Bug 6364 - Problems joining SLES10 machine running 3.3.4 to join a 2008 domain
Problems joining SLES10 machine running 3.3.4 to join a 2008 domain
Status: RESOLVED FIXED
Product: Samba 3.3
Classification: Unclassified
Component: Domain Control
3.3.4
x64 Linux
: P3 normal
: ---
Assigned To: Karolin Seeger
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2009-05-15 11:42 UTC by Alex Green
Modified: 2011-05-26 18:31 UTC (History)
3 users (show)

See Also:


Attachments
Debug Level 10 Log (as pasted into comments) (89.85 KB, application/octet-stream)
2009-05-15 11:45 UTC, Alex Green
no flags Details
New net ads join output - debug 10 (130.31 KB, text/plain)
2009-05-27 04:37 UTC, Alex Green
no flags Details
Patch for 3.5 (1010 bytes, patch)
2010-08-12 19:03 UTC, Jim McDonough
gd: review+
Details
Patch for 3.4 (1010 bytes, patch)
2010-08-12 19:03 UTC, Jim McDonough
gd: review+
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Alex Green 2009-05-15 11:42:03 UTC
smbd -V : 3.3.4-0.1.146-2113-SUSE-CODE10 

Running:

net -d 3 -U admuser@DOM.REALM.CO.COM ads join createcomputer="REG/CN/OU/Services/"

Error:

:1,/05/15 14:23:26,  5] lib/debug.c:debug_dump_status(407)
  INFO: Current debug levels:
    all: True/10
    tdb: False/0
    printdrivers: False/0
    lanman: False/0
    smb: False/0
    rpc_parse: False/0
    rpc_srv: False/0
    rpc_cli: False/0
    passdb: False/0
    sam: False/0
    auth: False/0
    winbind: False/0
    vfs: False/0
    idmap: False/0
    quota: False/0
    acls: False/0
    locking: False/0
    msdfs: False/0
    dmapi: False/0
    registry: False/0
[2009/05/15 14:23:26,  3] param/loadparm.c:lp_load_ex(8794)
  lp_load_ex: refreshing parameters
[2009/05/15 14:23:26,  3] param/loadparm.c:init_globals(4629)
  Initialising global parameters
[2009/05/15 14:23:26,  3] param/params.c:pm_process(569)
  params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
[2009/05/15 14:23:26,  3] param/loadparm.c:do_section(7457)
  Processing section "[global]"
  doing parameter server string = HOST SuSE Samba Server
  doing parameter security = ADS
  doing parameter realm = DOM.REALM.CO.COM
  doing parameter netbios name = HOST
[2009/05/15 14:23:26,  4] param/loadparm.c:handle_netbios_name(6810)
  handle_netbios_name: set global_myname to: HOST
  doing parameter workgroup = DOM
  doing parameter local master = No
  doing parameter domain master = No
  doing parameter domain logons = No
  doing parameter use kerberos keytab = No
  doing parameter password server = DOM.REALM.CO.COM
  doing parameter encrypt passwords = Yes
  doing parameter dns proxy = No
  doing parameter client use spnego = Yes
  doing parameter client ntlmv2 auth = Yes
  doing parameter client lanman auth = No
  doing parameter client plaintext auth = No
  doing parameter use spnego = Yes
  doing parameter lanman auth = No
  doing parameter ntlm auth = No
  doing parameter disable netbios = Yes
  doing parameter client schannel = Auto
  doing parameter server schannel = Auto
  doing parameter client signing = Auto
  doing parameter server signing = Auto
  doing parameter winbind enum users = No
  doing parameter winbind enum groups = No
  doing parameter deadtime = 5
  doing parameter hostname lookups = Yes
  doing parameter hosts allow = localhost, 10.
  doing parameter hosts deny = ALL
  doing parameter interfaces = localhost, host-smb.uk.db.com
  doing parameter bind interfaces only = Yes
  doing parameter log level = 3
  doing parameter log file = /var/log/samba/log.samba
  doing parameter max log size = 9000
  doing parameter socket options = TCP_NODELAY IPTOS_LOWDELAY
  doing parameter nis homedir = No
  doing parameter hide dot files = Yes
  doing parameter include = /opt/samba/etc/smb.conf.standard
[2009/05/15 14:23:26,  3] param/params.c:pm_process(569)
  params.c:pm_process() - Processing configuration file "/opt/samba/etc/smb.conf.standard"
  doing parameter wide links = No
  doing parameter local master = No
  doing parameter domain master = No
  doing parameter preferred master = No
  doing parameter os level = 0
[2009/05/15 14:23:26,  4] param/loadparm.c:lp_load_ex(8838)
  pm_process() returned Yes
[2009/05/15 14:23:26,  7] param/loadparm.c:lp_servicenumber(9043)
  lp_servicenumber: couldn't find homes
[2009/05/15 14:23:26, 10] param/loadparm.c:set_server_role(8016)
  set_server_role: role = ROLE_DOMAIN_MEMBER
[2009/05/15 14:23:26,  5] lib/iconv.c:smb_register_charset(104)
  Attempting to register new charset UCS-2LE
[2009/05/15 14:23:26,  5] lib/iconv.c:smb_register_charset(112)
  Registered charset UCS-2LE
[2009/05/15 14:23:26,  5] lib/iconv.c:smb_register_charset(104)
  Attempting to register new charset UTF-16LE
[2009/05/15 14:23:26,  5] lib/iconv.c:smb_register_charset(112)
  Registered charset UTF-16LE
[2009/05/15 14:23:26,  5] lib/iconv.c:smb_register_charset(104)
  Attempting to register new charset UCS-2BE
[2009/05/15 14:23:26,  5] lib/iconv.c:smb_register_charset(112)
  Registered charset UCS-2BE
[2009/05/15 14:23:26,  5] lib/iconv.c:smb_register_charset(104)
  Attempting to register new charset UTF-16BE
[2009/05/15 14:23:26,  5] lib/iconv.c:smb_register_charset(112)
  Registered charset UTF-16BE
[2009/05/15 14:23:26,  5] lib/iconv.c:smb_register_charset(104)
  Attempting to register new charset UTF8
[2009/05/15 14:23:26,  5] lib/iconv.c:smb_register_charset(112)
  Registered charset UTF8
[2009/05/15 14:23:26,  5] lib/iconv.c:smb_register_charset(104)
  Attempting to register new charset UTF-8
[2009/05/15 14:23:26,  5] lib/iconv.c:smb_register_charset(112)
  Registered charset UTF-8
[2009/05/15 14:23:26,  5] lib/iconv.c:smb_register_charset(104)
  Attempting to register new charset ASCII
[2009/05/15 14:23:26,  5] lib/iconv.c:smb_register_charset(112)
  Registered charset ASCII
[2009/05/15 14:23:26,  5] lib/iconv.c:smb_register_charset(104)
  Attempting to register new charset 646
[2009/05/15 14:23:26,  5] lib/iconv.c:smb_register_charset(112)
  Registered charset 646
[2009/05/15 14:23:26,  5] lib/iconv.c:smb_register_charset(104)
  Attempting to register new charset ISO-8859-1
[2009/05/15 14:23:26,  5] lib/iconv.c:smb_register_charset(112)
  Registered charset ISO-8859-1
[2009/05/15 14:23:26,  5] lib/iconv.c:smb_register_charset(104)
  Attempting to register new charset UCS2-HEX
[2009/05/15 14:23:26,  5] lib/iconv.c:smb_register_charset(112)
  Registered charset UCS2-HEX
[2009/05/15 14:23:26,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:26,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:26,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:26,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:26,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:26,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:26,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:26,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:26,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:26,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:26,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:26,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:26,  5] lib/util.c:init_names(269)
  Netbios name list:-
  my_netbios_names[0]="HOST"
[2009/05/15 14:23:26,  2] lib/interface.c:add_interface(340)
  added interface lo ip=127.0.0.1 bcast=127.255.255.255 netmask=255.0.0.0
[2009/05/15 14:23:26,  2] lib/interface.c:add_interface(340)
  added interface eth0 ip=IPADRESS bcast=BCAST netmask=255.255.255.0
[2009/05/15 14:23:29,  1] libnet/libnet_join.c:libnet_Join(1871)
  libnet_Join:
      libnet_JoinCtx: struct libnet_JoinCtx
          in: struct libnet_JoinCtx
              dc_name                  : NULL
              machine_name             : 'HOST'
              domain_name              : *
                  domain_name              : 'DOM.REALM.CO.COM'
              account_ou               : 'REG/CN/OU/Services/'
              admin_account            : 'admuser@DOM.REALM.CO.COM'
              admin_password           : *
              machine_password         : NULL
              join_flags               : 0x00000023 (35)
                     0: WKSSVC_JOIN_FLAGS_JOIN_WITH_NEW_NAME
                     0: WKSSVC_JOIN_FLAGS_JOIN_DC_ACCOUNT
                     0: WKSSVC_JOIN_FLAGS_DEFER_SPN
                     0: WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED
                     0: WKSSVC_JOIN_FLAGS_JOIN_UNSECURE
                     1: WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED
                     0: WKSSVC_JOIN_FLAGS_WIN9X_UPGRADE
                     0: WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE
                     1: WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE
                     1: WKSSVC_JOIN_FLAGS_JOIN_TYPE
              os_version               : NULL
              os_name                  : NULL
              create_upn               : 0x00 (0)
              upn                      : NULL
              modify_config            : 0x00 (0)
              ads                      : NULL
              debug                    : 0x01 (1)
              use_kerberos             : 0x00 (0)
              secure_channel_type      : SEC_CHAN_WKSTA (2)
[2009/05/15 14:23:29, 10] libsmb/dsgetdcname.c:dsgetdcname(1167)
  dsgetdcname: domain_name: DOM.REALM.CO.COM, domain_guid: (null), site_name: (null), flags: 0x40001011
[2009/05/15 14:23:29, 10] libsmb/dsgetdcname.c:debug_dsdcinfo_flags(46)
  debug_dsdcinfo_flags: 0x40001011
  	DS_FORCE_REDISCOVERY DS_DIRECTORY_SERVICE_REQUIRED DS_WRITABLE_REQUIRED DS_RETURN_DNS_NAME 
[2009/05/15 14:23:29,  5] lib/gencache.c:gencache_init(61)
  Opening cache file at /var/lib/samba/gencache.tdb
[2009/05/15 14:23:29, 10] lib/gencache.c:gencache_get(208)
  Returning valid cache entry: key = AD_SITENAME/DOMAIN/DOM.REALM.CO.COM, value = Default-First-Site-Name, timeout = Sun Feb  7 06:28:15 2106
[2009/05/15 14:23:29,  5] libads/dns.c:sitename_fetch(817)
  sitename_fetch: Returning sitename for DOM.REALM.CO.COM: "Default-First-Site-Name"
[2009/05/15 14:23:29, 10] libsmb/dsgetdcname.c:dsgetdcname_rediscover(1080)
  dsgetdcname_rediscover
[2009/05/15 14:23:29,  4] libads/dns.c:ads_dns_lookup_srv(432)
  ads_dns_lookup_srv: 2 records returned in the answer section.
[2009/05/15 14:23:29, 10] libads/dns.c:ads_dns_parse_rr_srv(213)
  ads_dns_parse_rr_srv: Parsed dchost.dom.realm.co.com [0, 100, 389]
[2009/05/15 14:23:29, 10] libads/dns.c:ads_dns_parse_rr_srv(213)
  ads_dns_parse_rr_srv: Parsed esbadengwvm2.dom.realm.co.com [0, 100, 389]
[2009/05/15 14:23:29, 10] libsmb/dsgetdcname.c:process_dc_dns(894)
  LDAP ping to dchost.dom.realm.co.com
      &response->data.nt5_ex: struct NETLOGON_SAM_LOGON_RESPONSE_EX
          command                  : LOGON_SAM_LOGON_RESPONSE_EX (23)
          sbz                      : 0x0000 (0)
          server_type              : 0x000011fc (4604)
                 0: NBT_SERVER_PDC           
                 1: NBT_SERVER_GC            
                 1: NBT_SERVER_LDAP          
                 1: NBT_SERVER_DS            
                 1: NBT_SERVER_KDC           
                 1: NBT_SERVER_TIMESERV      
                 1: NBT_SERVER_CLOSEST       
                 1: NBT_SERVER_WRITABLE      
                 0: NBT_SERVER_GOOD_TIMESERV 
                 0: NBT_SERVER_NDNC          
                 0: NBT_SERVER_SELECT_SECRET_DOMAIN_6
                 1: NBT_SERVER_FULL_SECRET_DOMAIN_6
          domain_uuid              : 7edaa194-dc63-4f64-989e-10fbaa0a1c76
          forest                   : 'realm.co.com'
          dns_domain               : 'dom.realm.co.com'
          pdc_dns_name             : 'dchost.dom.realm.co.com'
          domain                   : 'DOM'
          pdc_name                 : 'DCHOST'
          user_name                : ''
          server_site              : 'Default-First-Site-Name'
          client_site              : 'Default-First-Site-Name'
          sockaddr_size            : 0x00 (0)
          sockaddr: struct nbt_sockaddr
              sockaddr_family          : 0x00000000 (0)
              pdc_ip                   : (null)
              remaining                : DATA_BLOB length=0
          next_closest_site        : NULL
          nt_version               : 0x00000005 (5)
                 1: NETLOGON_NT_VERSION_1    
                 0: NETLOGON_NT_VERSION_5    
                 1: NETLOGON_NT_VERSION_5EX  
                 0: NETLOGON_NT_VERSION_5EX_WITH_IP
                 0: NETLOGON_NT_VERSION_WITH_CLOSEST_SITE
                 0: NETLOGON_NT_VERSION_AVIOD_NT4EMUL
                 0: NETLOGON_NT_VERSION_PDC  
                 0: NETLOGON_NT_VERSION_IP   
                 0: NETLOGON_NT_VERSION_LOCAL
                 0: NETLOGON_NT_VERSION_GC   
          lmnt_token               : 0xffff (65535)
          lm20_token               : 0xffff (65535)
[2009/05/15 14:23:29, 10] lib/gencache.c:gencache_set_data_blob(374)
  Adding cache entry with key = DSGETDCNAME/DOMAIN/DOM; blob size = 155 and timeout = Fri May 15 14:38:29 2009
  (900 seconds ahead)
[2009/05/15 14:23:29, 10] libads/dns.c:sitename_store(778)
  sitename_store: realm = [DOM], sitename = [Default-First-Site-Name], expire = [4294967295]
[2009/05/15 14:23:29, 10] lib/gencache.c:gencache_set(131)
  Adding cache entry with key = AD_SITENAME/DOMAIN/DOM; value = Default-First-Site-Name and timeout = (null) (-1242393810 seconds ahead)
[2009/05/15 14:23:29, 10] lib/gencache.c:gencache_set_data_blob(374)
  Adding cache entry with key = DSGETDCNAME/DOMAIN/DOM.REALM.CO.COM; blob size = 155 and timeout = Fri May 15 14:38:29 2009
  (900 seconds ahead)
[2009/05/15 14:23:29, 10] libads/dns.c:sitename_store(778)
  sitename_store: realm = [dom.realm.co.com], sitename = [Default-First-Site-Name], expire = [4294967295]
[2009/05/15 14:23:29, 10] lib/gencache.c:gencache_set(131)
  Adding cache entry with key = AD_SITENAME/DOMAIN/DOM.REALM.CO.COM; value = Default-First-Site-Name and timeout = (null) (-1242393810 seconds ahead)
[2009/05/15 14:23:29,  3] libsmb/cliconnect.c:cli_start_connection(1649)
  Connecting to host=dchost.dom.realm.co.com
[2009/05/15 14:23:29, 10] lib/gencache.c:gencache_get(208)
  Returning valid cache entry: key = AD_SITENAME/DOMAIN/DOM.REALM.CO.COM, value = Default-First-Site-Name, timeout = Sun Feb  7 06:28:15 2106
[2009/05/15 14:23:29,  5] libads/dns.c:sitename_fetch(817)
  sitename_fetch: Returning sitename for DOM.REALM.CO.COM: "Default-First-Site-Name"
[2009/05/15 14:23:29, 10] libsmb/namequery.c:internal_resolve_name(1505)
  internal_resolve_name: looking up dchost.dom.realm.co.com#20 (sitename Default-First-Site-Name)
[2009/05/15 14:23:29, 10] lib/gencache.c:gencache_get(208)
  Returning valid cache entry: key = NBT/LONADENGWVM2.DOM.REALM.CO.COM#20, value = 10.128.48.202:0, timeout = Fri May 15 14:33:58 2009
[2009/05/15 14:23:29,  5] libsmb/namecache.c:namecache_fetch(233)
  name dchost.dom.realm.co.com#20 found.
[2009/05/15 14:23:29,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:29,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:29,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:29,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:29,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:29,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:29,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:29,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:29,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:29,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:29,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:29,  5] lib/charcnv.c:charset_name(82)
  Substituting charset 'UTF-8' for LOCALE
[2009/05/15 14:23:29,  3] lib/util_sock.c:open_socket_out(1400)
  Connecting to 10.128.48.202 at port 445
[2009/05/15 14:23:30,  5] lib/util_sock.c:print_socket_options(781)
  socket option SO_KEEPALIVE = 0
[2009/05/15 14:23:30,  5] lib/util_sock.c:print_socket_options(781)
  socket option SO_REUSEADDR = 0
[2009/05/15 14:23:30,  5] lib/util_sock.c:print_socket_options(781)
  socket option SO_BROADCAST = 0
[2009/05/15 14:23:30,  5] lib/util_sock.c:print_socket_options(781)
  socket option TCP_NODELAY = 1
[2009/05/15 14:23:30,  5] lib/util_sock.c:print_socket_options(781)
  socket option TCP_KEEPCNT = 9
[2009/05/15 14:23:30,  5] lib/util_sock.c:print_socket_options(781)
  socket option TCP_KEEPIDLE = 7200
[2009/05/15 14:23:30,  5] lib/util_sock.c:print_socket_options(781)
  socket option TCP_KEEPINTVL = 75
[2009/05/15 14:23:30,  5] lib/util_sock.c:print_socket_options(781)
  socket option IPTOS_LOWDELAY = 16
[2009/05/15 14:23:30,  5] lib/util_sock.c:print_socket_options(781)
  socket option IPTOS_THROUGHPUT = 16
[2009/05/15 14:23:30,  5] lib/util_sock.c:print_socket_options(781)
  socket option SO_SNDBUF = 16384
[2009/05/15 14:23:30,  5] lib/util_sock.c:print_socket_options(781)
  socket option SO_RCVBUF = 87380
[2009/05/15 14:23:30,  5] lib/util_sock.c:print_socket_options(781)
  socket option SO_SNDLOWAT = 1
[2009/05/15 14:23:30,  5] lib/util_sock.c:print_socket_options(781)
  socket option SO_RCVLOWAT = 1
[2009/05/15 14:23:30,  5] lib/util_sock.c:print_socket_options(781)
  socket option SO_SNDTIMEO = 0
[2009/05/15 14:23:30,  5] lib/util_sock.c:print_socket_options(781)
  socket option SO_RCVTIMEO = 0
[2009/05/15 14:23:30,  6] libsmb/clientgen.c:write_socket(236)
  write_socket(6,194)
[2009/05/15 14:23:30,  6] libsmb/clientgen.c:write_socket(239)
  write_socket(6,194) wrote 194
[2009/05/15 14:23:30, 10] lib/util_sock.c:read_smb_length_return_keepalive(1187)
  got smb length of 193
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(645)
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(655)
  size=193
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=0
  smb_pid=927
  smb_uid=0
  smb_mid=1
  smt_wct=17
  smb_vwv[ 0]=    9 (0x9)
  smb_vwv[ 1]=12807 (0x3207)
  smb_vwv[ 2]=  256 (0x100)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=   65 (0x41)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  256 (0x100)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=64768 (0xFD00)
  smb_vwv[10]=  499 (0x1F3)
  smb_vwv[11]=31616 (0x7B80)
  smb_vwv[12]=15008 (0x3AA0)
  smb_vwv[13]=24678 (0x6066)
  smb_vwv[14]=51669 (0xC9D5)
  smb_vwv[15]=50177 (0xC401)
  smb_vwv[16]=  255 (0xFF)
  smb_bcc=124
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 96 61 A9 DE 8D 94 C8 41  88 11 B5 6D 9C DE F6 4E  .a.....A ...m...N
  [010] 60 6A 06 06 2B 06 01 05  05 02 A0 60 30 5E A0 30  `j..+... ...`0^.0
  [020] 30 2E 06 09 2A 86 48 82  F7 12 01 02 02 06 09 2A  0...*.H. .......*
  [030] 86 48 86 F7 12 01 02 02  06 0A 2A 86 48 86 F7 12  .H...... ..*.H...
  [040] 01 02 02 03 06 0A 2B 06  01 04 01 82 37 02 02 0A  ......+. ....7...
  [050] A3 2A 30 28 A0 26 1B 24  6E 6F 74 5F 64 65 66 69  .*0(.&.$ not_defi
  [060] 6E 65 64 5F 69 6E 5F 52  46 43 34 31 37 38 40 70  ned_in_R FC4178@p
  [070] 6C 65 61 73 65 5F 69 67  6E 6F 72 65              lease_ig nore
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(645)
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(655)
  size=193
  smb_com=0x72
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51201
  smb_tid=0
  smb_pid=927
  smb_uid=0
  smb_mid=1
  smt_wct=17
  smb_vwv[ 0]=    9 (0x9)
  smb_vwv[ 1]=12807 (0x3207)
  smb_vwv[ 2]=  256 (0x100)
  smb_vwv[ 3]= 1024 (0x400)
  smb_vwv[ 4]=   65 (0x41)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  256 (0x100)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=64768 (0xFD00)
  smb_vwv[10]=  499 (0x1F3)
  smb_vwv[11]=31616 (0x7B80)
  smb_vwv[12]=15008 (0x3AA0)
  smb_vwv[13]=24678 (0x6066)
  smb_vwv[14]=51669 (0xC9D5)
  smb_vwv[15]=50177 (0xC401)
  smb_vwv[16]=  255 (0xFF)
  smb_bcc=124
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 96 61 A9 DE 8D 94 C8 41  88 11 B5 6D 9C DE F6 4E  .a.....A ...m...N
  [010] 60 6A 06 06 2B 06 01 05  05 02 A0 60 30 5E A0 30  `j..+... ...`0^.0
  [020] 30 2E 06 09 2A 86 48 82  F7 12 01 02 02 06 09 2A  0...*.H. .......*
  [030] 86 48 86 F7 12 01 02 02  06 0A 2A 86 48 86 F7 12  .H...... ..*.H...
  [040] 01 02 02 03 06 0A 2B 06  01 04 01 82 37 02 02 0A  ......+. ....7...
  [050] A3 2A 30 28 A0 26 1B 24  6E 6F 74 5F 64 65 66 69  .*0(.&.$ not_defi
  [060] 6E 65 64 5F 69 6E 5F 52  46 43 34 31 37 38 40 70  ned_in_R FC4178@p
  [070] 6C 65 61 73 65 5F 69 67  6E 6F 72 65              lease_ig nore
[2009/05/15 14:23:30,  3] libsmb/cliconnect.c:cli_session_setup_spnego(823)
  Doing spnego session setup (blob length=124)
[2009/05/15 14:23:30,  3] libsmb/cliconnect.c:cli_session_setup_spnego(850)
  got OID=1 2 840 48018 1 2 2
[2009/05/15 14:23:30,  3] libsmb/cliconnect.c:cli_session_setup_spnego(850)
  got OID=1 2 840 113554 1 2 2
[2009/05/15 14:23:30,  3] libsmb/cliconnect.c:cli_session_setup_spnego(850)
  got OID=1 2 840 113554 1 2 2 3
[2009/05/15 14:23:30,  3] libsmb/cliconnect.c:cli_session_setup_spnego(850)
  got OID=1 3 6 1 4 1 311 2 2 10
[2009/05/15 14:23:30,  3] libsmb/cliconnect.c:cli_session_setup_spnego(858)
  got principal=not_defined_in_RFC4178@please_ignore
[2009/05/15 14:23:30,  6] libsmb/clientgen.c:write_socket(236)
  write_socket(6,166)
[2009/05/15 14:23:30,  6] libsmb/clientgen.c:write_socket(239)
  write_socket(6,166) wrote 166
[2009/05/15 14:23:30, 10] lib/util_sock.c:read_smb_length_return_keepalive(1187)
  got smb length of 588
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(645)
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(655)
  size=588
  smb_com=0x73
  smb_rcls=22
  smb_reh=0
  smb_err=49152
  smb_flg=136
  smb_flg2=51205
  smb_tid=0
  smb_pid=927
  smb_uid=2050
  smb_mid=2
  smt_wct=4
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  588 (0x24C)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=  293 (0x125)
  smb_bcc=545
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] A1 82 01 21 30 82 01 1D  A0 03 0A 01 01 A1 0C 06  ...!0... ........
  [010] 0A 2B 06 01 04 01 82 37  02 02 0A A2 82 01 06 04  .+.....7 ........
  [020] 82 01 02 4E 54 4C 4D 53  53 50 00 02 00 00 00 0A  ...NTLMS SP......
  [030] 00 0A 00 38 00 00 00 15  82 89 62 34 57 BA 47 B5  ...8.... ..b4W.G.
  [040] 3B 6A BA 00 00 00 00 00  00 00 00 C0 00 C0 00 42  ;j...... .......B
  [050] 00 00 00 06 00 71 17 00  00 00 0F 5A 00 57 00 44  .....q.. ...Z.W.D
  [060] 00 42 00 47 00 02 00 0A  00 5A 00 57 00 44 00 42  .B.G.... .Z.W.D.B
  [070] 00 47 00 01 00 18 00 4C  00 4F 00 4E 00 41 00 44  .G.....L .O.N.A.D
  [080] 00 45 00 4E 00 47 00 57  00 56 00 4D 00 32 00 04  .E.N.G.W .V.M.2..
  [090] 00 24 00 7A 00 77 00 64  00 62 00 67 00 2E 00 7A  .$.z.w.d .b.g...z
  [0A0] 00 77 00 61 00 64 00 73  00 2E 00 64 00 62 00 2E  .w.a.d.s ...d.b..
  [0B0] 00 63 00 6F 00 6D 00 03  00 3E 00 6C 00 6F 00 6E  .c.o.m.. .>.l.o.n
  [0C0] 00 61 00 64 00 65 00 6E  00 67 00 77 00 76 00 6D  .a.d.e.n .g.w.v.m
  [0D0] 00 32 00 2E 00 7A 00 77  00 64 00 62 00 67 00 2E  .2...z.w .d.b.g..
  [0E0] 00 7A 00 77 00 61 00 64  00 73 00 2E 00 64 00 62  .z.w.a.d .s...d.b
  [0F0] 00 2E 00 63 00 6F 00 6D  00 05 00 18 00 7A 00 77  ...c.o.m .....z.w
  [100] 00 61 00 64 00 73 00 2E  00 64 00 62 00 2E 00 63  .a.d.s.. .d.b...c
  [110] 00 6F 00 6D 00 07 00 08  00 D4 02 3D 66 60 D5 C9  .o.m.... ...=f`..
  [120] 01 00 00 00 00 57 00 69  00 6E 00 64 00 6F 00 77  .....W.i .n.d.o.w
  [130] 00 73 00 20 00 53 00 65  00 72 00 76 00 65 00 72  .s. .S.e .r.v.e.r
  [140] 00 20 00 28 00 52 00 29  00 20 00 32 00 30 00 30  . .(.R.) . .2.0.0
  [150] 00 38 00 20 00 45 00 6E  00 74 00 65 00 72 00 70  .8. .E.n .t.e.r.p
  [160] 00 72 00 69 00 73 00 65  00 20 00 77 00 69 00 74  .r.i.s.e . .w.i.t
  [170] 00 68 00 6F 00 75 00 74  00 20 00 48 00 79 00 70  .h.o.u.t . .H.y.p
  [180] 00 65 00 72 00 2D 00 56  00 20 00 36 00 30 00 30  .e.r.-.V . .6.0.0
  [190] 00 31 00 20 00 53 00 65  00 72 00 76 00 69 00 63  .1. .S.e .r.v.i.c
  [1A0] 00 65 00 20 00 50 00 61  00 63 00 6B 00 20 00 31  .e. .P.a .c.k. .1
  [1B0] 00 00 00 57 00 69 00 6E  00 64 00 6F 00 77 00 73  ...W.i.n .d.o.w.s
  [1C0] 00 20 00 53 00 65 00 72  00 76 00 65 00 72 00 20  . .S.e.r .v.e.r. 
  [1D0] 00 28 00 52 00 29 00 20  00 32 00 30 00 30 00 38  .(.R.).  .2.0.0.8
  [1E0] 00 20 00 45 00 6E 00 74  00 65 00 72 00 70 00 72  . .E.n.t .e.r.p.r
  [1F0] 00 69 00 73 00 65 00 20  00 77 00 69 00 74 00 68  .i.s.e.  .w.i.t.h
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(645)
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(655)
  size=588
  smb_com=0x73
  smb_rcls=22
  smb_reh=0
  smb_err=49152
  smb_flg=136
  smb_flg2=51205
  smb_tid=0
  smb_pid=927
  smb_uid=2050
  smb_mid=2
  smt_wct=4
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  588 (0x24C)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=  293 (0x125)
  smb_bcc=545
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] A1 82 01 21 30 82 01 1D  A0 03 0A 01 01 A1 0C 06  ...!0... ........
  [010] 0A 2B 06 01 04 01 82 37  02 02 0A A2 82 01 06 04  .+.....7 ........
  [020] 82 01 02 4E 54 4C 4D 53  53 50 00 02 00 00 00 0A  ...NTLMS SP......
  [030] 00 0A 00 38 00 00 00 15  82 89 62 34 57 BA 47 B5  ...8.... ..b4W.G.
  [040] 3B 6A BA 00 00 00 00 00  00 00 00 C0 00 C0 00 42  ;j...... .......B
  [050] 00 00 00 06 00 71 17 00  00 00 0F 5A 00 57 00 44  .....q.. ...Z.W.D
  [060] 00 42 00 47 00 02 00 0A  00 5A 00 57 00 44 00 42  .B.G.... .Z.W.D.B
  [070] 00 47 00 01 00 18 00 4C  00 4F 00 4E 00 41 00 44  .G.....L .O.N.A.D
  [080] 00 45 00 4E 00 47 00 57  00 56 00 4D 00 32 00 04  .E.N.G.W .V.M.2..
  [090] 00 24 00 7A 00 77 00 64  00 62 00 67 00 2E 00 7A  .$.z.w.d .b.g...z
  [0A0] 00 77 00 61 00 64 00 73  00 2E 00 64 00 62 00 2E  .w.a.d.s ...d.b..
  [0B0] 00 63 00 6F 00 6D 00 03  00 3E 00 6C 00 6F 00 6E  .c.o.m.. .>.l.o.n
  [0C0] 00 61 00 64 00 65 00 6E  00 67 00 77 00 76 00 6D  .a.d.e.n .g.w.v.m
  [0D0] 00 32 00 2E 00 7A 00 77  00 64 00 62 00 67 00 2E  .2...z.w .d.b.g..
  [0E0] 00 7A 00 77 00 61 00 64  00 73 00 2E 00 64 00 62  .z.w.a.d .s...d.b
  [0F0] 00 2E 00 63 00 6F 00 6D  00 05 00 18 00 7A 00 77  ...c.o.m .....z.w
  [100] 00 61 00 64 00 73 00 2E  00 64 00 62 00 2E 00 63  .a.d.s.. .d.b...c
  [110] 00 6F 00 6D 00 07 00 08  00 D4 02 3D 66 60 D5 C9  .o.m.... ...=f`..
  [120] 01 00 00 00 00 57 00 69  00 6E 00 64 00 6F 00 77  .....W.i .n.d.o.w
  [130] 00 73 00 20 00 53 00 65  00 72 00 76 00 65 00 72  .s. .S.e .r.v.e.r
  [140] 00 20 00 28 00 52 00 29  00 20 00 32 00 30 00 30  . .(.R.) . .2.0.0
  [150] 00 38 00 20 00 45 00 6E  00 74 00 65 00 72 00 70  .8. .E.n .t.e.r.p
  [160] 00 72 00 69 00 73 00 65  00 20 00 77 00 69 00 74  .r.i.s.e . .w.i.t
  [170] 00 68 00 6F 00 75 00 74  00 20 00 48 00 79 00 70  .h.o.u.t . .H.y.p
  [180] 00 65 00 72 00 2D 00 56  00 20 00 36 00 30 00 30  .e.r.-.V . .6.0.0
  [190] 00 31 00 20 00 53 00 65  00 72 00 76 00 69 00 63  .1. .S.e .r.v.i.c
  [1A0] 00 65 00 20 00 50 00 61  00 63 00 6B 00 20 00 31  .e. .P.a .c.k. .1
  [1B0] 00 00 00 57 00 69 00 6E  00 64 00 6F 00 77 00 73  ...W.i.n .d.o.w.s
  [1C0] 00 20 00 53 00 65 00 72  00 76 00 65 00 72 00 20  . .S.e.r .v.e.r. 
  [1D0] 00 28 00 52 00 29 00 20  00 32 00 30 00 30 00 38  .(.R.).  .2.0.0.8
  [1E0] 00 20 00 45 00 6E 00 74  00 65 00 72 00 70 00 72  . .E.n.t .e.r.p.r
  [1F0] 00 69 00 73 00 65 00 20  00 77 00 69 00 74 00 68  .i.s.e.  .w.i.t.h
[2009/05/15 14:23:30,  3] libsmb/ntlmssp.c:ntlmssp_client_challenge(1027)
  Got challenge flags:
[2009/05/15 14:23:30,  3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
  Got NTLMSSP neg_flags=0x62898215
    NTLMSSP_NEGOTIATE_UNICODE
    NTLMSSP_REQUEST_TARGET
    NTLMSSP_NEGOTIATE_SIGN
    NTLMSSP_NEGOTIATE_NTLM
    NTLMSSP_NEGOTIATE_ALWAYS_SIGN
    NTLMSSP_NEGOTIATE_NTLM2
    NTLMSSP_CHAL_TARGET_INFO
    NTLMSSP_NEGOTIATE_VERSION
    NTLMSSP_NEGOTIATE_128
    NTLMSSP_NEGOTIATE_KEY_EXCH
[2009/05/15 14:23:30,  3] libsmb/ntlmssp.c:ntlmssp_client_challenge(1049)
  NTLMSSP: Set final flags:
[2009/05/15 14:23:30,  3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
  Got NTLMSSP neg_flags=0x60088215
    NTLMSSP_NEGOTIATE_UNICODE
    NTLMSSP_REQUEST_TARGET
    NTLMSSP_NEGOTIATE_SIGN
    NTLMSSP_NEGOTIATE_NTLM
    NTLMSSP_NEGOTIATE_ALWAYS_SIGN
    NTLMSSP_NEGOTIATE_NTLM2
    NTLMSSP_NEGOTIATE_128
    NTLMSSP_NEGOTIATE_KEY_EXCH
[2009/05/15 14:23:30,  3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(337)
  NTLMSSP Sign/Seal - Initialising with flags:
[2009/05/15 14:23:30,  3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
  Got NTLMSSP neg_flags=0x60088215
    NTLMSSP_NEGOTIATE_UNICODE
    NTLMSSP_REQUEST_TARGET
    NTLMSSP_NEGOTIATE_SIGN
    NTLMSSP_NEGOTIATE_NTLM
    NTLMSSP_NEGOTIATE_ALWAYS_SIGN
    NTLMSSP_NEGOTIATE_NTLM2
    NTLMSSP_NEGOTIATE_128
    NTLMSSP_NEGOTIATE_KEY_EXCH
[2009/05/15 14:23:30,  6] libsmb/clientgen.c:write_socket(236)
  write_socket(6,478)
[2009/05/15 14:23:30,  6] libsmb/clientgen.c:write_socket(239)
  write_socket(6,478) wrote 478
[2009/05/15 14:23:30, 10] lib/util_sock.c:read_smb_length_return_keepalive(1187)
  got smb length of 304
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(645)
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(655)
  size=304
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51205
  smb_tid=0
  smb_pid=927
  smb_uid=2050
  smb_mid=3
  smt_wct=4
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  304 (0x130)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    9 (0x9)
  smb_bcc=261
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] A1 07 30 05 A0 03 0A 01  00 57 00 69 00 6E 00 64  ..0..... .W.i.n.d
  [010] 00 6F 00 77 00 73 00 20  00 53 00 65 00 72 00 76  .o.w.s.  .S.e.r.v
  [020] 00 65 00 72 00 20 00 28  00 52 00 29 00 20 00 32  .e.r. .( .R.). .2
  [030] 00 30 00 30 00 38 00 20  00 45 00 6E 00 74 00 65  .0.0.8.  .E.n.t.e
  [040] 00 72 00 70 00 72 00 69  00 73 00 65 00 20 00 77  .r.p.r.i .s.e. .w
  [050] 00 69 00 74 00 68 00 6F  00 75 00 74 00 20 00 48  .i.t.h.o .u.t. .H
  [060] 00 79 00 70 00 65 00 72  00 2D 00 56 00 20 00 36  .y.p.e.r .-.V. .6
  [070] 00 30 00 30 00 31 00 20  00 53 00 65 00 72 00 76  .0.0.1.  .S.e.r.v
  [080] 00 69 00 63 00 65 00 20  00 50 00 61 00 63 00 6B  .i.c.e.  .P.a.c.k
  [090] 00 20 00 31 00 00 00 57  00 69 00 6E 00 64 00 6F  . .1...W .i.n.d.o
  [0A0] 00 77 00 73 00 20 00 53  00 65 00 72 00 76 00 65  .w.s. .S .e.r.v.e
  [0B0] 00 72 00 20 00 28 00 52  00 29 00 20 00 32 00 30  .r. .(.R .). .2.0
  [0C0] 00 30 00 38 00 20 00 45  00 6E 00 74 00 65 00 72  .0.8. .E .n.t.e.r
  [0D0] 00 70 00 72 00 69 00 73  00 65 00 20 00 77 00 69  .p.r.i.s .e. .w.i
  [0E0] 00 74 00 68 00 6F 00 75  00 74 00 20 00 48 00 79  .t.h.o.u .t. .H.y
  [0F0] 00 70 00 65 00 72 00 2D  00 56 00 20 00 36 00 2E  .p.e.r.- .V. .6..
  [100] 00 30 00 00 00                                    .0... 
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(645)
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(655)
  size=304
  smb_com=0x73
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51205
  smb_tid=0
  smb_pid=927
  smb_uid=2050
  smb_mid=3
  smt_wct=4
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  304 (0x130)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    9 (0x9)
  smb_bcc=261
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] A1 07 30 05 A0 03 0A 01  00 57 00 69 00 6E 00 64  ..0..... .W.i.n.d
  [010] 00 6F 00 77 00 73 00 20  00 53 00 65 00 72 00 76  .o.w.s.  .S.e.r.v
  [020] 00 65 00 72 00 20 00 28  00 52 00 29 00 20 00 32  .e.r. .( .R.). .2
  [030] 00 30 00 30 00 38 00 20  00 45 00 6E 00 74 00 65  .0.0.8.  .E.n.t.e
  [040] 00 72 00 70 00 72 00 69  00 73 00 65 00 20 00 77  .r.p.r.i .s.e. .w
  [050] 00 69 00 74 00 68 00 6F  00 75 00 74 00 20 00 48  .i.t.h.o .u.t. .H
  [060] 00 79 00 70 00 65 00 72  00 2D 00 56 00 20 00 36  .y.p.e.r .-.V. .6
  [070] 00 30 00 30 00 31 00 20  00 53 00 65 00 72 00 76  .0.0.1.  .S.e.r.v
  [080] 00 69 00 63 00 65 00 20  00 50 00 61 00 63 00 6B  .i.c.e.  .P.a.c.k
  [090] 00 20 00 31 00 00 00 57  00 69 00 6E 00 64 00 6F  . .1...W .i.n.d.o
  [0A0] 00 77 00 73 00 20 00 53  00 65 00 72 00 76 00 65  .w.s. .S .e.r.v.e
  [0B0] 00 72 00 20 00 28 00 52  00 29 00 20 00 32 00 30  .r. .(.R .). .2.0
  [0C0] 00 30 00 38 00 20 00 45  00 6E 00 74 00 65 00 72  .0.8. .E .n.t.e.r
  [0D0] 00 70 00 72 00 69 00 73  00 65 00 20 00 77 00 69  .p.r.i.s .e. .w.i
  [0E0] 00 74 00 68 00 6F 00 75  00 74 00 20 00 48 00 79  .t.h.o.u .t. .H.y
  [0F0] 00 70 00 65 00 72 00 2D  00 56 00 20 00 36 00 2E  .p.e.r.- .V. .6..
  [100] 00 30 00 00 00                                    .0... 
[2009/05/15 14:23:30,  5] libsmb/smb_signing.c:set_smb_signing_real_common(144)
  SMB signing enabled!
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:cli_simple_set_signing(494)
  cli_simple_set_signing: user_session_key
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] AC B5 20 7C B5 01 03 FA  62 DF AA 34 32 46 FB 25  .. |.... b..42F.%
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:cli_simple_set_signing(502)
  cli_simple_set_signing: NULL response_data
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:simple_packet_signature(285)
  simple_packet_signature: sequence number 0
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:client_sign_outgoing_message(351)
  client_sign_outgoing_message: sent SMB signature of
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] FD FA A5 59 E7 EA 02 4A                           ...Y...J 
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:store_sequence_for_reply(67)
  store_sequence_for_reply: stored seq = 1 mid = 3
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:get_sequence_for_reply(80)
  get_sequence_for_reply: found seq = 1 mid = 3
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:simple_packet_signature(285)
  simple_packet_signature: sequence number 1
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:client_check_incoming_message(434)
  client_check_incoming_message: seq 1: got good SMB signature of
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] A2 AE 14 B6 AA A0 8F FD                           ........ 
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:simple_packet_signature(285)
  simple_packet_signature: sequence number 2
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:client_sign_outgoing_message(351)
  client_sign_outgoing_message: sent SMB signature of
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] C6 51 EF 80 8D EE C3 EE                           .Q...... 
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:store_sequence_for_reply(67)
  store_sequence_for_reply: stored seq = 3 mid = 4
[2009/05/15 14:23:30,  6] libsmb/clientgen.c:write_socket(236)
  write_socket(6,130)
[2009/05/15 14:23:30,  6] libsmb/clientgen.c:write_socket(239)
  write_socket(6,130) wrote 130
[2009/05/15 14:23:30, 10] lib/util_sock.c:read_smb_length_return_keepalive(1187)
  got smb length of 56
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(645)
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(655)
  size=56
  smb_com=0x75
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51205
  smb_tid=2050
  smb_pid=927
  smb_uid=2050
  smb_mid=4
  smt_wct=7
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=   56 (0x38)
  smb_vwv[ 2]=    1 (0x1)
  smb_vwv[ 3]=  511 (0x1FF)
  smb_vwv[ 4]=   31 (0x1F)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_bcc=7
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 49 50 43 00 00 00 00                              IPC.... 
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:get_sequence_for_reply(80)
  get_sequence_for_reply: found seq = 3 mid = 4
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:simple_packet_signature(285)
  simple_packet_signature: sequence number 3
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:client_check_incoming_message(434)
  client_check_incoming_message: seq 3: got good SMB signature of
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] E5 9C 28 F8 3E 4B 4C DA                           ..(.>KL. 
[2009/05/15 14:23:30, 10] libsmb/clientgen.c:cli_init_creds(415)
  cli_init_creds: user admuser@DOM.REALM.CO.COM domain 
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:simple_packet_signature(285)
  simple_packet_signature: sequence number 4
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:client_sign_outgoing_message(351)
  client_sign_outgoing_message: sent SMB signature of
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 23 3D F0 D5 9E 30 22 6C                           #=...0"l 
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:store_sequence_for_reply(67)
  store_sequence_for_reply: stored seq = 5 mid = 5
[2009/05/15 14:23:30,  6] libsmb/clientgen.c:write_socket(236)
  write_socket(6,104)
[2009/05/15 14:23:30,  6] libsmb/clientgen.c:write_socket(239)
  write_socket(6,104) wrote 104
[2009/05/15 14:23:30, 10] lib/util_sock.c:read_smb_length_return_keepalive(1187)
  got smb length of 103
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(645)
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(655)
  size=103
  smb_com=0xa2
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51205
  smb_tid=2050
  smb_pid=927
  smb_uid=2050
  smb_mid=5
  smt_wct=34
  smb_vwv[ 0]=  255 (0xFF)
  smb_vwv[ 1]=  103 (0x67)
  smb_vwv[ 2]=  768 (0x300)
  smb_vwv[ 3]=  320 (0x140)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=    0 (0x0)
  smb_vwv[11]=    0 (0x0)
  smb_vwv[12]=    0 (0x0)
  smb_vwv[13]=    0 (0x0)
  smb_vwv[14]=    0 (0x0)
  smb_vwv[15]=    0 (0x0)
  smb_vwv[16]=    0 (0x0)
  smb_vwv[17]=    0 (0x0)
  smb_vwv[18]=    0 (0x0)
  smb_vwv[19]=    0 (0x0)
  smb_vwv[20]=    0 (0x0)
  smb_vwv[21]=32768 (0x8000)
  smb_vwv[22]=    0 (0x0)
  smb_vwv[23]=    0 (0x0)
  smb_vwv[24]=   16 (0x10)
  smb_vwv[25]=    0 (0x0)
  smb_vwv[26]=    0 (0x0)
  smb_vwv[27]=    0 (0x0)
  smb_vwv[28]=    0 (0x0)
  smb_vwv[29]=    0 (0x0)
  smb_vwv[30]=    0 (0x0)
  smb_vwv[31]=  512 (0x200)
  smb_vwv[32]=65280 (0xFF00)
  smb_vwv[33]=    5 (0x5)
  smb_bcc=0
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:get_sequence_for_reply(80)
  get_sequence_for_reply: found seq = 5 mid = 5
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:simple_packet_signature(285)
  simple_packet_signature: sequence number 5
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:client_check_incoming_message(434)
  client_check_incoming_message: seq 5: got good SMB signature of
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 1C 76 F3 5F F5 B0 2F 76                           .v._../v 
[2009/05/15 14:23:30,  5] rpc_client/cli_pipe.c:rpc_pipe_bind(2201)
  Bind RPC Pipe: host dchost.dom.realm.co.com, pipe \lsarpc, fnum 0x4003 auth_type 0, auth_level 0
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_debug(88)
  000000 smb_io_rpc_hdr hdr
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0000 major     : 05
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0001 minor     : 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0002 pkt_type  : 0b
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0003 flags     : 03
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0004 pack_type0: 10
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0005 pack_type1: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0006 pack_type2: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0007 pack_type3: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      0008 frag_len  : 0048
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      000a auth_len  : 0000
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint32(718)
      000c call_id   : 00000001
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_debug(88)
  000010 smb_io_rpc_hdr_rb 
[2009/05/15 14:23:30,  6] rpc_parse/parse_prs.c:prs_debug(88)
      000010 smb_io_rpc_hdr_bba 
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
          0010 max_tsize: 10b8
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
          0012 max_rsize: 10b8
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint32(718)
          0014 assoc_gid: 00000000
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0018 num_contexts: 01
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      001c context_id  : 0000
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      001e num_transfer_syntaxes: 01
[2009/05/15 14:23:30,  6] rpc_parse/parse_prs.c:prs_debug(88)
      00001f smb_io_rpc_iface 
[2009/05/15 14:23:30,  7] rpc_parse/parse_prs.c:prs_debug(88)
          000020 smb_io_uuid uuid
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint32(718)
              0020 data   : 12345778
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
              0024 data   : 1234
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
              0026 data   : abcd
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8s(865)
              0028 data   : ef 00 
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8s(865)
              002a data   : 01 23 45 67 89 ab 
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint32(718)
          0030 version: 00000000
[2009/05/15 14:23:30,  6] rpc_parse/parse_prs.c:prs_debug(88)
      000034 smb_io_rpc_iface 
[2009/05/15 14:23:30,  7] rpc_parse/parse_prs.c:prs_debug(88)
          000034 smb_io_uuid uuid
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint32(718)
              0034 data   : 8a885d04
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
              0038 data   : 1ceb
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
              003a data   : 11c9
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8s(865)
              003c data   : 9f e8 
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8s(865)
              003e data   : 08 00 2b 10 48 60 
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint32(718)
          0044 version: 00000002
[2009/05/15 14:23:30,  5] rpc_client/cli_pipe.c:rpc_api_pipe(886)
  rpc_api_pipe: host dchost.dom.realm.co.com, pipe \lsarpc, fnum 0x4003
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(645)
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(655)
  size=154
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=2050
  smb_pid=927
  smb_uid=2050
  smb_mid=6
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   72 (0x48)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   72 (0x48)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=16387 (0x4003)
  smb_bcc=87
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 0B 03 10 00 00 00 48  00 00 00 01 00 00 00 B8  .......H ........
  [020] 10 B8 10 00 00 00 00 01  00 00 00 00 00 01 00 78  ........ .......x
  [030] 57 34 12 34 12 CD AB EF  00 01 23 45 67 89 AB 00  W4.4.... ..#Eg...
  [040] 00 00 00 04 5D 88 8A EB  1C C9 11 9F E8 08 00 2B  ....]... .......+
  [050] 10 48 60 02 00 00 00                              .H`.... 
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:simple_packet_signature(285)
  simple_packet_signature: sequence number 6
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:client_sign_outgoing_message(351)
  client_sign_outgoing_message: sent SMB signature of
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 9A B3 DF 94 69 3C B4 5A                           ....i<.Z 
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:store_sequence_for_reply(67)
  store_sequence_for_reply: stored seq = 7 mid = 6
[2009/05/15 14:23:30,  6] libsmb/clientgen.c:write_socket(236)
  write_socket(6,158)
[2009/05/15 14:23:30,  6] libsmb/clientgen.c:write_socket(239)
  write_socket(6,158) wrote 158
[2009/05/15 14:23:30, 10] lib/util_sock.c:read_smb_length_return_keepalive(1187)
  got smb length of 124
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(645)
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(655)
  size=124
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51205
  smb_tid=2050
  smb_pid=927
  smb_uid=2050
  smb_mid=6
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   68 (0x44)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=69
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 00 05 00 0C 03 10 00 00  00 44 00 00 00 01 00 00  ........ .D......
  [010] 00 B8 10 B8 10 2E 65 01  00 0C 00 5C 70 69 70 65  ......e. ...\pipe
  [020] 5C 6C 73 61 73 73 00 00  00 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00                                    `.... 
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:get_sequence_for_reply(80)
  get_sequence_for_reply: found seq = 7 mid = 6
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:simple_packet_signature(285)
  simple_packet_signature: sequence number 7
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:client_check_incoming_message(434)
  client_check_incoming_message: seq 7: got good SMB signature of
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] B9 49 DB B1 D9 AC BC 56                           .I.....V 
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(645)
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(655)
  size=124
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51205
  smb_tid=2050
  smb_pid=927
  smb_uid=2050
  smb_mid=6
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
Comment 1 Alex Green 2009-05-15 11:42:57 UTC
  smb_vwv[ 6]=   68 (0x44)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=69
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 00 05 00 0C 03 10 00 00  00 44 00 00 00 01 00 00  ........ .D......
  [010] 00 B8 10 B8 10 2E 65 01  00 0C 00 5C 70 69 70 65  ......e. ...\pipe
  [020] 5C 6C 73 61 73 73 00 00  00 01 00 00 00 00 00 00  \lsass.. ........
  [030] 00 04 5D 88 8A EB 1C C9  11 9F E8 08 00 2B 10 48  ..]..... .....+.H
  [040] 60 02 00 00 00                                    `.... 
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:get_sequence_for_reply(80)
  get_sequence_for_reply: found seq = 7 mid = 6
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_debug(88)
  000000 smb_io_rpc_hdr rpc_hdr   
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0000 major     : 05
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0001 minor     : 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0002 pkt_type  : 0c
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0003 flags     : 03
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0004 pack_type0: 10
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0005 pack_type1: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0006 pack_type2: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0007 pack_type3: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      0008 frag_len  : 0044
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      000a auth_len  : 0000
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint32(718)
      000c call_id   : 00000001
[2009/05/15 14:23:30, 10] rpc_client/cli_pipe.c:rpc_api_pipe(998)
  rpc_api_pipe: got PDU len of 68 at offset 0
[2009/05/15 14:23:30, 10] rpc_client/cli_pipe.c:rpc_api_pipe(1045)
  rpc_api_pipe: host dchost.dom.realm.co.com, pipe \lsarpc, fnum 0x4003 returned 68 bytes.
[2009/05/15 14:23:30,  3] rpc_client/cli_pipe.c:rpc_pipe_bind(2234)
  rpc_pipe_bind: host dchost.dom.realm.co.com, pipe \lsarpc, fnum 0x4003 bind request returned ok.
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_debug(88)
  000000 smb_io_rpc_hdr hdr
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0000 major     : 05
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0001 minor     : 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0002 pkt_type  : 0c
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0003 flags     : 03
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0004 pack_type0: 10
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0005 pack_type1: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0006 pack_type2: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0007 pack_type3: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      0008 frag_len  : 0044
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      000a auth_len  : 0000
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint32(718)
      000c call_id   : 00000001
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_debug(88)
  000010 smb_io_rpc_hdr_ba 
[2009/05/15 14:23:30,  6] rpc_parse/parse_prs.c:prs_debug(88)
      000010 smb_io_rpc_hdr_bba 
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
          0010 max_tsize: 10b8
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
          0012 max_rsize: 10b8
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint32(718)
          0014 assoc_gid: 0001652e
[2009/05/15 14:23:30,  6] rpc_parse/parse_prs.c:prs_debug(88)
      000018 smb_io_rpc_addr_str 
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
          0018 len: 000c
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8s(865)
          001a str: \pipe\lsass.
[2009/05/15 14:23:30,  6] rpc_parse/parse_prs.c:prs_debug(88)
      000026 smb_io_rpc_results 
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
          0028 num_results: 01
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
          002c result     : 0000
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
          002e reason     : 0000
[2009/05/15 14:23:30,  6] rpc_parse/parse_prs.c:prs_debug(88)
      000030 smb_io_rpc_iface 
[2009/05/15 14:23:30,  7] rpc_parse/parse_prs.c:prs_debug(88)
          000030 smb_io_uuid uuid
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint32(718)
              0030 data   : 8a885d04
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
              0034 data   : 1ceb
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
              0036 data   : 11c9
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8s(865)
              0038 data   : 9f e8 
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8s(865)
              003a data   : 08 00 2b 10 48 60 
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint32(718)
          0040 version: 00000002
[2009/05/15 14:23:30,  5] rpc_client/cli_pipe.c:check_bind_response(1845)
  check_bind_response: accepted!
[2009/05/15 14:23:30, 10] rpc_client/cli_pipe.c:cli_rpc_pipe_open_noauth(3011)
  cli_rpc_pipe_open_noauth: opened pipe \lsarpc to machine dchost.dom.realm.co.com and bound anonymously.
[2009/05/15 14:23:30,  5] rpc_client/init_lsa.c:init_lsa_sec_qos(70)
  init_lsa_sec_qos
[2009/05/15 14:23:30,  5] rpc_client/init_lsa.c:init_lsa_obj_attr(90)
  init_lsa_obj_attr
      lsa_OpenPolicy: struct lsa_OpenPolicy
          in: struct lsa_OpenPolicy
              system_name              : *
                  system_name              : 0x005c (92)
              attr                     : *
                  attr: struct lsa_ObjectAttribute
                      len                      : 0x00000018 (24)
                      root_dir                 : NULL
                      object_name              : NULL
                      attributes               : 0x00000000 (0)
                      sec_desc                 : NULL
                      sec_qos                  : *
                          sec_qos: struct lsa_QosInfo
                              len                      : 0x0000000c (12)
                              impersonation_level      : 0x0002 (2)
                              context_mode             : 0x01 (1)
                              effective_only           : 0x00 (0)
              access_mask              : 0x02000000 (33554432)
                     0: LSA_POLICY_VIEW_LOCAL_INFORMATION
                     0: LSA_POLICY_VIEW_AUDIT_INFORMATION
                     0: LSA_POLICY_GET_PRIVATE_INFORMATION
                     0: LSA_POLICY_TRUST_ADMIN   
                     0: LSA_POLICY_CREATE_ACCOUNT
                     0: LSA_POLICY_CREATE_SECRET 
                     0: LSA_POLICY_CREATE_PRIVILEGE
                     0: LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS
                     0: LSA_POLICY_SET_AUDIT_REQUIREMENTS
                     0: LSA_POLICY_AUDIT_LOG_ADMIN
                     0: LSA_POLICY_SERVER_ADMIN  
                     0: LSA_POLICY_LOOKUP_NAMES  
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_debug(88)
  000000 smb_io_rpc_hdr hdr    
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0000 major     : 05
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0001 minor     : 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0002 pkt_type  : 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0003 flags     : 03
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0004 pack_type0: 10
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0005 pack_type1: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0006 pack_type2: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0007 pack_type3: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      0008 frag_len  : 0044
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      000a auth_len  : 0000
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint32(718)
      000c call_id   : 00000002
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_debug(88)
  000010 smb_io_rpc_hdr_req hdr_req
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint32(718)
      0010 alloc_hint: 0000002c
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      0014 context_id: 0000
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      0016 opnum     : 0006
[2009/05/15 14:23:30,  5] rpc_client/cli_pipe.c:rpc_api_pipe(886)
  rpc_api_pipe: host dchost.dom.realm.co.com, pipe \lsarpc, fnum 0x4003
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(645)
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(655)
  size=150
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=2050
  smb_pid=927
  smb_uid=2050
  smb_mid=7
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   68 (0x44)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   68 (0x44)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=16387 (0x4003)
  smb_bcc=83
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 44  00 00 00 02 00 00 00 2C  .......D .......,
  [020] 00 00 00 00 00 06 00 00  00 02 00 5C 00 00 00 18  ........ ...\....
  [030] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
  [040] 00 00 00 04 00 02 00 0C  00 00 00 02 00 01 00 00  ........ ........
  [050] 00 00 02                                          ... 
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:simple_packet_signature(285)
  simple_packet_signature: sequence number 8
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:client_sign_outgoing_message(351)
  client_sign_outgoing_message: sent SMB signature of
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] E8 CD FC 31 6E 62 A3 AE                           ...1nb.. 
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:store_sequence_for_reply(67)
  store_sequence_for_reply: stored seq = 9 mid = 7
[2009/05/15 14:23:30,  6] libsmb/clientgen.c:write_socket(236)
  write_socket(6,154)
[2009/05/15 14:23:30,  6] libsmb/clientgen.c:write_socket(239)
  write_socket(6,154) wrote 154
[2009/05/15 14:23:30, 10] lib/util_sock.c:read_smb_length_return_keepalive(1187)
  got smb length of 104
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(645)
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(655)
  size=104
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51205
  smb_tid=2050
  smb_pid=927
  smb_uid=2050
  smb_mid=7
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   48 (0x30)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   48 (0x30)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=49
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 00 05 00 02 03 10 00 00  00 30 00 00 00 02 00 00  ........ .0......
  [010] 00 18 00 00 00 00 00 00  00 00 00 00 00 C0 F1 DB  ........ ........
  [020] E0 86 07 65 48 A7 BF F3  76 6C DF D8 19 00 00 00  ...eH... vl......
  [030] 00                                                . 
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:get_sequence_for_reply(80)
  get_sequence_for_reply: found seq = 9 mid = 7
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:simple_packet_signature(285)
  simple_packet_signature: sequence number 9
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:client_check_incoming_message(434)
  client_check_incoming_message: seq 9: got good SMB signature of
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] DC 41 B5 F1 A9 E4 A2 7C                           .A.....| 
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(645)
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(655)
  size=104
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51205
  smb_tid=2050
  smb_pid=927
  smb_uid=2050
  smb_mid=7
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   48 (0x30)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   48 (0x30)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=49
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 00 05 00 02 03 10 00 00  00 30 00 00 00 02 00 00  ........ .0......
  [010] 00 18 00 00 00 00 00 00  00 00 00 00 00 C0 F1 DB  ........ ........
  [020] E0 86 07 65 48 A7 BF F3  76 6C DF D8 19 00 00 00  ...eH... vl......
  [030] 00                                                . 
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:get_sequence_for_reply(80)
  get_sequence_for_reply: found seq = 9 mid = 7
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_debug(88)
  000000 smb_io_rpc_hdr rpc_hdr   
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0000 major     : 05
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0001 minor     : 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0002 pkt_type  : 02
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0003 flags     : 03
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0004 pack_type0: 10
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0005 pack_type1: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0006 pack_type2: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0007 pack_type3: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      0008 frag_len  : 0030
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      000a auth_len  : 0000
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint32(718)
      000c call_id   : 00000002
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_debug(88)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint32(718)
      0010 alloc_hint: 00000018
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      0014 context_id: 0000
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0016 cancel_ct : 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0017 reserved  : 00
[2009/05/15 14:23:30, 10] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(711)
  cli_pipe_validate_current_pdu: got pdu len 48, data_len 24, ss_len 0
[2009/05/15 14:23:30, 10] rpc_client/cli_pipe.c:rpc_api_pipe(998)
  rpc_api_pipe: got PDU len of 48 at offset 0
[2009/05/15 14:23:30, 10] rpc_client/cli_pipe.c:rpc_api_pipe(1045)
  rpc_api_pipe: host dchost.dom.realm.co.com, pipe \lsarpc, fnum 0x4003 returned 48 bytes.
      lsa_OpenPolicy: struct lsa_OpenPolicy
          out: struct lsa_OpenPolicy
              handle                   : *
                  handle: struct policy_handle
                      handle_type              : 0x00000000 (0)
                      uuid                     : e0dbf1c0-0786-4865-a7bf-f3766cdfd819
              result                   : NT_STATUS_OK
      lsa_QueryInfoPolicy2: struct lsa_QueryInfoPolicy2
          in: struct lsa_QueryInfoPolicy2
              handle                   : *
                  handle: struct policy_handle
                      handle_type              : 0x00000000 (0)
                      uuid                     : e0dbf1c0-0786-4865-a7bf-f3766cdfd819
              level                    : LSA_POLICY_INFO_DNS (12)
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_debug(88)
  000000 smb_io_rpc_hdr hdr    
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0000 major     : 05
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0001 minor     : 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0002 pkt_type  : 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0003 flags     : 03
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0004 pack_type0: 10
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0005 pack_type1: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0006 pack_type2: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0007 pack_type3: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      0008 frag_len  : 002e
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      000a auth_len  : 0000
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint32(718)
      000c call_id   : 00000003
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_debug(88)
  000010 smb_io_rpc_hdr_req hdr_req
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint32(718)
      0010 alloc_hint: 00000016
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      0014 context_id: 0000
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      0016 opnum     : 002e
[2009/05/15 14:23:30,  5] rpc_client/cli_pipe.c:rpc_api_pipe(886)
  rpc_api_pipe: host dchost.dom.realm.co.com, pipe \lsarpc, fnum 0x4003
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(645)
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(655)
  size=128
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=2050
  smb_pid=927
  smb_uid=2050
  smb_mid=8
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   46 (0x2E)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   46 (0x2E)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=16387 (0x4003)
  smb_bcc=61
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 2E  00 00 00 03 00 00 00 16  ........ ........
  [020] 00 00 00 00 00 2E 00 00  00 00 00 C0 F1 DB E0 86  ........ ........
  [030] 07 65 48 A7 BF F3 76 6C  DF D8 19 0C 00           .eH...vl .....
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:simple_packet_signature(285)
  simple_packet_signature: sequence number 10
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:client_sign_outgoing_message(351)
  client_sign_outgoing_message: sent SMB signature of
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 48 D1 35 07 F3 CA F3 26                           H.5....& 
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:store_sequence_for_reply(67)
  store_sequence_for_reply: stored seq = 11 mid = 8
[2009/05/15 14:23:30,  6] libsmb/clientgen.c:write_socket(236)
  write_socket(6,132)
[2009/05/15 14:23:30,  6] libsmb/clientgen.c:write_socket(239)
  write_socket(6,132) wrote 132
[2009/05/15 14:23:30, 10] lib/util_sock.c:read_smb_length_return_keepalive(1187)
  got smb length of 272
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(645)
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(655)
  size=272
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51205
  smb_tid=2050
  smb_pid=927
  smb_uid=2050
  smb_mid=8
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  216 (0xD8)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  216 (0xD8)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=217
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 00 05 00 02 03 10 00 00  00 D8 00 00 00 03 00 00  ........ ........
  [010] 00 C0 00 00 00 00 00 00  00 00 00 02 00 0C 00 00  ........ ........
  [020] 00 0A 00 0C 00 04 00 02  00 24 00 26 00 08 00 02  ........ .$.&....
  [030] 00 18 00 1A 00 0C 00 02  00 94 A1 DA 7E 63 DC 64  ........ ....~c.d
  [040] 4F 98 9E 10 FB AA 0A 1C  76 10 00 02 00 06 00 00  O....... v.......
  [050] 00 00 00 00 00 05 00 00  00 5A 00 57 00 44 00 42  ........ .Z.W.D.B
  [060] 00 47 00 00 00 13 00 00  00 00 00 00 00 12 00 00  .G...... ........
  [070] 00 7A 00 77 00 64 00 62  00 67 00 2E 00 7A 00 77  .z.w.d.b .g...z.w
  [080] 00 61 00 64 00 73 00 2E  00 64 00 62 00 2E 00 63  .a.d.s.. .d.b...c
  [090] 00 6F 00 6D 00 0D 00 00  00 00 00 00 00 0C 00 00  .o.m.... ........
  [0A0] 00 7A 00 77 00 61 00 64  00 73 00 2E 00 64 00 62  .z.w.a.d .s...d.b
  [0B0] 00 2E 00 63 00 6F 00 6D  00 04 00 00 00 01 04 00  ...c.o.m ........
  [0C0] 00 00 00 00 05 15 00 00  00 36 89 AE 48 D5 01 B6  ........ .6..H...
  [0D0] 69 5E 05 C3 2F 00 00 00  00                       i^../... .
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:get_sequence_for_reply(80)
  get_sequence_for_reply: found seq = 11 mid = 8
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:simple_packet_signature(285)
  simple_packet_signature: sequence number 11
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:client_check_incoming_message(434)
  client_check_incoming_message: seq 11: got good SMB signature of
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 73 C3 0A AB 3C CD 7D C0                           s...<.}. 
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(645)
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(655)
  size=272
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51205
  smb_tid=2050
  smb_pid=927
  smb_uid=2050
  smb_mid=8
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=  216 (0xD8)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=  216 (0xD8)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=217
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 00 05 00 02 03 10 00 00  00 D8 00 00 00 03 00 00  ........ ........
  [010] 00 C0 00 00 00 00 00 00  00 00 00 02 00 0C 00 00  ........ ........
  [020] 00 0A 00 0C 00 04 00 02  00 24 00 26 00 08 00 02  ........ .$.&....
  [030] 00 18 00 1A 00 0C 00 02  00 94 A1 DA 7E 63 DC 64  ........ ....~c.d
  [040] 4F 98 9E 10 FB AA 0A 1C  76 10 00 02 00 06 00 00  O....... v.......
  [050] 00 00 00 00 00 05 00 00  00 5A 00 57 00 44 00 42  ........ .Z.W.D.B
  [060] 00 47 00 00 00 13 00 00  00 00 00 00 00 12 00 00  .G...... ........
  [070] 00 7A 00 77 00 64 00 62  00 67 00 2E 00 7A 00 77  .z.w.d.b .g...z.w
  [080] 00 61 00 64 00 73 00 2E  00 64 00 62 00 2E 00 63  .a.d.s.. .d.b...c
  [090] 00 6F 00 6D 00 0D 00 00  00 00 00 00 00 0C 00 00  .o.m.... ........
  [0A0] 00 7A 00 77 00 61 00 64  00 73 00 2E 00 64 00 62  .z.w.a.d .s...d.b
  [0B0] 00 2E 00 63 00 6F 00 6D  00 04 00 00 00 01 04 00  ...c.o.m ........
  [0C0] 00 00 00 00 05 15 00 00  00 36 89 AE 48 D5 01 B6  ........ .6..H...
  [0D0] 69 5E 05 C3 2F 00 00 00  00                       i^../... .
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:get_sequence_for_reply(80)
  get_sequence_for_reply: found seq = 11 mid = 8
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_debug(88)
  000000 smb_io_rpc_hdr rpc_hdr   
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0000 major     : 05
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0001 minor     : 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0002 pkt_type  : 02
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0003 flags     : 03
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0004 pack_type0: 10
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0005 pack_type1: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0006 pack_type2: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0007 pack_type3: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      0008 frag_len  : 00d8
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      000a auth_len  : 0000
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint32(718)
      000c call_id   : 00000003
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_debug(88)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint32(718)
      0010 alloc_hint: 000000c0
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      0014 context_id: 0000
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0016 cancel_ct : 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0017 reserved  : 00
[2009/05/15 14:23:30, 10] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(711)
  cli_pipe_validate_current_pdu: got pdu len 216, data_len 192, ss_len 0
[2009/05/15 14:23:30, 10] rpc_client/cli_pipe.c:rpc_api_pipe(998)
  rpc_api_pipe: got PDU len of 216 at offset 0
[2009/05/15 14:23:30, 10] rpc_client/cli_pipe.c:rpc_api_pipe(1045)
  rpc_api_pipe: host dchost.dom.realm.co.com, pipe \lsarpc, fnum 0x4003 returned 384 bytes.
      lsa_QueryInfoPolicy2: struct lsa_QueryInfoPolicy2
          out: struct lsa_QueryInfoPolicy2
              info                     : *
                  info                     : *
                      info                     : union lsa_PolicyInformation(case 12)
                      dns: struct lsa_DnsDomainInfo
                          name: struct lsa_StringLarge
                              length                   : 0x000a (10)
                              size                     : 0x000c (12)
                              string                   : *
                                  string                   : 'DOM'
                          dns_domain: struct lsa_StringLarge
                              length                   : 0x0024 (36)
                              size                     : 0x0026 (38)
                              string                   : *
                                  string                   : 'dom.realm.co.com'
                          dns_forest: struct lsa_StringLarge
                              length                   : 0x0018 (24)
                              size                     : 0x001a (26)
                              string                   : *
                                  string                   : 'realm.co.com'
                          domain_guid              : 7edaa194-dc63-4f64-989e-10fbaa0a1c76
                          sid                      : *
                              sid                      : S-1-5-21-1219397942-1773535701-801310046
              result                   : NT_STATUS_OK
      lsa_Close: struct lsa_Close
          in: struct lsa_Close
              handle                   : *
                  handle: struct policy_handle
                      handle_type              : 0x00000000 (0)
                      uuid                     : e0dbf1c0-0786-4865-a7bf-f3766cdfd819
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_debug(88)
  000000 smb_io_rpc_hdr hdr    
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0000 major     : 05
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0001 minor     : 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0002 pkt_type  : 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0003 flags     : 03
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0004 pack_type0: 10
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0005 pack_type1: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0006 pack_type2: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0007 pack_type3: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      0008 frag_len  : 002c
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      000a auth_len  : 0000
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint32(718)
      000c call_id   : 00000004
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_debug(88)
  000010 smb_io_rpc_hdr_req hdr_req
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint32(718)
      0010 alloc_hint: 00000014
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      0014 context_id: 0000
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      0016 opnum     : 0000
[2009/05/15 14:23:30,  5] rpc_client/cli_pipe.c:rpc_api_pipe(886)
  rpc_api_pipe: host dchost.dom.realm.co.com, pipe \lsarpc, fnum 0x4003
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(645)
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(655)
  size=126
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=8
  smb_flg2=51201
  smb_tid=2050
  smb_pid=927
  smb_uid=2050
  smb_mid=9
  smt_wct=16
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   44 (0x2C)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]= 4280 (0x10B8)
  smb_vwv[ 4]=    0 (0x0)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=    0 (0x0)
  smb_vwv[ 7]=    0 (0x0)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_vwv[10]=   82 (0x52)
  smb_vwv[11]=   44 (0x2C)
  smb_vwv[12]=   82 (0x52)
  smb_vwv[13]=    2 (0x2)
  smb_vwv[14]=   38 (0x26)
  smb_vwv[15]=16387 (0x4003)
  smb_bcc=59
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 00 5C 00 50 00 49 00 50  00 45 00 5C 00 00 00 05  .\.P.I.P .E.\....
  [010] 00 00 03 10 00 00 00 2C  00 00 00 04 00 00 00 14  ......., ........
  [020] 00 00 00 00 00 00 00 00  00 00 00 C0 F1 DB E0 86  ........ ........
  [030] 07 65 48 A7 BF F3 76 6C  DF D8 19                 .eH...vl ...
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:simple_packet_signature(285)
  simple_packet_signature: sequence number 12
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:client_sign_outgoing_message(351)
  client_sign_outgoing_message: sent SMB signature of
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 91 C9 AD 6A E9 0A EB 1A                           ...j.... 
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:store_sequence_for_reply(67)
  store_sequence_for_reply: stored seq = 13 mid = 9
[2009/05/15 14:23:30,  6] libsmb/clientgen.c:write_socket(236)
  write_socket(6,130)
[2009/05/15 14:23:30,  6] libsmb/clientgen.c:write_socket(239)
  write_socket(6,130) wrote 130
[2009/05/15 14:23:30, 10] lib/util_sock.c:read_smb_length_return_keepalive(1187)
  got smb length of 104
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(645)
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(655)
  size=104
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51205
  smb_tid=2050
  smb_pid=927
  smb_uid=2050
  smb_mid=9
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   48 (0x30)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   48 (0x30)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=49
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 00 05 00 02 03 10 00 00  00 30 00 00 00 04 00 00  ........ .0......
  [010] 00 18 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
  [020] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
  [030] 00                                                . 
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:get_sequence_for_reply(80)
  get_sequence_for_reply: found seq = 13 mid = 9
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:simple_packet_signature(285)
  simple_packet_signature: sequence number 13
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:client_check_incoming_message(434)
  client_check_incoming_message: seq 13: got good SMB signature of
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 23 24 C9 FA DF F2 66 75                           #$....fu 
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(645)
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(655)
  size=104
  smb_com=0x25
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51205
  smb_tid=2050
  smb_pid=927
  smb_uid=2050
  smb_mid=9
  smt_wct=10
  smb_vwv[ 0]=    0 (0x0)
  smb_vwv[ 1]=   48 (0x30)
  smb_vwv[ 2]=    0 (0x0)
  smb_vwv[ 3]=    0 (0x0)
  smb_vwv[ 4]=   56 (0x38)
  smb_vwv[ 5]=    0 (0x0)
  smb_vwv[ 6]=   48 (0x30)
  smb_vwv[ 7]=   56 (0x38)
  smb_vwv[ 8]=    0 (0x0)
  smb_vwv[ 9]=    0 (0x0)
  smb_bcc=49
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 00 05 00 02 03 10 00 00  00 30 00 00 00 04 00 00  ........ .0......
  [010] 00 18 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
  [020] 00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  ........ ........
  [030] 00                                                . 
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:get_sequence_for_reply(80)
  get_sequence_for_reply: found seq = 13 mid = 9
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_debug(88)
  000000 smb_io_rpc_hdr rpc_hdr   
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0000 major     : 05
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0001 minor     : 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0002 pkt_type  : 02
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0003 flags     : 03
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0004 pack_type0: 10
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0005 pack_type1: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0006 pack_type2: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0007 pack_type3: 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      0008 frag_len  : 0030
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      000a auth_len  : 0000
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint32(718)
      000c call_id   : 00000004
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_debug(88)
  000010 smb_io_rpc_hdr_resp rpc_hdr_resp
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint32(718)
      0010 alloc_hint: 00000018
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint16(689)
      0014 context_id: 0000
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0016 cancel_ct : 00
[2009/05/15 14:23:30,  5] rpc_parse/parse_prs.c:prs_uint8(624)
      0017 reserved  : 00
[2009/05/15 14:23:30, 10] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(711)
  cli_pipe_validate_current_pdu: got pdu len 48, data_len 24, ss_len 0
[2009/05/15 14:23:30, 10] rpc_client/cli_pipe.c:rpc_api_pipe(998)
  rpc_api_pipe: got PDU len of 48 at offset 0
[2009/05/15 14:23:30, 10] rpc_client/cli_pipe.c:rpc_api_pipe(1045)
  rpc_api_pipe: host dchost.dom.realm.co.com, pipe \lsarpc, fnum 0x4003 returned 48 bytes.
      lsa_Close: struct lsa_Close
          out: struct lsa_Close
              handle                   : *
                  handle: struct policy_handle
                      handle_type              : 0x00000000 (0)
                      uuid                     : 00000000-0000-0000-0000-000000000000
              result                   : NT_STATUS_OK
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:simple_packet_signature(285)
  simple_packet_signature: sequence number 14
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:client_sign_outgoing_message(351)
  client_sign_outgoing_message: sent SMB signature of
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 78 7B 2D 34 0A 39 9D 44                           x{-4.9.D 
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:store_sequence_for_reply(67)
  store_sequence_for_reply: stored seq = 15 mid = 10
[2009/05/15 14:23:30,  6] libsmb/clientgen.c:write_socket(236)
  write_socket(6,45)
[2009/05/15 14:23:30,  6] libsmb/clientgen.c:write_socket(239)
  write_socket(6,45) wrote 45
[2009/05/15 14:23:30, 10] lib/util_sock.c:read_smb_length_return_keepalive(1187)
  got smb length of 35
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(645)
[2009/05/15 14:23:30,  5] lib/util.c:show_msg(655)
  size=35
  smb_com=0x4
  smb_rcls=0
  smb_reh=0
  smb_err=0
  smb_flg=136
  smb_flg2=51205
  smb_tid=2050
  smb_pid=927
  smb_uid=2050
  smb_mid=10
  smt_wct=0
  smb_bcc=0
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:get_sequence_for_reply(80)
  get_sequence_for_reply: found seq = 15 mid = 10
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:simple_packet_signature(285)
  simple_packet_signature: sequence number 15
[2009/05/15 14:23:30, 10] libsmb/smb_signing.c:client_check_incoming_message(434)
  client_check_incoming_message: seq 15: got good SMB signature of
[2009/05/15 14:23:30, 10] lib/util.c:dump_data(2233)
  [000] 4E F7 B5 D3 C1 4B FB 1C                           N....K.. 
[2009/05/15 14:23:30, 10] rpc_client/cli_pipe.c:rpc_pipe_destructor(2366)
  rpc_pipe_destructor: closed host dchost.dom.realm.co.com, pipe \lsarpc, fnum 0x4003
[2009/05/15 14:23:30,  5] libads/ldap.c:ads_try_connect(203)
  ads_try_connect: sending CLDAP request to dchost.dom.realm.co.com (realm: dom.realm.co.com)
      &response->data.nt5_ex: struct NETLOGON_SAM_LOGON_RESPONSE_EX
          command                  : LOGON_SAM_LOGON_RESPONSE_EX (23)
          sbz                      : 0x0000 (0)
          server_type              : 0x000011fc (4604)
                 0: NBT_SERVER_PDC           
                 1: NBT_SERVER_GC            
                 1: NBT_SERVER_LDAP          
                 1: NBT_SERVER_DS            
                 1: NBT_SERVER_KDC           
                 1: NBT_SERVER_TIMESERV      
                 1: NBT_SERVER_CLOSEST       
                 1: NBT_SERVER_WRITABLE      
                 0: NBT_SERVER_GOOD_TIMESERV 
                 0: NBT_SERVER_NDNC          
                 0: NBT_SERVER_SELECT_SECRET_DOMAIN_6
                 1: NBT_SERVER_FULL_SECRET_DOMAIN_6
          domain_uuid              : 7edaa194-dc63-4f64-989e-10fbaa0a1c76
          forest                   : 'realm.co.com'
          dns_domain               : 'dom.realm.co.com'
          pdc_dns_name             : 'dchost.dom.realm.co.com'
          domain                   : 'DOM'
          pdc_name                 : 'LONADENGWVM2'
          user_name                : ''
          server_site              : 'Default-First-Site-Name'
          client_site              : 'Default-First-Site-Name'
          sockaddr_size            : 0x00 (0)
          sockaddr: struct nbt_sockaddr
              sockaddr_family          : 0x00000000 (0)
              pdc_ip                   : (null)
              remaining                : DATA_BLOB length=0
          next_closest_site        : NULL
          nt_version               : 0x00000005 (5)
                 1: NETLOGON_NT_VERSION_1    
                 0: NETLOGON_NT_VERSION_5    
                 1: NETLOGON_NT_VERSION_5EX  
                 0: NETLOGON_NT_VERSION_5EX_WITH_IP
                 0: NETLOGON_NT_VERSION_WITH_CLOSEST_SITE
                 0: NETLOGON_NT_VERSION_AVIOD_NT4EMUL
                 0: NETLOGON_NT_VERSION_PDC  
                 0: NETLOGON_NT_VERSION_IP   
                 0: NETLOGON_NT_VERSION_LOCAL
                 0: NETLOGON_NT_VERSION_GC   
          lmnt_token               : 0xffff (65535)
          lm20_token               : 0xffff (65535)
[2009/05/15 14:23:30, 10] libads/dns.c:sitename_store(778)
  sitename_store: realm = [DOM], sitename = [Default-First-Site-Name], expire = [4294967295]
[2009/05/15 14:23:30, 10] lib/gencache.c:gencache_set(131)
  Adding cache entry with key = AD_SITENAME/DOMAIN/DOM; value = Default-First-Site-Name and timeout = (null) (-1242393811 seconds ahead)
[2009/05/15 14:23:30, 10] libads/dns.c:sitename_store(778)
  sitename_store: realm = [dom.realm.co.com], sitename = [Default-First-Site-Name], expire = [4294967295]
[2009/05/15 14:23:30, 10] lib/gencache.c:gencache_set(131)
  Adding cache entry with key = AD_SITENAME/DOMAIN/DOM.REALM.CO.COM; value = Default-First-Site-Name and timeout = (null) (-1242393811 seconds ahead)
[2009/05/15 14:23:30,  3] libads/ldap.c:ads_connect(621)
  Successfully contacted LDAP server IPADDRESS
[2009/05/15 14:23:30, 10] libads/ldap.c:ldap_open_with_timeout(62)
  Opening connection to LDAP server 'dchost.dom.realm.co.com:389', timeout 15 seconds
[2009/05/15 14:23:30, 10] libads/ldap.c:ldap_open_with_timeout(76)
  Connected to LDAP server 'dchost.dom.realm.co.com:389'
[2009/05/15 14:23:30,  3] libads/ldap.c:ads_connect(675)
  Connected to LDAP server dchost.dom.realm.co.com
[2009/05/15 14:23:30, 10] libads/ldap.c:ads_closest_dc(165)
  ads_closest_dc: NBT_SERVER_CLOSEST flag set
[2009/05/15 14:23:30, 10] libsmb/namequery.c:saf_store(86)
  saf_store: domain = [DOM], server = [dchost.dom.realm.co.com], expire = [1242394710]
[2009/05/15 14:23:30, 10] lib/gencache.c:gencache_set(131)
  Adding cache entry with key = SAF/DOMAIN/DOM; value = dchost.dom.realm.co.com and timeout = Fri May 15 14:38:30 2009
   (900 seconds ahead)
[2009/05/15 14:23:30, 10] libsmb/namequery.c:saf_store(86)
  saf_store: domain = [dom.realm.co.com], server = [dchost.dom.realm.co.com], expire = [1242394710]
[2009/05/15 14:23:30, 10] lib/gencache.c:gencache_set(131)
  Adding cache entry with key = SAF/DOMAIN/DOM.REALM.CO.COM; value = dchost.dom.realm.co.com and timeout = Fri May 15 14:38:30 2009
   (900 seconds ahead)
[2009/05/15 14:23:30,  4] libads/ldap.c:ads_current_time(2860)
  time offset is 26 seconds
[2009/05/15 14:23:30,  4] libads/sasl.c:ads_sasl_bind(1112)
  Found SASL mechanism GSS-SPNEGO
[2009/05/15 14:23:30,  3] libads/sasl.c:ads_sasl_spnego_bind(780)
  ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2
[2009/05/15 14:23:30,  3] libads/sasl.c:ads_sasl_spnego_bind(780)
  ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2
[2009/05/15 14:23:30,  3] libads/sasl.c:ads_sasl_spnego_bind(780)
  ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3
[2009/05/15 14:23:30,  3] libads/sasl.c:ads_sasl_spnego_bind(780)
  ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10
[2009/05/15 14:23:30,  3] libads/sasl.c:ads_sasl_spnego_bind(789)
  ads_sasl_spnego_bind: got server principal name = not_defined_in_RFC4178@please_ignore
[2009/05/15 14:23:30,  3] libsmb/clikrb5.c:ads_krb5_mk_req(677)
  ads_krb5_mk_req: krb5_cc_get_principal failed (No credentials cache found)
[2009/05/15 14:23:30, 10] libads/sasl.c:ads_sasl_spnego_bind(810)
  ads_sasl_spnego_krb5_bind failed with: No credentials cache found, calling kinit
[2009/05/15 14:23:30, 10] libads/kerberos.c:kerberos_kinit_password_ext(217)
  kerberos_kinit_password: as admuser@DOM.REALM.CO.COM@DOM.REALM.CO.COM using [MEMORY:net_ads] as ccache and config [(null)]
[2009/05/15 14:23:30,  0] libads/kerberos.c:ads_kinit_password(362)
  kerberos_kinit_password admuser@DOM.REALM.CO.COM@DOM.REALM.CO.COM failed: Malformed representation of principal
[2009/05/15 14:23:30,  1] libnet/libnet_join.c:libnet_Join(1902)
  libnet_Join:
      libnet_JoinCtx: struct libnet_JoinCtx
          out: struct libnet_JoinCtx
              account_name             : NULL
              netbios_domain_name      : 'dom'
              dns_domain_name          : 'dom.realm.co.com'
              forest_name              : 'realm.co.com'
              dn                       : NULL
              domain_sid               : *
                  domain_sid               : S-1-5-21-1219397942-1773535701-801310046
              modified_config          : 0x00 (0)
              error_string             : 'failed to connect to AD: Malformed representation of principal'
              domain_is_ad             : 0x01 (1)
              result                   : WERR_DEFAULT_JOIN_REQUIRED
[2009/05/15 14:23:30, 10] intl/lang_tdb.c:lang_tdb_init(138)
  lang_tdb_init: /usr/lib64/samba/POSIX.msg: No such file or directory
[2009/05/15 14:23:30,  2] utils/net.c:main(770)
  return code = -1
Failed to join domain: failed to connect to AD: Malformed representation of principal

Comment 2 Alex Green 2009-05-15 11:45:56 UTC
Created attachment 4161 [details]
Debug Level 10 Log (as pasted into comments)
Comment 4 Volker Lendecke 2009-05-27 02:51:09 UTC
Can you try to join with just -Uadmuser?

Thanks,

Volker
Comment 5 Alex Green 2009-05-27 04:23:30 UTC
That works as expected, so I guess the @REALM was causing the issue, even though it works like that on 3.0.34.

Is there any way to control the contents of the generated krb5.conf.WORKGROUP file?

My system krb5.conf has these as [libdefaults]:
        default_realm = REALM
        default_tkt_enctypes = aes256-cts aes128-cts arcfour-hmac des-cbc-md5 des-cbc-crc
        default_tgs_enctypes = aes256-cts aes128-cts arcfour-hmac des-cbc-md5 des-cbc-crc
        permitted_enctypes = aes256-cts aes128-cts arcfour-hmac des-cbc-md5 des-cbc-crc
        udp_preference_limit = 1


However net ads join is creating the following:
        default_realm = REALM
        default_tgs_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5
        default_tkt_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5
        preferred_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5


It also fails to use the valid ticket cache under /tmp/krb5cc_0, is this also expected?


I'll submit the full Debug 10 log once I've cleaned it.

Thanks,
Alex
Comment 6 Alex Green 2009-05-27 04:37:29 UTC
Created attachment 4209 [details]
New net ads join output - debug 10

net -d 10 -U admuser ads join createcomputer="REG/CN/OU/Services/"
Comment 7 James Goodwin 2009-06-03 14:23:45 UTC
We have the same problem with the debian lenny 3.2.5 version.

Our use case is that we need to allow an administrator from a top level domain in a forest join machines to child domains, this bug is blocking that ability.

The problem seems to have to do with the join code moving to libnet/libnet_join.c and when it is called from net_ads the opt_user_name is passed which is the full user name in our case since we put the user name in the LOGNAME environment. In the past code in utils/net_ads.c would parse that into the ads->auth.user_name and ads->auth.realm parts and that was used, now it gets passed through and the default realm is appended to it in ads_connect causing the problem.

I have a patch to libads/ldap.c that fixes it for our case:
Index: ldap.c
===================================================================
--- ldap.c	(revision 97512)
+++ ldap.c	(working copy)
@@ -397,6 +397,7 @@
 	ADS_STATUS status;
 	NTSTATUS ntstatus;
 	char addr[INET6_ADDRSTRLEN];
+	char *cp;
 
 	ZERO_STRUCT(ads->ldap);
 	ads->ldap.last_attempt	= time(NULL);
@@ -437,7 +438,21 @@
 	}
 
 	if (!ads->auth.realm) {
-		ads->auth.realm = SMB_STRDUP(ads->config.realm);
+	  /*
+	   * If the username is of the form "name@realm",
+	   * extract the realm and convert to upper case.
+	   * This is only used to establish the connection.
+	   */
+	  if ((cp = strchr_m(ads->auth.user_name, '@'))!=0) {
+	    *cp++ = '\0';
+	    SAFE_FREE(ads->auth.realm);
+	    ads->auth.realm = smb_xstrdup(cp);
+	    strupper_m(ads->auth.realm);
+	  }
+	  else {
+	    /* otherwise take the default realm from the config */
+	    ads->auth.realm = SMB_STRDUP(ads->config.realm);
+	  }
 	}
 
 	if (!ads->auth.kdc_server) {
Comment 8 Karolin Seeger 2009-09-19 12:34:49 UTC
Volker, is this a blocker for 3.3.8?
Comment 9 Volker Lendecke 2009-09-19 13:19:27 UTC
I wouldn't call it a blocker. Re-assigning to Günther, the libnet join stuff is mostly his code.

Volker
Comment 10 Jim McDonough 2010-08-12 15:52:35 UTC
I'll take this as I've got someone hitting it.  The patch does fix it, but I'm going to just test it and make sure I'm happy with the actual fix.
Comment 11 Jim McDonough 2010-08-12 16:31:07 UTC
Ok, I really think this belongs in a more central place, but for now, since every bit of samba does its own parsing, I'll do this here.  However, I don't want to do it at this level, but instead higher up in libnet.  The potential is too high to break things at the ads_connect() level, I think.
Comment 12 Jim McDonough 2010-08-12 19:03:20 UTC
Created attachment 5901 [details]
Patch for 3.5
Comment 13 Jim McDonough 2010-08-12 19:03:45 UTC
Created attachment 5902 [details]
Patch for 3.4
Comment 14 Jim McDonough 2010-08-13 07:37:04 UTC
Karolin, can you add these to 3.4 and 3.4, assuming Günther approves?
Comment 15 Karolin Seeger 2010-08-23 04:18:08 UTC
Reassigning to Günther for review.
Comment 16 Guenther Deschner 2011-05-20 09:19:51 UTC
Comment on attachment 5901 [details]
Patch for 3.5

looks good
Comment 17 Guenther Deschner 2011-05-20 09:20:06 UTC
Comment on attachment 5902 [details]
Patch for 3.4

looks good
Comment 18 Guenther Deschner 2011-05-20 09:21:24 UTC
Karolin, please add to 3.4 and 3.5git
Comment 19 Karolin Seeger 2011-05-26 18:31:30 UTC
Pushed to v3-5-test and v3-4-test.
Closing out bug report.

Thanks!