) > name_size : 0x0016 (22) > name : * > name : 'ObjectName' > type : REG_SZ (1) > data : * > data: ARRAY(24) > [0] : 0x4c (76) > [1] : 0x00 (0) > [2] : 0x6f (111) > [3] : 0x00 (0) > [4] : 0x63 (99) > [5] : 0x00 (0) > [6] : 0x61 (97) > [7] : 0x00 (0) > [8] : 0x6c (108) > [9] : 0x00 (0) > [10] : 0x53 (83) > [11] : 0x00 (0) > [12] : 0x79 (121) > [13] : 0x00 (0) > [14] : 0x73 (115) > [15] : 0x00 (0) > [16] : 0x74 (116) > [17] : 0x00 (0) > [18] : 0x65 (101) > [19] : 0x00 (0) > [20] : 0x6d (109) > [21] : 0x00 (0) > [22] : 0x00 (0) > [23] : 0x00 (0) > size : 0x00000018 (24) >[2013/02/27 08:52:35.597136, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.597188, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:ObjectName] >[2013/02/27 08:52:35.597214, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.597240, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.597306, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000005-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0018 (24) > name_size : 0x0018 (24) > name : * > name : 'DisplayName' > type : REG_SZ (1) > data : * > data: ARRAY(20) > [0] : 0x4e (78) > [1] : 0x00 (0) > [2] : 0x65 (101) > [3] : 0x00 (0) > [4] : 0x74 (116) > [5] : 0x00 (0) > [6] : 0x20 (32) > [7] : 0x00 (0) > [8] : 0x4c (76) > [9] : 0x00 (0) > [10] : 0x6f (111) > [11] : 0x00 (0) > [12] : 0x67 (103) > [13] : 0x00 (0) > [14] : 0x6f (111) > [15] : 0x00 (0) > [16] : 0x6e (110) > [17] : 0x00 (0) > [18] : 0x00 (0) > [19] : 0x00 (0) > size : 0x00000014 (20) >[2013/02/27 08:52:35.597733, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.597785, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:DisplayName] >[2013/02/27 08:52:35.597811, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.597836, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.597901, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000005-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0014 (20) > name_size : 0x0014 (20) > name : * > name : 'ImagePath' > type : REG_SZ (1) > data : * > data: ARRAY(46) > [0] : 0x2f (47) > [1] : 0x00 (0) > [2] : 0x75 (117) > [3] : 0x00 (0) > [4] : 0x73 (115) > [5] : 0x00 (0) > [6] : 0x72 (114) > [7] : 0x00 (0) > [8] : 0x2f (47) > [9] : 0x00 (0) > [10] : 0x6c (108) > [11] : 0x00 (0) > [12] : 0x69 (105) > [13] : 0x00 (0) > [14] : 0x62 (98) > [15] : 0x00 (0) > [16] : 0x36 (54) > [17] : 0x00 (0) > [18] : 0x34 (52) > [19] : 0x00 (0) > [20] : 0x2f (47) > [21] : 0x00 (0) > [22] : 0x73 (115) > [23] : 0x00 (0) > [24] : 0x76 (118) > [25] : 0x00 (0) > [26] : 0x63 (99) > [27] : 0x00 (0) > [28] : 0x63 (99) > [29] : 0x00 (0) > [30] : 0x74 (116) > [31] : 0x00 (0) > [32] : 0x6c (108) > [33] : 0x00 (0) > [34] : 0x2f (47) > [35] : 0x00 (0) > [36] : 0x73 (115) > [37] : 0x00 (0) > [38] : 0x6d (109) > [39] : 0x00 (0) > [40] : 0x62 (98) > [41] : 0x00 (0) > [42] : 0x64 (100) > [43] : 0x00 (0) > [44] : 0x00 (0) > [45] : 0x00 (0) > size : 0x0000002e (46) >[2013/02/27 08:52:35.598629, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.598680, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:ImagePath] >[2013/02/27 08:52:35.598711, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.598737, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.598802, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000005-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0018 (24) > name_size : 0x0018 (24) > name : * > name : 'Description' > type : REG_SZ (1) > data : * > data: ARRAY(164) > [0] : 0x46 (70) > [1] : 0x00 (0) > [2] : 0x69 (105) > [3] : 0x00 (0) > [4] : 0x6c (108) > [5] : 0x00 (0) > [6] : 0x65 (101) > [7] : 0x00 (0) > [8] : 0x20 (32) > [9] : 0x00 (0) > [10] : 0x73 (115) > [11] : 0x00 (0) > [12] : 0x65 (101) > [13] : 0x00 (0) > [14] : 0x72 (114) > [15] : 0x00 (0) > [16] : 0x76 (118) > [17] : 0x00 (0) > [18] : 0x69 (105) > [19] : 0x00 (0) > [20] : 0x63 (99) > [21] : 0x00 (0) > [22] : 0x65 (101) > [23] : 0x00 (0) > [24] : 0x20 (32) > [25] : 0x00 (0) > [26] : 0x70 (112) > [27] : 0x00 (0) > [28] : 0x72 (114) > [29] : 0x00 (0) > [30] : 0x6f (111) > [31] : 0x00 (0) > [32] : 0x76 (118) > [33] : 0x00 (0) > [34] : 0x69 (105) > [35] : 0x00 (0) > [36] : 0x64 (100) > [37] : 0x00 (0) > [38] : 0x69 (105) > [39] : 0x00 (0) > [40] : 0x6e (110) > [41] : 0x00 (0) > [42] : 0x67 (103) > [43] : 0x00 (0) > [44] : 0x20 (32) > [45] : 0x00 (0) > [46] : 0x61 (97) > [47] : 0x00 (0) > [48] : 0x63 (99) > [49] : 0x00 (0) > [50] : 0x63 (99) > [51] : 0x00 (0) > [52] : 0x65 (101) > [53] : 0x00 (0) > [54] : 0x73 (115) > [55] : 0x00 (0) > [56] : 0x73 (115) > [57] : 0x00 (0) > [58] : 0x20 (32) > [59] : 0x00 (0) > [60] : 0x74 (116) > [61] : 0x00 (0) > [62] : 0x6f (111) > [63] : 0x00 (0) > [64] : 0x20 (32) > [65] : 0x00 (0) > [66] : 0x70 (112) > [67] : 0x00 (0) > [68] : 0x6f (111) > [69] : 0x00 (0) > [70] : 0x6c (108) > [71] : 0x00 (0) > [72] : 0x69 (105) > [73] : 0x00 (0) > [74] : 0x63 (99) > [75] : 0x00 (0) > [76] : 0x79 (121) > [77] : 0x00 (0) > [78] : 0x20 (32) > [79] : 0x00 (0) > [80] : 0x61 (97) > [81] : 0x00 (0) > [82] : 0x6e (110) > [83] : 0x00 (0) > [84] : 0x64 (100) > [85] : 0x00 (0) > [86] : 0x20 (32) > [87] : 0x00 (0) > [88] : 0x70 (112) > [89] : 0x00 (0) > [90] : 0x72 (114) > [91] : 0x00 (0) > [92] : 0x6f (111) > [93] : 0x00 (0) > [94] : 0x66 (102) > [95] : 0x00 (0) > [96] : 0x69 (105) > [97] : 0x00 (0) > [98] : 0x6c (108) > [99] : 0x00 (0) > [100] : 0x65 (101) > [101] : 0x00 (0) > [102] : 0x20 (32) > [103] : 0x00 (0) > [104] : 0x64 (100) > [105] : 0x00 (0) > [106] : 0x61 (97) > [107] : 0x00 (0) > [108] : 0x74 (116) > [109] : 0x00 (0) > [110] : 0x61 (97) > [111] : 0x00 (0) > [112] : 0x20 (32) > [113] : 0x00 (0) > [114] : 0x28 (40) > [115] : 0x00 (0) > [116] : 0x6e (110) > [117] : 0x00 (0) > [118] : 0x6f (111) > [119] : 0x00 (0) > [120] : 0x74 (116) > [121] : 0x00 (0) > [122] : 0x72 (114) > [123] : 0x00 (0) > [124] : 0x65 (101) > [125] : 0x00 (0) > [126] : 0x6d (109) > [127] : 0x00 (0) > [128] : 0x6f (111) > [129] : 0x00 (0) > [130] : 0x74 (116) > [131] : 0x00 (0) > [132] : 0x65 (101) > [133] : 0x00 (0) > [134] : 0x6c (108) > [135] : 0x00 (0) > [136] : 0x79 (121) > [137] : 0x00 (0) > [138] : 0x20 (32) > [139] : 0x00 (0) > [140] : 0x6d (109) > [141] : 0x00 (0) > [142] : 0x61 (97) > [143] : 0x00 (0) > [144] : 0x6e (110) > [145] : 0x00 (0) > [146] : 0x61 (97) > [147] : 0x00 (0) > [148] : 0x67 (103) > [149] : 0x00 (0) > [150] : 0x65 (101) > [151] : 0x00 (0) > [152] : 0x61 (97) > [153] : 0x00 (0) > [154] : 0x62 (98) > [155] : 0x00 (0) > [156] : 0x6c (108) > [157] : 0x00 (0) > [158] : 0x65 (101) > [159] : 0x00 (0) > [160] : 0x29 (41) > [161] : 0x00 (0) > [162] : 0x00 (0) > [163] : 0x00 (0) > size : 0x000000a4 (164) >[2013/02/27 08:52:35.600922, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.600975, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON:Description] >[2013/02/27 08:52:35.601001, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.601027, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.601090, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CloseKey: struct winreg_CloseKey > in: struct winreg_CloseKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000005-0000-0000-2d51-43bb50550000 >[2013/02/27 08:52:35.601176, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.601228, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 05 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.601280, 3, pid=21840] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2013/02/27 08:52:35.601306, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (4->3) >[2013/02/27 08:52:35.601331, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CloseKey: struct winreg_CloseKey > out: struct winreg_CloseKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000000-0000-0000-0000-000000000000 > result : WERR_OK >[2013/02/27 08:52:35.601445, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CreateKey: struct winreg_CreateKey > in: struct winreg_CreateKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000001-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0068 (104) > name_size : 0x0068 (104) > name : * > name : 'SYSTEM\CurrentControlSet\Services\NETLOGON\Security' > keyclass: struct winreg_String > name_len : 0x0002 (2) > name_size : 0x0002 (2) > name : * > name : '' > options : 0x00000000 (0) > 0: REG_OPTION_VOLATILE > 0: REG_OPTION_CREATE_LINK > 0: REG_OPTION_BACKUP_RESTORE > 0: REG_OPTION_OPEN_LINK > access_mask : 0x02000000 (33554432) > 0: KEY_QUERY_VALUE > 0: KEY_SET_VALUE > 0: KEY_CREATE_SUB_KEY > 0: KEY_ENUMERATE_SUB_KEYS > 0: KEY_NOTIFY > 0: KEY_CREATE_LINK > 0: KEY_WOW64_64KEY > 0: KEY_WOW64_32KEY > secdesc : NULL > action_taken : * > action_taken : REG_OPENED_EXISTING_KEY (2) >[2013/02/27 08:52:35.601838, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.601891, 10, pid=21840] rpc_server/winreg/srv_winreg_nt.c:782(_winreg_CreateKey) > _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\NETLOGON\Security' >[2013/02/27 08:52:35.601917, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.601943, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.601968, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SYSTEM] >[2013/02/27 08:52:35.601993, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (3->4) >[2013/02/27 08:52:35.602019, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] >[2013/02/27 08:52:35.602043, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM] >[2013/02/27 08:52:35.602067, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.602090, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM] >[2013/02/27 08:52:35.602126, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.602152, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentControlSet] >[2013/02/27 08:52:35.602177, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.602203, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.602227, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.602252, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.602275, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.602312, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.602339, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.602367, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Services] >[2013/02/27 08:52:35.602392, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.602418, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.602442, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.602467, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.602490, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.602537, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.602563, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.602588, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [NETLOGON] >[2013/02/27 08:52:35.602613, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.602639, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] >[2013/02/27 08:52:35.602663, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] >[2013/02/27 08:52:35.602689, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.602717, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON] >[2013/02/27 08:52:35.602756, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.602782, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Security] >[2013/02/27 08:52:35.602807, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.602833, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security] >[2013/02/27 08:52:35.602858, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security] >[2013/02/27 08:52:35.602884, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.602907, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security] >[2013/02/27 08:52:35.602940, 10, pid=21840] registry/reg_backend_db.c:1656(regdb_fetch_keys_internal) > regdb_fetch_keys: no subkeys found for key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security] >[2013/02/27 08:52:35.602967, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.602993, 4, pid=21840] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[3] [0000] 00 00 00 00 06 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.603045, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CreateKey: struct winreg_CreateKey > out: struct winreg_CreateKey > new_handle : * > new_handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000006-0000-0000-2d51-43bb50550000 > action_taken : * > action_taken : REG_OPENED_EXISTING_KEY (2) > result : WERR_OK >[2013/02/27 08:52:35.603188, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000006-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0012 (18) > name_size : 0x0012 (18) > name : * > name : 'Security' > type : REG_BINARY (3) > data : * > data: ARRAY(120) > [0] : 0x01 (1) > [1] : 0x00 (0) > [2] : 0x04 (4) > [3] : 0x80 (128) > [4] : 0x00 (0) > [5] : 0x00 (0) > [6] : 0x00 (0) > [7] : 0x00 (0) > [8] : 0x00 (0) > [9] : 0x00 (0) > [10] : 0x00 (0) > [11] : 0x00 (0) > [12] : 0x00 (0) > [13] : 0x00 (0) > [14] : 0x00 (0) > [15] : 0x00 (0) > [16] : 0x14 (20) > [17] : 0x00 (0) > [18] : 0x00 (0) > [19] : 0x00 (0) > [20] : 0x02 (2) > [21] : 0x00 (0) > [22] : 0x64 (100) > [23] : 0x00 (0) > [24] : 0x04 (4) > [25] : 0x00 (0) > [26] : 0x00 (0) > [27] : 0x00 (0) > [28] : 0x00 (0) > [29] : 0x00 (0) > [30] : 0x14 (20) > [31] : 0x00 (0) > [32] : 0x8d (141) > [33] : 0x01 (1) > [34] : 0x02 (2) > [35] : 0x00 (0) > [36] : 0x01 (1) > [37] : 0x01 (1) > [38] : 0x00 (0) > [39] : 0x00 (0) > [40] : 0x00 (0) > [41] : 0x00 (0) > [42] : 0x00 (0) > [43] : 0x01 (1) > [44] : 0x00 (0) > [45] : 0x00 (0) > [46] : 0x00 (0) > [47] : 0x00 (0) > [48] : 0x00 (0) > [49] : 0x00 (0) > [50] : 0x18 (24) > [51] : 0x00 (0) > [52] : 0xfd (253) > [53] : 0x01 (1) > [54] : 0x02 (2) > [55] : 0x00 (0) > [56] : 0x01 (1) > [57] : 0x02 (2) > [58] : 0x00 (0) > [59] : 0x00 (0) > [60] : 0x00 (0) > [61] : 0x00 (0) > [62] : 0x00 (0) > [63] : 0x05 (5) > [64] : 0x20 (32) > [65] : 0x00 (0) > [66] : 0x00 (0) > [67] : 0x00 (0) > [68] : 0x23 (35) > [69] : 0x02 (2) > [70] : 0x00 (0) > [71] : 0x00 (0) > [72] : 0x00 (0) > [73] : 0x00 (0) > [74] : 0x18 (24) > [75] : 0x00 (0) > [76] : 0xff (255) > [77] : 0x01 (1) > [78] : 0x0f (15) > [79] : 0x00 (0) > [80] : 0x01 (1) > [81] : 0x02 (2) > [82] : 0x00 (0) > [83] : 0x00 (0) > [84] : 0x00 (0) > [85] : 0x00 (0) > [86] : 0x00 (0) > [87] : 0x05 (5) > [88] : 0x20 (32) > [89] : 0x00 (0) > [90] : 0x00 (0) > [91] : 0x00 (0) > [92] : 0x25 (37) > [93] : 0x02 (2) > [94] : 0x00 (0) > [95] : 0x00 (0) > [96] : 0x00 (0) > [97] : 0x00 (0) > [98] : 0x18 (24) > [99] : 0x00 (0) > [100] : 0xff (255) > [101] : 0x01 (1) > [102] : 0x0f (15) > [103] : 0x00 (0) > [104] : 0x01 (1) > [105] : 0x02 (2) > [106] : 0x00 (0) > [107] : 0x00 (0) > [108] : 0x00 (0) > [109] : 0x00 (0) > [110] : 0x00 (0) > [111] : 0x05 (5) > [112] : 0x20 (32) > [113] : 0x00 (0) > [114] : 0x00 (0) > [115] : 0x00 (0) > [116] : 0x20 (32) > [117] : 0x02 (2) > [118] : 0x00 (0) > [119] : 0x00 (0) > size : 0x00000078 (120) >[2013/02/27 08:52:35.604790, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 06 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.604846, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security:Security] >[2013/02/27 08:52:35.604873, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.604898, 10, pid=21840] registry/reg_dispatcher.c:150(fetch_reg_values) > fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security' (ops 0x12be520) >[2013/02/27 08:52:35.604923, 10, pid=21840] registry/reg_backend_db.c:1789(regdb_fetch_values_internal) > regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\NETLOGON\Security] >[2013/02/27 08:52:35.604958, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[0]: name[Security] len[120] >[2013/02/27 08:52:35.604985, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.605045, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CloseKey: struct winreg_CloseKey > in: struct winreg_CloseKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000006-0000-0000-2d51-43bb50550000 >[2013/02/27 08:52:35.605131, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 06 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.605183, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 06 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.605234, 3, pid=21840] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2013/02/27 08:52:35.605259, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (4->3) >[2013/02/27 08:52:35.605284, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CloseKey: struct winreg_CloseKey > out: struct winreg_CloseKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000000-0000-0000-0000-000000000000 > result : WERR_OK >[2013/02/27 08:52:35.605399, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CreateKey: struct winreg_CreateKey > in: struct winreg_CreateKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000001-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0062 (98) > name_size : 0x0062 (98) > name : * > name : 'SYSTEM\CurrentControlSet\Services\RemoteRegistry' > keyclass: struct winreg_String > name_len : 0x0002 (2) > name_size : 0x0002 (2) > name : * > name : '' > options : 0x00000000 (0) > 0: REG_OPTION_VOLATILE > 0: REG_OPTION_CREATE_LINK > 0: REG_OPTION_BACKUP_RESTORE > 0: REG_OPTION_OPEN_LINK > access_mask : 0x02000000 (33554432) > 0: KEY_QUERY_VALUE > 0: KEY_SET_VALUE > 0: KEY_CREATE_SUB_KEY > 0: KEY_ENUMERATE_SUB_KEYS > 0: KEY_NOTIFY > 0: KEY_CREATE_LINK > 0: KEY_WOW64_64KEY > 0: KEY_WOW64_32KEY > secdesc : NULL > action_taken : * > action_taken : REG_ACTION_NONE (0) >[2013/02/27 08:52:35.605792, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.605844, 10, pid=21840] rpc_server/winreg/srv_winreg_nt.c:782(_winreg_CreateKey) > _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\RemoteRegistry' >[2013/02/27 08:52:35.605870, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.605896, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.605921, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SYSTEM] >[2013/02/27 08:52:35.605947, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (3->4) >[2013/02/27 08:52:35.605973, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] >[2013/02/27 08:52:35.605997, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM] >[2013/02/27 08:52:35.606022, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.606045, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM] >[2013/02/27 08:52:35.606080, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.606106, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentControlSet] >[2013/02/27 08:52:35.606132, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.606158, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.606182, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.606207, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.606230, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.606267, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.606294, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.606319, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Services] >[2013/02/27 08:52:35.606344, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.606370, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.606398, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.606423, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.606447, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.606493, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.606520, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [RemoteRegistry] >[2013/02/27 08:52:35.606545, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.606571, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] >[2013/02/27 08:52:35.606595, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] >[2013/02/27 08:52:35.606621, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.606644, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] >[2013/02/27 08:52:35.606683, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.606715, 4, pid=21840] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[3] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.606767, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CreateKey: struct winreg_CreateKey > out: struct winreg_CreateKey > new_handle : * > new_handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000007-0000-0000-2d51-43bb50550000 > action_taken : * > action_taken : REG_OPENED_EXISTING_KEY (2) > result : WERR_OK >[2013/02/27 08:52:35.606901, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000007-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x000c (12) > name_size : 0x000c (12) > name : * > name : 'Start' > type : REG_DWORD (4) > data : * > data: ARRAY(4) > [0] : 0x02 (2) > [1] : 0x00 (0) > [2] : 0x00 (0) > [3] : 0x00 (0) > size : 0x00000004 (4) >[2013/02/27 08:52:35.607135, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.607187, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:Start] >[2013/02/27 08:52:35.607213, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.607242, 10, pid=21840] registry/reg_dispatcher.c:150(fetch_reg_values) > fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry' (ops 0x12be520) >[2013/02/27 08:52:35.607268, 10, pid=21840] registry/reg_backend_db.c:1789(regdb_fetch_values_internal) > regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] >[2013/02/27 08:52:35.607303, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[0]: name[Start] len[4] >[2013/02/27 08:52:35.607330, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[1]: name[Type] len[4] >[2013/02/27 08:52:35.607356, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[2]: name[ErrorControl] len[4] >[2013/02/27 08:52:35.607382, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[3]: name[ObjectName] len[24] >[2013/02/27 08:52:35.607408, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[4]: name[DisplayName] len[48] >[2013/02/27 08:52:35.607434, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[5]: name[ImagePath] len[46] >[2013/02/27 08:52:35.607460, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[6]: name[Description] len[126] >[2013/02/27 08:52:35.607486, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.607549, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000007-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x000a (10) > name_size : 0x000a (10) > name : * > name : 'Type' > type : REG_DWORD (4) > data : * > data: ARRAY(4) > [0] : 0x10 (16) > [1] : 0x00 (0) > [2] : 0x00 (0) > [3] : 0x00 (0) > size : 0x00000004 (4) >[2013/02/27 08:52:35.607787, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.607839, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:Type] >[2013/02/27 08:52:35.607866, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.607891, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.607953, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000007-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x001a (26) > name_size : 0x001a (26) > name : * > name : 'ErrorControl' > type : REG_DWORD (4) > data : * > data: ARRAY(4) > [0] : 0x01 (1) > [1] : 0x00 (0) > [2] : 0x00 (0) > [3] : 0x00 (0) > size : 0x00000004 (4) >[2013/02/27 08:52:35.608188, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.608240, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:ErrorControl] >[2013/02/27 08:52:35.608266, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.608292, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.608356, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000007-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0016 (22) > name_size : 0x0016 (22) > name : * > name : 'ObjectName' > type : REG_SZ (1) > data : * > data: ARRAY(24) > [0] : 0x4c (76) > [1] : 0x00 (0) > [2] : 0x6f (111) > [3] : 0x00 (0) > [4] : 0x63 (99) > [5] : 0x00 (0) > [6] : 0x61 (97) > [7] : 0x00 (0) > [8] : 0x6c (108) > [9] : 0x00 (0) > [10] : 0x53 (83) > [11] : 0x00 (0) > [12] : 0x79 (121) > [13] : 0x00 (0) > [14] : 0x73 (115) > [15] : 0x00 (0) > [16] : 0x74 (116) > [17] : 0x00 (0) > [18] : 0x65 (101) > [19] : 0x00 (0) > [20] : 0x6d (109) > [21] : 0x00 (0) > [22] : 0x00 (0) > [23] : 0x00 (0) > size : 0x00000018 (24) >[2013/02/27 08:52:35.608825, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.608881, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:ObjectName] >[2013/02/27 08:52:35.608908, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.608933, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.609000, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000007-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0018 (24) > name_size : 0x0018 (24) > name : * > name : 'DisplayName' > type : REG_SZ (1) > data : * > data: ARRAY(48) > [0] : 0x52 (82) > [1] : 0x00 (0) > [2] : 0x65 (101) > [3] : 0x00 (0) > [4] : 0x6d (109) > [5] : 0x00 (0) > [6] : 0x6f (111) > [7] : 0x00 (0) > [8] : 0x74 (116) > [9] : 0x00 (0) > [10] : 0x65 (101) > [11] : 0x00 (0) > [12] : 0x20 (32) > [13] : 0x00 (0) > [14] : 0x52 (82) > [15] : 0x00 (0) > [16] : 0x65 (101) > [17] : 0x00 (0) > [18] : 0x67 (103) > [19] : 0x00 (0) > [20] : 0x69 (105) > [21] : 0x00 (0) > [22] : 0x73 (115) > [23] : 0x00 (0) > [24] : 0x74 (116) > [25] : 0x00 (0) > [26] : 0x72 (114) > [27] : 0x00 (0) > [28] : 0x79 (121) > [29] : 0x00 (0) > [30] : 0x20 (32) > [31] : 0x00 (0) > [32] : 0x53 (83) > [33] : 0x00 (0) > [34] : 0x65 (101) > [35] : 0x00 (0) > [36] : 0x72 (114) > [37] : 0x00 (0) > [38] : 0x76 (118) > [39] : 0x00 (0) > [40] : 0x69 (105) > [41] : 0x00 (0) > [42] : 0x63 (99) > [43] : 0x00 (0) > [44] : 0x65 (101) > [45] : 0x00 (0) > [46] : 0x00 (0) > [47] : 0x00 (0) > size : 0x00000030 (48) >[2013/02/27 08:52:35.609758, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.609810, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:DisplayName] >[2013/02/27 08:52:35.609837, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.609862, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.609927, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000007-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0014 (20) > name_size : 0x0014 (20) > name : * > name : 'ImagePath' > type : REG_SZ (1) > data : * > data: ARRAY(46) > [0] : 0x2f (47) > [1] : 0x00 (0) > [2] : 0x75 (117) > [3] : 0x00 (0) > [4] : 0x73 (115) > [5] : 0x00 (0) > [6] : 0x72 (114) > [7] : 0x00 (0) > [8] : 0x2f (47) > [9] : 0x00 (0) > [10] : 0x6c (108) > [11] : 0x00 (0) > [12] : 0x69 (105) > [13] : 0x00 (0) > [14] : 0x62 (98) > [15] : 0x00 (0) > [16] : 0x36 (54) > [17] : 0x00 (0) > [18] : 0x34 (52) > [19] : 0x00 (0) > [20] : 0x2f (47) > [21] : 0x00 (0) > [22] : 0x73 (115) > [23] : 0x00 (0) > [24] : 0x76 (118) > [25] : 0x00 (0) > [26] : 0x63 (99) > [27] : 0x00 (0) > [28] : 0x63 (99) > [29] : 0x00 (0) > [30] : 0x74 (116) > [31] : 0x00 (0) > [32] : 0x6c (108) > [33] : 0x00 (0) > [34] : 0x2f (47) > [35] : 0x00 (0) > [36] : 0x73 (115) > [37] : 0x00 (0) > [38] : 0x6d (109) > [39] : 0x00 (0) > [40] : 0x62 (98) > [41] : 0x00 (0) > [42] : 0x64 (100) > [43] : 0x00 (0) > [44] : 0x00 (0) > [45] : 0x00 (0) > size : 0x0000002e (46) >[2013/02/27 08:52:35.610654, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.610716, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:ImagePath] >[2013/02/27 08:52:35.610743, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.610769, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.610834, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000007-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0018 (24) > name_size : 0x0018 (24) > name : * > name : 'Description' > type : REG_SZ (1) > data : * > data: ARRAY(126) > [0] : 0x49 (73) > [1] : 0x00 (0) > [2] : 0x6e (110) > [3] : 0x00 (0) > [4] : 0x74 (116) > [5] : 0x00 (0) > [6] : 0x65 (101) > [7] : 0x00 (0) > [8] : 0x72 (114) > [9] : 0x00 (0) > [10] : 0x6e (110) > [11] : 0x00 (0) > [12] : 0x61 (97) > [13] : 0x00 (0) > [14] : 0x6c (108) > [15] : 0x00 (0) > [16] : 0x20 (32) > [17] : 0x00 (0) > [18] : 0x73 (115) > [19] : 0x00 (0) > [20] : 0x65 (101) > [21] : 0x00 (0) > [22] : 0x72 (114) > [23] : 0x00 (0) > [24] : 0x76 (118) > [25] : 0x00 (0) > [26] : 0x69 (105) > [27] : 0x00 (0) > [28] : 0x63 (99) > [29] : 0x00 (0) > [30] : 0x65 (101) > [31] : 0x00 (0) > [32] : 0x20 (32) > [33] : 0x00 (0) > [34] : 0x70 (112) > [35] : 0x00 (0) > [36] : 0x72 (114) > [37] : 0x00 (0) > [38] : 0x6f (111) > [39] : 0x00 (0) > [40] : 0x76 (118) > [41] : 0x00 (0) > [42] : 0x69 (105) > [43] : 0x00 (0) > [44] : 0x64 (100) > [45] : 0x00 (0) > [46] : 0x69 (105) > [47] : 0x00 (0) > [48] : 0x6e (110) > [49] : 0x00 (0) > [50] : 0x67 (103) > [51] : 0x00 (0) > [52] : 0x20 (32) > [53] : 0x00 (0) > [54] : 0x72 (114) > [55] : 0x00 (0) > [56] : 0x65 (101) > [57] : 0x00 (0) > [58] : 0x6d (109) > [59] : 0x00 (0) > [60] : 0x6f (111) > [61] : 0x00 (0) > [62] : 0x74 (116) > [63] : 0x00 (0) > [64] : 0x65 (101) > [65] : 0x00 (0) > [66] : 0x20 (32) > [67] : 0x00 (0) > [68] : 0x61 (97) > [69] : 0x00 (0) > [70] : 0x63 (99) > [71] : 0x00 (0) > [72] : 0x63 (99) > [73] : 0x00 (0) > [74] : 0x65 (101) > [75] : 0x00 (0) > [76] : 0x73 (115) > [77] : 0x00 (0) > [78] : 0x73 (115) > [79] : 0x00 (0) > [80] : 0x20 (32) > [81] : 0x00 (0) > [82] : 0x74 (116) > [83] : 0x00 (0) > [84] : 0x6f (111) > [85] : 0x00 (0) > [86] : 0x20 (32) > [87] : 0x00 (0) > [88] : 0x74 (116) > [89] : 0x00 (0) > [90] : 0x68 (104) > [91] : 0x00 (0) > [92] : 0x65 (101) > [93] : 0x00 (0) > [94] : 0x20 (32) > [95] : 0x00 (0) > [96] : 0x53 (83) > [97] : 0x00 (0) > [98] : 0x61 (97) > [99] : 0x00 (0) > [100] : 0x6d (109) > [101] : 0x00 (0) > [102] : 0x62 (98) > [103] : 0x00 (0) > [104] : 0x61 (97) > [105] : 0x00 (0) > [106] : 0x20 (32) > [107] : 0x00 (0) > [108] : 0x72 (114) > [109] : 0x00 (0) > [110] : 0x65 (101) > [111] : 0x00 (0) > [112] : 0x67 (103) > [113] : 0x00 (0) > [114] : 0x69 (105) > [115] : 0x00 (0) > [116] : 0x73 (115) > [117] : 0x00 (0) > [118] : 0x74 (116) > [119] : 0x00 (0) > [120] : 0x72 (114) > [121] : 0x00 (0) > [122] : 0x79 (121) > [123] : 0x00 (0) > [124] : 0x00 (0) > [125] : 0x00 (0) > size : 0x0000007e (126) >[2013/02/27 08:52:35.612506, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.612558, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry:Description] >[2013/02/27 08:52:35.612585, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.612611, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.612673, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CloseKey: struct winreg_CloseKey > in: struct winreg_CloseKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000007-0000-0000-2d51-43bb50550000 >[2013/02/27 08:52:35.612764, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.612816, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 07 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.612867, 3, pid=21840] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2013/02/27 08:52:35.612893, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (4->3) >[2013/02/27 08:52:35.612918, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CloseKey: struct winreg_CloseKey > out: struct winreg_CloseKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000000-0000-0000-0000-000000000000 > result : WERR_OK >[2013/02/27 08:52:35.613032, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CreateKey: struct winreg_CreateKey > in: struct winreg_CreateKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000001-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0074 (116) > name_size : 0x0074 (116) > name : * > name : 'SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security' > keyclass: struct winreg_String > name_len : 0x0002 (2) > name_size : 0x0002 (2) > name : * > name : '' > options : 0x00000000 (0) > 0: REG_OPTION_VOLATILE > 0: REG_OPTION_CREATE_LINK > 0: REG_OPTION_BACKUP_RESTORE > 0: REG_OPTION_OPEN_LINK > access_mask : 0x02000000 (33554432) > 0: KEY_QUERY_VALUE > 0: KEY_SET_VALUE > 0: KEY_CREATE_SUB_KEY > 0: KEY_ENUMERATE_SUB_KEYS > 0: KEY_NOTIFY > 0: KEY_CREATE_LINK > 0: KEY_WOW64_64KEY > 0: KEY_WOW64_32KEY > secdesc : NULL > action_taken : * > action_taken : REG_OPENED_EXISTING_KEY (2) >[2013/02/27 08:52:35.613419, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.613471, 10, pid=21840] rpc_server/winreg/srv_winreg_nt.c:782(_winreg_CreateKey) > _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security' >[2013/02/27 08:52:35.613498, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.613524, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.613549, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SYSTEM] >[2013/02/27 08:52:35.613574, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (3->4) >[2013/02/27 08:52:35.613600, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] >[2013/02/27 08:52:35.613624, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM] >[2013/02/27 08:52:35.613648, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.613671, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM] >[2013/02/27 08:52:35.613710, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.613738, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentControlSet] >[2013/02/27 08:52:35.613763, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.613790, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.613814, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.613838, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.613865, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.613902, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.613929, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.613954, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Services] >[2013/02/27 08:52:35.613979, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.614005, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.614029, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.614054, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.614078, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.614124, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.614151, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.614176, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [RemoteRegistry] >[2013/02/27 08:52:35.614201, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.614227, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] >[2013/02/27 08:52:35.614252, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] >[2013/02/27 08:52:35.614277, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.614301, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry] >[2013/02/27 08:52:35.614338, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.614364, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Security] >[2013/02/27 08:52:35.614389, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.614416, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security] >[2013/02/27 08:52:35.614441, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security] >[2013/02/27 08:52:35.614466, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.614489, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security] >[2013/02/27 08:52:35.614524, 10, pid=21840] registry/reg_backend_db.c:1656(regdb_fetch_keys_internal) > regdb_fetch_keys: no subkeys found for key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security] >[2013/02/27 08:52:35.614552, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.614577, 4, pid=21840] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[3] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.614632, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CreateKey: struct winreg_CreateKey > out: struct winreg_CreateKey > new_handle : * > new_handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000008-0000-0000-2d51-43bb50550000 > action_taken : * > action_taken : REG_OPENED_EXISTING_KEY (2) > result : WERR_OK >[2013/02/27 08:52:35.614777, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000008-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0012 (18) > name_size : 0x0012 (18) > name : * > name : 'Security' > type : REG_BINARY (3) > data : * > data: ARRAY(120) > [0] : 0x01 (1) > [1] : 0x00 (0) > [2] : 0x04 (4) > [3] : 0x80 (128) > [4] : 0x00 (0) > [5] : 0x00 (0) > [6] : 0x00 (0) > [7] : 0x00 (0) > [8] : 0x00 (0) > [9] : 0x00 (0) > [10] : 0x00 (0) > [11] : 0x00 (0) > [12] : 0x00 (0) > [13] : 0x00 (0) > [14] : 0x00 (0) > [15] : 0x00 (0) > [16] : 0x14 (20) > [17] : 0x00 (0) > [18] : 0x00 (0) > [19] : 0x00 (0) > [20] : 0x02 (2) > [21] : 0x00 (0) > [22] : 0x64 (100) > [23] : 0x00 (0) > [24] : 0x04 (4) > [25] : 0x00 (0) > [26] : 0x00 (0) > [27] : 0x00 (0) > [28] : 0x00 (0) > [29] : 0x00 (0) > [30] : 0x14 (20) > [31] : 0x00 (0) > [32] : 0x8d (141) > [33] : 0x01 (1) > [34] : 0x02 (2) > [35] : 0x00 (0) > [36] : 0x01 (1) > [37] : 0x01 (1) > [38] : 0x00 (0) > [39] : 0x00 (0) > [40] : 0x00 (0) > [41] : 0x00 (0) > [42] : 0x00 (0) > [43] : 0x01 (1) > [44] : 0x00 (0) > [45] : 0x00 (0) > [46] : 0x00 (0) > [47] : 0x00 (0) > [48] : 0x00 (0) > [49] : 0x00 (0) > [50] : 0x18 (24) > [51] : 0x00 (0) > [52] : 0xfd (253) > [53] : 0x01 (1) > [54] : 0x02 (2) > [55] : 0x00 (0) > [56] : 0x01 (1) > [57] : 0x02 (2) > [58] : 0x00 (0) > [59] : 0x00 (0) > [60] : 0x00 (0) > [61] : 0x00 (0) > [62] : 0x00 (0) > [63] : 0x05 (5) > [64] : 0x20 (32) > [65] : 0x00 (0) > [66] : 0x00 (0) > [67] : 0x00 (0) > [68] : 0x23 (35) > [69] : 0x02 (2) > [70] : 0x00 (0) > [71] : 0x00 (0) > [72] : 0x00 (0) > [73] : 0x00 (0) > [74] : 0x18 (24) > [75] : 0x00 (0) > [76] : 0xff (255) > [77] : 0x01 (1) > [78] : 0x0f (15) > [79] : 0x00 (0) > [80] : 0x01 (1) > [81] : 0x02 (2) > [82] : 0x00 (0) > [83] : 0x00 (0) > [84] : 0x00 (0) > [85] : 0x00 (0) > [86] : 0x00 (0) > [87] : 0x05 (5) > [88] : 0x20 (32) > [89] : 0x00 (0) > [90] : 0x00 (0) > [91] : 0x00 (0) > [92] : 0x25 (37) > [93] : 0x02 (2) > [94] : 0x00 (0) > [95] : 0x00 (0) > [96] : 0x00 (0) > [97] : 0x00 (0) > [98] : 0x18 (24) > [99] : 0x00 (0) > [100] : 0xff (255) > [101] : 0x01 (1) > [102] : 0x0f (15) > [103] : 0x00 (0) > [104] : 0x01 (1) > [105] : 0x02 (2) > [106] : 0x00 (0) > [107] : 0x00 (0) > [108] : 0x00 (0) > [109] : 0x00 (0) > [110] : 0x00 (0) > [111] : 0x05 (5) > [112] : 0x20 (32) > [113] : 0x00 (0) > [114] : 0x00 (0) > [115] : 0x00 (0) > [116] : 0x20 (32) > [117] : 0x02 (2) > [118] : 0x00 (0) > [119] : 0x00 (0) > size : 0x00000078 (120) >[2013/02/27 08:52:35.616383, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.616435, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security:Security] >[2013/02/27 08:52:35.616462, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.616487, 10, pid=21840] registry/reg_dispatcher.c:150(fetch_reg_values) > fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security' (ops 0x12be520) >[2013/02/27 08:52:35.616512, 10, pid=21840] registry/reg_backend_db.c:1789(regdb_fetch_values_internal) > regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\RemoteRegistry\Security] >[2013/02/27 08:52:35.616548, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[0]: name[Security] len[120] >[2013/02/27 08:52:35.616575, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.616635, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CloseKey: struct winreg_CloseKey > in: struct winreg_CloseKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000008-0000-0000-2d51-43bb50550000 >[2013/02/27 08:52:35.616725, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.616777, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 08 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.616828, 3, pid=21840] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2013/02/27 08:52:35.616853, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (4->3) >[2013/02/27 08:52:35.616878, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CloseKey: struct winreg_CloseKey > out: struct winreg_CloseKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000000-0000-0000-0000-000000000000 > result : WERR_OK >[2013/02/27 08:52:35.616993, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CreateKey: struct winreg_CreateKey > in: struct winreg_CreateKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000001-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x004e (78) > name_size : 0x004e (78) > name : * > name : 'SYSTEM\CurrentControlSet\Services\WINS' > keyclass: struct winreg_String > name_len : 0x0002 (2) > name_size : 0x0002 (2) > name : * > name : '' > options : 0x00000000 (0) > 0: REG_OPTION_VOLATILE > 0: REG_OPTION_CREATE_LINK > 0: REG_OPTION_BACKUP_RESTORE > 0: REG_OPTION_OPEN_LINK > access_mask : 0x02000000 (33554432) > 0: KEY_QUERY_VALUE > 0: KEY_SET_VALUE > 0: KEY_CREATE_SUB_KEY > 0: KEY_ENUMERATE_SUB_KEYS > 0: KEY_NOTIFY > 0: KEY_CREATE_LINK > 0: KEY_WOW64_64KEY > 0: KEY_WOW64_32KEY > secdesc : NULL > action_taken : * > action_taken : REG_ACTION_NONE (0) >[2013/02/27 08:52:35.617384, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.617436, 10, pid=21840] rpc_server/winreg/srv_winreg_nt.c:782(_winreg_CreateKey) > _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\WINS' >[2013/02/27 08:52:35.617463, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.617488, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.617514, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SYSTEM] >[2013/02/27 08:52:35.617539, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (3->4) >[2013/02/27 08:52:35.617565, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] >[2013/02/27 08:52:35.617589, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM] >[2013/02/27 08:52:35.617614, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.617637, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM] >[2013/02/27 08:52:35.617673, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.617703, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentControlSet] >[2013/02/27 08:52:35.617730, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.617757, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.617781, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.617806, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.617830, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.617867, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.617894, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.617923, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Services] >[2013/02/27 08:52:35.617948, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.617974, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.617998, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.618023, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.618047, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.618096, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.618123, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [WINS] >[2013/02/27 08:52:35.618148, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.618175, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] >[2013/02/27 08:52:35.618199, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] >[2013/02/27 08:52:35.618224, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.618248, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] >[2013/02/27 08:52:35.618284, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.618311, 4, pid=21840] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[3] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.618362, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CreateKey: struct winreg_CreateKey > out: struct winreg_CreateKey > new_handle : * > new_handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000009-0000-0000-2d51-43bb50550000 > action_taken : * > action_taken : REG_OPENED_EXISTING_KEY (2) > result : WERR_OK >[2013/02/27 08:52:35.618498, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000009-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x000c (12) > name_size : 0x000c (12) > name : * > name : 'Start' > type : REG_DWORD (4) > data : * > data: ARRAY(4) > [0] : 0x02 (2) > [1] : 0x00 (0) > [2] : 0x00 (0) > [3] : 0x00 (0) > size : 0x00000004 (4) >[2013/02/27 08:52:35.618737, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.618792, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:Start] >[2013/02/27 08:52:35.618819, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.618844, 10, pid=21840] registry/reg_dispatcher.c:150(fetch_reg_values) > fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\WINS' (ops 0x12be520) >[2013/02/27 08:52:35.618869, 10, pid=21840] registry/reg_backend_db.c:1789(regdb_fetch_values_internal) > regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\WINS] >[2013/02/27 08:52:35.618903, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[0]: name[Start] len[4] >[2013/02/27 08:52:35.618930, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[1]: name[Type] len[4] >[2013/02/27 08:52:35.618956, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[2]: name[ErrorControl] len[4] >[2013/02/27 08:52:35.618983, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[3]: name[ObjectName] len[24] >[2013/02/27 08:52:35.619009, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[4]: name[DisplayName] len[74] >[2013/02/27 08:52:35.619036, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[5]: name[ImagePath] len[46] >[2013/02/27 08:52:35.619062, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[6]: name[Description] len[178] >[2013/02/27 08:52:35.619088, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.619151, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000009-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x000a (10) > name_size : 0x000a (10) > name : * > name : 'Type' > type : REG_DWORD (4) > data : * > data: ARRAY(4) > [0] : 0x10 (16) > [1] : 0x00 (0) > [2] : 0x00 (0) > [3] : 0x00 (0) > size : 0x00000004 (4) >[2013/02/27 08:52:35.619386, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.619438, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:Type] >[2013/02/27 08:52:35.619465, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.619490, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.619556, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000009-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x001a (26) > name_size : 0x001a (26) > name : * > name : 'ErrorControl' > type : REG_DWORD (4) > data : * > data: ARRAY(4) > [0] : 0x01 (1) > [1] : 0x00 (0) > [2] : 0x00 (0) > [3] : 0x00 (0) > size : 0x00000004 (4) >[2013/02/27 08:52:35.619796, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.619848, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:ErrorControl] >[2013/02/27 08:52:35.619874, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.619900, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.619964, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000009-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0016 (22) > name_size : 0x0016 (22) > name : * > name : 'ObjectName' > type : REG_SZ (1) > data : * > data: ARRAY(24) > [0] : 0x4c (76) > [1] : 0x00 (0) > [2] : 0x6f (111) > [3] : 0x00 (0) > [4] : 0x63 (99) > [5] : 0x00 (0) > [6] : 0x61 (97) > [7] : 0x00 (0) > [8] : 0x6c (108) > [9] : 0x00 (0) > [10] : 0x53 (83) > [11] : 0x00 (0) > [12] : 0x79 (121) > [13] : 0x00 (0) > [14] : 0x73 (115) > [15] : 0x00 (0) > [16] : 0x74 (116) > [17] : 0x00 (0) > [18] : 0x65 (101) > [19] : 0x00 (0) > [20] : 0x6d (109) > [21] : 0x00 (0) > [22] : 0x00 (0) > [23] : 0x00 (0) > size : 0x00000018 (24) >[2013/02/27 08:52:35.620438, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.620490, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:ObjectName] >[2013/02/27 08:52:35.620516, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.620542, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.620609, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000009-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0018 (24) > name_size : 0x0018 (24) > name : * > name : 'DisplayName' > type : REG_SZ (1) > data : * > data: ARRAY(74) > [0] : 0x57 (87) > [1] : 0x00 (0) > [2] : 0x69 (105) > [3] : 0x00 (0) > [4] : 0x6e (110) > [5] : 0x00 (0) > [6] : 0x64 (100) > [7] : 0x00 (0) > [8] : 0x6f (111) > [9] : 0x00 (0) > [10] : 0x77 (119) > [11] : 0x00 (0) > [12] : 0x73 (115) > [13] : 0x00 (0) > [14] : 0x20 (32) > [15] : 0x00 (0) > [16] : 0x49 (73) > [17] : 0x00 (0) > [18] : 0x6e (110) > [19] : 0x00 (0) > [20] : 0x74 (116) > [21] : 0x00 (0) > [22] : 0x65 (101) > [23] : 0x00 (0) > [24] : 0x72 (114) > [25] : 0x00 (0) > [26] : 0x6e (110) > [27] : 0x00 (0) > [28] : 0x65 (101) > [29] : 0x00 (0) > [30] : 0x74 (116) > [31] : 0x00 (0) > [32] : 0x20 (32) > [33] : 0x00 (0) > [34] : 0x4e (78) > [35] : 0x00 (0) > [36] : 0x61 (97) > [37] : 0x00 (0) > [38] : 0x6d (109) > [39] : 0x00 (0) > [40] : 0x65 (101) > [41] : 0x00 (0) > [42] : 0x20 (32) > [43] : 0x00 (0) > [44] : 0x53 (83) > [45] : 0x00 (0) > [46] : 0x65 (101) > [47] : 0x00 (0) > [48] : 0x72 (114) > [49] : 0x00 (0) > [50] : 0x76 (118) > [51] : 0x00 (0) > [52] : 0x69 (105) > [53] : 0x00 (0) > [54] : 0x63 (99) > [55] : 0x00 (0) > [56] : 0x65 (101) > [57] : 0x00 (0) > [58] : 0x20 (32) > [59] : 0x00 (0) > [60] : 0x28 (40) > [61] : 0x00 (0) > [62] : 0x57 (87) > [63] : 0x00 (0) > [64] : 0x49 (73) > [65] : 0x00 (0) > [66] : 0x4e (78) > [67] : 0x00 (0) > [68] : 0x53 (83) > [69] : 0x00 (0) > [70] : 0x29 (41) > [71] : 0x00 (0) > [72] : 0x00 (0) > [73] : 0x00 (0) > size : 0x0000004a (74) >[2013/02/27 08:52:35.621684, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.621741, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:DisplayName] >[2013/02/27 08:52:35.621767, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.621793, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.621857, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000009-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0014 (20) > name_size : 0x0014 (20) > name : * > name : 'ImagePath' > type : REG_SZ (1) > data : * > data: ARRAY(46) > [0] : 0x2f (47) > [1] : 0x00 (0) > [2] : 0x75 (117) > [3] : 0x00 (0) > [4] : 0x73 (115) > [5] : 0x00 (0) > [6] : 0x72 (114) > [7] : 0x00 (0) > [8] : 0x2f (47) > [9] : 0x00 (0) > [10] : 0x6c (108) > [11] : 0x00 (0) > [12] : 0x69 (105) > [13] : 0x00 (0) > [14] : 0x62 (98) > [15] : 0x00 (0) > [16] : 0x36 (54) > [17] : 0x00 (0) > [18] : 0x34 (52) > [19] : 0x00 (0) > [20] : 0x2f (47) > [21] : 0x00 (0) > [22] : 0x73 (115) > [23] : 0x00 (0) > [24] : 0x76 (118) > [25] : 0x00 (0) > [26] : 0x63 (99) > [27] : 0x00 (0) > [28] : 0x63 (99) > [29] : 0x00 (0) > [30] : 0x74 (116) > [31] : 0x00 (0) > [32] : 0x6c (108) > [33] : 0x00 (0) > [34] : 0x2f (47) > [35] : 0x00 (0) > [36] : 0x6e (110) > [37] : 0x00 (0) > [38] : 0x6d (109) > [39] : 0x00 (0) > [40] : 0x62 (98) > [41] : 0x00 (0) > [42] : 0x64 (100) > [43] : 0x00 (0) > [44] : 0x00 (0) > [45] : 0x00 (0) > size : 0x0000002e (46) >[2013/02/27 08:52:35.622586, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.622638, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:ImagePath] >[2013/02/27 08:52:35.622664, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.622690, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.622769, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000009-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0018 (24) > name_size : 0x0018 (24) > name : * > name : 'Description' > type : REG_SZ (1) > data : * > data: ARRAY(178) > [0] : 0x49 (73) > [1] : 0x00 (0) > [2] : 0x6e (110) > [3] : 0x00 (0) > [4] : 0x74 (116) > [5] : 0x00 (0) > [6] : 0x65 (101) > [7] : 0x00 (0) > [8] : 0x72 (114) > [9] : 0x00 (0) > [10] : 0x6e (110) > [11] : 0x00 (0) > [12] : 0x61 (97) > [13] : 0x00 (0) > [14] : 0x6c (108) > [15] : 0x00 (0) > [16] : 0x20 (32) > [17] : 0x00 (0) > [18] : 0x73 (115) > [19] : 0x00 (0) > [20] : 0x65 (101) > [21] : 0x00 (0) > [22] : 0x72 (114) > [23] : 0x00 (0) > [24] : 0x76 (118) > [25] : 0x00 (0) > [26] : 0x69 (105) > [27] : 0x00 (0) > [28] : 0x63 (99) > [29] : 0x00 (0) > [30] : 0x65 (101) > [31] : 0x00 (0) > [32] : 0x20 (32) > [33] : 0x00 (0) > [34] : 0x70 (112) > [35] : 0x00 (0) > [36] : 0x72 (114) > [37] : 0x00 (0) > [38] : 0x6f (111) > [39] : 0x00 (0) > [40] : 0x76 (118) > [41] : 0x00 (0) > [42] : 0x69 (105) > [43] : 0x00 (0) > [44] : 0x64 (100) > [45] : 0x00 (0) > [46] : 0x69 (105) > [47] : 0x00 (0) > [48] : 0x6e (110) > [49] : 0x00 (0) > [50] : 0x67 (103) > [51] : 0x00 (0) > [52] : 0x20 (32) > [53] : 0x00 (0) > [54] : 0x61 (97) > [55] : 0x00 (0) > [56] : 0x20 (32) > [57] : 0x00 (0) > [58] : 0x4e (78) > [59] : 0x00 (0) > [60] : 0x65 (101) > [61] : 0x00 (0) > [62] : 0x74 (116) > [63] : 0x00 (0) > [64] : 0x42 (66) > [65] : 0x00 (0) > [66] : 0x49 (73) > [67] : 0x00 (0) > [68] : 0x4f (79) > [69] : 0x00 (0) > [70] : 0x53 (83) > [71] : 0x00 (0) > [72] : 0x20 (32) > [73] : 0x00 (0) > [74] : 0x70 (112) > [75] : 0x00 (0) > [76] : 0x6f (111) > [77] : 0x00 (0) > [78] : 0x69 (105) > [79] : 0x00 (0) > [80] : 0x6e (110) > [81] : 0x00 (0) > [82] : 0x74 (116) > [83] : 0x00 (0) > [84] : 0x2d (45) > [85] : 0x00 (0) > [86] : 0x74 (116) > [87] : 0x00 (0) > [88] : 0x6f (111) > [89] : 0x00 (0) > [90] : 0x2d (45) > [91] : 0x00 (0) > [92] : 0x70 (112) > [93] : 0x00 (0) > [94] : 0x6f (111) > [95] : 0x00 (0) > [96] : 0x69 (105) > [97] : 0x00 (0) > [98] : 0x6e (110) > [99] : 0x00 (0) > [100] : 0x74 (116) > [101] : 0x00 (0) > [102] : 0x20 (32) > [103] : 0x00 (0) > [104] : 0x6e (110) > [105] : 0x00 (0) > [106] : 0x61 (97) > [107] : 0x00 (0) > [108] : 0x6d (109) > [109] : 0x00 (0) > [110] : 0x65 (101) > [111] : 0x00 (0) > [112] : 0x20 (32) > [113] : 0x00 (0) > [114] : 0x73 (115) > [115] : 0x00 (0) > [116] : 0x65 (101) > [117] : 0x00 (0) > [118] : 0x72 (114) > [119] : 0x00 (0) > [120] : 0x76 (118) > [121] : 0x00 (0) > [122] : 0x65 (101) > [123] : 0x00 (0) > [124] : 0x72 (114) > [125] : 0x00 (0) > [126] : 0x28 (40) > [127] : 0x00 (0) > [128] : 0x6e (110) > [129] : 0x00 (0) > [130] : 0x6f (111) > [131] : 0x00 (0) > [132] : 0x74 (116) > [133] : 0x00 (0) > [134] : 0x20 (32) > [135] : 0x00 (0) > [136] : 0x72 (114) > [137] : 0x00 (0) > [138] : 0x65 (101) > [139] : 0x00 (0) > [140] : 0x6d (109) > [141] : 0x00 (0) > [142] : 0x6f (111) > [143] : 0x00 (0) > [144] : 0x74 (116) > [145] : 0x00 (0) > [146] : 0x65 (101) > [147] : 0x00 (0) > [148] : 0x6c (108) > [149] : 0x00 (0) > [150] : 0x79 (121) > [151] : 0x00 (0) > [152] : 0x20 (32) > [153] : 0x00 (0) > [154] : 0x6d (109) > [155] : 0x00 (0) > [156] : 0x61 (97) > [157] : 0x00 (0) > [158] : 0x6e (110) > [159] : 0x00 (0) > [160] : 0x61 (97) > [161] : 0x00 (0) > [162] : 0x67 (103) > [163] : 0x00 (0) > [164] : 0x65 (101) > [165] : 0x00 (0) > [166] : 0x61 (97) > [167] : 0x00 (0) > [168] : 0x62 (98) > [169] : 0x00 (0) > [170] : 0x6c (108) > [171] : 0x00 (0) > [172] : 0x65 (101) > [173] : 0x00 (0) > [174] : 0x29 (41) > [175] : 0x00 (0) > [176] : 0x00 (0) > [177] : 0x00 (0) > size : 0x000000b2 (178) >[2013/02/27 08:52:35.625059, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.625111, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS:Description] >[2013/02/27 08:52:35.625137, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.625163, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.625224, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CloseKey: struct winreg_CloseKey > in: struct winreg_CloseKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000009-0000-0000-2d51-43bb50550000 >[2013/02/27 08:52:35.625311, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.625363, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 09 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.625417, 3, pid=21840] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2013/02/27 08:52:35.625443, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (4->3) >[2013/02/27 08:52:35.625468, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CloseKey: struct winreg_CloseKey > out: struct winreg_CloseKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000000-0000-0000-0000-000000000000 > result : WERR_OK >[2013/02/27 08:52:35.625583, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CreateKey: struct winreg_CreateKey > in: struct winreg_CreateKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000001-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0060 (96) > name_size : 0x0060 (96) > name : * > name : 'SYSTEM\CurrentControlSet\Services\WINS\Security' > keyclass: struct winreg_String > name_len : 0x0002 (2) > name_size : 0x0002 (2) > name : * > name : '' > options : 0x00000000 (0) > 0: REG_OPTION_VOLATILE > 0: REG_OPTION_CREATE_LINK > 0: REG_OPTION_BACKUP_RESTORE > 0: REG_OPTION_OPEN_LINK > access_mask : 0x02000000 (33554432) > 0: KEY_QUERY_VALUE > 0: KEY_SET_VALUE > 0: KEY_CREATE_SUB_KEY > 0: KEY_ENUMERATE_SUB_KEYS > 0: KEY_NOTIFY > 0: KEY_CREATE_LINK > 0: KEY_WOW64_64KEY > 0: KEY_WOW64_32KEY > secdesc : NULL > action_taken : * > action_taken : REG_OPENED_EXISTING_KEY (2) >[2013/02/27 08:52:35.625978, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[1] [0000] 00 00 00 00 01 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.626031, 10, pid=21840] rpc_server/winreg/srv_winreg_nt.c:782(_winreg_CreateKey) > _winreg_CreateKey called with parent key 'HKLM' and subkey name 'SYSTEM\CurrentControlSet\Services\WINS\Security' >[2013/02/27 08:52:35.626058, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.626083, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.626109, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SYSTEM] >[2013/02/27 08:52:35.626134, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (3->4) >[2013/02/27 08:52:35.626160, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] >[2013/02/27 08:52:35.626184, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM] >[2013/02/27 08:52:35.626209, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.626233, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM] >[2013/02/27 08:52:35.626271, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.626298, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentControlSet] >[2013/02/27 08:52:35.626323, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.626349, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.626373, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.626398, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.626422, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.626459, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.626486, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.626510, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Services] >[2013/02/27 08:52:35.626535, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.626561, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.626585, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.626610, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.626633, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.626680, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.626712, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 2 >[2013/02/27 08:52:35.626738, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [WINS] >[2013/02/27 08:52:35.626762, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.626789, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] >[2013/02/27 08:52:35.626813, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] >[2013/02/27 08:52:35.626838, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.626861, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet\Services\WINS] >[2013/02/27 08:52:35.626899, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.626926, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Security] >[2013/02/27 08:52:35.626951, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.626978, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security] >[2013/02/27 08:52:35.627002, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security] >[2013/02/27 08:52:35.627031, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.627055, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security] >[2013/02/27 08:52:35.627088, 10, pid=21840] registry/reg_backend_db.c:1656(regdb_fetch_keys_internal) > regdb_fetch_keys: no subkeys found for key [HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security] >[2013/02/27 08:52:35.627114, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.627140, 4, pid=21840] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[3] [0000] 00 00 00 00 0A 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.627192, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CreateKey: struct winreg_CreateKey > out: struct winreg_CreateKey > new_handle : * > new_handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 0000000a-0000-0000-2d51-43bb50550000 > action_taken : * > action_taken : REG_OPENED_EXISTING_KEY (2) > result : WERR_OK >[2013/02/27 08:52:35.627332, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > in: struct winreg_SetValue > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 0000000a-0000-0000-2d51-43bb50550000 > name: struct winreg_String > name_len : 0x0012 (18) > name_size : 0x0012 (18) > name : * > name : 'Security' > type : REG_BINARY (3) > data : * > data: ARRAY(120) > [0] : 0x01 (1) > [1] : 0x00 (0) > [2] : 0x04 (4) > [3] : 0x80 (128) > [4] : 0x00 (0) > [5] : 0x00 (0) > [6] : 0x00 (0) > [7] : 0x00 (0) > [8] : 0x00 (0) > [9] : 0x00 (0) > [10] : 0x00 (0) > [11] : 0x00 (0) > [12] : 0x00 (0) > [13] : 0x00 (0) > [14] : 0x00 (0) > [15] : 0x00 (0) > [16] : 0x14 (20) > [17] : 0x00 (0) > [18] : 0x00 (0) > [19] : 0x00 (0) > [20] : 0x02 (2) > [21] : 0x00 (0) > [22] : 0x64 (100) > [23] : 0x00 (0) > [24] : 0x04 (4) > [25] : 0x00 (0) > [26] : 0x00 (0) > [27] : 0x00 (0) > [28] : 0x00 (0) > [29] : 0x00 (0) > [30] : 0x14 (20) > [31] : 0x00 (0) > [32] : 0x8d (141) > [33] : 0x01 (1) > [34] : 0x02 (2) > [35] : 0x00 (0) > [36] : 0x01 (1) > [37] : 0x01 (1) > [38] : 0x00 (0) > [39] : 0x00 (0) > [40] : 0x00 (0) > [41] : 0x00 (0) > [42] : 0x00 (0) > [43] : 0x01 (1) > [44] : 0x00 (0) > [45] : 0x00 (0) > [46] : 0x00 (0) > [47] : 0x00 (0) > [48] : 0x00 (0) > [49] : 0x00 (0) > [50] : 0x18 (24) > [51] : 0x00 (0) > [52] : 0xfd (253) > [53] : 0x01 (1) > [54] : 0x02 (2) > [55] : 0x00 (0) > [56] : 0x01 (1) > [57] : 0x02 (2) > [58] : 0x00 (0) > [59] : 0x00 (0) > [60] : 0x00 (0) > [61] : 0x00 (0) > [62] : 0x00 (0) > [63] : 0x05 (5) > [64] : 0x20 (32) > [65] : 0x00 (0) > [66] : 0x00 (0) > [67] : 0x00 (0) > [68] : 0x23 (35) > [69] : 0x02 (2) > [70] : 0x00 (0) > [71] : 0x00 (0) > [72] : 0x00 (0) > [73] : 0x00 (0) > [74] : 0x18 (24) > [75] : 0x00 (0) > [76] : 0xff (255) > [77] : 0x01 (1) > [78] : 0x0f (15) > [79] : 0x00 (0) > [80] : 0x01 (1) > [81] : 0x02 (2) > [82] : 0x00 (0) > [83] : 0x00 (0) > [84] : 0x00 (0) > [85] : 0x00 (0) > [86] : 0x00 (0) > [87] : 0x05 (5) > [88] : 0x20 (32) > [89] : 0x00 (0) > [90] : 0x00 (0) > [91] : 0x00 (0) > [92] : 0x25 (37) > [93] : 0x02 (2) > [94] : 0x00 (0) > [95] : 0x00 (0) > [96] : 0x00 (0) > [97] : 0x00 (0) > [98] : 0x18 (24) > [99] : 0x00 (0) > [100] : 0xff (255) > [101] : 0x01 (1) > [102] : 0x0f (15) > [103] : 0x00 (0) > [104] : 0x01 (1) > [105] : 0x02 (2) > [106] : 0x00 (0) > [107] : 0x00 (0) > [108] : 0x00 (0) > [109] : 0x00 (0) > [110] : 0x00 (0) > [111] : 0x05 (5) > [112] : 0x20 (32) > [113] : 0x00 (0) > [114] : 0x00 (0) > [115] : 0x00 (0) > [116] : 0x20 (32) > [117] : 0x02 (2) > [118] : 0x00 (0) > [119] : 0x00 (0) > size : 0x00000078 (120) >[2013/02/27 08:52:35.628942, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 0A 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.628994, 8, pid=21840] rpc_server/winreg/srv_winreg_nt.c:812(_winreg_SetValue) > _winreg_SetValue: Setting value for [HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security:Security] >[2013/02/27 08:52:35.629020, 5, pid=21840] ../lib/util/tdb_wrap.c:65(tdb_wrap_log) > tdb(/var/lib/samba/registry.tdb): tdb_transaction_start: nesting 1 >[2013/02/27 08:52:35.629045, 10, pid=21840] registry/reg_dispatcher.c:150(fetch_reg_values) > fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security' (ops 0x12be520) >[2013/02/27 08:52:35.629070, 10, pid=21840] registry/reg_backend_db.c:1789(regdb_fetch_values_internal) > regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\WINS\Security] >[2013/02/27 08:52:35.629105, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[0]: name[Security] len[120] >[2013/02/27 08:52:35.629132, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_SetValue: struct winreg_SetValue > out: struct winreg_SetValue > result : WERR_OK >[2013/02/27 08:52:35.629192, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CloseKey: struct winreg_CloseKey > in: struct winreg_CloseKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 0000000a-0000-0000-2d51-43bb50550000 >[2013/02/27 08:52:35.629278, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 0A 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.629330, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 0A 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.629381, 3, pid=21840] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2013/02/27 08:52:35.629406, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (4->3) >[2013/02/27 08:52:35.629431, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CloseKey: struct winreg_CloseKey > out: struct winreg_CloseKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000000-0000-0000-0000-000000000000 > result : WERR_OK >[2013/02/27 08:52:35.629542, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CloseKey: struct winreg_CloseKey > in: struct winreg_CloseKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000002-0000-0000-2d51-43bb50550000 >[2013/02/27 08:52:35.629628, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.629680, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 02 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.629736, 3, pid=21840] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2013/02/27 08:52:35.629762, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (3->2) >[2013/02/27 08:52:35.629787, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CloseKey: struct winreg_CloseKey > out: struct winreg_CloseKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000000-0000-0000-0000-000000000000 > result : WERR_OK >[2013/02/27 08:52:35.629893, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (2->1) >[2013/02/27 08:52:35.629934, 3, pid=21840] rpc_server/eventlog/srv_eventlog_reg.c:59(eventlog_init_winreg) > Initialise the eventlog registry keys if needed. >[2013/02/27 08:52:35.629963, 4, pid=21840] rpc_server/rpc_ncacn_np.c:132(make_internal_rpc_pipe_p) > Create pipe requested \winreg >[2013/02/27 08:52:35.629991, 10, pid=21840] rpc_server/rpc_handles.c:133(init_pipe_handles) > init_pipe_handle_list: pipe_handles ref count = 2 for pipe \winreg >[2013/02/27 08:52:35.630019, 4, pid=21840] rpc_server/rpc_ncacn_np.c:176(make_internal_rpc_pipe_p) > Created internal pipe \winreg (pipes_open=0) >[2013/02/27 08:52:35.630051, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_OpenHKLM: struct winreg_OpenHKLM > in: struct winreg_OpenHKLM > system_name : NULL > access_mask : 0x02000000 (33554432) > 0: KEY_QUERY_VALUE > 0: KEY_SET_VALUE > 0: KEY_CREATE_SUB_KEY > 0: KEY_ENUMERATE_SUB_KEYS > 0: KEY_NOTIFY > 0: KEY_CREATE_LINK > 0: KEY_WOW64_64KEY > 0: KEY_WOW64_32KEY >[2013/02/27 08:52:35.630200, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2013/02/27 08:52:35.630225, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (1->2) >[2013/02/27 08:52:35.630251, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM] >[2013/02/27 08:52:35.630275, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM] >[2013/02/27 08:52:35.630299, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.630322, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM] >[2013/02/27 08:52:35.630361, 4, pid=21840] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[2] [0000] 00 00 00 00 0B 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.630418, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_OpenHKLM: struct winreg_OpenHKLM > out: struct winreg_OpenHKLM > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 0000000b-0000-0000-2d51-43bb50550000 > result : WERR_OK >[2013/02/27 08:52:35.630529, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_OpenKey: struct winreg_OpenKey > in: struct winreg_OpenKey > parent_handle : * > parent_handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 0000000b-0000-0000-2d51-43bb50550000 > keyname: struct winreg_String > name_len : 0x0056 (86) > name_size : 0x0056 (86) > name : * > name : 'SYSTEM\CurrentControlSet\Services\Eventlog' > options : 0x00000000 (0) > 0: REG_OPTION_VOLATILE > 0: REG_OPTION_CREATE_LINK > 0: REG_OPTION_BACKUP_RESTORE > 0: REG_OPTION_OPEN_LINK > access_mask : 0x02000000 (33554432) > 0: KEY_QUERY_VALUE > 0: KEY_SET_VALUE > 0: KEY_CREATE_SUB_KEY > 0: KEY_ENUMERATE_SUB_KEYS > 0: KEY_NOTIFY > 0: KEY_CREATE_LINK > 0: KEY_WOW64_64KEY > 0: KEY_WOW64_32KEY >[2013/02/27 08:52:35.630840, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 0B 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.630894, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SYSTEM] >[2013/02/27 08:52:35.630919, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (2->3) >[2013/02/27 08:52:35.630946, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM] >[2013/02/27 08:52:35.630970, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM] >[2013/02/27 08:52:35.630994, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.631018, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM] >[2013/02/27 08:52:35.631055, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [CurrentControlSet] >[2013/02/27 08:52:35.631082, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (3->4) >[2013/02/27 08:52:35.631108, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.631132, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.631157, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.631181, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet] >[2013/02/27 08:52:35.631221, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Services] >[2013/02/27 08:52:35.631251, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.631278, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.631302, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.631327, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.631350, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet\Services] >[2013/02/27 08:52:35.631400, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Eventlog] >[2013/02/27 08:52:35.631427, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (5->6) >[2013/02/27 08:52:35.631454, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] >[2013/02/27 08:52:35.631478, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] >[2013/02/27 08:52:35.631503, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.631527, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] >[2013/02/27 08:52:35.631567, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (6->5) >[2013/02/27 08:52:35.631594, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.631619, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (4->3) >[2013/02/27 08:52:35.631644, 4, pid=21840] rpc_server/rpc_handles.c:197(create_rpc_handle_internal) > Opened policy hnd[3] [0000] 00 00 00 00 0C 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.631696, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_OpenKey: struct winreg_OpenKey > out: struct winreg_OpenKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 0000000c-0000-0000-2d51-43bb50550000 > result : WERR_OK >[2013/02/27 08:52:35.631814, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_QueryInfoKey: struct winreg_QueryInfoKey > in: struct winreg_QueryInfoKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 0000000c-0000-0000-2d51-43bb50550000 > classname : * > classname: struct winreg_String > name_len : 0x0000 (0) > name_size : 0x0000 (0) > name : NULL >[2013/02/27 08:52:35.631959, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 0C 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.632012, 10, pid=21840] registry/reg_dispatcher.c:150(fetch_reg_values) > fetch_reg_values called for key 'HKLM\SYSTEM\CurrentControlSet\Services\Eventlog' (ops 0x12be520) >[2013/02/27 08:52:35.632037, 10, pid=21840] registry/reg_backend_db.c:1789(regdb_fetch_values_internal) > regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] >[2013/02/27 08:52:35.632078, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[0]: name[DisplayName] len[20] >[2013/02/27 08:52:35.632106, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[1]: name[ErrorControl] len[4] >[2013/02/27 08:52:35.632132, 10, pid=21840] registry/reg_backend_db.c:1926(regdb_get_secdesc) > regdb_get_secdesc: Getting secdesc of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] >[2013/02/27 08:52:35.632169, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_QueryInfoKey: struct winreg_QueryInfoKey > out: struct winreg_QueryInfoKey > classname : * > classname: struct winreg_String > name_len : 0x0000 (0) > name_size : 0x0000 (0) > name : NULL > num_subkeys : * > num_subkeys : 0x00000000 (0) > max_subkeylen : * > max_subkeylen : 0x00000000 (0) > max_classlen : * > max_classlen : 0x00000000 (0) > num_values : * > num_values : 0x00000002 (2) > max_valnamelen : * > max_valnamelen : 0x0000001a (26) > max_valbufsize : * > max_valbufsize : 0x00000014 (20) > secdescsize : * > secdescsize : 0x00000078 (120) > last_changed_time : * > last_changed_time : NTTIME(0) > result : WERR_OK >[2013/02/27 08:52:35.632469, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CloseKey: struct winreg_CloseKey > in: struct winreg_CloseKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 0000000c-0000-0000-2d51-43bb50550000 >[2013/02/27 08:52:35.632555, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 0C 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.632608, 4, pid=21840] rpc_server/rpc_handles.c:232(find_policy_by_hnd_internal) > Found policy hnd[0] [0000] 00 00 00 00 0C 00 00 00 00 00 00 00 2D 51 43 BB ........ ....-QC. > [0010] 50 55 00 00 PU.. >[2013/02/27 08:52:35.632659, 3, pid=21840] rpc_server/rpc_handles.c:281(close_policy_hnd) > Closed policy >[2013/02/27 08:52:35.632684, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (3->2) >[2013/02/27 08:52:35.632715, 1, pid=21840] ../librpc/ndr/ndr.c:284(ndr_print_function_debug) > winreg_CloseKey: struct winreg_CloseKey > out: struct winreg_CloseKey > handle : * > handle: struct policy_handle > handle_type : 0x00000000 (0) > uuid : 00000000-0000-0000-0000-000000000000 > result : WERR_OK >[2013/02/27 08:52:35.632879, 3, pid=21840] printing/pcap.c:138(pcap_cache_reload) > reloading printcap cache >[2013/02/27 08:52:35.632919, 10, pid=21840] lib/dbwrap_tdb.c:102(db_tdb_fetch_locked) > Locking key 5052494E5445524C4953 >[2013/02/27 08:52:35.632956, 10, pid=21840] lib/dbwrap_tdb.c:131(db_tdb_fetch_locked) > Allocated locked data 0x0x2b70090 >[2013/02/27 08:52:35.633048, 10, pid=21840] lib/dbwrap_tdb.c:44(db_tdb_record_destr) > Unlocking key 5052494E5445524C4953 >[2013/02/27 08:52:35.633087, 5, pid=21840] printing/print_cups.c:449(cups_pcap_load_async) > cups_pcap_load_async: asynchronously loading cups printers >[2013/02/27 08:52:35.633403, 10, pid=21840] printing/print_cups.c:466(cups_pcap_load_async) > cups_pcap_load_async: child pid = 21841 >[2013/02/27 08:52:35.633461, 10, pid=21840] printing/print_cups.c:586(cups_cache_reload) > cups_cache_reload: async read on fd 26 >[2013/02/27 08:52:35.633500, 3, pid=21840] printing/pcap.c:189(pcap_cache_reload) > reload status: ok >[2013/02/27 08:52:35.633528, 3, pid=21840] printing/printing.c:1695(start_background_queue) > start_background_queue: Starting background LPQ thread >[2013/02/27 08:52:35.633669, 5, pid=21841] printing/print_cups.c:318(cups_cache_reload_async) > reloading cups printcap cache >[2013/02/27 08:52:35.633833, 5, pid=21842] printing/printing.c:1718(start_background_queue) > start_background_queue: background LPQ thread started >[2013/02/27 08:52:35.633996, 10, pid=21840] lib/util_sock.c:680(open_socket_in) > bind succeeded on port 445 >[2013/02/27 08:52:35.634044, 5, pid=21840] lib/util_sock.c:165(print_socket_options) > Socket options: > SO_KEEPALIVE = 1 > SO_REUSEADDR = 1 > SO_BROADCAST = 0 >[2013/02/27 08:52:35.634085, 10, pid=21841] printing/print_cups.c:130(cups_connect) > TCP_NODELAY = 0 >[2013/02/27 08:52:35.634095, 10, pid=21842] lib/dbwrap_tdb.c:102(db_tdb_fetch_locked) > TCP_KEEPCNT = 9 > connecting to cups server /var/run/cups/cups.sock:631 > TCP_KEEPIDLE = 7200 > Locking key 52550000FFFFFFFF > TCP_KEEPINTVL = 75 > IPTOS_LOWDELAY = 0 > IPTOS_THROUGHPUT = 0 >[2013/02/27 08:52:35.634176, 10, pid=21842] lib/dbwrap_tdb.c:131(db_tdb_fetch_locked) > SO_SNDBUF = 16384 > Allocated locked data 0x0x2b6f800 > SO_RCVBUF = 87380 > SO_SNDLOWAT = 1 > SO_RCVLOWAT = 1 > SO_SNDTIMEO = 0 > SO_RCVTIMEO = 0 > TCP_QUICKACK = 1 >[2013/02/27 08:52:35.634274, 5, pid=21840] lib/util_sock.c:165(print_socket_options) > Socket options: > SO_KEEPALIVE = 1 > SO_REUSEADDR = 1 >[2013/02/27 08:52:35.634307, 10, pid=21842] lib/dbwrap_tdb.c:44(db_tdb_record_destr) > SO_BROADCAST = 0 > TCP_NODELAY = 1 > Unlocking key 52550000FFFFFFFF > TCP_KEEPCNT = 9 > TCP_KEEPIDLE = 7200 > TCP_KEEPINTVL = 75 > IPTOS_LOWDELAY = 0 >[2013/02/27 08:52:35.634373, 10, pid=21842] smbd/process.c:920(event_add_idle) > IPTOS_THROUGHPUT = 0 > event_add_idle: idle_evt(printer_housekeeping) 0x2b72ac0 > SO_SNDBUF = 16384 > SO_RCVBUF = 87380 >[2013/02/27 08:52:35.634417, 5, pid=21842] printing/printing.c:1763(start_background_queue) > SO_SNDLOWAT = 1 > start_background_queue: background LPQ thread waiting for messages > SO_RCVLOWAT = 1 > SO_SNDTIMEO = 0 > SO_RCVTIMEO = 0 > TCP_QUICKACK = 1 >[2013/02/27 08:52:35.634530, 10, pid=21840] lib/util_sock.c:680(open_socket_in) > bind succeeded on port 139 >[2013/02/27 08:52:35.634560, 5, pid=21840] lib/util_sock.c:165(print_socket_options) > Socket options: > SO_KEEPALIVE = 1 > SO_REUSEADDR = 1 > SO_BROADCAST = 0 > TCP_NODELAY = 0 > TCP_KEEPCNT = 9 > TCP_KEEPIDLE = 7200 > TCP_KEEPINTVL = 75 > IPTOS_LOWDELAY = 0 > IPTOS_THROUGHPUT = 0 > SO_SNDBUF = 16384 > SO_RCVBUF = 87380 > SO_SNDLOWAT = 1 > SO_RCVLOWAT = 1 > SO_SNDTIMEO = 0 > SO_RCVTIMEO = 0 > TCP_QUICKACK = 1 >[2013/02/27 08:52:35.634762, 5, pid=21840] lib/util_sock.c:165(print_socket_options) > Socket options: > SO_KEEPALIVE = 1 > SO_REUSEADDR = 1 > SO_BROADCAST = 0 > TCP_NODELAY = 1 > TCP_KEEPCNT = 9 > TCP_KEEPIDLE = 7200 > TCP_KEEPINTVL = 75 > IPTOS_LOWDELAY = 0 > IPTOS_THROUGHPUT = 0 > SO_SNDBUF = 16384 > SO_RCVBUF = 87380 > SO_SNDLOWAT = 1 > SO_RCVLOWAT = 1 > SO_SNDTIMEO = 0 > SO_RCVTIMEO = 0 > TCP_QUICKACK = 1 >[2013/02/27 08:52:35.634982, 10, pid=21840] lib/util_sock.c:680(open_socket_in) > bind succeeded on port 445 >[2013/02/27 08:52:35.635011, 5, pid=21840] lib/util_sock.c:165(print_socket_options) > Socket options: > SO_KEEPALIVE = 1 > SO_REUSEADDR = 1 > SO_BROADCAST = 0 > TCP_NODELAY = 0 > TCP_KEEPCNT = 9 > TCP_KEEPIDLE = 7200 > TCP_KEEPINTVL = 75 > IPTOS_LOWDELAY = 0 > IPTOS_THROUGHPUT = 0 > SO_SNDBUF = 16384 > SO_RCVBUF = 87380 > SO_SNDLOWAT = 1 > SO_RCVLOWAT = 1 > SO_SNDTIMEO = 0 > SO_RCVTIMEO = 0 > TCP_QUICKACK = 1 >[2013/02/27 08:52:35.635204, 5, pid=21840] lib/util_sock.c:165(print_socket_options) > Socket options: > SO_KEEPALIVE = 1 > SO_REUSEADDR = 1 > SO_BROADCAST = 0 > TCP_NODELAY = 1 > TCP_KEEPCNT = 9 > TCP_KEEPIDLE = 7200 > TCP_KEEPINTVL = 75 > IPTOS_LOWDELAY = 0 > IPTOS_THROUGHPUT = 0 > SO_SNDBUF = 16384 > SO_RCVBUF = 87380 > SO_SNDLOWAT = 1 > SO_RCVLOWAT = 1 > SO_SNDTIMEO = 0 > SO_RCVTIMEO = 0 > TCP_QUICKACK = 1 >[2013/02/27 08:52:35.635419, 10, pid=21840] lib/util_sock.c:680(open_socket_in) > bind succeeded on port 139 >[2013/02/27 08:52:35.635449, 5, pid=21840] lib/util_sock.c:165(print_socket_options) > Socket options: > SO_KEEPALIVE = 1 > SO_REUSEADDR = 1 > SO_BROADCAST = 0 > TCP_NODELAY = 0 > TCP_KEEPCNT = 9 > TCP_KEEPIDLE = 7200 > TCP_KEEPINTVL = 75 > IPTOS_LOWDELAY = 0 > IPTOS_THROUGHPUT = 0 > SO_SNDBUF = 16384 > SO_RCVBUF = 87380 > SO_SNDLOWAT = 1 > SO_RCVLOWAT = 1 > SO_SNDTIMEO = 0 > SO_RCVTIMEO = 0 > TCP_QUICKACK = 1 >[2013/02/27 08:52:35.635637, 5, pid=21840] lib/util_sock.c:165(print_socket_options) > Socket options: > SO_KEEPALIVE = 1 > SO_REUSEADDR = 1 > SO_BROADCAST = 0 > TCP_NODELAY = 1 > TCP_KEEPCNT = 9 > TCP_KEEPIDLE = 7200 > TCP_KEEPINTVL = 75 > IPTOS_LOWDELAY = 0 > IPTOS_THROUGHPUT = 0 > SO_SNDBUF = 16384 > SO_RCVBUF = 87380 > SO_SNDLOWAT = 1 > SO_RCVLOWAT = 1 > SO_SNDTIMEO = 0 > SO_RCVTIMEO = 0 > TCP_QUICKACK = 1 >[2013/02/27 08:52:35.635840, 10, pid=21840] lib/dbwrap_tdb.c:102(db_tdb_fetch_locked) > Locking key 50550000FFFFFFFF >[2013/02/27 08:52:35.635870, 10, pid=21840] lib/dbwrap_tdb.c:131(db_tdb_fetch_locked) > Allocated locked data 0x0x2b72980 >[2013/02/27 08:52:35.635912, 10, pid=21840] lib/dbwrap_tdb.c:44(db_tdb_record_destr) > Unlocking key 50550000FFFFFFFF >[2013/02/27 08:52:35.635943, 5, pid=21840] lib/messages.c:300(messaging_register) > Overriding messaging pointer for type 1 - private_data=(nil) >[2013/02/27 08:52:35.637658, 10, pid=21841] printing/print_cups.c:171(send_pcap_blob) > successfully sent blob of len 141 >[2013/02/27 08:52:35.638068, 10, pid=21840] smbd/avahi_register.c:79(avahi_client_callback) > avahi_client_callback: AVAHI_CLIENT_S_RUNNING >[2013/02/27 08:52:35.638475, 10, pid=21840] smbd/avahi_register.c:61(avahi_entry_group_callback) > avahi_entry_group_callback: AVAHI_ENTRY_GROUP_UNCOMMITED >[2013/02/27 08:52:35.639067, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (2->1) >[2013/02/27 08:52:35.639114, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (1->0) >[2013/02/27 08:52:35.639164, 10, pid=21840] rpc_server/rpc_handles.c:307(close_policy_by_pipe) > close_policy_by_pipe: deleted handle list for pipe \winreg >[2013/02/27 08:52:35.639226, 2, pid=21840] smbd/server.c:815(smbd_parent_loop) > waiting for connections >[2013/02/27 08:52:35.639277, 2, pid=21840] smbd/server.c:301(remove_child_pid) > Could not find child 21841 -- ignoring >[2013/02/27 08:52:35.639315, 10, pid=21840] lib/events.c:221(run_events_poll) > Running timed event "avahi_timeout_handler" 0x2b7b0d0 >[2013/02/27 08:52:35.639371, 10, pid=21840] lib/events.c:221(run_events_poll) > Running timed event "avahi_timeout_handler" 0x2b7c5d0 >[2013/02/27 08:52:35.639420, 10, pid=21840] smbd/avahi_register.c:65(avahi_entry_group_callback) > avahi_entry_group_callback: AVAHI_ENTRY_GROUP_REGISTERING >[2013/02/27 08:52:35.639477, 5, pid=21840] printing/print_cups.c:512(cups_async_callback) > cups_async_callback: callback received for printer data. fd = 26 >[2013/02/27 08:52:35.639518, 10, pid=21840] printing/print_cups.c:196(recv_pcap_blob) > successfully recvd blob of len 141 >[2013/02/27 08:52:35.639578, 10, pid=21840] lib/dbwrap_tdb.c:102(db_tdb_fetch_locked) > Locking key 5052494E5445524C4953 >[2013/02/27 08:52:35.639621, 10, pid=21840] lib/dbwrap_tdb.c:131(db_tdb_fetch_locked) > Allocated locked data 0x0x2b704b0 >[2013/02/27 08:52:35.639660, 10, pid=21840] lib/dbwrap_tdb.c:44(db_tdb_record_destr) > Unlocking key 5052494E5445524C4953 >[2013/02/27 08:52:35.639721, 10, pid=21840] lib/dbwrap_tdb.c:102(db_tdb_fetch_locked) > Locking key 5052494E5445524C4953 >[2013/02/27 08:52:35.639768, 10, pid=21840] lib/dbwrap_tdb.c:131(db_tdb_fetch_locked) > Allocated locked data 0x0x2b7b0d0 >[2013/02/27 08:52:35.639808, 10, pid=21840] lib/dbwrap_tdb.c:44(db_tdb_record_destr) > Unlocking key 5052494E5445524C4953 >[2013/02/27 08:52:35.639888, 7, pid=21840] param/loadparm.c:9834(lp_servicenumber) > lp_servicenumber: couldn't find printers >[2013/02/27 08:52:35.639942, 10, pid=21840] registry/reg_init_smbconf.c:41(registry_init_smbconf) > registry_init_smbconf called >[2013/02/27 08:52:35.640012, 10, pid=21840] registry/reg_backend_db.c:526(regdb_init) > regdb_init: registry db openend. refcount reset (1) >[2013/02/27 08:52:35.640229, 10, pid=21840] registry/reg_backend_db.c:1789(regdb_fetch_values_internal) > regdb_fetch_values: Looking for values of key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports] >[2013/02/27 08:52:35.640285, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[0]: name[Samba Printer Port] len[2] >[2013/02/27 08:52:35.640324, 10, pid=21840] registry/reg_backend_db.c:1789(regdb_fetch_values_internal) > regdb_fetch_values: Looking for values of key [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printers] >[2013/02/27 08:52:35.640377, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[0]: name[DefaultSpoolDirectory] len[70] >[2013/02/27 08:52:35.640415, 10, pid=21840] registry/reg_backend_db.c:1789(regdb_fetch_values_internal) > regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] >[2013/02/27 08:52:35.640466, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[0]: name[DisplayName] len[20] >[2013/02/27 08:52:35.640505, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[1]: name[ErrorControl] len[4] >[2013/02/27 08:52:35.640542, 10, pid=21840] registry/reg_backend_db.c:1789(regdb_fetch_values_internal) > regdb_fetch_values: Looking for values of key [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog] >[2013/02/27 08:52:35.640593, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[0]: name[DisplayName] len[20] >[2013/02/27 08:52:35.640631, 10, pid=21840] registry/reg_backend_db.c:1734(regdb_unpack_values) > regdb_unpack_values: value[1]: name[ErrorControl] len[4] >[2013/02/27 08:52:35.640677, 10, pid=21840] registry/reg_cachehook.c:94(reghook_cache_add) > reghook_cache_add: Adding ops 0x12be580 for key [\HKLM\SOFTWARE\Samba\smbconf] >[2013/02/27 08:52:35.640738, 8, pid=21840] lib/adt_tree.c:215(pathtree_add) > pathtree_add: Enter >[2013/02/27 08:52:35.640775, 10, pid=21840] lib/adt_tree.c:282(pathtree_add) > pathtree_add: Successfully added node [HKLM\SOFTWARE\Samba\smbconf] to tree >[2013/02/27 08:52:35.640810, 8, pid=21840] lib/adt_tree.c:284(pathtree_add) > pathtree_add: Exit >[2013/02/27 08:52:35.640844, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (1->0) >[2013/02/27 08:52:35.640890, 4, pid=21840] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.640916, 4, pid=21840] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.640941, 4, pid=21840] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:35.640965, 5, pid=21840] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:35.640989, 5, pid=21840] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:35.641050, 4, pid=21840] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:35.641076, 10, pid=21840] registry/reg_backend_db.c:602(regdb_open) > regdb_open: registry db opened. refcount reset (1) >[2013/02/27 08:52:35.641101, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [HKLM] >[2013/02/27 08:52:35.641130, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (1->2) >[2013/02/27 08:52:35.641157, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM] >[2013/02/27 08:52:35.641180, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM] >[2013/02/27 08:52:35.641205, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.641228, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM] >[2013/02/27 08:52:35.641267, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [SOFTWARE] >[2013/02/27 08:52:35.641293, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (2->3) >[2013/02/27 08:52:35.641319, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SOFTWARE] >[2013/02/27 08:52:35.641343, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SOFTWARE] >[2013/02/27 08:52:35.641367, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.641391, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SOFTWARE] >[2013/02/27 08:52:35.641432, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [Samba] >[2013/02/27 08:52:35.641458, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (3->4) >[2013/02/27 08:52:35.641484, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SOFTWARE\Samba] >[2013/02/27 08:52:35.641508, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SOFTWARE\Samba] >[2013/02/27 08:52:35.641532, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.641556, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be520 for key [\HKLM\SOFTWARE\Samba] >[2013/02/27 08:52:35.641594, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [smbconf] >[2013/02/27 08:52:35.641620, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (4->5) >[2013/02/27 08:52:35.641646, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SOFTWARE\Samba\smbconf] >[2013/02/27 08:52:35.641670, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SOFTWARE\Samba\smbconf] >[2013/02/27 08:52:35.641696, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.641725, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be580 for key [\HKLM\SOFTWARE\Samba\smbconf] >[2013/02/27 08:52:35.641761, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (5->4) >[2013/02/27 08:52:35.641788, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (4->3) >[2013/02/27 08:52:35.641814, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (3->2) >[2013/02/27 08:52:35.641839, 5, pid=21840] param/loadparm.c:7280(process_registry_service) > process_registry_service: service name printers >[2013/02/27 08:52:35.641866, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [printers] >[2013/02/27 08:52:35.641891, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (2->3) >[2013/02/27 08:52:35.641917, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SOFTWARE\Samba\smbconf\printers] >[2013/02/27 08:52:35.641945, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SOFTWARE\Samba\smbconf\printers] >[2013/02/27 08:52:35.641970, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.641994, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be580 for key [\HKLM\SOFTWARE\Samba\smbconf\printers] >[2013/02/27 08:52:35.642027, 10, pid=21840] registry/reg_backend_db.c:1623(regdb_fetch_keys_internal) > key [HKLM\SOFTWARE\Samba\smbconf\printers] not found >[2013/02/27 08:52:35.642052, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (3->2) >[2013/02/27 08:52:35.642080, 7, pid=21840] param/loadparm.c:9834(lp_servicenumber) > lp_servicenumber: couldn't find printers >[2013/02/27 08:52:35.642106, 7, pid=21840] param/loadparm.c:9834(lp_servicenumber) > lp_servicenumber: couldn't find printers >[2013/02/27 08:52:35.642132, 7, pid=21840] param/loadparm.c:9834(lp_servicenumber) > lp_servicenumber: couldn't find printers >[2013/02/27 08:52:35.642155, 10, pid=21840] smbd/server_reload.c:53(reload_printers) > reloading printer services from pcap cache >[2013/02/27 08:52:35.642190, 7, pid=21840] param/loadparm.c:9834(lp_servicenumber) > lp_servicenumber: couldn't find printers >[2013/02/27 08:52:35.642215, 5, pid=21840] param/loadparm.c:7280(process_registry_service) > process_registry_service: service name printers >[2013/02/27 08:52:35.642239, 7, pid=21840] registry/reg_api.c:141(regkey_open_onelevel) > regkey_open_onelevel: name = [printers] >[2013/02/27 08:52:35.642264, 10, pid=21840] registry/reg_backend_db.c:583(regdb_open) > regdb_open: incrementing refcount (2->3) >[2013/02/27 08:52:35.642290, 10, pid=21840] registry/reg_cachehook.c:122(reghook_cache_find) > reghook_cache_find: Searching for keyname [\HKLM\SOFTWARE\Samba\smbconf\printers] >[2013/02/27 08:52:35.642314, 10, pid=21840] lib/adt_tree.c:367(pathtree_find) > pathtree_find: Enter [\HKLM\SOFTWARE\Samba\smbconf\printers] >[2013/02/27 08:52:35.642339, 10, pid=21840] lib/adt_tree.c:440(pathtree_find) > pathtree_find: Exit >[2013/02/27 08:52:35.642363, 10, pid=21840] registry/reg_cachehook.c:127(reghook_cache_find) > reghook_cache_find: found ops 0x12be580 for key [\HKLM\SOFTWARE\Samba\smbconf\printers] >[2013/02/27 08:52:35.642394, 10, pid=21840] registry/reg_backend_db.c:1623(regdb_fetch_keys_internal) > key [HKLM\SOFTWARE\Samba\smbconf\printers] not found >[2013/02/27 08:52:35.642420, 10, pid=21840] registry/reg_backend_db.c:619(regdb_close) > regdb_close: decrementing refcount (3->2) >[2013/02/27 08:52:35.642447, 7, pid=21840] param/loadparm.c:9834(lp_servicenumber) > lp_servicenumber: couldn't find printers >[2013/02/27 08:52:35.642473, 7, pid=21840] param/loadparm.c:9834(lp_servicenumber) > lp_servicenumber: couldn't find printers >[2013/02/27 08:52:36.433935, 10, pid=21840] lib/events.c:221(run_events_poll) > Running timed event "avahi_timeout_handler" 0x2b7c5d0 >[2013/02/27 08:52:36.434033, 10, pid=21840] smbd/avahi_register.c:46(avahi_entry_group_callback) > avahi_entry_group_callback: AVAHI_ENTRY_GROUP_ESTABLISHED >[2013/02/27 08:52:41.637892, 10, pid=21845] lib/dbwrap_tdb.c:102(db_tdb_fetch_locked) > Locking key 55550000FFFFFFFF >[2013/02/27 08:52:41.638044, 10, pid=21845] lib/dbwrap_tdb.c:131(db_tdb_fetch_locked) > Allocated locked data 0x0x2b6b2c0 >[2013/02/27 08:52:41.638118, 10, pid=21845] lib/dbwrap_tdb.c:44(db_tdb_record_destr) > Unlocking key 55550000FFFFFFFF >[2013/02/27 08:52:41.638193, 5, pid=21845] lib/util_sock.c:165(print_socket_options) > Socket options: > SO_KEEPALIVE = 1 > SO_REUSEADDR = 1 > SO_BROADCAST = 0 > TCP_NODELAY = 1 > TCP_KEEPCNT = 9 > TCP_KEEPIDLE = 7200 > TCP_KEEPINTVL = 75 > IPTOS_LOWDELAY = 0 > IPTOS_THROUGHPUT = 0 > SO_SNDBUF = 172560 > SO_RCVBUF = 87380 > SO_SNDLOWAT = 1 > SO_RCVLOWAT = 1 > SO_SNDTIMEO = 0 > SO_RCVTIMEO = 0 > TCP_QUICKACK = 1 >[2013/02/27 08:52:41.638507, 5, pid=21845] lib/util_sock.c:165(print_socket_options) > Socket options: > SO_KEEPALIVE = 1 > SO_REUSEADDR = 1 > SO_BROADCAST = 0 > TCP_NODELAY = 1 > TCP_KEEPCNT = 9 > TCP_KEEPIDLE = 7200 > TCP_KEEPINTVL = 75 > IPTOS_LOWDELAY = 0 > IPTOS_THROUGHPUT = 0 > SO_SNDBUF = 172560 > SO_RCVBUF = 87380 > SO_SNDLOWAT = 1 > SO_RCVLOWAT = 1 > SO_SNDTIMEO = 0 > SO_RCVTIMEO = 0 > TCP_QUICKACK = 1 >[2013/02/27 08:52:41.638948, 6, pid=21845] param/loadparm.c:7490(lp_file_list_changed) > lp_file_list_changed() > file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Wed Feb 27 08:52:30 2013 > >[2013/02/27 08:52:41.639040, 3, pid=21845] lib/access.c:338(allow_access) > Allowed connection from ::1 (::1) >[2013/02/27 08:52:41.639076, 10, pid=21845] smbd/process.c:3020(smbd_process) > Connection allowed from ipv6:::1:34467 to ipv6:::1:445 >[2013/02/27 08:52:41.639151, 3, pid=21845] smbd/oplock.c:922(init_oplocks) > init_oplocks: initializing messages. >[2013/02/27 08:52:41.639247, 3, pid=21845] smbd/oplock_linux.c:239(linux_init_kernel_oplocks) > Linux kernel oplocks enabled >[2013/02/27 08:52:41.639289, 5, pid=21845] lib/messages.c:332(messaging_deregister) > Deregistering messaging pointer for type 1 - private_data=(nil) >[2013/02/27 08:52:41.639335, 10, pid=21845] smbd/process.c:920(event_add_idle) > event_add_idle: idle_evt(keepalive) 0x2b5c420 >[2013/02/27 08:52:41.639377, 10, pid=21845] smbd/process.c:920(event_add_idle) > event_add_idle: idle_evt(deadtime) 0x2b6c950 >[2013/02/27 08:52:41.639416, 10, pid=21845] smbd/process.c:920(event_add_idle) > event_add_idle: idle_evt(housekeeping) 0x2b6cce0 >[2013/02/27 08:52:41.639499, 10, pid=21845] lib/util_sock.c:519(read_smb_length_return_keepalive) > got smb length of 190 >[2013/02/27 08:52:41.639553, 6, pid=21845] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0xbe >[2013/02/27 08:52:41.639590, 3, pid=21845] smbd/process.c:1662(process_smb) > Transaction 0 of length 194 (0 toread) >[2013/02/27 08:52:41.639628, 5, pid=21845] lib/util.c:332(show_msg) >[2013/02/27 08:52:41.639649, 5, pid=21845] lib/util.c:342(show_msg) > size=190 > smb_com=0x72 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=8 > smb_flg2=51201 > smb_tid=0 > smb_pid=21844 > smb_uid=0 > smb_mid=1 > smt_wct=0 > smb_bcc=155 >[2013/02/27 08:52:41.639857, 10, pid=21845] ../lib/util/util.c:415(dump_data) > [0000] 02 50 43 20 4E 45 54 57 4F 52 4B 20 50 52 4F 47 .PC NETW ORK PROG > [0010] 52 41 4D 20 31 2E 30 00 02 4D 49 43 52 4F 53 4F RAM 1.0. .MICROSO > [0020] 46 54 20 4E 45 54 57 4F 52 4B 53 20 31 2E 30 33 FT NETWO RKS 1.03 > [0030] 00 02 4D 49 43 52 4F 53 4F 46 54 20 4E 45 54 57 ..MICROS OFT NETW > [0040] 4F 52 4B 53 20 33 2E 30 00 02 4C 41 4E 4D 41 4E ORKS 3.0 ..LANMAN > [0050] 31 2E 30 00 02 4C 4D 31 2E 32 58 30 30 32 00 02 1.0..LM1 .2X002.. > [0060] 44 4F 53 20 4C 41 4E 4D 41 4E 32 2E 31 00 02 4C DOS LANM AN2.1..L > [0070] 41 4E 4D 41 4E 32 2E 31 00 02 53 61 6D 62 61 00 ANMAN2.1 ..Samba. > [0080] 02 4E 54 20 4C 41 4E 4D 41 4E 20 31 2E 30 00 02 .NT LANM AN 1.0.. > [0090] 4E 54 20 4C 4D 20 30 2E 31 32 00 NT LM 0. 12. >[2013/02/27 08:52:41.640177, 3, pid=21845] smbd/process.c:1467(switch_message) > switch message SMBnegprot (pid 21845) conn 0x0 >[2013/02/27 08:52:41.640218, 4, pid=21845] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.640258, 5, pid=21845] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:41.640299, 5, pid=21845] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:41.640363, 5, pid=21845] smbd/uid.c:400(change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) >[2013/02/27 08:52:41.640692, 3, pid=21845] smbd/negprot.c:598(reply_negprot) > Requested protocol [PC NETWORK PROGRAM 1.0] >[2013/02/27 08:52:41.640925, 3, pid=21845] smbd/negprot.c:598(reply_negprot) > Requested protocol [MICROSOFT NETWORKS 1.03] >[2013/02/27 08:52:41.640964, 3, pid=21845] smbd/negprot.c:598(reply_negprot) > Requested protocol [MICROSOFT NETWORKS 3.0] >[2013/02/27 08:52:41.641007, 3, pid=21845] smbd/negprot.c:598(reply_negprot) > Requested protocol [LANMAN1.0] >[2013/02/27 08:52:41.641046, 3, pid=21845] smbd/negprot.c:598(reply_negprot) > Requested protocol [LM1.2X002] >[2013/02/27 08:52:41.641083, 3, pid=21845] smbd/negprot.c:598(reply_negprot) > Requested protocol [DOS LANMAN2.1] >[2013/02/27 08:52:41.641121, 3, pid=21845] smbd/negprot.c:598(reply_negprot) > Requested protocol [LANMAN2.1] >[2013/02/27 08:52:41.641158, 3, pid=21845] smbd/negprot.c:598(reply_negprot) > Requested protocol [Samba] >[2013/02/27 08:52:41.641196, 3, pid=21845] smbd/negprot.c:598(reply_negprot) > Requested protocol [NT LANMAN 1.0] >[2013/02/27 08:52:41.641233, 3, pid=21845] smbd/negprot.c:598(reply_negprot) > Requested protocol [NT LM 0.12] >[2013/02/27 08:52:41.641274, 10, pid=21845] lib/util.c:1624(set_remote_arch) > set_remote_arch: Client arch is 'Samba' >[2013/02/27 08:52:41.641321, 6, pid=21845] param/loadparm.c:7490(lp_file_list_changed) > lp_file_list_changed() > file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Wed Feb 27 08:52:30 2013 > >[2013/02/27 08:52:41.641400, 10, pid=21845] lib/dbwrap_tdb.c:102(db_tdb_fetch_locked) > Locking key 55550000FFFFFFFF >[2013/02/27 08:52:41.641444, 10, pid=21845] lib/dbwrap_tdb.c:131(db_tdb_fetch_locked) > Allocated locked data 0x0x2b7f9d0 >[2013/02/27 08:52:41.641483, 10, pid=21845] lib/dbwrap_tdb.c:44(db_tdb_record_destr) > Unlocking key 55550000FFFFFFFF >[2013/02/27 08:52:41.641537, 6, pid=21845] param/loadparm.c:7490(lp_file_list_changed) > lp_file_list_changed() > file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Wed Feb 27 08:52:30 2013 > >[2013/02/27 08:52:41.641629, 10, pid=21845] smbd/negprot.c:44(get_challenge) > get challenge: creating negprot_global_auth_context >[2013/02/27 08:52:41.641668, 5, pid=21845] auth/auth.c:508(make_auth_context_subsystem) > Making default auth method list for security=share, encrypt passwords = yes >[2013/02/27 08:52:41.641722, 5, pid=21845] auth/auth.c:48(smb_register_auth) > Attempting to register auth backend sam >[2013/02/27 08:52:41.641764, 5, pid=21845] auth/auth.c:60(smb_register_auth) > Successfully added auth method 'sam' >[2013/02/27 08:52:41.641799, 5, pid=21845] auth/auth.c:48(smb_register_auth) > Attempting to register auth backend sam_ignoredomain >[2013/02/27 08:52:41.641839, 5, pid=21845] auth/auth.c:60(smb_register_auth) > Successfully added auth method 'sam_ignoredomain' >[2013/02/27 08:52:41.641879, 5, pid=21845] auth/auth.c:48(smb_register_auth) > Attempting to register auth backend unix >[2013/02/27 08:52:41.641917, 5, pid=21845] auth/auth.c:60(smb_register_auth) > Successfully added auth method 'unix' >[2013/02/27 08:52:41.641952, 5, pid=21845] auth/auth.c:48(smb_register_auth) > Attempting to register auth backend winbind >[2013/02/27 08:52:41.641988, 5, pid=21845] auth/auth.c:60(smb_register_auth) > Successfully added auth method 'winbind' >[2013/02/27 08:52:41.642025, 5, pid=21845] auth/auth.c:48(smb_register_auth) > Attempting to register auth backend wbc >[2013/02/27 08:52:41.642061, 5, pid=21845] auth/auth.c:60(smb_register_auth) > Successfully added auth method 'wbc' >[2013/02/27 08:52:41.642102, 5, pid=21845] auth/auth.c:48(smb_register_auth) > Attempting to register auth backend smbserver >[2013/02/27 08:52:41.642141, 5, pid=21845] auth/auth.c:60(smb_register_auth) > Successfully added auth method 'smbserver' >[2013/02/27 08:52:41.642178, 5, pid=21845] auth/auth.c:48(smb_register_auth) > Attempting to register auth backend trustdomain >[2013/02/27 08:52:41.642215, 5, pid=21845] auth/auth.c:60(smb_register_auth) > Successfully added auth method 'trustdomain' >[2013/02/27 08:52:41.642250, 5, pid=21845] auth/auth.c:48(smb_register_auth) > Attempting to register auth backend ntdomain >[2013/02/27 08:52:41.642287, 5, pid=21845] auth/auth.c:60(smb_register_auth) > Successfully added auth method 'ntdomain' >[2013/02/27 08:52:41.642324, 5, pid=21845] auth/auth.c:48(smb_register_auth) > Attempting to register auth backend guest >[2013/02/27 08:52:41.642363, 5, pid=21845] auth/auth.c:60(smb_register_auth) > Successfully added auth method 'guest' >[2013/02/27 08:52:41.642399, 5, pid=21845] auth/auth.c:48(smb_register_auth) > Attempting to register auth backend fixed_challenge >[2013/02/27 08:52:41.642435, 5, pid=21845] auth/auth.c:60(smb_register_auth) > Successfully added auth method 'fixed_challenge' >[2013/02/27 08:52:41.642471, 5, pid=21845] auth/auth.c:48(smb_register_auth) > Attempting to register auth backend name_to_ntstatus >[2013/02/27 08:52:41.642508, 5, pid=21845] auth/auth.c:60(smb_register_auth) > Successfully added auth method 'name_to_ntstatus' >[2013/02/27 08:52:41.642545, 5, pid=21845] auth/auth.c:48(smb_register_auth) > Attempting to register auth backend netlogond >[2013/02/27 08:52:41.642583, 5, pid=21845] auth/auth.c:60(smb_register_auth) > Successfully added auth method 'netlogond' >[2013/02/27 08:52:41.642618, 5, pid=21845] auth/auth.c:385(load_auth_module) > load_auth_module: Attempting to find an auth method to match guest >[2013/02/27 08:52:41.642656, 5, pid=21845] auth/auth.c:410(load_auth_module) > load_auth_module: auth method guest has a valid init >[2013/02/27 08:52:41.642692, 5, pid=21845] auth/auth.c:385(load_auth_module) > load_auth_module: Attempting to find an auth method to match sam >[2013/02/27 08:52:41.642737, 5, pid=21845] auth/auth.c:410(load_auth_module) > load_auth_module: auth method sam has a valid init >[2013/02/27 08:52:41.642773, 10, pid=21845] smbd/negprot.c:52(get_challenge) > get challenge: getting challenge >[2013/02/27 08:52:41.642843, 5, pid=21845] auth/auth.c:99(get_ntlm_challenge) > auth_get_challenge: module guest did not want to specify a challenge >[2013/02/27 08:52:41.642910, 5, pid=21845] auth/auth.c:99(get_ntlm_challenge) > auth_get_challenge: module sam did not want to specify a challenge >[2013/02/27 08:52:41.642984, 5, pid=21845] auth/auth.c:134(get_ntlm_challenge) > auth_context challenge created by random >[2013/02/27 08:52:41.643057, 5, pid=21845] auth/auth.c:135(get_ntlm_challenge) > challenge is: >[2013/02/27 08:52:41.643126, 5, pid=21845] ../lib/util/util.c:415(dump_data) > [0000] 53 03 19 F5 6A C3 0A F4 S...j... >[2013/02/27 08:52:41.643204, 3, pid=21845] smbd/negprot.c:401(reply_nt1) > not using SPNEGO >[2013/02/27 08:52:41.643258, 3, pid=21845] smbd/negprot.c:704(reply_negprot) > Selected protocol NT LANMAN 1.0 >[2013/02/27 08:52:41.643325, 5, pid=21845] smbd/negprot.c:711(reply_negprot) > negprot index=8 >[2013/02/27 08:52:41.643380, 5, pid=21845] lib/util.c:332(show_msg) >[2013/02/27 08:52:41.643404, 5, pid=21845] lib/util.c:342(show_msg) > size=97 > smb_com=0x72 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=49155 > smb_tid=0 > smb_pid=21844 > smb_uid=0 > smb_mid=1 > smt_wct=17 > smb_vwv[ 0]= 8 (0x8) > smb_vwv[ 1]=12802 (0x3202) > smb_vwv[ 2]= 256 (0x100) > smb_vwv[ 3]= 1024 (0x400) > smb_vwv[ 4]= 65 (0x41) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 256 (0x100) > smb_vwv[ 7]=21760 (0x5500) > smb_vwv[ 8]= 85 (0x55) > smb_vwv[ 9]=64768 (0xFD00) > smb_vwv[10]=33011 (0x80F3) > smb_vwv[11]=46080 (0xB400) > smb_vwv[12]=37585 (0x92D1) > smb_vwv[13]=49003 (0xBF6B) > smb_vwv[14]=52756 (0xCE14) > smb_vwv[15]=50177 (0xC401) > smb_vwv[16]= 2303 (0x8FF) > smb_bcc=28 >[2013/02/27 08:52:41.644340, 10, pid=21845] ../lib/util/util.c:415(dump_data) > [0000] 53 03 19 F5 6A C3 0A F4 44 00 49 00 53 00 43 00 S...j... D.I.S.C. > [0010] 57 00 4F 00 52 00 4C 00 44 00 00 00 W.O.R.L. D... >[2013/02/27 08:52:41.644591, 10, pid=21845] lib/util_sock.c:519(read_smb_length_return_keepalive) > got smb length of 88 >[2013/02/27 08:52:41.644642, 6, pid=21845] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x58 >[2013/02/27 08:52:41.644686, 3, pid=21845] smbd/process.c:1662(process_smb) > Transaction 1 of length 92 (0 toread) >[2013/02/27 08:52:41.644736, 5, pid=21845] lib/util.c:332(show_msg) >[2013/02/27 08:52:41.644758, 5, pid=21845] lib/util.c:342(show_msg) > size=88 > smb_com=0x73 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=8 > smb_flg2=51201 > smb_tid=65535 > smb_pid=21844 > smb_uid=0 > smb_mid=2 > smt_wct=13 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]=65535 (0xFFFF) > smb_vwv[ 3]= 2 (0x2) > smb_vwv[ 4]=21844 (0x5554) > smb_vwv[ 5]=21845 (0x5555) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_vwv[10]= 0 (0x0) > smb_vwv[11]=53340 (0xD05C) > smb_vwv[12]= 0 (0x0) > smb_bcc=27 >[2013/02/27 08:52:41.645202, 10, pid=21845] ../lib/util/util.c:415(dump_data) > [0000] 00 00 00 00 00 55 00 6E 00 69 00 78 00 00 00 53 .....U.n .i.x...S > [0010] 00 61 00 6D 00 62 00 61 00 00 00 .a.m.b.a ... >[2013/02/27 08:52:41.645288, 3, pid=21845] smbd/process.c:1467(switch_message) > switch message SMBsesssetupX (pid 21845) conn 0x0 >[2013/02/27 08:52:41.645328, 4, pid=21845] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.645367, 5, pid=21845] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:41.645407, 5, pid=21845] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:41.645465, 5, pid=21845] smbd/uid.c:400(change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) >[2013/02/27 08:52:41.645507, 3, pid=21845] smbd/sesssetup.c:1345(reply_sesssetup_and_X) > wct=13 flg2=0xc801 >[2013/02/27 08:52:41.645557, 3, pid=21845] smbd/sesssetup.c:1548(reply_sesssetup_and_X) > Domain=[] NativeOS=[Unix] NativeLanMan=[Samba] PrimaryDomain=[null] >[2013/02/27 08:52:41.645596, 3, pid=21845] smbd/sesssetup.c:1564(reply_sesssetup_and_X) > sesssetupX:name=[]\[]@[__1] >[2013/02/27 08:52:41.645644, 6, pid=21845] param/loadparm.c:7490(lp_file_list_changed) > lp_file_list_changed() > file /etc/samba/smb.conf -> /etc/samba/smb.conf last mod_time: Wed Feb 27 08:52:30 2013 > >[2013/02/27 08:52:41.645746, 5, pid=21845] lib/username.c:171(Get_Pwnam_alloc) > Finding user nobody >[2013/02/27 08:52:41.645785, 5, pid=21845] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is nobody >[2013/02/27 08:52:41.645828, 5, pid=21845] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [nobody]! >[2013/02/27 08:52:41.645872, 3, pid=21845] smbd/sesssetup.c:151(check_guest_password) > Got anonymous request >[2013/02/27 08:52:41.645910, 5, pid=21845] auth/auth.c:508(make_auth_context_subsystem) > Making default auth method list for security=share, encrypt passwords = yes >[2013/02/27 08:52:41.645952, 5, pid=21845] auth/auth.c:385(load_auth_module) > load_auth_module: Attempting to find an auth method to match guest >[2013/02/27 08:52:41.645993, 5, pid=21845] auth/auth.c:410(load_auth_module) > load_auth_module: auth method guest has a valid init >[2013/02/27 08:52:41.646030, 5, pid=21845] auth/auth.c:385(load_auth_module) > load_auth_module: Attempting to find an auth method to match sam >[2013/02/27 08:52:41.646069, 5, pid=21845] auth/auth.c:410(load_auth_module) > load_auth_module: auth method sam has a valid init >[2013/02/27 08:52:41.646111, 5, pid=21845] auth/user_info.c:59(make_user_info) > attempting to make a user_info for () >[2013/02/27 08:52:41.646148, 5, pid=21845] auth/user_info.c:70(make_user_info) > making strings for 's user_info struct >[2013/02/27 08:52:41.646188, 5, pid=21845] auth/user_info.c:87(make_user_info) > making blobs for 's user_info struct >[2013/02/27 08:52:41.646261, 10, pid=21845] auth/user_info.c:123(make_user_info) > made a user_info for () >[2013/02/27 08:52:41.646302, 3, pid=21845] auth/auth.c:219(check_ntlm_password) > check_ntlm_password: Checking password for unmapped user []\[]@[] with the new password interface >[2013/02/27 08:52:41.646342, 3, pid=21845] auth/auth.c:222(check_ntlm_password) > check_ntlm_password: mapped user is: []\[]@[] >[2013/02/27 08:52:41.646379, 10, pid=21845] auth/auth.c:231(check_ntlm_password) > check_ntlm_password: auth_context challenge created by fixed >[2013/02/27 08:52:41.646422, 10, pid=21845] auth/auth.c:233(check_ntlm_password) > challenge is: >[2013/02/27 08:52:41.646551, 5, pid=21845] ../lib/util/util.c:415(dump_data) > [0000] 00 00 00 00 00 00 00 00 ........ >[2013/02/27 08:52:41.646638, 10, pid=21845] auth/auth_builtin.c:44(check_guest_security) > Check auth for: [] >[2013/02/27 08:52:41.646754, 3, pid=21845] auth/auth.c:268(check_ntlm_password) > check_ntlm_password: guest authentication for user [] succeeded >[2013/02/27 08:52:41.646802, 5, pid=21845] auth/auth.c:309(check_ntlm_password) > check_ntlm_password: guest authentication for user [] -> [] -> [nobody] succeeded >[2013/02/27 08:52:41.647068, 10, pid=21845] lib/util_sock.c:519(read_smb_length_return_keepalive) > got smb length of 84 >[2013/02/27 08:52:41.647136, 6, pid=21845] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x54 >[2013/02/27 08:52:41.647179, 3, pid=21845] smbd/process.c:1662(process_smb) > Transaction 2 of length 88 (0 toread) >[2013/02/27 08:52:41.647219, 5, pid=21845] lib/util.c:332(show_msg) >[2013/02/27 08:52:41.647241, 5, pid=21845] lib/util.c:342(show_msg) > size=84 > smb_com=0x75 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=8 > smb_flg2=51201 > smb_tid=65535 > smb_pid=21844 > smb_uid=0 > smb_mid=3 > smt_wct=4 > smb_vwv[ 0]= 255 (0xFF) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 8 (0x8) > smb_vwv[ 3]= 1 (0x1) > smb_bcc=41 >[2013/02/27 08:52:41.647526, 10, pid=21845] ../lib/util/util.c:415(dump_data) > [0000] 00 5C 00 5C 00 4C 00 4F 00 43 00 41 00 4C 00 48 .\.\.L.O .C.A.L.H > [0010] 00 4F 00 53 00 54 00 5C 00 47 00 55 00 52 00 55 .O.S.T.\ .G.U.R.U > [0020] 00 00 00 3F 3F 3F 3F 3F 00 ...????? . >[2013/02/27 08:52:41.647645, 3, pid=21845] smbd/process.c:1467(switch_message) > switch message SMBtconX (pid 21845) conn 0x0 >[2013/02/27 08:52:41.647736, 4, pid=21845] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.647782, 5, pid=21845] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:41.647821, 5, pid=21845] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:41.647881, 5, pid=21845] smbd/uid.c:400(change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) >[2013/02/27 08:52:41.647929, 4, pid=21845] smbd/reply.c:794(reply_tcon_and_X) > Client requested device type [?????] for share [GURU] >[2013/02/27 08:52:41.647989, 5, pid=21845] smbd/service.c:1354(make_connection) > making a connection to 'normal' service guru >[2013/02/27 08:52:41.648038, 3, pid=21845] lib/access.c:338(allow_access) > Allowed connection from ::1 (::1) >[2013/02/27 08:52:41.648082, 5, pid=21845] lib/username.c:171(Get_Pwnam_alloc) > Finding user guru >[2013/02/27 08:52:41.648121, 5, pid=21845] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is guru >[2013/02/27 08:52:41.649398, 5, pid=21845] lib/username.c:134(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as uppercase is GURU >[2013/02/27 08:52:41.650470, 5, pid=21845] lib/username.c:143(Get_Pwnam_internals) > Checking combinations of 0 uppercase letters in guru >[2013/02/27 08:52:41.650561, 5, pid=21845] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals didn't find user [guru]! >[2013/02/27 08:52:41.650736, 5, pid=21845] auth/auth.c:508(make_auth_context_subsystem) > Making default auth method list for security=share, encrypt passwords = yes >[2013/02/27 08:52:41.650819, 5, pid=21845] auth/auth.c:385(load_auth_module) > load_auth_module: Attempting to find an auth method to match guest >[2013/02/27 08:52:41.650921, 5, pid=21845] auth/auth.c:410(load_auth_module) > load_auth_module: auth method guest has a valid init >[2013/02/27 08:52:41.650993, 5, pid=21845] auth/auth.c:385(load_auth_module) > load_auth_module: Attempting to find an auth method to match sam >[2013/02/27 08:52:41.651065, 5, pid=21845] auth/auth.c:410(load_auth_module) > load_auth_module: auth method sam has a valid init >[2013/02/27 08:52:41.651141, 5, pid=21845] auth/auth.c:99(get_ntlm_challenge) > auth_get_challenge: module guest did not want to specify a challenge >[2013/02/27 08:52:41.651213, 5, pid=21845] auth/auth.c:99(get_ntlm_challenge) > auth_get_challenge: module sam did not want to specify a challenge >[2013/02/27 08:52:41.651288, 5, pid=21845] auth/auth.c:134(get_ntlm_challenge) > auth_context challenge created by random >[2013/02/27 08:52:41.651360, 5, pid=21845] auth/auth.c:135(get_ntlm_challenge) > challenge is: >[2013/02/27 08:52:41.651430, 5, pid=21845] ../lib/util/util.c:415(dump_data) > [0000] 0C D4 9B 09 4A 44 FE 79 ....JD.y >[2013/02/27 08:52:41.651508, 5, pid=21845] auth/auth_util.c:312(make_user_info_for_reply) > make_user_info_for_reply: User passwords not in encrypted format. >[2013/02/27 08:52:41.651580, 10, pid=21845] auth/auth_util.c:318(make_user_info_for_reply) > Unencrypted password (len 1): >[2013/02/27 08:52:41.651942, 5, pid=21845] auth/auth_util.c:110(make_user_info_map) > Mapping user [DISCWORLD]\[nobody] from workstation [__1] >[2013/02/27 08:52:41.652000, 5, pid=21845] auth/auth_util.c:131(make_user_info_map) > Mapped domain from [DISCWORLD] to [MAGRATHEA] for user [nobody] from workstation [__1] >[2013/02/27 08:52:41.652072, 5, pid=21845] auth/user_info.c:59(make_user_info) > attempting to make a user_info for nobody (nobody) >[2013/02/27 08:52:41.652146, 5, pid=21845] auth/user_info.c:70(make_user_info) > making strings for nobody's user_info struct >[2013/02/27 08:52:41.652218, 5, pid=21845] auth/user_info.c:87(make_user_info) > making blobs for nobody's user_info struct >[2013/02/27 08:52:41.652290, 10, pid=21845] auth/user_info.c:123(make_user_info) > made a user_info for nobody (nobody) >[2013/02/27 08:52:41.652361, 3, pid=21845] auth/auth.c:219(check_ntlm_password) > check_ntlm_password: Checking password for unmapped user [DISCWORLD]\[nobody]@[__1] with the new password interface >[2013/02/27 08:52:41.652432, 3, pid=21845] auth/auth.c:222(check_ntlm_password) > check_ntlm_password: mapped user is: [MAGRATHEA]\[nobody]@[__1] >[2013/02/27 08:52:41.652507, 10, pid=21845] auth/auth.c:231(check_ntlm_password) > check_ntlm_password: auth_context challenge created by random >[2013/02/27 08:52:41.652579, 10, pid=21845] auth/auth.c:233(check_ntlm_password) > challenge is: >[2013/02/27 08:52:41.652650, 5, pid=21845] ../lib/util/util.c:415(dump_data) > [0000] 0C D4 9B 09 4A 44 FE 79 ....JD.y >[2013/02/27 08:52:41.652740, 10, pid=21845] auth/auth_builtin.c:44(check_guest_security) > Check auth for: [nobody] >[2013/02/27 08:52:41.652800, 10, pid=21845] auth/auth.c:259(check_ntlm_password) > check_ntlm_password: guest had nothing to say >[2013/02/27 08:52:41.652872, 10, pid=21845] auth/auth_sam.c:75(auth_samstrict_auth) > Check auth for: [nobody] >[2013/02/27 08:52:41.652944, 8, pid=21845] lib/util.c:1521(is_myname) > is_myname("MAGRATHEA") returns 1 >[2013/02/27 08:52:41.653015, 4, pid=21845] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.653089, 4, pid=21845] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.653160, 4, pid=21845] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.653230, 5, pid=21845] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:41.653302, 5, pid=21845] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:41.653440, 5, pid=21845] passdb/pdb_tdb.c:562(tdbsam_getsampwnam) > pdb_getsampwnam (TDB): error fetching database. > Key: USER_nobody >[2013/02/27 08:52:41.653528, 4, pid=21845] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.653599, 3, pid=21845] auth/check_samsec.c:399(check_sam_security) > check_sam_security: Couldn't find user 'nobody' in passdb. >[2013/02/27 08:52:41.653674, 5, pid=21845] auth/auth.c:271(check_ntlm_password) > check_ntlm_password: sam authentication for user [nobody] FAILED with error NT_STATUS_NO_SUCH_USER >[2013/02/27 08:52:41.653782, 2, pid=21845] auth/auth.c:319(check_ntlm_password) > check_ntlm_password: Authentication for user [nobody] -> [nobody] FAILED with error NT_STATUS_NO_SUCH_USER >[2013/02/27 08:52:41.653888, 5, pid=21845] lib/username.c:171(Get_Pwnam_alloc) > Finding user nobody >[2013/02/27 08:52:41.653940, 5, pid=21845] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is nobody >[2013/02/27 08:52:41.654012, 5, pid=21845] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [nobody]! >[2013/02/27 08:52:41.654085, 3, pid=21845] smbd/password.c:721(authorise_login) > authorise_login: ACCEPTED: guest account and guest ok (nobody) >[2013/02/27 08:52:41.654158, 5, pid=21845] lib/username.c:171(Get_Pwnam_alloc) > Finding user nobody >[2013/02/27 08:52:41.654229, 5, pid=21845] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is nobody >[2013/02/27 08:52:41.654300, 5, pid=21845] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [nobody]! >[2013/02/27 08:52:41.654398, 10, pid=21845] passdb/lookup_sid.c:76(lookup_name) > lookup_name: Unix User\nobody => domain=[Unix User], name=[nobody] >[2013/02/27 08:52:41.654452, 10, pid=21845] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x073 >[2013/02/27 08:52:41.654568, 5, pid=21845] lib/username.c:171(Get_Pwnam_alloc) > Finding user nobody >[2013/02/27 08:52:41.654621, 5, pid=21845] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is nobody >[2013/02/27 08:52:41.654694, 5, pid=21845] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [nobody]! >[2013/02/27 08:52:41.654799, 10, pid=21845] passdb/pdb_get_set.c:575(pdb_set_username) > pdb_set_username: setting username nobody, was >[2013/02/27 08:52:41.654875, 10, pid=21845] passdb/pdb_get_set.c:644(pdb_set_fullname) > pdb_set_full_name: setting full name nobody, was >[2013/02/27 08:52:41.654928, 10, pid=21845] passdb/pdb_get_set.c:598(pdb_set_domain) > pdb_set_domain: setting domain MAGRATHEA, was >[2013/02/27 08:52:41.655024, 10, pid=21845] passdb/pdb_get_set.c:500(pdb_set_user_sid) > pdb_set_user_sid: setting user sid S-1-5-21-1406987565-2067085585-2387977275-501 >[2013/02/27 08:52:41.655080, 10, pid=21845] passdb/pdb_compat.c:73(pdb_set_user_sid_from_rid) > pdb_set_user_sid_from_rid: > setting user sid S-1-5-21-1406987565-2067085585-2387977275-501 from rid 501 >[2013/02/27 08:52:41.655187, 10, pid=21845] passdb/pdb_get_set.c:575(pdb_set_username) > pdb_set_username: setting username nobody, was nobody >[2013/02/27 08:52:41.655264, 10, pid=21845] passdb/pdb_get_set.c:500(pdb_set_user_sid) > pdb_set_user_sid: setting user sid S-1-22-1-65534 >[2013/02/27 08:52:41.655385, 5, pid=21845] passdb/lookup_sid.c:1384(gid_to_sid) > gid_to_sid: winbind failed to find a sid for gid 65533 >[2013/02/27 08:52:41.655439, 4, pid=21845] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.655511, 4, pid=21845] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.655583, 4, pid=21845] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.655655, 5, pid=21845] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:41.655741, 5, pid=21845] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:41.655880, 4, pid=21845] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.655934, 10, pid=21845] passdb/lookup_sid.c:1181(legacy_gid_to_sid) > LEGACY: gid 65533 -> sid S-1-22-2-65533 >[2013/02/27 08:52:41.656036, 3, pid=21845] passdb/lookup_sid.c:1754(get_primary_group_sid) > Forcing Primary Group to 'Domain Users' for nobody >[2013/02/27 08:52:41.656096, 10, pid=21845] auth/server_info.c:349(samu_to_SamInfo3) > Unix User found in struct samu. Rid marked as special and sid (S-1-22-1-65534) saved as extra sid >[2013/02/27 08:52:41.656199, 5, pid=21845] lib/username.c:171(Get_Pwnam_alloc) > Finding user nobody >[2013/02/27 08:52:41.656251, 5, pid=21845] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is nobody >[2013/02/27 08:52:41.656323, 5, pid=21845] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [nobody]! >[2013/02/27 08:52:41.656441, 10, pid=21845] lib/system_smbd.c:175(sys_getgrouplist) > sys_getgrouplist: user [nobody] >[2013/02/27 08:52:41.657766, 5, pid=21845] passdb/lookup_sid.c:1384(gid_to_sid) > gid_to_sid: winbind failed to find a sid for gid 65534 >[2013/02/27 08:52:41.657809, 4, pid=21845] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.657838, 4, pid=21845] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.657866, 4, pid=21845] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.657894, 5, pid=21845] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:41.657921, 5, pid=21845] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:41.657972, 4, pid=21845] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.658002, 10, pid=21845] passdb/lookup_sid.c:1181(legacy_gid_to_sid) > LEGACY: gid 65534 -> sid S-1-22-2-65534 >[2013/02/27 08:52:41.658042, 10, pid=21845] passdb/lookup_sid.c:76(lookup_name) > lookup_name: MAGRATHEA\nobody => domain=[MAGRATHEA], name=[nobody] >[2013/02/27 08:52:41.658071, 10, pid=21845] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x073 >[2013/02/27 08:52:41.658102, 4, pid=21845] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.658130, 4, pid=21845] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.658157, 4, pid=21845] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.658185, 5, pid=21845] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:41.658211, 5, pid=21845] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:41.658258, 5, pid=21845] passdb/pdb_tdb.c:562(tdbsam_getsampwnam) > pdb_getsampwnam (TDB): error fetching database. > Key: USER_nobody >[2013/02/27 08:52:41.658300, 4, pid=21845] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.658328, 4, pid=21845] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.658354, 4, pid=21845] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.658380, 4, pid=21845] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.658405, 5, pid=21845] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:41.658430, 5, pid=21845] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:41.658478, 4, pid=21845] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.658507, 10, pid=21845] passdb/lookup_sid.c:76(lookup_name) > lookup_name: Unix User\nobody => domain=[Unix User], name=[nobody] >[2013/02/27 08:52:41.658533, 10, pid=21845] passdb/lookup_sid.c:77(lookup_name) > lookup_name: flags = 0x073 >[2013/02/27 08:52:41.658566, 5, pid=21845] lib/username.c:171(Get_Pwnam_alloc) > Finding user nobody >[2013/02/27 08:52:41.658593, 5, pid=21845] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is nobody >[2013/02/27 08:52:41.658620, 5, pid=21845] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [nobody]! >[2013/02/27 08:52:41.658655, 10, pid=21845] passdb/lookup_sid.c:1544(sid_to_uid) > sid S-1-22-1-65534 -> uid 65534 >[2013/02/27 08:52:41.658903, 10, pid=21845] lib/system_smbd.c:175(sys_getgrouplist) > sys_getgrouplist: user [nobody] >[2013/02/27 08:52:41.659019, 10, pid=21845] auth/token_util.c:339(create_local_nt_token) > Create local NT token for S-1-22-1-65534 >[2013/02/27 08:52:41.659068, 10, pid=21845] passdb/lookup_sid.c:1628(sid_to_gid) > winbind failed to find a gid for sid S-1-5-32-544 >[2013/02/27 08:52:41.659099, 4, pid=21845] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.659128, 4, pid=21845] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.659156, 4, pid=21845] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.659183, 5, pid=21845] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:41.659210, 5, pid=21845] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:41.659260, 4, pid=21845] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.659290, 10, pid=21845] passdb/lookup_sid.c:1253(legacy_sid_to_gid) > LEGACY: mapping failed for sid S-1-5-32-544 >[2013/02/27 08:52:41.659319, 4, pid=21845] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.659347, 4, pid=21845] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.659374, 4, pid=21845] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.659401, 5, pid=21845] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:41.659428, 5, pid=21845] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:41.659493, 10, pid=21845] passdb/lookup_sid.c:1628(sid_to_gid) > winbind failed to find a gid for sid S-1-5-32-544 >[2013/02/27 08:52:41.659524, 4, pid=21845] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 >[2013/02/27 08:52:41.659552, 4, pid=21845] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.659579, 4, pid=21845] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 >[2013/02/27 08:52:41.659607, 5, pid=21845] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:41.659632, 5, pid=21845] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:41.659681, 4, pid=21845] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.659723, 10, pid=21845] passdb/lookup_sid.c:1253(legacy_sid_to_gid) > LEGACY: mapping failed for sid S-1-5-32-544 >[2013/02/27 08:52:41.659755, 5, pid=21845] passdb/pdb_util.c:128(create_builtin_administrators) > create_builtin_administrators: Failed to create Administrators >[2013/02/27 08:52:41.659785, 4, pid=21845] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.659821, 10, pid=21845] passdb/lookup_sid.c:1628(sid_to_gid) > winbind failed to find a gid for sid S-1-5-32-545 >[2013/02/27 08:52:41.659849, 4, pid=21845] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.659875, 4, pid=21845] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.659904, 4, pid=21845] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.659930, 5, pid=21845] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:41.659955, 5, pid=21845] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:41.660000, 4, pid=21845] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.660027, 10, pid=21845] passdb/lookup_sid.c:1253(legacy_sid_to_gid) > LEGACY: mapping failed for sid S-1-5-32-545 >[2013/02/27 08:52:41.660054, 4, pid=21845] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.660080, 4, pid=21845] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.660105, 4, pid=21845] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.660131, 5, pid=21845] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:41.660156, 5, pid=21845] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:41.660208, 10, pid=21845] passdb/lookup_sid.c:1628(sid_to_gid) > winbind failed to find a gid for sid S-1-5-32-545 >[2013/02/27 08:52:41.660236, 4, pid=21845] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2 >[2013/02/27 08:52:41.660263, 4, pid=21845] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.660288, 4, pid=21845] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2 >[2013/02/27 08:52:41.660314, 5, pid=21845] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:41.660339, 5, pid=21845] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:41.660384, 4, pid=21845] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.660411, 10, pid=21845] passdb/lookup_sid.c:1253(legacy_sid_to_gid) > LEGACY: mapping failed for sid S-1-5-32-545 >[2013/02/27 08:52:41.660440, 5, pid=21845] passdb/pdb_util.c:99(create_builtin_users) > create_builtin_users: Failed to create Users >[2013/02/27 08:52:41.660468, 4, pid=21845] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.660495, 4, pid=21845] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.660520, 4, pid=21845] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.660546, 4, pid=21845] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.660571, 5, pid=21845] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:41.660597, 5, pid=21845] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:41.660691, 4, pid=21845] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.661030, 4, pid=21845] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-22-1-65534] >[2013/02/27 08:52:41.661062, 4, pid=21845] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-22-2-65533] >[2013/02/27 08:52:41.661093, 4, pid=21845] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-22-2-65534] >[2013/02/27 08:52:41.661126, 5, pid=21845] lib/privileges.c:175(get_privileges_for_sids) > get_privileges_for_sids: sid = S-1-1-0 > Privilege set: 0x0 >[2013/02/27 08:52:41.661167, 4, pid=21845] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-2] >[2013/02/27 08:52:41.661202, 4, pid=21845] lib/privileges.c:97(get_privileges) > get_privileges: No privileges assigned to SID [S-1-5-32-546] >[2013/02/27 08:52:41.661263, 10, pid=21845] passdb/lookup_sid.c:1468(sids_to_unix_ids) > wbcSidsToUnixIds returned WBC_ERR_WINBIND_NOT_AVAILABLE >[2013/02/27 08:52:41.661292, 4, pid=21845] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.661319, 4, pid=21845] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.661344, 4, pid=21845] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.661370, 5, pid=21845] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:41.661395, 5, pid=21845] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:41.661442, 4, pid=21845] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.661469, 10, pid=21845] passdb/lookup_sid.c:1253(legacy_sid_to_gid) > LEGACY: mapping failed for sid S-1-1-0 >[2013/02/27 08:52:41.661496, 10, pid=21845] passdb/lookup_sid.c:1218(legacy_sid_to_uid) > LEGACY: mapping failed for sid S-1-1-0 >[2013/02/27 08:52:41.661523, 4, pid=21845] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.661549, 4, pid=21845] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.661575, 4, pid=21845] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.661600, 5, pid=21845] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:41.661625, 5, pid=21845] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:41.661671, 4, pid=21845] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.661702, 10, pid=21845] passdb/lookup_sid.c:1253(legacy_sid_to_gid) > LEGACY: mapping failed for sid S-1-5-2 >[2013/02/27 08:52:41.661734, 10, pid=21845] passdb/lookup_sid.c:1218(legacy_sid_to_uid) > LEGACY: mapping failed for sid S-1-5-2 >[2013/02/27 08:52:41.661761, 4, pid=21845] smbd/sec_ctx.c:214(push_sec_ctx) > push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.661786, 4, pid=21845] smbd/uid.c:460(push_conn_ctx) > push_conn_ctx(0) : conn_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.661814, 4, pid=21845] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1 >[2013/02/27 08:52:41.661839, 5, pid=21845] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:41.661864, 5, pid=21845] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:41.661912, 4, pid=21845] smbd/sec_ctx.c:422(pop_sec_ctx) > pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.661938, 10, pid=21845] passdb/lookup_sid.c:1253(legacy_sid_to_gid) > LEGACY: mapping failed for sid S-1-5-32-546 >[2013/02/27 08:52:41.661965, 10, pid=21845] passdb/lookup_sid.c:1218(legacy_sid_to_uid) > LEGACY: mapping failed for sid S-1-5-32-546 >[2013/02/27 08:52:41.661992, 10, pid=21845] auth/auth_util.c:505(create_local_token) > Could not convert SID S-1-1-0 to gid, ignoring it >[2013/02/27 08:52:41.662020, 10, pid=21845] auth/auth_util.c:505(create_local_token) > Could not convert SID S-1-5-2 to gid, ignoring it >[2013/02/27 08:52:41.662048, 10, pid=21845] auth/auth_util.c:505(create_local_token) > Could not convert SID S-1-5-32-546 to gid, ignoring it >[2013/02/27 08:52:41.662076, 10, pid=21845] ../libcli/security/security_token.c:63(security_token_debug) > Security token SIDs (6): > SID[ 0]: S-1-22-1-65534 > SID[ 1]: S-1-22-2-65533 > SID[ 2]: S-1-22-2-65534 > SID[ 3]: S-1-1-0 > SID[ 4]: S-1-5-2 > SID[ 5]: S-1-5-32-546 > Privileges (0x 0): > Rights (0x 0): >[2013/02/27 08:52:41.662205, 10, pid=21845] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 65534 > Primary group is 65533 and contains 2 supplementary groups > Group[ 0]: 65533 > Group[ 1]: 65534 >[2013/02/27 08:52:41.662269, 5, pid=21845] lib/username.c:171(Get_Pwnam_alloc) > Finding user nobody >[2013/02/27 08:52:41.662296, 5, pid=21845] lib/username.c:116(Get_Pwnam_internals) > Trying _Get_Pwnam(), username as lowercase is nobody >[2013/02/27 08:52:41.662325, 5, pid=21845] lib/username.c:149(Get_Pwnam_internals) > Get_Pwnam_internals did find user [nobody]! >[2013/02/27 08:52:41.662361, 10, pid=21845] smbd/service.c:162(set_conn_connectpath) > set_conn_connectpath: service guru, connectpath = /srv/samba/tmp >[2013/02/27 08:52:41.662391, 3, pid=21845] smbd/service.c:872(make_connection_snum) > Connect path is '/srv/samba/tmp' for service [guru] >[2013/02/27 08:52:41.662434, 10, pid=21845] ../libcli/security/access_check.c:58(se_map_generic) > se_map_generic(): mapped mask 0x10000000 to 0x001f01ff >[2013/02/27 08:52:41.662465, 10, pid=21845] ../libcli/security/access_check.c:178(se_access_check) > se_access_check: MAX desired = 0x2000000, granted = 0x101f01ff, remaining = 0x101f01ff >[2013/02/27 08:52:41.662497, 3, pid=21845] smbd/vfs.c:102(vfs_init_default) > Initialising default vfs hooks >[2013/02/27 08:52:41.662528, 10, pid=21845] smbd/vfs.c:53(vfs_find_backend_entry) > vfs_find_backend_entry called for /[Default VFS]/ >[2013/02/27 08:52:41.662555, 5, pid=21845] smbd/vfs.c:92(smb_register_vfs) > Successfully added vfs backend '/[Default VFS]/' >[2013/02/27 08:52:41.662584, 10, pid=21845] smbd/vfs.c:53(vfs_find_backend_entry) > vfs_find_backend_entry called for posixacl >[2013/02/27 08:52:41.662611, 5, pid=21845] smbd/vfs.c:92(smb_register_vfs) > Successfully added vfs backend 'posixacl' >[2013/02/27 08:52:41.662638, 3, pid=21845] smbd/vfs.c:128(vfs_init_custom) > Initialising custom vfs hooks from [/[Default VFS]/] >[2013/02/27 08:52:41.662667, 10, pid=21845] smbd/vfs.c:53(vfs_find_backend_entry) > vfs_find_backend_entry called for /[Default VFS]/ > Successfully loaded vfs module [/[Default VFS]/] with the new modules system >[2013/02/27 08:52:41.662720, 5, pid=21845] smbd/connection.c:134(claim_connection) > claiming [guru] >[2013/02/27 08:52:41.662789, 10, pid=21845] lib/dbwrap_tdb.c:102(db_tdb_fetch_locked) > Locking key 55550000FFFFFFFF0DF0 >[2013/02/27 08:52:41.662824, 10, pid=21845] lib/dbwrap_tdb.c:131(db_tdb_fetch_locked) > Allocated locked data 0x0x2b6bbf0 >[2013/02/27 08:52:41.663034, 10, pid=21845] lib/dbwrap_tdb.c:44(db_tdb_record_destr) > Unlocking key 55550000FFFFFFFF0DF0 >[2013/02/27 08:52:41.663148, 10, pid=21845] smbd/service.c:162(set_conn_connectpath) > set_conn_connectpath: service guru, connectpath = /srv/samba/tmp >[2013/02/27 08:52:41.663185, 10, pid=21845] smbd/share_access.c:241(user_ok_token) > user_ok_token: share guru is ok for unix user nobody >[2013/02/27 08:52:41.663216, 10, pid=21845] smbd/share_access.c:286(is_share_read_only_for_token) > is_share_read_only_for_user: share guru is read-write for unix user nobody >[2013/02/27 08:52:41.663251, 10, pid=21845] ../libcli/security/access_check.c:58(se_map_generic) > se_map_generic(): mapped mask 0x10000000 to 0x001f01ff >[2013/02/27 08:52:41.663287, 10, pid=21845] ../libcli/security/access_check.c:58(se_map_generic) > se_map_generic(): mapped mask 0x10000000 to 0x001f01ff >[2013/02/27 08:52:41.663320, 4, pid=21845] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (65534, 65533) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.663349, 5, pid=21845] ../libcli/security/security_token.c:63(security_token_debug) > Security token SIDs (6): > SID[ 0]: S-1-22-1-65534 > SID[ 1]: S-1-22-2-65533 > SID[ 2]: S-1-22-2-65534 > SID[ 3]: S-1-1-0 > SID[ 4]: S-1-5-2 > SID[ 5]: S-1-5-32-546 > Privileges (0x 0): > Rights (0x 0): >[2013/02/27 08:52:41.663477, 5, pid=21845] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 65534 > Primary group is 65533 and contains 2 supplementary groups > Group[ 0]: 65533 > Group[ 1]: 65534 >[2013/02/27 08:52:41.663542, 5, pid=21845] smbd/uid.c:317(change_to_user_internal) > Impersonated user: uid=(0,65534), gid=(0,65533) >[2013/02/27 08:52:41.663573, 4, pid=21845] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:41.663601, 5, pid=21845] ../libcli/security/security_token.c:53(security_token_debug) > Security token: (NULL) >[2013/02/27 08:52:41.663628, 5, pid=21845] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 0 > Primary group is 0 and contains 0 supplementary groups >[2013/02/27 08:52:41.663670, 5, pid=21845] smbd/uid.c:400(change_to_root_user) > change_to_root_user: now uid=(0,0) gid=(0,0) >[2013/02/27 08:52:41.663730, 10, pid=21845] smbd/service.c:162(set_conn_connectpath) > set_conn_connectpath: service guru, connectpath = /srv/samba/tmp >[2013/02/27 08:52:41.663776, 10, pid=21845] modules/vfs_default.c:160(vfswrap_fs_capabilities) > vfswrap_fs_capabilities: timestamp resolution of sec available on share guru, directory /srv/samba/tmp >[2013/02/27 08:52:41.663807, 1, pid=21845] smbd/service.c:1114(make_connection_snum) > __1 (::1) connect to service guru initially as user nobody (uid=65534, gid=65533) (pid 21845) >[2013/02/27 08:52:41.663844, 3, pid=21845] smbd/reply.c:871(reply_tcon_and_X) > tconX service=GURU >[2013/02/27 08:52:47.408163, 10, pid=21845] lib/util_sock.c:519(read_smb_length_return_keepalive) > got smb length of 50 >[2013/02/27 08:52:47.408273, 6, pid=21845] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x32 >[2013/02/27 08:52:47.408315, 3, pid=21845] smbd/process.c:1662(process_smb) > Transaction 3 of length 54 (0 toread) >[2013/02/27 08:52:47.408357, 5, pid=21845] lib/util.c:332(show_msg) >[2013/02/27 08:52:47.408380, 5, pid=21845] lib/util.c:342(show_msg) > size=50 > smb_com=0x0 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=8 > smb_flg2=51201 > smb_tid=1 > smb_pid=21844 > smb_uid=0 > smb_mid=4 > smt_wct=0 > smb_bcc=15 >[2013/02/27 08:52:47.408611, 10, pid=21845] ../lib/util/util.c:415(dump_data) > [0000] 04 5C 00 77 00 75 00 72 00 73 00 74 00 00 00 .\.w.u.r .s.t... >[2013/02/27 08:52:47.408672, 3, pid=21845] smbd/process.c:1467(switch_message) > switch message SMBmkdir (pid 21845) conn 0x2b7b790 >[2013/02/27 08:52:47.408727, 10, pid=21845] smbd/share_access.c:241(user_ok_token) > user_ok_token: share guru is ok for unix user nobody >[2013/02/27 08:52:47.408773, 10, pid=21845] smbd/share_access.c:286(is_share_read_only_for_token) > is_share_read_only_for_user: share guru is read-write for unix user nobody >[2013/02/27 08:52:47.408835, 10, pid=21845] ../libcli/security/access_check.c:58(se_map_generic) > se_map_generic(): mapped mask 0x10000000 to 0x001f01ff >[2013/02/27 08:52:47.408888, 10, pid=21845] ../libcli/security/access_check.c:58(se_map_generic) > se_map_generic(): mapped mask 0x10000000 to 0x001f01ff >[2013/02/27 08:52:47.408935, 4, pid=21845] smbd/sec_ctx.c:314(set_sec_ctx) > setting sec ctx (65534, 65533) - sec_ctx_stack_ndx = 0 >[2013/02/27 08:52:47.408978, 5, pid=21845] ../libcli/security/security_token.c:63(security_token_debug) > Security token SIDs (6): > SID[ 0]: S-1-22-1-65534 > SID[ 1]: S-1-22-2-65533 > SID[ 2]: S-1-22-2-65534 > SID[ 3]: S-1-1-0 > SID[ 4]: S-1-5-2 > SID[ 5]: S-1-5-32-546 > Privileges (0x 0): > Rights (0x 0): >[2013/02/27 08:52:47.409168, 5, pid=21845] auth/token_util.c:527(debug_unix_user_token) > UNIX token of user 65534 > Primary group is 65533 and contains 2 supplementary groups > Group[ 0]: 65533 > Group[ 1]: 65534 >[2013/02/27 08:52:47.409271, 5, pid=21845] smbd/uid.c:317(change_to_user_internal) > Impersonated user: uid=(0,65534), gid=(0,65533) >[2013/02/27 08:52:47.409319, 4, pid=21845] smbd/vfs.c:780(vfs_ChDir) > vfs_ChDir to /srv/samba/tmp >[2013/02/27 08:52:47.409401, 5, pid=21845] smbd/filename.c:257(unix_convert) > unix_convert called on file "wurst" >[2013/02/27 08:52:47.409448, 10, pid=21845] smbd/statcache.c:244(stat_cache_lookup) > stat_cache_lookup: lookup failed for name [WURST] >[2013/02/27 08:52:47.409490, 5, pid=21845] smbd/filename.c:416(unix_convert) > unix_convert begin: name = wurst, dirpath = , start = wurst >[2013/02/27 08:52:47.409556, 10, pid=21845] smbd/mangle_hash2.c:418(is_mangled) > is_mangled wurst ? >[2013/02/27 08:52:47.409597, 10, pid=21845] smbd/mangle_hash2.c:357(is_mangled_component) > is_mangled_component wurst (len 5) ? >[2013/02/27 08:52:47.409639, 10, pid=21845] smbd/mangle_hash2.c:418(is_mangled) > is_mangled wurst ? >[2013/02/27 08:52:47.409679, 10, pid=21845] smbd/mangle_hash2.c:357(is_mangled_component) > is_mangled_component wurst (len 5) ? >[2013/02/27 08:52:47.409790, 10, pid=21845] smbd/mangle_hash2.c:418(is_mangled) > is_mangled wurst ? >[2013/02/27 08:52:47.409833, 10, pid=21845] smbd/mangle_hash2.c:357(is_mangled_component) > is_mangled_component wurst (len 5) ? >[2013/02/27 08:52:47.409874, 5, pid=21845] smbd/filename.c:781(unix_convert) > New file wurst >[2013/02/27 08:52:47.409915, 3, pid=21845] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [wurst] [/srv/samba/tmp] >[2013/02/27 08:52:47.409966, 10, pid=21845] smbd/vfs.c:969(check_reduced_name) > check_reduced_name realpath [wurst] -> [/srv/samba/tmp/wurst] >[2013/02/27 08:52:47.410007, 3, pid=21845] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: wurst reduced to /srv/samba/tmp/wurst >[2013/02/27 08:52:47.410051, 10, pid=21845] smbd/open.c:3613(create_file_default) > create_file: access_mask = 0x80 file_attributes = 0x10, share_access = 0x0, create_disposition = 0x2 create_options = 0x1 oplock_request = 0x0 private_flags = 0x0 root_dir_fid = 0x0, ea_list = 0x(nil), sd = 0x(nil), fname = wurst >[2013/02/27 08:52:47.410103, 10, pid=21845] smbd/open.c:3137(create_file_unixpath) > create_file_unixpath: access_mask = 0x80 file_attributes = 0x10, share_access = 0x0, create_disposition = 0x2 create_options = 0x1 oplock_request = 0x0 private_flags = 0x0 ea_list = 0x(nil), sd = 0x(nil), fname = wurst >[2013/02/27 08:52:47.410152, 5, pid=21845] smbd/open.c:2609(open_directory) > open_directory: opening directory wurst, access_mask = 0x80, share_access = 0x0 create_options = 0x1, create_disposition = 0x2, file_attributes = 0x10 >[2013/02/27 08:52:47.410200, 3, pid=21845] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [wurst] [/srv/samba/tmp] >[2013/02/27 08:52:47.410250, 10, pid=21845] smbd/vfs.c:969(check_reduced_name) > check_reduced_name realpath [wurst] -> [/srv/samba/tmp/wurst] >[2013/02/27 08:52:47.410291, 3, pid=21845] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: wurst reduced to /srv/samba/tmp/wurst >[2013/02/27 08:52:47.410333, 3, pid=21845] smbd/dosmode.c:159(unix_mode) > unix_mode(wurst) returning 0755 >[2013/02/27 08:52:47.410569, 10, pid=21845] smbd/notify_internal.c:930(notify_trigger) > notify_trigger called action=0x1, filter=0x2, path=/srv/samba/tmp/wurst >[2013/02/27 08:52:47.410634, 5, pid=21845] smbd/files.c:140(file_new) > allocated file structure 11802, fnum = 15898 (1 used) >[2013/02/27 08:52:47.410689, 10, pid=21845] smbd/files.c:705(file_name_hash) > file_name_hash: /srv/samba/tmp/wurst hash 0xa297fa68 >[2013/02/27 08:52:47.410747, 10, pid=21845] smbd/open.c:196(fd_open) > fd_open: name wurst, flags = 0200000 mode = 00, fd = 28. >[2013/02/27 08:52:47.410801, 10, pid=21845] lib/dbwrap_tdb.c:102(db_tdb_fetch_locked) > Locking key 1400000000000000C6BD >[2013/02/27 08:52:47.410851, 10, pid=21845] lib/dbwrap_tdb.c:131(db_tdb_fetch_locked) > Allocated locked data 0x0x2b7fff0 >[2013/02/27 08:52:47.410919, 10, pid=21845] locking/locking.c:801(unparse_share_modes) > unparse_share_modes: owrt: Wed Feb 27 08:52:47 2013 CET cwrt: Thu Jan 1 01:00:00 1970 CET, ntok: 0, num: 1 >[2013/02/27 08:52:47.410986, 10, pid=21845] locking/locking.c:536(print_share_mode_table) > print_share_mode_table: share_mode_entry[0]: pid = 21845, share_access = 0x0, private_options = 0x0, access_mask = 0x80, mid = 0x4, type= 0x0, gen_id = 1056019026, uid = 65534, flags = 0, file_id 14:228bdc6:0, name_hash = 0xa297fa68 >[2013/02/27 08:52:47.411180, 10, pid=21845] lib/dbwrap_tdb.c:44(db_tdb_record_destr) > Unlocking key 1400000000000000C6BD >[2013/02/27 08:52:47.411240, 10, pid=21845] smbd/open.c:3425(create_file_unixpath) > create_file_unixpath: info=2 >[2013/02/27 08:52:47.411282, 10, pid=21845] smbd/open.c:3701(create_file_default) > create_file: info=2 >[2013/02/27 08:52:47.411332, 10, pid=21845] lib/dbwrap_tdb.c:102(db_tdb_fetch_locked) > Locking key 1400000000000000C6BD >[2013/02/27 08:52:47.411378, 10, pid=21845] lib/dbwrap_tdb.c:131(db_tdb_fetch_locked) > Allocated locked data 0x0x2b80630 >[2013/02/27 08:52:47.411420, 10, pid=21845] locking/locking.c:663(parse_share_modes) > parse_share_modes: owrt: Wed Feb 27 08:52:47 2013 CET, cwrt: Thu Jan 1 01:00:00 1970 CET, ntok: 0, num_share_modes: 1 >[2013/02/27 08:52:47.411481, 10, pid=21845] locking/locking.c:725(parse_share_modes) > parse_share_modes: share_mode_entry[0]: pid = 21845, share_access = 0x0, private_options = 0x0, access_mask = 0x80, mid = 0x4, type= 0x0, gen_id = 1056019026, uid = 65534, flags = 0, file_id 14:228bdc6:0, name_hash = 0xa297fa68 >[2013/02/27 08:52:47.411530, 10, pid=21845] locking/locking.c:1656(get_delete_on_close_token) > get_delete_on_close_token: name_hash = 0xa297fa68 >[2013/02/27 08:52:47.411576, 10, pid=21845] lib/dbwrap_tdb.c:44(db_tdb_record_destr) > Unlocking key 1400000000000000C6BD >[2013/02/27 08:52:47.411633, 10, pid=21845] locking/posix.c:516(get_windows_lock_ref_count) > get_windows_lock_count for file wurst = 0 >[2013/02/27 08:52:47.411680, 10, pid=21845] locking/posix.c:542(delete_windows_lock_ref_count) > delete_windows_lock_ref_count for file wurst >[2013/02/27 08:52:47.411738, 5, pid=21845] smbd/files.c:482(file_free) > freed files structure 15898 (0 used) >[2013/02/27 08:52:47.411780, 5, pid=21845] smbd/reply.c:5547(reply_mkdir) > create_directory returned NT_STATUS_OK >[2013/02/27 08:52:47.411826, 3, pid=21845] smbd/reply.c:5568(reply_mkdir) > mkdir wurst >[2013/02/27 08:52:47.411869, 5, pid=21845] lib/util.c:332(show_msg) >[2013/02/27 08:52:47.411894, 5, pid=21845] lib/util.c:342(show_msg) > size=35 > smb_com=0x0 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=49155 > smb_tid=1 > smb_pid=21844 > smb_uid=0 > smb_mid=4 > smt_wct=0 > smb_bcc=0 >[2013/02/27 08:52:47.412057, 10, pid=21845] ../lib/util/util.c:415(dump_data) >[2013/02/27 08:52:50.015960, 10, pid=21845] lib/util_sock.c:519(read_smb_length_return_keepalive) > got smb length of 88 >[2013/02/27 08:52:50.016053, 6, pid=21845] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x58 >[2013/02/27 08:52:50.016093, 3, pid=21845] smbd/process.c:1662(process_smb) > Transaction 4 of length 92 (0 toread) >[2013/02/27 08:52:50.016137, 5, pid=21845] lib/util.c:332(show_msg) >[2013/02/27 08:52:50.016161, 5, pid=21845] lib/util.c:342(show_msg) > size=88 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=8 > smb_flg2=51201 > smb_tid=1 > smb_pid=21844 > smb_uid=0 > smb_mid=5 > smt_wct=15 > smb_vwv[ 0]= 18 (0x12) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 10 (0xA) > smb_vwv[ 3]=16644 (0x4104) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 18 (0x12) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 88 (0x58) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 1 (0x1) > smb_bcc=23 >[2013/02/27 08:52:50.016612, 10, pid=21845] ../lib/util/util.c:415(dump_data) > [0000] 00 44 20 16 00 56 05 06 00 04 01 00 00 00 00 5C .D ..V.. .......\ > [0010] 00 2A 00 00 00 00 00 .*..... >[2013/02/27 08:52:50.016707, 3, pid=21845] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 21845) conn 0x2b7b790 >[2013/02/27 08:52:50.016751, 4, pid=21845] smbd/uid.c:345(change_to_user) > Skipping user change - already user >[2013/02/27 08:52:50.016806, 3, pid=21845] smbd/trans2.c:2286(call_trans2findfirst) > call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=0, close_if_end = 1 requires_resume_key = 1 level = 0x104, max_data_bytes = 16644 >[2013/02/27 08:52:50.016873, 5, pid=21845] smbd/filename.c:257(unix_convert) > unix_convert called on file "*" >[2013/02/27 08:52:50.016919, 10, pid=21845] smbd/statcache.c:244(stat_cache_lookup) > stat_cache_lookup: lookup failed for name [*] >[2013/02/27 08:52:50.016961, 5, pid=21845] smbd/filename.c:416(unix_convert) > unix_convert begin: name = *, dirpath = , start = * >[2013/02/27 08:52:50.017004, 10, pid=21845] smbd/mangle_hash2.c:418(is_mangled) > is_mangled * ? >[2013/02/27 08:52:50.017044, 10, pid=21845] smbd/mangle_hash2.c:357(is_mangled_component) > is_mangled_component * (len 1) ? >[2013/02/27 08:52:50.017086, 5, pid=21845] smbd/filename.c:609(unix_convert) > Wildcard * >[2013/02/27 08:52:50.017128, 3, pid=21845] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [*] [/srv/samba/tmp] >[2013/02/27 08:52:50.017196, 10, pid=21845] smbd/vfs.c:969(check_reduced_name) > check_reduced_name realpath [*] -> [/srv/samba/tmp/*] >[2013/02/27 08:52:50.017240, 3, pid=21845] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: * reduced to /srv/samba/tmp/* >[2013/02/27 08:52:50.017282, 5, pid=21845] smbd/trans2.c:2371(call_trans2findfirst) > dir=., mask = * >[2013/02/27 08:52:50.017328, 5, pid=21845] smbd/dir.c:439(dptr_create) > dptr_create dir=. >[2013/02/27 08:52:50.017370, 3, pid=21845] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [.] [/srv/samba/tmp] >[2013/02/27 08:52:50.017414, 10, pid=21845] smbd/vfs.c:969(check_reduced_name) > check_reduced_name realpath [.] -> [/srv/samba/tmp] >[2013/02/27 08:52:50.017455, 3, pid=21845] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: . reduced to /srv/samba/tmp >[2013/02/27 08:52:50.017510, 3, pid=21845] smbd/dir.c:578(dptr_create) > creating new dirptr 256 for path ., expect_close = 1 >[2013/02/27 08:52:50.017552, 4, pid=21845] smbd/trans2.c:2439(call_trans2findfirst) > dptr_num is 256, wcard = *, attr = 22 >[2013/02/27 08:52:50.017594, 8, pid=21845] smbd/trans2.c:2448(call_trans2findfirst) > dirpath=<.> dontdescend=<> >[2013/02/27 08:52:50.017647, 6, pid=21845] smbd/dir.c:969(smbd_dirptr_get_entry) > smbd_dirptr_get_entry: dirptr 0x2b7c1b0 now at offset 0 >[2013/02/27 08:52:50.017725, 8, pid=21845] smbd/dosmode.c:621(dos_mode) > dos_mode: ./. >[2013/02/27 08:52:50.017778, 8, pid=21845] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning d >[2013/02/27 08:52:50.017822, 8, pid=21845] smbd/dosmode.c:672(dos_mode) > dos_mode returning d >[2013/02/27 08:52:50.017878, 10, pid=21845] locking/locking.c:1026(fetch_share_mode_unlocked) > fetch_share_mode_unlocked: no share_mode record around (file not open) >[2013/02/27 08:52:50.017920, 3, pid=21845] smbd/dir.c:1041(smbd_dirptr_get_entry) > smbd_dirptr_get_entry mask=[*] found ./. fname=. (.) >[2013/02/27 08:52:50.017967, 10, pid=21845] smbd/trans2.c:1572(smbd_marshall_dir_entry) > smbd_marshall_dir_entry: space_remaining = 16644 >[2013/02/27 08:52:50.018010, 10, pid=21845] smbd/trans2.c:1721(smbd_marshall_dir_entry) > smbd_marshall_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO >[2013/02/27 08:52:50.018069, 6, pid=21845] smbd/dir.c:969(smbd_dirptr_get_entry) > smbd_dirptr_get_entry: dirptr 0x2b7c1b0 now at offset 2147483648 >[2013/02/27 08:52:50.018120, 8, pid=21845] smbd/dosmode.c:621(dos_mode) > dos_mode: ./.. >[2013/02/27 08:52:50.018162, 8, pid=21845] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning d >[2013/02/27 08:52:50.018203, 8, pid=21845] smbd/dosmode.c:672(dos_mode) > dos_mode returning d >[2013/02/27 08:52:50.018249, 10, pid=21845] locking/locking.c:1026(fetch_share_mode_unlocked) > fetch_share_mode_unlocked: no share_mode record around (file not open) >[2013/02/27 08:52:50.018291, 3, pid=21845] smbd/dir.c:1041(smbd_dirptr_get_entry) > smbd_dirptr_get_entry mask=[*] found ./.. fname=.. (..) >[2013/02/27 08:52:50.018335, 10, pid=21845] smbd/trans2.c:1572(smbd_marshall_dir_entry) > smbd_marshall_dir_entry: space_remaining = 16548 >[2013/02/27 08:52:50.018381, 10, pid=21845] smbd/trans2.c:1721(smbd_marshall_dir_entry) > smbd_marshall_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO >[2013/02/27 08:52:50.018444, 6, pid=21845] smbd/dir.c:969(smbd_dirptr_get_entry) > smbd_dirptr_get_entry: dirptr 0x2b7c1b0 now at offset 2147483647 >[2013/02/27 08:52:50.018496, 8, pid=21845] smbd/dosmode.c:621(dos_mode) > dos_mode: ./wurst >[2013/02/27 08:52:50.018537, 8, pid=21845] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning d >[2013/02/27 08:52:50.018578, 8, pid=21845] smbd/dosmode.c:672(dos_mode) > dos_mode returning d >[2013/02/27 08:52:50.018624, 10, pid=21845] locking/locking.c:1026(fetch_share_mode_unlocked) > fetch_share_mode_unlocked: no share_mode record around (file not open) >[2013/02/27 08:52:50.018665, 3, pid=21845] smbd/dir.c:1041(smbd_dirptr_get_entry) > smbd_dirptr_get_entry mask=[*] found ./wurst fname=wurst (wurst) >[2013/02/27 08:52:50.018715, 10, pid=21845] smbd/trans2.c:1572(smbd_marshall_dir_entry) > smbd_marshall_dir_entry: space_remaining = 16448 >[2013/02/27 08:52:50.018758, 10, pid=21845] smbd/trans2.c:1721(smbd_marshall_dir_entry) > smbd_marshall_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO >[2013/02/27 08:52:50.018810, 6, pid=21845] smbd/dir.c:969(smbd_dirptr_get_entry) > smbd_dirptr_get_entry: dirptr 0x2b7c1b0 now at offset -1 >[2013/02/27 08:52:50.018853, 5, pid=21845] smbd/trans2.c:2505(call_trans2findfirst) > call_trans2findfirst - (2) closing dptr_num 256 >[2013/02/27 08:52:50.018895, 4, pid=21845] smbd/dir.c:257(dptr_close_internal) > closing dptr key 256 >[2013/02/27 08:52:50.018945, 9, pid=21845] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 10, data_sent_thistime = 300, useable_space = 65473 >[2013/02/27 08:52:50.018987, 9, pid=21845] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 10, data_to_send = 300, paramsize = 10, datasize = 300 >[2013/02/27 08:52:50.019028, 5, pid=21845] lib/util.c:332(show_msg) >[2013/02/27 08:52:50.019051, 5, pid=21845] lib/util.c:342(show_msg) > size=368 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=49155 > smb_tid=1 > smb_pid=21844 > smb_uid=0 > smb_mid=5 > smt_wct=10 > smb_vwv[ 0]= 10 (0xA) > smb_vwv[ 1]= 300 (0x12C) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 10 (0xA) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 300 (0x12C) > smb_vwv[ 7]= 68 (0x44) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=313 >[2013/02/27 08:52:50.019451, 10, pid=21845] ../lib/util/util.c:415(dump_data) > [0000] 00 FD FF 03 00 01 00 00 00 C4 00 00 00 60 00 00 ........ .....`.. > [0010] 00 00 00 00 00 4D 62 1F A7 BE 14 CE 01 4D 62 1F .....Mb. .....Mb. > [0020] A7 BE 14 CE 01 BB CE 02 6F BF 14 CE 01 BB CE 02 ........ o....... > [0030] 6F BF 14 CE 01 00 00 00 00 00 00 00 00 00 00 00 o....... ........ > [0040] 00 00 00 00 00 10 00 00 00 02 00 00 00 00 00 00 ........ ........ > [0050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ > [0060] 00 00 00 00 00 00 00 00 00 00 00 2E 00 64 00 00 ........ .....d.. > [0070] 00 00 00 00 00 57 7A 9C A0 14 FE CD 01 57 7A 9C .....Wz. .....Wz. > [0080] A0 14 FE CD 01 4D 62 1F A7 BE 14 CE 01 4D 62 1F .....Mb. .....Mb. > [0090] A7 BE 14 CE 01 00 00 00 00 00 00 00 00 00 00 00 ........ ........ > [00A0] 00 00 00 00 00 10 00 00 00 04 00 00 00 00 00 00 ........ ........ > [00B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ > [00C0] 00 00 00 00 00 00 00 00 00 00 00 2E 00 2E 00 00 ........ ........ > [00D0] 00 68 00 00 00 00 00 00 00 BB CE 02 6F BF 14 CE .h...... ....o... > [00E0] 01 BB CE 02 6F BF 14 CE 01 BB CE 02 6F BF 14 CE ....o... ....o... > [00F0] 01 BB CE 02 6F BF 14 CE 01 00 00 00 00 00 00 00 ....o... ........ > [0100] 00 00 00 00 00 00 00 00 00 10 00 00 00 0A 00 00 ........ ........ > [0110] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ > [0120] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 77 ........ .......w > [0130] 00 75 00 72 00 73 00 74 00 .u.r.s.t . >[2013/02/27 08:52:50.020156, 4, pid=21845] smbd/trans2.c:2549(call_trans2findfirst) > SMBtrans2 mask=* directory=. dirtype=22 numentries=3 >[2013/02/27 08:52:50.020214, 10, pid=21845] smbd/mangle_hash2.c:792(hash2_name_to_8_3) > hash2_name_to_8_3: * -> 0A877AA5 -> _2X68P~X (cache=1) >[2013/02/27 08:52:51.679969, 10, pid=21845] lib/util_sock.c:519(read_smb_length_return_keepalive) > got smb length of 88 >[2013/02/27 08:52:51.680072, 6, pid=21845] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x58 >[2013/02/27 08:52:51.680116, 3, pid=21845] smbd/process.c:1662(process_smb) > Transaction 5 of length 92 (0 toread) >[2013/02/27 08:52:51.680158, 5, pid=21845] lib/util.c:332(show_msg) >[2013/02/27 08:52:51.680182, 5, pid=21845] lib/util.c:342(show_msg) > size=88 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=8 > smb_flg2=51201 > smb_tid=1 > smb_pid=21844 > smb_uid=0 > smb_mid=6 > smt_wct=15 > smb_vwv[ 0]= 18 (0x12) > smb_vwv[ 1]= 0 (0x0) > smb_vwv[ 2]= 10 (0xA) > smb_vwv[ 3]=16644 (0x4104) > smb_vwv[ 4]= 0 (0x0) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 0 (0x0) > smb_vwv[ 7]= 0 (0x0) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 18 (0x12) > smb_vwv[10]= 68 (0x44) > smb_vwv[11]= 0 (0x0) > smb_vwv[12]= 88 (0x58) > smb_vwv[13]= 1 (0x1) > smb_vwv[14]= 1 (0x1) > smb_bcc=23 >[2013/02/27 08:52:51.680663, 10, pid=21845] ../lib/util/util.c:415(dump_data) > [0000] 00 44 20 16 00 56 05 06 00 04 01 00 00 00 00 5C .D ..V.. .......\ > [0010] 00 2A 00 00 00 00 00 .*..... >[2013/02/27 08:52:51.680762, 3, pid=21845] smbd/process.c:1467(switch_message) > switch message SMBtrans2 (pid 21845) conn 0x2b7b790 >[2013/02/27 08:52:51.680805, 4, pid=21845] smbd/uid.c:345(change_to_user) > Skipping user change - already user >[2013/02/27 08:52:51.680852, 3, pid=21845] smbd/trans2.c:2286(call_trans2findfirst) > call_trans2findfirst: dirtype = 16, maxentries = 1366, close_after_first=0, close_if_end = 1 requires_resume_key = 1 level = 0x104, max_data_bytes = 16644 >[2013/02/27 08:52:51.680909, 5, pid=21845] smbd/filename.c:257(unix_convert) > unix_convert called on file "*" >[2013/02/27 08:52:51.680954, 10, pid=21845] smbd/statcache.c:244(stat_cache_lookup) > stat_cache_lookup: lookup failed for name [*] >[2013/02/27 08:52:51.680996, 5, pid=21845] smbd/filename.c:416(unix_convert) > unix_convert begin: name = *, dirpath = , start = * >[2013/02/27 08:52:51.681039, 10, pid=21845] smbd/mangle_hash2.c:418(is_mangled) > is_mangled * ? >[2013/02/27 08:52:51.681099, 10, pid=21845] smbd/mangle_hash2.c:357(is_mangled_component) > is_mangled_component * (len 1) ? >[2013/02/27 08:52:51.681141, 5, pid=21845] smbd/filename.c:609(unix_convert) > Wildcard * >[2013/02/27 08:52:51.681182, 3, pid=21845] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [*] [/srv/samba/tmp] >[2013/02/27 08:52:51.681234, 10, pid=21845] smbd/vfs.c:969(check_reduced_name) > check_reduced_name realpath [*] -> [/srv/samba/tmp/*] >[2013/02/27 08:52:51.681276, 3, pid=21845] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: * reduced to /srv/samba/tmp/* >[2013/02/27 08:52:51.681318, 5, pid=21845] smbd/trans2.c:2371(call_trans2findfirst) > dir=., mask = * >[2013/02/27 08:52:51.681364, 5, pid=21845] smbd/dir.c:439(dptr_create) > dptr_create dir=. >[2013/02/27 08:52:51.681404, 3, pid=21845] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [.] [/srv/samba/tmp] >[2013/02/27 08:52:51.681447, 10, pid=21845] smbd/vfs.c:969(check_reduced_name) > check_reduced_name realpath [.] -> [/srv/samba/tmp] >[2013/02/27 08:52:51.681488, 3, pid=21845] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: . reduced to /srv/samba/tmp >[2013/02/27 08:52:51.681538, 3, pid=21845] smbd/dir.c:578(dptr_create) > creating new dirptr 256 for path ., expect_close = 1 >[2013/02/27 08:52:51.681579, 4, pid=21845] smbd/trans2.c:2439(call_trans2findfirst) > dptr_num is 256, wcard = *, attr = 22 >[2013/02/27 08:52:51.681620, 8, pid=21845] smbd/trans2.c:2448(call_trans2findfirst) > dirpath=<.> dontdescend=<> >[2013/02/27 08:52:51.681676, 6, pid=21845] smbd/dir.c:969(smbd_dirptr_get_entry) > smbd_dirptr_get_entry: dirptr 0x2b615f0 now at offset 0 >[2013/02/27 08:52:51.681742, 8, pid=21845] smbd/dosmode.c:621(dos_mode) > dos_mode: ./. >[2013/02/27 08:52:51.681774, 8, pid=21845] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning d >[2013/02/27 08:52:51.681804, 8, pid=21845] smbd/dosmode.c:672(dos_mode) > dos_mode returning d >[2013/02/27 08:52:51.681846, 10, pid=21845] locking/locking.c:1026(fetch_share_mode_unlocked) > fetch_share_mode_unlocked: no share_mode record around (file not open) >[2013/02/27 08:52:51.681884, 3, pid=21845] smbd/dir.c:1041(smbd_dirptr_get_entry) > smbd_dirptr_get_entry mask=[*] found ./. fname=. (.) >[2013/02/27 08:52:51.681918, 10, pid=21845] smbd/trans2.c:1572(smbd_marshall_dir_entry) > smbd_marshall_dir_entry: space_remaining = 16644 >[2013/02/27 08:52:51.681947, 10, pid=21845] smbd/trans2.c:1721(smbd_marshall_dir_entry) > smbd_marshall_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO >[2013/02/27 08:52:51.681994, 6, pid=21845] smbd/dir.c:969(smbd_dirptr_get_entry) > smbd_dirptr_get_entry: dirptr 0x2b615f0 now at offset 2147483648 >[2013/02/27 08:52:51.682029, 8, pid=21845] smbd/dosmode.c:621(dos_mode) > dos_mode: ./.. >[2013/02/27 08:52:51.682058, 8, pid=21845] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning d >[2013/02/27 08:52:51.682094, 8, pid=21845] smbd/dosmode.c:672(dos_mode) > dos_mode returning d >[2013/02/27 08:52:51.682126, 10, pid=21845] locking/locking.c:1026(fetch_share_mode_unlocked) > fetch_share_mode_unlocked: no share_mode record around (file not open) >[2013/02/27 08:52:51.682154, 3, pid=21845] smbd/dir.c:1041(smbd_dirptr_get_entry) > smbd_dirptr_get_entry mask=[*] found ./.. fname=.. (..) >[2013/02/27 08:52:51.682185, 10, pid=21845] smbd/trans2.c:1572(smbd_marshall_dir_entry) > smbd_marshall_dir_entry: space_remaining = 16548 >[2013/02/27 08:52:51.682213, 10, pid=21845] smbd/trans2.c:1721(smbd_marshall_dir_entry) > smbd_marshall_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO >[2013/02/27 08:52:51.682260, 6, pid=21845] smbd/dir.c:969(smbd_dirptr_get_entry) > smbd_dirptr_get_entry: dirptr 0x2b615f0 now at offset 2147483647 >[2013/02/27 08:52:51.682301, 8, pid=21845] smbd/dosmode.c:621(dos_mode) > dos_mode: ./wurst >[2013/02/27 08:52:51.682334, 8, pid=21845] smbd/dosmode.c:199(dos_mode_from_sbuf) > dos_mode_from_sbuf returning d >[2013/02/27 08:52:51.682366, 8, pid=21845] smbd/dosmode.c:672(dos_mode) > dos_mode returning d >[2013/02/27 08:52:51.682398, 10, pid=21845] locking/locking.c:1026(fetch_share_mode_unlocked) > fetch_share_mode_unlocked: no share_mode record around (file not open) >[2013/02/27 08:52:51.682426, 3, pid=21845] smbd/dir.c:1041(smbd_dirptr_get_entry) > smbd_dirptr_get_entry mask=[*] found ./wurst fname=wurst (wurst) >[2013/02/27 08:52:51.682456, 10, pid=21845] smbd/trans2.c:1572(smbd_marshall_dir_entry) > smbd_marshall_dir_entry: space_remaining = 16448 >[2013/02/27 08:52:51.682485, 10, pid=21845] smbd/trans2.c:1721(smbd_marshall_dir_entry) > smbd_marshall_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO >[2013/02/27 08:52:51.682529, 6, pid=21845] smbd/dir.c:969(smbd_dirptr_get_entry) > smbd_dirptr_get_entry: dirptr 0x2b615f0 now at offset -1 >[2013/02/27 08:52:51.682559, 5, pid=21845] smbd/trans2.c:2505(call_trans2findfirst) > call_trans2findfirst - (2) closing dptr_num 256 >[2013/02/27 08:52:51.682588, 4, pid=21845] smbd/dir.c:257(dptr_close_internal) > closing dptr key 256 >[2013/02/27 08:52:51.682630, 9, pid=21845] smbd/trans2.c:935(send_trans2_replies) > t2_rep: params_sent_thistime = 10, data_sent_thistime = 300, useable_space = 65473 >[2013/02/27 08:52:51.682658, 9, pid=21845] smbd/trans2.c:937(send_trans2_replies) > t2_rep: params_to_send = 10, data_to_send = 300, paramsize = 10, datasize = 300 >[2013/02/27 08:52:51.682687, 5, pid=21845] lib/util.c:332(show_msg) >[2013/02/27 08:52:51.682715, 5, pid=21845] lib/util.c:342(show_msg) > size=368 > smb_com=0x32 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=136 > smb_flg2=49155 > smb_tid=1 > smb_pid=21844 > smb_uid=0 > smb_mid=6 > smt_wct=10 > smb_vwv[ 0]= 10 (0xA) > smb_vwv[ 1]= 300 (0x12C) > smb_vwv[ 2]= 0 (0x0) > smb_vwv[ 3]= 10 (0xA) > smb_vwv[ 4]= 56 (0x38) > smb_vwv[ 5]= 0 (0x0) > smb_vwv[ 6]= 300 (0x12C) > smb_vwv[ 7]= 68 (0x44) > smb_vwv[ 8]= 0 (0x0) > smb_vwv[ 9]= 0 (0x0) > smb_bcc=313 >[2013/02/27 08:52:51.683012, 10, pid=21845] ../lib/util/util.c:415(dump_data) > [0000] 00 FD FF 03 00 01 00 00 00 C4 00 00 00 60 00 00 ........ .....`.. > [0010] 00 00 00 00 00 4D 62 1F A7 BE 14 CE 01 4D 62 1F .....Mb. .....Mb. > [0020] A7 BE 14 CE 01 BB CE 02 6F BF 14 CE 01 BB CE 02 ........ o....... > [0030] 6F BF 14 CE 01 00 00 00 00 00 00 00 00 00 00 00 o....... ........ > [0040] 00 00 00 00 00 10 00 00 00 02 00 00 00 00 00 00 ........ ........ > [0050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ > [0060] 00 00 00 00 00 00 00 00 00 00 00 2E 00 64 00 00 ........ .....d.. > [0070] 00 00 00 00 00 57 7A 9C A0 14 FE CD 01 57 7A 9C .....Wz. .....Wz. > [0080] A0 14 FE CD 01 4D 62 1F A7 BE 14 CE 01 4D 62 1F .....Mb. .....Mb. > [0090] A7 BE 14 CE 01 00 00 00 00 00 00 00 00 00 00 00 ........ ........ > [00A0] 00 00 00 00 00 10 00 00 00 04 00 00 00 00 00 00 ........ ........ > [00B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ > [00C0] 00 00 00 00 00 00 00 00 00 00 00 2E 00 2E 00 00 ........ ........ > [00D0] 00 68 00 00 00 00 00 00 00 BB CE 02 6F BF 14 CE .h...... ....o... > [00E0] 01 BB CE 02 6F BF 14 CE 01 BB CE 02 6F BF 14 CE ....o... ....o... > [00F0] 01 BB CE 02 6F BF 14 CE 01 00 00 00 00 00 00 00 ....o... ........ > [0100] 00 00 00 00 00 00 00 00 00 10 00 00 00 0A 00 00 ........ ........ > [0110] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ > [0120] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 77 ........ .......w > [0130] 00 75 00 72 00 73 00 74 00 .u.r.s.t . >[2013/02/27 08:52:51.683529, 4, pid=21845] smbd/trans2.c:2549(call_trans2findfirst) > SMBtrans2 mask=* directory=. dirtype=22 numentries=3 >[2013/02/27 08:52:51.683564, 10, pid=21845] smbd/mangle_hash2.c:792(hash2_name_to_8_3) > hash2_name_to_8_3: * -> 0A877AA5 -> _2X68P~X (cache=1) >[2013/02/27 08:52:54.328162, 10, pid=21845] lib/util_sock.c:519(read_smb_length_return_keepalive) > got smb length of 76 >[2013/02/27 08:52:54.328276, 6, pid=21845] smbd/process.c:1660(process_smb) > got message type 0x0 of len 0x4c >[2013/02/27 08:52:54.328320, 3, pid=21845] smbd/process.c:1662(process_smb) > Transaction 6 of length 80 (0 toread) >[2013/02/27 08:52:54.328362, 5, pid=21845] lib/util.c:332(show_msg) >[2013/02/27 08:52:54.328386, 5, pid=21845] lib/util.c:342(show_msg) > size=76 > smb_com=0x7 > smb_rcls=0 > smb_reh=0 > smb_err=0 > smb_flg=8 > smb_flg2=51201 > smb_tid=1 > smb_pid=21844 > smb_uid=0 > smb_mid=7 > smt_wct=1 > smb_vwv[ 0]= 22 (0x16) > smb_bcc=39 >[2013/02/27 08:52:54.328633, 10, pid=21845] ../lib/util/util.c:415(dump_data) > [0000] 04 5C 00 77 00 75 00 72 00 73 00 74 00 00 00 04 .\.w.u.r .s.t.... > [0010] 00 5C 00 62 00 6C 00 75 00 74 00 77 00 75 00 72 .\.b.l.u .t.w.u.r > [0020] 00 73 00 74 00 00 00 .s.t... >[2013/02/27 08:52:54.328761, 3, pid=21845] smbd/process.c:1467(switch_message) > switch message SMBmv (pid 21845) conn 0x2b7b790 >[2013/02/27 08:52:54.328805, 4, pid=21845] smbd/uid.c:345(change_to_user) > Skipping user change - already user >[2013/02/27 08:52:54.328861, 5, pid=21845] smbd/filename.c:257(unix_convert) > unix_convert called on file "wurst" >[2013/02/27 08:52:54.328907, 10, pid=21845] smbd/statcache.c:244(stat_cache_lookup) > stat_cache_lookup: lookup failed for name [WURST] >[2013/02/27 08:52:54.328950, 5, pid=21845] smbd/filename.c:416(unix_convert) > unix_convert begin: name = wurst, dirpath = , start = wurst >[2013/02/27 08:52:54.329019, 5, pid=21845] smbd/statcache.c:143(stat_cache_add) > stat_cache_add: Added entry (2b7f380:size 5) WURST -> wurst >[2013/02/27 08:52:54.329068, 5, pid=21845] smbd/filename.c:439(unix_convert) > conversion of base_name finished wurst -> wurst >[2013/02/27 08:52:54.329110, 3, pid=21845] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [wurst] [/srv/samba/tmp] >[2013/02/27 08:52:54.329160, 10, pid=21845] smbd/vfs.c:969(check_reduced_name) > check_reduced_name realpath [wurst] -> [/srv/samba/tmp/wurst] >[2013/02/27 08:52:54.329201, 3, pid=21845] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: wurst reduced to /srv/samba/tmp/wurst >[2013/02/27 08:52:54.329243, 5, pid=21845] smbd/filename.c:257(unix_convert) > unix_convert called on file "blutwurst" >[2013/02/27 08:52:54.329285, 10, pid=21845] smbd/statcache.c:244(stat_cache_lookup) > stat_cache_lookup: lookup failed for name [BLUTWURST] >[2013/02/27 08:52:54.329327, 5, pid=21845] smbd/filename.c:416(unix_convert) > unix_convert begin: name = blutwurst, dirpath = , start = blutwurst >[2013/02/27 08:52:54.329389, 10, pid=21845] smbd/mangle_hash2.c:418(is_mangled) > is_mangled blutwurst ? >[2013/02/27 08:52:54.329430, 10, pid=21845] smbd/mangle_hash2.c:357(is_mangled_component) > is_mangled_component blutwurst (len 9) ? >[2013/02/27 08:52:54.329473, 10, pid=21845] smbd/mangle_hash2.c:418(is_mangled) > is_mangled blutwurst ? >[2013/02/27 08:52:54.329513, 10, pid=21845] smbd/mangle_hash2.c:357(is_mangled_component) > is_mangled_component blutwurst (len 9) ? >[2013/02/27 08:52:54.329578, 10, pid=21845] smbd/mangle_hash2.c:418(is_mangled) > is_mangled blutwurst ? >[2013/02/27 08:52:54.329621, 10, pid=21845] smbd/mangle_hash2.c:357(is_mangled_component) > is_mangled_component blutwurst (len 9) ? >[2013/02/27 08:52:54.329661, 5, pid=21845] smbd/filename.c:781(unix_convert) > New file blutwurst >[2013/02/27 08:52:54.329711, 3, pid=21845] smbd/vfs.c:905(check_reduced_name) > check_reduced_name [blutwurst] [/srv/samba/tmp] >[2013/02/27 08:52:54.329764, 10, pid=21845] smbd/vfs.c:969(check_reduced_name) > check_reduced_name realpath [blutwurst] -> [/srv/samba/tmp/blutwurst] >[2013/02/27 08:52:54.329805, 3, pid=21845] smbd/vfs.c:1039(check_reduced_name) > check_reduced_name: blutwurst reduced to /srv/samba/tmp/blutwurst >[2013/02/27 08:52:54.329846, 3, pid=21845] smbd/reply.c:6700(reply_mv) > reply_mv : wurst -> blutwurst >[2013/02/27 08:52:54.329896, 3, pid=21845] smbd/reply.c:6349(rename_internals) > rename_internals: case_sensitive = 0, case_preserve = 1, short case preserve = 1, directory = wurst, newname = blutwurst, last_component_dest = blutwurst >[2013/02/27 08:52:54.329944, 10, pid=21845] smbd/open.c:3613(create_file_default) > create_file: access_mask = 0x10000 file_attributes = 0x0, share_access = 0x3, create_disposition = 0x1 create_options = 0x1 oplock_request = 0x0 private_flags = 0x0 root_dir_fid = 0x0, ea_list = 0x(nil), sd = 0x(nil), fname = wurst >[2013/02/27 08:52:54.329991, 10, pid=21845] smbd/open.c:3137(create_file_unixpath) > create_file_unixpath: access_mask = 0x10000 file_attributes = 0x0, share_access = 0x3, create_disposition = 0x1 create_options = 0x1 oplock_request = 0x0 private_flags = 0x0 ea_list = 0x(nil), sd = 0x(nil), fname = wurst >[2013/02/27 08:52:54.330044, 10, pid=21845] smbd/posix_acls.c:3440(posix_get_nt_acl) > posix_get_nt_acl: called for file . >[2013/02/27 08:52:54.330122, 10, pid=21845] smbd/posix_acls.c:2565(canonicalise_acl) > canonicalise_acl: Access ace entries before arrange : >[2013/02/27 08:52:54.330166, 10, pid=21845] smbd/posix_acls.c:2578(canonicalise_acl) > canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x >[2013/02/27 08:52:54.330212, 10, pid=21845] smbd/posix_acls.c:2578(canonicalise_acl) > canon_ace index 1. Type = allow SID = S-1-22-2-65533 gid 65533 (nobody) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x >[2013/02/27 08:52:54.330356, 10, pid=21845] smbd/posix_acls.c:2578(canonicalise_acl) > canon_ace index 2. Type = allow SID = S-1-5-21-1406987565-2067085585-2387977275-501 uid 65534 (nobody) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx >[2013/02/27 08:52:54.330463, 10, pid=21845] smbd/posix_acls.c:848(print_canon_ace_list) > print_canon_ace_list: canonicalise_acl: ace entries after arrange > canon_ace index 0. Type = allow SID = S-1-5-21-1406987565-2067085585-2387977275-501 uid 65534 (nobody) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx > canon_ace index 1. Type = allow SID = S-1-22-2-65533 gid 65533 (nobody) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x > canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x >[2013/02/27 08:52:54.330658, 10, pid=21845] smbd/posix_acls.c:1124(map_canon_ace_perms) > map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff >[2013/02/27 08:52:54.330719, 10, pid=21845] smbd/posix_acls.c:1124(map_canon_ace_perms) > map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 >[2013/02/27 08:52:54.330766, 10, pid=21845] smbd/posix_acls.c:1124(map_canon_ace_perms) > map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 >[2013/02/27 08:52:54.330818, 10, pid=21845] smbd/file_access.c:76(can_access_file_acl) > can_access_file_acl for file . access_mask 0x40, access_granted 0x40 access DENIED >[2013/02/27 08:52:54.330864, 1, pid=21845] ../librpc/ndr/ndr.c:247(ndr_print_debug) > secdesc: struct security_descriptor > revision : SECURITY_DESCRIPTOR_REVISION_1 (1) > type : 0x9004 (36868) > 0: SEC_DESC_OWNER_DEFAULTED > 0: SEC_DESC_GROUP_DEFAULTED > 1: SEC_DESC_DACL_PRESENT > 0: SEC_DESC_DACL_DEFAULTED > 0: SEC_DESC_SACL_PRESENT > 0: SEC_DESC_SACL_DEFAULTED > 0: SEC_DESC_DACL_TRUSTED > 0: SEC_DESC_SERVER_SECURITY > 0: SEC_DESC_DACL_AUTO_INHERIT_REQ > 0: SEC_DESC_SACL_AUTO_INHERIT_REQ > 0: SEC_DESC_DACL_AUTO_INHERITED > 0: SEC_DESC_SACL_AUTO_INHERITED > 1: SEC_DESC_DACL_PROTECTED > 0: SEC_DESC_SACL_PROTECTED > 0: SEC_DESC_RM_CONTROL_VALID > 1: SEC_DESC_SELF_RELATIVE > owner_sid : * > owner_sid : S-1-5-21-1406987565-2067085585-2387977275-501 > group_sid : * > group_sid : S-1-22-2-65533 > sacl : NULL > dacl : * > dacl: struct security_acl > revision : SECURITY_ACL_REVISION_NT4 (2) > size : 0x0058 (88) > num_aces : 0x00000003 (3) > aces: ARRAY(3) > aces: struct security_ace > type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) > flags : 0x00 (0) > 0: SEC_ACE_FLAG_OBJECT_INHERIT > 0: SEC_ACE_FLAG_CONTAINER_INHERIT > 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT > 0: SEC_ACE_FLAG_INHERIT_ONLY > 0: SEC_ACE_FLAG_INHERITED_ACE > 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) > 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS > 0: SEC_ACE_FLAG_FAILED_ACCESS > size : 0x0024 (36) > access_mask : 0x001f01ff (2032127) > object : union security_ace_object_ctr(case 0) > trustee : S-1-5-21-1406987565-2067085585-2387977275-501 > aces: struct security_ace > type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) > flags : 0x00 (0) > 0: SEC_ACE_FLAG_OBJECT_INHERIT > 0: SEC_ACE_FLAG_CONTAINER_INHERIT > 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT > 0: SEC_ACE_FLAG_INHERIT_ONLY > 0: SEC_ACE_FLAG_INHERITED_ACE > 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) > 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS > 0: SEC_ACE_FLAG_FAILED_ACCESS > size : 0x0018 (24) > access_mask : 0x001200a9 (1179817) > object : union security_ace_object_ctr(case 0) > trustee : S-1-22-2-65533 > aces: struct security_ace > type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) > flags : 0x00 (0) > 0: SEC_ACE_FLAG_OBJECT_INHERIT > 0: SEC_ACE_FLAG_CONTAINER_INHERIT > 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT > 0: SEC_ACE_FLAG_INHERIT_ONLY > 0: SEC_ACE_FLAG_INHERITED_ACE > 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) > 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS > 0: SEC_ACE_FLAG_FAILED_ACCESS > size : 0x0014 (20) > access_mask : 0x001200a9 (1179817) > object : union security_ace_object_ctr(case 0) > trustee : S-1-1-0 >[2013/02/27 08:52:54.332049, 10, pid=21845] smbd/posix_acls.c:3440(posix_get_nt_acl) > posix_get_nt_acl: called for file wurst >[2013/02/27 08:52:54.332115, 10, pid=21845] smbd/posix_acls.c:2565(canonicalise_acl) > canonicalise_acl: Access ace entries before arrange : >[2013/02/27 08:52:54.332145, 10, pid=21845] smbd/posix_acls.c:2578(canonicalise_acl) > canon_ace index 0. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x >[2013/02/27 08:52:54.332177, 10, pid=21845] smbd/posix_acls.c:2578(canonicalise_acl) > canon_ace index 1. Type = allow SID = S-1-22-2-65533 gid 65533 (nobody) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x >[2013/02/27 08:52:54.332252, 10, pid=21845] smbd/posix_acls.c:2578(canonicalise_acl) > canon_ace index 2. Type = allow SID = S-1-5-21-1406987565-2067085585-2387977275-501 uid 65534 (nobody) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx >[2013/02/27 08:52:54.332324, 10, pid=21845] smbd/posix_acls.c:848(print_canon_ace_list) > print_canon_ace_list: canonicalise_acl: ace entries after arrange > canon_ace index 0. Type = allow SID = S-1-5-21-1406987565-2067085585-2387977275-501 uid 65534 (nobody) SMB_ACL_USER_OBJ ace_flags = 0x0 perms rwx > canon_ace index 1. Type = allow SID = S-1-22-2-65533 gid 65533 (nobody) SMB_ACL_GROUP_OBJ ace_flags = 0x0 perms r-x > canon_ace index 2. Type = allow SID = S-1-1-0 other SMB_ACL_OTHER ace_flags = 0x0 perms r-x >[2013/02/27 08:52:54.332472, 10, pid=21845] smbd/posix_acls.c:1124(map_canon_ace_perms) > map_canon_ace_perms: Mapped (UNIX) 1c0 to (NT) 1f01ff >[2013/02/27 08:52:54.332503, 10, pid=21845] smbd/posix_acls.c:1124(map_canon_ace_perms) > map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 >[2013/02/27 08:52:54.332529, 10, pid=21845] smbd/posix_acls.c:1124(map_canon_ace_perms) > map_canon_ace_perms: Mapped (UNIX) 140 to (NT) 1200a9 >[2013/02/27 08:52:54.332561, 10, pid=21845] smbd/file_access.c:76(can_access_file_acl) > can_access_file_acl for file wurst access_mask 0x10000, access_granted 0x10000 access DENIED >[2013/02/27 08:52:54.332589, 1, pid=21845] ../librpc/ndr/ndr.c:247(ndr_print_debug) > secdesc: struct security_descriptor > revision : SECURITY_DESCRIPTOR_REVISION_1 (1) > type : 0x9004 (36868) > 0: SEC_DESC_OWNER_DEFAULTED > 0: SEC_DESC_GROUP_DEFAULTED > 1: SEC_DESC_DACL_PRESENT > 0: SEC_DESC_DACL_DEFAULTED > 0: SEC_DESC_SACL_PRESENT > 0: SEC_DESC_SACL_DEFAULTED > 0: SEC_DESC_DACL_TRUSTED > 0: SEC_DESC_SERVER_SECURITY > 0: SEC_DESC_DACL_AUTO_INHERIT_REQ > 0: SEC_DESC_SACL_AUTO_INHERIT_REQ > 0: SEC_DESC_DACL_AUTO_INHERITED > 0: SEC_DESC_SACL_AUTO_INHERITED > 1: SEC_DESC_DACL_PROTECTED > 0: SEC_DESC_SACL_PROTECTED > 0: SEC_DESC_RM_CONTROL_VALID > 1: SEC_DESC_SELF_RELATIVE > owner_sid : * > owner_sid : S-1-5-21-1406987565-2067085585-2387977275-501 > group_sid : * > group_sid : S-1-22-2-65533 > sacl : NULL > dacl : * > dacl: struct security_acl > revision : SECURITY_ACL_REVISION_NT4 (2) > size : 0x0058 (88) > num_aces : 0x00000003 (3) > aces: ARRAY(3) > aces: struct security_ace > type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) > flags : 0x00 (0) > 0: SEC_ACE_FLAG_OBJECT_INHERIT > 0: SEC_ACE_FLAG_CONTAINER_INHERIT > 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT > 0: SEC_ACE_FLAG_INHERIT_ONLY > 0: SEC_ACE_FLAG_INHERITED_ACE > 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) > 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS > 0: SEC_ACE_FLAG_FAILED_ACCESS > size : 0x0024 (36) > access_mask : 0x001f01ff (2032127) > object : union security_ace_object_ctr(case 0) > trustee : S-1-5-21-1406987565-2067085585-2387977275-501 > aces: struct security_ace > type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) > flags : 0x00 (0) > 0: SEC_ACE_FLAG_OBJECT_INHERIT > 0: SEC_ACE_FLAG_CONTAINER_INHERIT > 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT > 0: SEC_ACE_FLAG_INHERIT_ONLY > 0: SEC_ACE_FLAG_INHERITED_ACE > 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) > 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS > 0: SEC_ACE_FLAG_FAILED_ACCESS > size : 0x0018 (24) > access_mask : 0x001200a9 (1179817) > object : union security_ace_object_ctr(case 0) > trustee : S-1-22-2-65533 > aces: struct security_ace > type : SEC_ACE_TYPE_ACCESS_ALLOWED (0) > flags : 0x00 (0) > 0: SEC_ACE_FLAG_OBJECT_INHERIT > 0: SEC_ACE_FLAG_CONTAINER_INHERIT > 0: SEC_ACE_FLAG_NO_PROPAGATE_INHERIT > 0: SEC_ACE_FLAG_INHERIT_ONLY > 0: SEC_ACE_FLAG_INHERITED_ACE > 0x00: SEC_ACE_FLAG_VALID_INHERIT (0) > 0: SEC_ACE_FLAG_SUCCESSFUL_ACCESS > 0: SEC_ACE_FLAG_FAILED_ACCESS > size : 0x0014 (20) > access_mask : 0x001200a9 (1179817) > object : union security_ace_object_ctr(case 0) > trustee : S-1-1-0 >[2013/02/27 08:52:54.333544, 10, pid=21845] smbd/open.c:3183(create_file_unixpath) > create_file_unixpath: open file wurst for delete ACCESS_DENIED >[2013/02/27 08:52:54.333571, 10, pid=21845] smbd/open.c:3437(create_file_unixpath) > create_file_unixpath: NT_STATUS_ACCESS_DENIED >[2013/02/27 08:52:54.333597, 10, pid=21845] smbd/open.c:3710(create_file_default) > create_file: NT_STATUS_ACCESS_DENIED >[2013/02/27 08:52:54.333623, 3, pid=21845] smbd/reply.c:6402(rename_internals) > Could not open rename source wurst: NT_STATUS_ACCESS_DENIED >[2013/02/27 08:52:54.333653, 3, pid=21845] smbd/error.c:81(error_packet_set) > error packet at smbd/reply.c(6710) cmd=7 (SMBmv) NT_STATUS_ACCESS_DENIED >[2013/02/27 08:52:54.333681, 5, pid=21845] lib/util.c:332(show_msg) >[2013/02/27 08:52:54.333696, 5, pid=21845] lib/util.c:342(show_msg) > size=35 > smb_com=0x7 > smb_rcls=34 > smb_reh=0 > smb_err=49152 > smb_flg=136 > smb_flg2=49155 > smb_tid=1 > smb_pid=21844 > smb_uid=0 > smb_mid=7 > smt_wct=0 > smb_bcc=0 >[2013/02/27 08:52:54.333985, 10, pid=21845] ../lib/util/util.c:415(dump_data)
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=8591">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 9637
:
8532
|
8540
| 8591 |
8609
|
8610