[2008/12/09 16:14:17, 10] lib/events.c:get_timed_events_timeout(318) timed_events_timeout: 4/902065 [2008/12/09 16:14:17, 4] winbindd/winbindd_dual.c:fork_domain_child(1207) child daemon request 52 [2008/12/09 16:14:17, 10] winbindd/winbindd_dual.c:child_process_request(433) child_process_request: request fn DUAL_GID2SID [2008/12/09 16:14:17, 3] winbindd/winbindd_idmap.c:winbindd_dual_gid2sid(498) [ 4112]: gid 65533 to sid [2008/12/09 16:14:17, 10] winbindd/idmap_util.c:idmap_gid_to_sid(70) gid = [65533] [2008/12/09 16:14:17, 5] winbindd/idmap.c:smb_register_idmap_alloc(212) Successfully added idmap alloc backend 'tdb' [2008/12/09 16:14:17, 5] winbindd/idmap.c:smb_register_idmap(159) Successfully added idmap backend 'tdb' [2008/12/09 16:14:17, 5] winbindd/idmap.c:smb_register_idmap(159) Successfully added idmap backend 'passdb' [2008/12/09 16:14:17, 5] winbindd/idmap.c:smb_register_idmap(159) Successfully added idmap backend 'nss' [2008/12/09 16:14:17, 1] winbindd/idmap.c:idmap_init(385) Initializing idmap domains [2008/12/09 16:14:17, 5] lib/module.c:smb_probe_module(111) Probing module 'ldap' [2008/12/09 16:14:17, 5] lib/module.c:smb_probe_module(130) Probing module 'ldap': Trying to load from /usr/lib/samba/idmap/ldap.so [2008/12/09 16:14:17, 2] lib/module.c:do_smb_load_module(64) Module '/usr/lib/samba/idmap/ldap.so' loaded [2008/12/09 16:14:17, 5] winbindd/idmap.c:smb_register_idmap_alloc(212) Successfully added idmap alloc backend 'ldap' [2008/12/09 16:14:17, 5] winbindd/idmap.c:smb_register_idmap(159) Successfully added idmap backend 'ldap' [2008/12/09 16:14:17, 10] winbindd/idmap.c:idmap_init(516) Domain AHUS - Backend ldap - default - not readonly [2008/12/09 16:14:17, 10] winbindd/idmap.c:idmap_init(702) Domain LORDVADER - Backend passdb - not default - readonly [2008/12/09 16:14:17, 3] winbindd/idmap.c:idmap_init(732) Initializing idmap alloc module [2008/12/09 16:14:17, 5] lib/smbldap.c:smbldap_search_ext(1207) smbldap_search_ext: base => [ou=Idmap,dc=ahus,dc=no], filter => [(objectclass=sambaUnixIdPool)], scope => [2] [2008/12/09 16:14:17, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE [2008/12/09 16:14:17, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE [2008/12/09 16:14:17, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE [2008/12/09 16:14:17, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE [2008/12/09 16:14:17, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE [2008/12/09 16:14:17, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE [2008/12/09 16:14:17, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE [2008/12/09 16:14:17, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE [2008/12/09 16:14:17, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE [2008/12/09 16:14:17, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE [2008/12/09 16:14:17, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE [2008/12/09 16:14:17, 5] lib/charcnv.c:charset_name(82) Substituting charset 'UTF-8' for LOCALE [2008/12/09 16:14:17, 5] lib/smbldap.c:smbldap_close(1110) The connection to the LDAP server was closed [2008/12/09 16:14:17, 10] lib/smbldap.c:smb_ldap_setup_conn(616) smb_ldap_setup_connection: ldap://127.0.0.1 [2008/12/09 16:14:17, 2] lib/smbldap.c:smbldap_open_connection(796) smbldap_open_connection: connection opened [2008/12/09 16:14:17, 10] lib/smbldap.c:smbldap_connect_system(961) ldap_connect_system: Binding to ldap server ldap://127.0.0.1 as "cn=Manager,dc=ahus,dc=no" [2008/12/09 16:14:17, 3] lib/smbldap.c:smbldap_connect_system(1007) ldap_connect_system: successful connection to the LDAP server ldap_connect_system: LDAP server does support paged results [2008/12/09 16:14:17, 10] lib/events.c:event_add_timed(128) Added timed event "smbldap_idle_fn": 84d67f0 [2008/12/09 16:14:17, 4] lib/smbldap.c:smbldap_open(1090) The LDAP server is successfully connected [2008/12/09 16:14:17, 10] winbindd/idmap_cache.c:idmap_cache_map_id(458) Cache entry with key = IDMAP/GID/65533 couldn't be found [2008/12/09 16:14:17, 10] winbindd/idmap.c:idmap_backends_unixids_to_sids(1105) Query backends to map ids->sids [2008/12/09 16:14:17, 10] winbindd/idmap.c:idmap_backends_unixids_to_sids(1117) Query sids from domain AHUS [2008/12/09 16:14:17, 10] winbindd/idmap_ldap.c:idmap_ldap_unixids_to_sids(941) Filter: [(&(objectClass=sambaIdmapEntry)(gidNumber=65533))] [2008/12/09 16:14:17, 5] lib/smbldap.c:smbldap_search_ext(1207) smbldap_search_ext: base => [ou=Idmap,dc=ahus,dc=no], filter => [(&(objectClass=sambaIdmapEntry)(gidNumber=65533))], scope => [2] [2008/12/09 16:14:17, 5] lib/smbldap.c:smbldap_close(1110) The connection to the LDAP server was closed [2008/12/09 16:14:17, 10] lib/smbldap.c:smb_ldap_setup_conn(616) smb_ldap_setup_connection: ldap://127.0.0.1 [2008/12/09 16:14:17, 2] lib/smbldap.c:smbldap_open_connection(796) smbldap_open_connection: connection opened [2008/12/09 16:14:17, 10] lib/smbldap.c:smbldap_connect_system(961) ldap_connect_system: Binding to ldap server ldap://127.0.0.1 as "cn=Manager,dc=ahus,dc=no" [2008/12/09 16:14:17, 3] lib/smbldap.c:smbldap_connect_system(1007) ldap_connect_system: successful connection to the LDAP server ldap_connect_system: LDAP server does support paged results [2008/12/09 16:14:17, 10] lib/events.c:event_add_timed(128) Added timed event "smbldap_idle_fn": 84d6980 [2008/12/09 16:14:17, 4] lib/smbldap.c:smbldap_open(1090) The LDAP server is successfully connected [2008/12/09 16:14:17, 10] winbindd/idmap_ldap.c:idmap_ldap_unixids_to_sids(983) NO SIDs found [2008/12/09 16:14:17, 10] winbindd/idmap.c:idmap_backends_unixids_to_sids(1117) Query sids from domain LORDVADER [2008/12/09 16:14:17, 5] passdb/pdb_interface.c:smb_register_passdb(63) Attempting to register passdb backend ldapsam [2008/12/09 16:14:17, 5] passdb/pdb_interface.c:smb_register_passdb(76) Successfully added passdb backend 'ldapsam' [2008/12/09 16:14:17, 5] passdb/pdb_interface.c:smb_register_passdb(63) Attempting to register passdb backend ldapsam_compat [2008/12/09 16:14:17, 5] passdb/pdb_interface.c:smb_register_passdb(76) Successfully added passdb backend 'ldapsam_compat' [2008/12/09 16:14:17, 5] passdb/pdb_interface.c:smb_register_passdb(63) Attempting to register passdb backend NDS_ldapsam [2008/12/09 16:14:17, 5] passdb/pdb_interface.c:smb_register_passdb(76) Successfully added passdb backend 'NDS_ldapsam' [2008/12/09 16:14:17, 5] passdb/pdb_interface.c:smb_register_passdb(63) Attempting to register passdb backend NDS_ldapsam_compat [2008/12/09 16:14:17, 5] passdb/pdb_interface.c:smb_register_passdb(76) Successfully added passdb backend 'NDS_ldapsam_compat' [2008/12/09 16:14:17, 5] passdb/pdb_interface.c:smb_register_passdb(63) Attempting to register passdb backend smbpasswd [2008/12/09 16:14:17, 5] passdb/pdb_interface.c:smb_register_passdb(76) Successfully added passdb backend 'smbpasswd' [2008/12/09 16:14:17, 5] passdb/pdb_interface.c:smb_register_passdb(63) Attempting to register passdb backend tdbsam [2008/12/09 16:14:17, 5] passdb/pdb_interface.c:smb_register_passdb(76) Successfully added passdb backend 'tdbsam' [2008/12/09 16:14:17, 5] passdb/pdb_interface.c:make_pdb_method_name(133) Attempting to find an passdb backend to match smbpasswd (smbpasswd) [2008/12/09 16:14:17, 5] passdb/pdb_interface.c:make_pdb_method_name(154) Found pdb backend smbpasswd [2008/12/09 16:14:17, 5] passdb/pdb_interface.c:make_pdb_method_name(165) pdb backend smbpasswd has a valid init [2008/12/09 16:14:17, 10] winbindd/winbindd_idmap.c:winbindd_dual_gid2sid(507) [ 4112]: retrieved sid: S-1-22-2-65533 [2008/12/09 16:14:17, 10] winbindd/winbindd_cache.c:cache_store_response(2423) Storing response for pid 4114, len 3496 [2008/12/09 16:14:17, 10] lib/events.c:get_timed_events_timeout(318) timed_events_timeout: 4/822729 [2008/12/09 16:14:17, 4] winbindd/winbindd_dual.c:fork_domain_child(1207) child daemon request 52 [2008/12/09 16:14:17, 10] winbindd/winbindd_dual.c:child_process_request(433) child_process_request: request fn DUAL_GID2SID [2008/12/09 16:14:17, 3] winbindd/winbindd_idmap.c:winbindd_dual_gid2sid(498) [ 4112]: gid 65534 to sid [2008/12/09 16:14:17, 10] winbindd/idmap_util.c:idmap_gid_to_sid(70) gid = [65534] [2008/12/09 16:14:17, 10] winbindd/idmap_cache.c:idmap_cache_map_id(458) Cache entry with key = IDMAP/GID/65534 couldn't be found [2008/12/09 16:14:17, 10] winbindd/idmap.c:idmap_backends_unixids_to_sids(1105) Query backends to map ids->sids [2008/12/09 16:14:17, 10] winbindd/idmap.c:idmap_backends_unixids_to_sids(1117) Query sids from domain AHUS [2008/12/09 16:14:17, 10] winbindd/idmap_ldap.c:idmap_ldap_unixids_to_sids(941) Filter: [(&(objectClass=sambaIdmapEntry)(gidNumber=65534))] [2008/12/09 16:14:17, 5] lib/smbldap.c:smbldap_search_ext(1207) smbldap_search_ext: base => [ou=Idmap,dc=ahus,dc=no], filter => [(&(objectClass=sambaIdmapEntry)(gidNumber=65534))], scope => [2] [2008/12/09 16:14:17, 10] winbindd/idmap_ldap.c:idmap_ldap_unixids_to_sids(983) NO SIDs found [2008/12/09 16:14:17, 10] winbindd/idmap.c:idmap_backends_unixids_to_sids(1117) Query sids from domain LORDVADER [2008/12/09 16:14:17, 10] winbindd/winbindd_idmap.c:winbindd_dual_gid2sid(507) [ 4112]: retrieved sid: S-1-22-2-65534 [2008/12/09 16:14:17, 10] winbindd/winbindd_cache.c:cache_store_response(2423) Storing response for pid 4114, len 3496 [2008/12/09 16:14:17, 10] lib/events.c:get_timed_events_timeout(318) timed_events_timeout: 4/774452 [2008/12/09 16:14:17, 4] winbindd/winbindd_dual.c:fork_domain_child(1207) child daemon request 49 [2008/12/09 16:14:17, 10] winbindd/winbindd_dual.c:child_process_request(433) child_process_request: request fn DUAL_SID2GID [2008/12/09 16:14:17, 3] winbindd/winbindd_idmap.c:winbindd_dual_sid2gid(376) [ 4112]: sid to gid S-1-5-32-544 [2008/12/09 16:14:17, 10] winbindd/idmap_util.c:idmap_sid_to_gid(144) idmap_sid_to_gid: sid = [S-1-5-32-544] [2008/12/09 16:14:17, 10] winbindd/idmap_cache.c:idmap_cache_map_sid(369) Returning expired cache entry: key = IDMAP/SID/S-1-5-32-544, value = IDMAP/GID/11126, timeout = Tue Dec 9 10:55:43 2008 [2008/12/09 16:14:17, 10] winbindd/idmap.c:idmap_backends_sids_to_unixids(1191) Query backends to map sids->ids [2008/12/09 16:14:17, 10] winbindd/idmap.c:idmap_backends_sids_to_unixids(1216) SID S-1-5-32-544 is being handled by LORDVADER [2008/12/09 16:14:17, 10] winbindd/idmap.c:idmap_backends_sids_to_unixids(1237) Query ids from domain LORDVADER [2008/12/09 16:14:17, 10] winbindd/idmap_cache.c:idmap_cache_set(150) Adding cache entry with key = IDMAP/SID/S-1-5-32-544; value = 1228836557/IDMAP/GID/11126 and timeout = Tue Dec 9 16:29:17 2008 (900 seconds ahead) [2008/12/09 16:14:17, 10] winbindd/idmap_cache.c:idmap_cache_set(172) Adding cache entry with key = IDMAP/GID/11126; value = 1228836557/IDMAP/SID/S-1-5-32-544 and timeout = Tue Dec 9 16:29:17 2008 (900 seconds ahead) [2008/12/09 16:14:17, 10] winbindd/winbindd_idmap.c:winbindd_dual_sid2gid(390) winbindd_dual_sid2gid: 0x00000000 - S-1-5-32-544 - 11126 [2008/12/09 16:14:17, 10] winbindd/winbindd_cache.c:cache_store_response(2423) Storing response for pid 4114, len 3496 [2008/12/09 16:14:17, 10] lib/events.c:get_timed_events_timeout(318) timed_events_timeout: 4/765160 [2008/12/09 16:14:17, 4] winbindd/winbindd_dual.c:fork_domain_child(1207) child daemon request 49 [2008/12/09 16:14:17, 10] winbindd/winbindd_dual.c:child_process_request(433) child_process_request: request fn DUAL_SID2GID [2008/12/09 16:14:17, 3] winbindd/winbindd_idmap.c:winbindd_dual_sid2gid(376) [ 4112]: sid to gid S-1-5-32-545 [2008/12/09 16:14:17, 10] winbindd/idmap_util.c:idmap_sid_to_gid(144) idmap_sid_to_gid: sid = [S-1-5-32-545] [2008/12/09 16:14:17, 10] winbindd/idmap_cache.c:idmap_cache_map_sid(369) Returning expired cache entry: key = IDMAP/SID/S-1-5-32-545, value = IDMAP/GID/11127, timeout = Tue Dec 9 10:55:43 2008 [2008/12/09 16:14:17, 10] winbindd/idmap.c:idmap_backends_sids_to_unixids(1191) Query backends to map sids->ids [2008/12/09 16:14:17, 10] winbindd/idmap.c:idmap_backends_sids_to_unixids(1216) SID S-1-5-32-545 is being handled by LORDVADER [2008/12/09 16:14:17, 10] winbindd/idmap.c:idmap_backends_sids_to_unixids(1237) Query ids from domain LORDVADER [2008/12/09 16:14:17, 10] winbindd/idmap_cache.c:idmap_cache_set(150) Adding cache entry with key = IDMAP/SID/S-1-5-32-545; value = 1228836557/IDMAP/GID/11127 and timeout = Tue Dec 9 16:29:17 2008 (900 seconds ahead) [2008/12/09 16:14:17, 10] winbindd/idmap_cache.c:idmap_cache_set(172) Adding cache entry with key = IDMAP/GID/11127; value = 1228836557/IDMAP/SID/S-1-5-32-545 and timeout = Tue Dec 9 16:29:17 2008 (900 seconds ahead) [2008/12/09 16:14:17, 10] winbindd/winbindd_idmap.c:winbindd_dual_sid2gid(390) winbindd_dual_sid2gid: 0x00000000 - S-1-5-32-545 - 11127 [2008/12/09 16:14:17, 10] winbindd/winbindd_cache.c:cache_store_response(2423) Storing response for pid 4114, len 3496 [2008/12/09 16:14:17, 10] lib/events.c:get_timed_events_timeout(318) timed_events_timeout: 4/755545 [2008/12/09 16:14:18, 10] lib/events.c:get_timed_events_timeout(318) timed_events_timeout: 4/541726 [2008/12/09 16:14:18, 10] lib/messages_local.c:message_dispatch(419) message_dispatch: received_signal = 1 [2008/12/09 16:14:18, 10] lib/messages_local.c:messaging_tdb_fetch(174) messaging_tdb_fetch: result: struct messaging_array num_messages : 0x00000001 (1) messages: ARRAY(1) messages: struct messaging_rec msg_version : 0x00000002 (2) msg_type : 0x00000403 (1027) dest: struct server_id id : 0x00001012 (4114) src: struct server_id id : 0x00001010 (4112) buf : DATA_BLOB length=5 [2008/12/09 16:14:18, 10] lib/util.c:dump_data(2223) [000] 41 48 55 53 00 AHUS. [2008/12/09 16:14:18, 5] winbindd/winbindd_dual.c:child_msg_online(893) child_msg_online received for domain AHUS. [2008/12/09 16:14:18, 10] winbindd/winbindd_dual.c:child_msg_online(896) child_msg_online: rejecting online message. [2008/12/09 16:14:18, 10] lib/events.c:get_timed_events_timeout(318) timed_events_timeout: 4/538435 [2008/12/09 16:14:18, 4] winbindd/winbindd_dual.c:fork_domain_child(1207) child daemon request 49 [2008/12/09 16:14:18, 10] winbindd/winbindd_dual.c:child_process_request(433) child_process_request: request fn DUAL_SID2GID [2008/12/09 16:14:18, 3] winbindd/winbindd_idmap.c:winbindd_dual_sid2gid(376) [ 4112]: sid to gid S-1-1-0 [2008/12/09 16:14:18, 10] winbindd/idmap_util.c:idmap_sid_to_gid(144) idmap_sid_to_gid: sid = [S-1-1-0] [2008/12/09 16:14:18, 10] winbindd/idmap.c:idmap_backends_sids_to_unixids(1191) Query backends to map sids->ids [2008/12/09 16:14:18, 10] winbindd/idmap.c:idmap_backends_sids_to_unixids(1216) SID S-1-1-0 is being handled by LORDVADER [2008/12/09 16:14:18, 10] winbindd/idmap.c:idmap_backends_sids_to_unixids(1237) Query ids from domain LORDVADER [2008/12/09 16:14:18, 10] passdb/pdb_interface.c:pdb_default_sid_to_id(1293) Could not find map for sid S-1-1-0 [2008/12/09 16:14:18, 10] winbindd/idmap.c:idmap_can_map(965) We are not supposed to create mappings for our own domains (local, builtin, specials) [2008/12/09 16:14:18, 10] winbindd/idmap_cache.c:idmap_cache_set_negative_sid(210) Adding cache entry with key = IDMAP/SID/S-1-1-0; value = 1228835778/IDMAP/NEGATIVE and timeout = Tue Dec 9 16:16:18 2008 (120 seconds ahead) [2008/12/09 16:14:18, 10] winbindd/idmap_util.c:idmap_sid_to_gid(163) sid [S-1-1-0] not mapped to a gid [2,2] [2008/12/09 16:14:18, 10] winbindd/winbindd_idmap.c:winbindd_dual_sid2gid(390) winbindd_dual_sid2gid: 0xc0000073 - S-1-1-0 - 0 [2008/12/09 16:14:18, 10] winbindd/winbindd_cache.c:cache_store_response(2423) Storing response for pid 4114, len 3496 [2008/12/09 16:14:18, 10] lib/events.c:get_timed_events_timeout(318) timed_events_timeout: 4/91473 [2008/12/09 16:14:18, 4] winbindd/winbindd_dual.c:fork_domain_child(1207) child daemon request 49 [2008/12/09 16:14:18, 10] winbindd/winbindd_dual.c:child_process_request(433) child_process_request: request fn DUAL_SID2GID [2008/12/09 16:14:18, 3] winbindd/winbindd_idmap.c:winbindd_dual_sid2gid(376) [ 4112]: sid to gid S-1-5-2 [2008/12/09 16:14:18, 10] winbindd/idmap_util.c:idmap_sid_to_gid(144) idmap_sid_to_gid: sid = [S-1-5-2] [2008/12/09 16:14:18, 10] winbindd/idmap.c:idmap_backends_sids_to_unixids(1191) Query backends to map sids->ids [2008/12/09 16:14:18, 10] winbindd/idmap.c:idmap_backends_sids_to_unixids(1216) SID S-1-5-2 is being handled by LORDVADER [2008/12/09 16:14:18, 10] winbindd/idmap.c:idmap_backends_sids_to_unixids(1237) Query ids from domain LORDVADER [2008/12/09 16:14:18, 10] passdb/pdb_interface.c:pdb_default_sid_to_id(1293) Could not find map for sid S-1-5-2 [2008/12/09 16:14:18, 10] winbindd/idmap.c:idmap_can_map(965) We are not supposed to create mappings for our own domains (local, builtin, specials) [2008/12/09 16:14:18, 10] winbindd/idmap_cache.c:idmap_cache_set_negative_sid(210) Adding cache entry with key = IDMAP/SID/S-1-5-2; value = 1228835778/IDMAP/NEGATIVE and timeout = Tue Dec 9 16:16:18 2008 (120 seconds ahead) [2008/12/09 16:14:18, 10] winbindd/idmap_util.c:idmap_sid_to_gid(163) sid [S-1-5-2] not mapped to a gid [2,2] [2008/12/09 16:14:18, 10] winbindd/winbindd_idmap.c:winbindd_dual_sid2gid(390) winbindd_dual_sid2gid: 0xc0000073 - S-1-5-2 - 0 [2008/12/09 16:14:18, 10] winbindd/winbindd_cache.c:cache_store_response(2423) Storing response for pid 4114, len 3496 [2008/12/09 16:14:18, 10] lib/events.c:get_timed_events_timeout(318) timed_events_timeout: 4/11451 [2008/12/09 16:14:18, 4] winbindd/winbindd_dual.c:fork_domain_child(1207) child daemon request 49 [2008/12/09 16:14:18, 10] winbindd/winbindd_dual.c:child_process_request(433) child_process_request: request fn DUAL_SID2GID [2008/12/09 16:14:18, 3] winbindd/winbindd_idmap.c:winbindd_dual_sid2gid(376) [ 4112]: sid to gid S-1-5-32-546 [2008/12/09 16:14:18, 10] winbindd/idmap_util.c:idmap_sid_to_gid(144) idmap_sid_to_gid: sid = [S-1-5-32-546] [2008/12/09 16:14:18, 10] winbindd/idmap.c:idmap_backends_sids_to_unixids(1191) Query backends to map sids->ids [2008/12/09 16:14:18, 10] winbindd/idmap.c:idmap_backends_sids_to_unixids(1216) SID S-1-5-32-546 is being handled by LORDVADER [2008/12/09 16:14:18, 10] winbindd/idmap.c:idmap_backends_sids_to_unixids(1237) Query ids from domain LORDVADER [2008/12/09 16:14:18, 10] passdb/pdb_interface.c:pdb_default_sid_to_id(1293) Could not find map for sid S-1-5-32-546 [2008/12/09 16:14:18, 10] winbindd/idmap.c:idmap_can_map(965) We are not supposed to create mappings for our own domains (local, builtin, specials) [2008/12/09 16:14:18, 10] winbindd/idmap_cache.c:idmap_cache_set_negative_sid(210) Adding cache entry with key = IDMAP/SID/S-1-5-32-546; value = 1228835778/IDMAP/NEGATIVE and timeout = Tue Dec 9 16:16:18 2008 (120 seconds ahead) [2008/12/09 16:14:18, 10] winbindd/idmap_util.c:idmap_sid_to_gid(163) sid [S-1-5-32-546] not mapped to a gid [2,2] [2008/12/09 16:14:18, 10] winbindd/winbindd_idmap.c:winbindd_dual_sid2gid(390) winbindd_dual_sid2gid: 0xc0000073 - S-1-5-32-546 - 0 [2008/12/09 16:14:18, 10] winbindd/winbindd_cache.c:cache_store_response(2423) Storing response for pid 4114, len 3496 [2008/12/09 16:14:18, 10] lib/events.c:get_timed_events_timeout(318) timed_events_timeout: 4/1569 [2008/12/09 16:14:22, 10] lib/events.c:get_timed_events_timeout(318) timed_events_timeout: 0/264 [2008/12/09 16:14:22, 10] lib/events.c:run_events(263) Running event "check_domain_online_handler" 84cf3c8 [2008/12/09 16:14:22, 10] winbindd/winbindd_cm.c:check_domain_online_handler(259) check_domain_online_handler: called for domain AHUS (online = False) [2008/12/09 16:14:22, 10] lib/events.c:timed_event_destructor(65) Destroying timed event 84cf3c8 "check_domain_online_handler" [2008/12/09 16:14:22, 10] lib/events.c:get_timed_events_timeout(318) timed_events_timeout: 145/113332 [2008/12/09 16:14:22, 10] lib/events.c:get_timed_events_timeout(318) timed_events_timeout: 145/15766 [2008/12/09 16:14:22, 10] lib/messages_local.c:message_dispatch(419) message_dispatch: received_signal = 1 [2008/12/09 16:14:22, 10] lib/messages_local.c:messaging_tdb_fetch(174) messaging_tdb_fetch: result: struct messaging_array num_messages : 0x00000001 (1) messages: ARRAY(1) messages: struct messaging_rec msg_version : 0x00000002 (2) msg_type : 0x00000406 (1030) dest: struct server_id id : 0x00001012 (4114) src: struct server_id id : 0x00001018 (4120) buf : DATA_BLOB length=5 [2008/12/09 16:14:22, 10] lib/util.c:dump_data(2223) [000] 41 48 55 53 00 AHUS. [2008/12/09 16:14:22, 5] winbindd/winbindd_cm.c:msg_try_to_go_online(136) msg_try_to_go_online: received for domain AHUS. [2008/12/09 16:14:22, 8] winbindd/winbindd_cm.c:connection_ok(1563) connection_ok: Connection to for domain AHUS has NULL cli! [2008/12/09 16:14:22, 10] lib/gencache.c:gencache_get(208) Returning valid cache entry: key = SAF/DOMAIN/AHUS, value = bredde.ahus.no, timeout = Tue Dec 9 16:29:22 2008 [2008/12/09 16:14:22, 5] libsmb/namequery.c:saf_fetch(138) saf_fetch: Returning "bredde.ahus.no" for "AHUS" domain [2008/12/09 16:14:22, 10] winbindd/winbindd_cm.c:cm_open_connection(1398) cm_open_connection: saf_servername is 'bredde.ahus.no' for domain AHUS [2008/12/09 16:14:22, 10] winbindd/winbindd_cm.c:cm_open_connection(1430) cm_open_connection: dcname is 'bredde.ahus.no' for domain AHUS [2008/12/09 16:14:22, 10] lib/gencache.c:gencache_get(208) Returning valid cache entry: key = AD_SITENAME/DOMAIN/AHUS.NO, value = SIAADM, timeout = Tue Jan 19 04:14:07 2038 [2008/12/09 16:14:22, 5] libads/dns.c:sitename_fetch(817) sitename_fetch: Returning sitename for AHUS.NO: "SIAADM" [2008/12/09 16:14:22, 10] libsmb/namequery.c:internal_resolve_name(1443) internal_resolve_name: looking up bredde.ahus.no#20 (sitename SIAADM) [2008/12/09 16:14:22, 10] lib/gencache.c:gencache_get(208) Returning valid cache entry: key = NBT/BREDDE.AHUS.NO#20, value = 10.132.16.21:0, timeout = Tue Dec 9 16:25:22 2008 [2008/12/09 16:14:22, 5] libsmb/namecache.c:namecache_fetch(233) name bredde.ahus.no#20 found. [2008/12/09 16:14:22, 10] winbindd/winbindd_cm.c:cm_prepare_connection(753) cm_prepare_connection: connecting to DC bredde.ahus.no for domain AHUS [2008/12/09 16:14:22, 6] libsmb/clientgen.c:write_socket(236) write_socket(25,194) [2008/12/09 16:14:22, 6] libsmb/clientgen.c:write_socket(239) write_socket(25,194) wrote 194 [2008/12/09 16:14:22, 10] lib/util_sock.c:read_smb_length_return_keepalive(1118) got smb length of 172 [2008/12/09 16:14:22, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:22, 5] lib/util.c:show_msg(652) size=172 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=4114 smb_uid=0 smb_mid=1 smt_wct=17 smb_vwv[ 0]= 9 (0x9) smb_vwv[ 1]=12815 (0x320F) smb_vwv[ 2]= 256 (0x100) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 65 (0x41) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 256 (0x100) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]=64768 (0xFD00) smb_vwv[10]= 499 (0x1F3) smb_vwv[11]=64128 (0xFA80) smb_vwv[12]=59664 (0xE910) smb_vwv[13]= 4349 (0x10FD) smb_vwv[14]=51546 (0xC95A) smb_vwv[15]=50177 (0xC401) smb_vwv[16]= 255 (0xFF) smb_bcc=103 [2008/12/09 16:14:22, 10] lib/util.c:dump_data(2223) [000] 4C 6D C3 39 67 44 D4 4A 80 17 B5 86 E4 28 48 2E Lm.9gD.J .....(H. [010] 60 55 06 06 2B 06 01 05 05 02 A0 4B 30 49 A0 30 `U..+... ...K0I.0 [020] 30 2E 06 09 2A 86 48 82 F7 12 01 02 02 06 09 2A 0...*.H. .......* [030] 86 48 86 F7 12 01 02 02 06 0A 2A 86 48 86 F7 12 .H...... ..*.H... [040] 01 02 02 03 06 0A 2B 06 01 04 01 82 37 02 02 0A ......+. ....7... [050] A3 15 30 13 A0 11 1B 0F 62 72 65 64 64 65 24 40 ..0..... bredde$@ [060] 41 48 55 53 2E 4E 4F AHUS.NO [2008/12/09 16:14:22, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:22, 5] lib/util.c:show_msg(652) size=172 smb_com=0x72 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51201 smb_tid=0 smb_pid=4114 smb_uid=0 smb_mid=1 smt_wct=17 smb_vwv[ 0]= 9 (0x9) smb_vwv[ 1]=12815 (0x320F) smb_vwv[ 2]= 256 (0x100) smb_vwv[ 3]= 1024 (0x400) smb_vwv[ 4]= 65 (0x41) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 256 (0x100) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]=64768 (0xFD00) smb_vwv[10]= 499 (0x1F3) smb_vwv[11]=64128 (0xFA80) smb_vwv[12]=59664 (0xE910) smb_vwv[13]= 4349 (0x10FD) smb_vwv[14]=51546 (0xC95A) smb_vwv[15]=50177 (0xC401) smb_vwv[16]= 255 (0xFF) smb_bcc=103 [2008/12/09 16:14:22, 10] lib/util.c:dump_data(2223) [000] 4C 6D C3 39 67 44 D4 4A 80 17 B5 86 E4 28 48 2E Lm.9gD.J .....(H. [010] 60 55 06 06 2B 06 01 05 05 02 A0 4B 30 49 A0 30 `U..+... ...K0I.0 [020] 30 2E 06 09 2A 86 48 82 F7 12 01 02 02 06 09 2A 0...*.H. .......* [030] 86 48 86 F7 12 01 02 02 06 0A 2A 86 48 86 F7 12 .H...... ..*.H... [040] 01 02 02 03 06 0A 2B 06 01 04 01 82 37 02 02 0A ......+. ....7... [050] A3 15 30 13 A0 11 1B 0F 62 72 65 64 64 65 24 40 ..0..... bredde$@ [060] 41 48 55 53 2E 4E 4F AHUS.NO [2008/12/09 16:14:22, 5] winbindd/winbindd_cm.c:cm_prepare_connection(831) connecting to bredde.ahus.no from LORDVADER with kerberos principal [LORDVADER$@AHUS.NO] and realm [AHUS.NO] [2008/12/09 16:14:22, 3] libsmb/cliconnect.c:cli_session_setup_spnego(804) Doing spnego session setup (blob length=103) [2008/12/09 16:14:22, 3] libsmb/cliconnect.c:cli_session_setup_spnego(831) got OID=1 2 840 48018 1 2 2 [2008/12/09 16:14:22, 3] libsmb/cliconnect.c:cli_session_setup_spnego(831) got OID=1 2 840 113554 1 2 2 [2008/12/09 16:14:22, 3] libsmb/cliconnect.c:cli_session_setup_spnego(831) got OID=1 2 840 113554 1 2 2 3 [2008/12/09 16:14:22, 3] libsmb/cliconnect.c:cli_session_setup_spnego(831) got OID=1 3 6 1 4 1 311 2 2 10 [2008/12/09 16:14:22, 3] libsmb/cliconnect.c:cli_session_setup_spnego(839) got principal=bredde$@AHUS.NO [2008/12/09 16:14:22, 10] libads/kerberos.c:kerberos_kinit_password_ext(217) kerberos_kinit_password: as LORDVADER$@AHUS.NO using [MEMORY:cliconnect] as ccache and config [(null)] [2008/12/09 16:14:22, 2] libsmb/cliconnect.c:cli_session_setup_kerberos(619) Doing kerberos session setup [2008/12/09 16:14:22, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(604) ads_cleanup_expired_creds: Ticket in ccache[MEMORY:cliconnect] expiration Wed, 10 Dec 2008 02:14:22 CET [2008/12/09 16:14:22, 10] libsmb/clikrb5.c:ads_krb5_mk_req(702) ads_krb5_mk_req: Ticket (bredde$@AHUS.NO) in ccache (MEMORY:cliconnect) is valid until: (Wed, 10 Dec 2008 02:14:22 CET - 1228871662) [2008/12/09 16:14:22, 10] libsmb/clikrb5.c:get_krb5_smb_session_key(873) Got KRB5 session key of length 16 [2008/12/09 16:14:22, 5] libsmb/smb_signing.c:set_smb_signing_real_common(140) Mandatory SMB signing enabled! [2008/12/09 16:14:22, 5] libsmb/smb_signing.c:set_smb_signing_real_common(144) SMB signing enabled! [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:cli_simple_set_signing(494) cli_simple_set_signing: user_session_key [2008/12/09 16:14:22, 10] lib/util.c:dump_data(2223) [000] 78 BC E9 CC AC 62 4E 4D 96 92 42 AD A6 80 94 06 x....bNM ..B..... [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:cli_simple_set_signing(502) cli_simple_set_signing: NULL response_data [2008/12/09 16:14:22, 10] libsmb/cliconnect.c:cli_session_setup_blob(578) cli_session_setup_blob: Remaining (0) sending (1139) current (1139) [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:simple_packet_signature(285) simple_packet_signature: sequence number 0 [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:client_sign_outgoing_message(351) client_sign_outgoing_message: sent SMB signature of [2008/12/09 16:14:22, 10] lib/util.c:dump_data(2223) [000] DA 5A 98 7E D9 87 A5 59 .Z.~...Y [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:store_sequence_for_reply(67) store_sequence_for_reply: stored seq = 1 mid = 2 [2008/12/09 16:14:22, 6] libsmb/clientgen.c:write_socket(236) write_socket(25,1224) [2008/12/09 16:14:22, 6] libsmb/clientgen.c:write_socket(239) write_socket(25,1224) wrote 1224 [2008/12/09 16:14:22, 10] lib/util_sock.c:read_smb_length_return_keepalive(1118) got smb length of 197 [2008/12/09 16:14:22, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:22, 5] lib/util.c:show_msg(652) size=197 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51205 smb_tid=0 smb_pid=4114 smb_uid=36865 smb_mid=2 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 197 (0xC5) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 26 (0x1A) smb_bcc=154 [2008/12/09 16:14:22, 10] lib/util.c:dump_data(2223) [000] A1 18 30 16 A0 03 0A 01 00 A1 0B 06 09 2A 86 48 ..0..... .....*.H [010] 82 F7 12 01 02 02 A2 02 04 00 3D 57 00 69 00 6E ........ ..=W.i.n [020] 00 64 00 6F 00 77 00 73 00 20 00 53 00 65 00 72 .d.o.w.s . .S.e.r [030] 00 76 00 65 00 72 00 20 00 32 00 30 00 30 00 33 .v.e.r. .2.0.0.3 [040] 00 20 00 33 00 37 00 39 00 30 00 20 00 53 00 65 . .3.7.9 .0. .S.e [050] 00 72 00 76 00 69 00 63 00 65 00 20 00 50 00 61 .r.v.i.c .e. .P.a [060] 00 63 00 6B 00 20 00 31 00 00 00 57 00 69 00 6E .c.k. .1 ...W.i.n [070] 00 64 00 6F 00 77 00 73 00 20 00 53 00 65 00 72 .d.o.w.s . .S.e.r [080] 00 76 00 65 00 72 00 20 00 32 00 30 00 30 00 33 .v.e.r. .2.0.0.3 [090] 00 20 00 35 00 2E 00 32 00 00 . .5...2 .. [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:get_sequence_for_reply(80) get_sequence_for_reply: found seq = 1 mid = 2 [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:simple_packet_signature(285) simple_packet_signature: sequence number 1 [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:client_check_incoming_message(434) client_check_incoming_message: seq 1: got good SMB signature of [2008/12/09 16:14:22, 10] lib/util.c:dump_data(2223) [000] 97 D9 4C 1D 26 E0 32 DE ..L.&.2. [2008/12/09 16:14:22, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:22, 5] lib/util.c:show_msg(652) size=197 smb_com=0x73 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51205 smb_tid=0 smb_pid=4114 smb_uid=36865 smb_mid=2 smt_wct=4 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 197 (0xC5) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 26 (0x1A) smb_bcc=154 [2008/12/09 16:14:22, 10] lib/util.c:dump_data(2223) [000] A1 18 30 16 A0 03 0A 01 00 A1 0B 06 09 2A 86 48 ..0..... .....*.H [010] 82 F7 12 01 02 02 A2 02 04 00 3D 57 00 69 00 6E ........ ..=W.i.n [020] 00 64 00 6F 00 77 00 73 00 20 00 53 00 65 00 72 .d.o.w.s . .S.e.r [030] 00 76 00 65 00 72 00 20 00 32 00 30 00 30 00 33 .v.e.r. .2.0.0.3 [040] 00 20 00 33 00 37 00 39 00 30 00 20 00 53 00 65 . .3.7.9 .0. .S.e [050] 00 72 00 76 00 69 00 63 00 65 00 20 00 50 00 61 .r.v.i.c .e. .P.a [060] 00 63 00 6B 00 20 00 31 00 00 00 57 00 69 00 6E .c.k. .1 ...W.i.n [070] 00 64 00 6F 00 77 00 73 00 20 00 53 00 65 00 72 .d.o.w.s . .S.e.r [080] 00 76 00 65 00 72 00 20 00 32 00 30 00 30 00 33 .v.e.r. .2.0.0.3 [090] 00 20 00 35 00 2E 00 32 00 00 . .5...2 .. [2008/12/09 16:14:22, 10] libsmb/clientgen.c:cli_init_creds(429) cli_init_creds: user LORDVADER$ domain AHUS [2008/12/09 16:14:22, 10] libsmb/namequery.c:saf_store(75) saf_store: domain = [AHUS], server = [bredde.ahus.no], expire = [1228836562] [2008/12/09 16:14:22, 10] lib/gencache.c:gencache_set(131) Adding cache entry with key = SAF/DOMAIN/AHUS; value = bredde.ahus.no and timeout = Tue Dec 9 16:29:22 2008 (900 seconds ahead) [2008/12/09 16:14:22, 10] libsmb/namequery.c:saf_store(75) saf_store: domain = [AHUS.NO], server = [bredde.ahus.no], expire = [1228836562] [2008/12/09 16:14:22, 10] lib/gencache.c:gencache_set(131) Adding cache entry with key = SAF/DOMAIN/AHUS.NO; value = bredde.ahus.no and timeout = Tue Dec 9 16:29:22 2008 (900 seconds ahead) [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:simple_packet_signature(285) simple_packet_signature: sequence number 2 [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:client_sign_outgoing_message(351) client_sign_outgoing_message: sent SMB signature of [2008/12/09 16:14:22, 10] lib/util.c:dump_data(2223) [000] 2F 60 BA F8 92 B1 C0 D5 /`...... [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:store_sequence_for_reply(67) store_sequence_for_reply: stored seq = 3 mid = 3 [2008/12/09 16:14:22, 6] libsmb/clientgen.c:write_socket(236) write_socket(25,96) [2008/12/09 16:14:22, 6] libsmb/clientgen.c:write_socket(239) write_socket(25,96) wrote 96 [2008/12/09 16:14:22, 10] lib/util_sock.c:read_smb_length_return_keepalive(1118) got smb length of 56 [2008/12/09 16:14:22, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:22, 5] lib/util.c:show_msg(652) size=56 smb_com=0x75 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51205 smb_tid=4102 smb_pid=4114 smb_uid=36865 smb_mid=3 smt_wct=7 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 56 (0x38) smb_vwv[ 2]= 1 (0x1) smb_vwv[ 3]= 511 (0x1FF) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 511 (0x1FF) smb_vwv[ 6]= 0 (0x0) smb_bcc=7 [2008/12/09 16:14:22, 10] lib/util.c:dump_data(2223) [000] 49 50 43 00 00 00 00 IPC.... [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:get_sequence_for_reply(80) get_sequence_for_reply: found seq = 3 mid = 3 [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:simple_packet_signature(285) simple_packet_signature: sequence number 3 [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:client_check_incoming_message(434) client_check_incoming_message: seq 3: got good SMB signature of [2008/12/09 16:14:22, 10] lib/util.c:dump_data(2223) [000] 87 98 A3 51 D0 9F B2 71 ...Q...q [2008/12/09 16:14:22, 10] winbindd/winbindd_cache.c:set_global_winbindd_state_online(2859) set_global_winbindd_state_online: online requested. [2008/12/09 16:14:22, 10] winbindd/winbindd_cache.c:set_global_winbindd_state_online(2862) set_global_winbindd_state_online: rejecting. [2008/12/09 16:14:22, 10] winbindd/winbindd_cm.c:set_domain_online(385) set_domain_online: called for domain AHUS [2008/12/09 16:14:22, 10] winbindd/winbindd_cm.c:set_dc_type_and_flags(1917) set_dc_type_and_flags: setting up flags for primary domain [2008/12/09 16:14:22, 5] winbindd/winbindd_cm.c:set_dc_type_and_flags_connect(1765) set_dc_type_and_flags_connect: domain AHUS [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:simple_packet_signature(285) simple_packet_signature: sequence number 4 [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:client_sign_outgoing_message(351) client_sign_outgoing_message: sent SMB signature of [2008/12/09 16:14:22, 10] lib/util.c:dump_data(2223) [000] A3 0C 90 43 D5 FD 49 39 ...C..I9 [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:store_sequence_for_reply(67) store_sequence_for_reply: stored seq = 5 mid = 4 [2008/12/09 16:14:22, 6] libsmb/clientgen.c:write_socket(236) write_socket(25,104) [2008/12/09 16:14:22, 6] libsmb/clientgen.c:write_socket(239) write_socket(25,104) wrote 104 [2008/12/09 16:14:22, 10] lib/util_sock.c:read_smb_length_return_keepalive(1118) got smb length of 103 [2008/12/09 16:14:22, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:22, 5] lib/util.c:show_msg(652) size=103 smb_com=0xa2 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51205 smb_tid=4102 smb_pid=4114 smb_uid=36865 smb_mid=4 smt_wct=34 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 103 (0x67) smb_vwv[ 2]= 3584 (0xE00) smb_vwv[ 3]= 320 (0x140) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_vwv[18]= 0 (0x0) smb_vwv[19]= 0 (0x0) smb_vwv[20]= 0 (0x0) smb_vwv[21]=32768 (0x8000) smb_vwv[22]= 0 (0x0) smb_vwv[23]= 0 (0x0) smb_vwv[24]= 16 (0x10) smb_vwv[25]= 0 (0x0) smb_vwv[26]= 0 (0x0) smb_vwv[27]= 0 (0x0) smb_vwv[28]= 0 (0x0) smb_vwv[29]= 0 (0x0) smb_vwv[30]= 0 (0x0) smb_vwv[31]= 512 (0x200) smb_vwv[32]=65280 (0xFF00) smb_vwv[33]= 5 (0x5) smb_bcc=0 [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:get_sequence_for_reply(80) get_sequence_for_reply: found seq = 5 mid = 4 [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:simple_packet_signature(285) simple_packet_signature: sequence number 5 [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:client_check_incoming_message(434) client_check_incoming_message: seq 5: got good SMB signature of [2008/12/09 16:14:22, 10] lib/util.c:dump_data(2223) [000] 6D 46 1F 1D 9B E6 4E 54 mF....NT [2008/12/09 16:14:22, 5] rpc_client/cli_pipe.c:rpc_pipe_bind(2049) Bind RPC Pipe[400e]: \lsarpc auth_type 0, auth_level 0 [2008/12/09 16:14:22, 5] rpc_client/cli_pipe.c:valid_pipe_name(1650) Bind Abstract Syntax: [000] 6A 28 19 39 0C B1 D0 11 9B A8 00 C0 4F D9 2E F5 j(.9.... ....O... [010] 00 00 00 00 .... [2008/12/09 16:14:22, 5] rpc_client/cli_pipe.c:valid_pipe_name(1653) Bind Transfer Syntax: [000] 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]...... ....+.H` [010] 02 00 00 00 .... [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_debug(88) 000000 smb_io_rpc_hdr hdr [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0000 major : 05 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0001 minor : 00 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0002 pkt_type : 0b [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0003 flags : 03 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0004 pack_type0: 10 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0005 pack_type1: 00 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0006 pack_type2: 00 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0007 pack_type3: 00 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0008 frag_len : 0048 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 000a auth_len : 0000 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint32(718) 000c call_id : 00000001 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_debug(88) 000010 smb_io_rpc_hdr_rb [2008/12/09 16:14:22, 6] rpc_parse/parse_prs.c:prs_debug(88) 000010 smb_io_rpc_hdr_bba [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0010 max_tsize: 10b8 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0012 max_rsize: 10b8 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint32(718) 0014 assoc_gid: 00000000 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0018 num_contexts: 01 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 001c context_id : 0000 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 001e num_transfer_syntaxes: 01 [2008/12/09 16:14:22, 6] rpc_parse/parse_prs.c:prs_debug(88) 00001f smb_io_rpc_iface [2008/12/09 16:14:22, 7] rpc_parse/parse_prs.c:prs_debug(88) 000020 smb_io_uuid uuid [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint32(718) 0020 data : 3919286a [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0024 data : b10c [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0026 data : 11d0 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8s(865) 0028 data : 9b a8 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8s(865) 002a data : 00 c0 4f d9 2e f5 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint32(718) 0030 version: 00000000 [2008/12/09 16:14:22, 6] rpc_parse/parse_prs.c:prs_debug(88) 000034 smb_io_rpc_iface [2008/12/09 16:14:22, 7] rpc_parse/parse_prs.c:prs_debug(88) 000034 smb_io_uuid uuid [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint32(718) 0034 data : 8a885d04 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0038 data : 1ceb [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 003a data : 11c9 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8s(865) 003c data : 9f e8 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8s(865) 003e data : 08 00 2b 10 48 60 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint32(718) 0044 version: 00000002 [2008/12/09 16:14:22, 5] rpc_client/cli_pipe.c:rpc_api_pipe(769) rpc_api_pipe: Remote machine bredde.ahus.no pipe \lsarpc fnum 0x400e [2008/12/09 16:14:22, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:22, 5] lib/util.c:show_msg(652) size=154 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=4102 smb_pid=4114 smb_uid=36865 smb_mid=5 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 72 (0x48) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 4280 (0x10B8) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 72 (0x48) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=16398 (0x400E) smb_bcc=87 [2008/12/09 16:14:22, 10] lib/util.c:dump_data(2223) [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 0B 03 10 00 00 00 48 00 00 00 01 00 00 00 B8 .......H ........ [020] 10 B8 10 00 00 00 00 01 00 00 00 00 00 01 00 6A ........ .......j [030] 28 19 39 0C B1 D0 11 9B A8 00 C0 4F D9 2E F5 00 (.9..... ...O.... [040] 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B ....]... .......+ [050] 10 48 60 02 00 00 00 .H`.... [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:simple_packet_signature(285) simple_packet_signature: sequence number 6 [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:client_sign_outgoing_message(351) client_sign_outgoing_message: sent SMB signature of [2008/12/09 16:14:22, 10] lib/util.c:dump_data(2223) [000] 90 CB 81 A7 E0 C6 4F CA ......O. [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:store_sequence_for_reply(67) store_sequence_for_reply: stored seq = 7 mid = 5 [2008/12/09 16:14:22, 6] libsmb/clientgen.c:write_socket(236) write_socket(25,158) [2008/12/09 16:14:22, 6] libsmb/clientgen.c:write_socket(239) write_socket(25,158) wrote 158 [2008/12/09 16:14:22, 10] lib/util_sock.c:read_smb_length_return_keepalive(1118) got smb length of 124 [2008/12/09 16:14:22, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:22, 5] lib/util.c:show_msg(652) size=124 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51205 smb_tid=4102 smb_pid=4114 smb_uid=36865 smb_mid=5 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 68 (0x44) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 68 (0x44) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=69 [2008/12/09 16:14:22, 10] lib/util.c:dump_data(2223) [000] 48 05 00 0C 03 10 00 00 00 44 00 00 00 01 00 00 H....... .D...... [010] 00 B8 10 B8 10 BF 61 22 00 0C 00 5C 50 49 50 45 ......a" ...\PIPE [020] 5C 6C 73 61 73 73 00 00 01 01 00 00 00 00 00 00 \lsass.. ........ [030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H [040] 60 02 00 00 00 `.... [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:get_sequence_for_reply(80) get_sequence_for_reply: found seq = 7 mid = 5 [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:simple_packet_signature(285) simple_packet_signature: sequence number 7 [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:client_check_incoming_message(434) client_check_incoming_message: seq 7: got good SMB signature of [2008/12/09 16:14:22, 10] lib/util.c:dump_data(2223) [000] CB 7D 58 5B DD F2 21 59 .}X[..!Y [2008/12/09 16:14:22, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:22, 5] lib/util.c:show_msg(652) size=124 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51205 smb_tid=4102 smb_pid=4114 smb_uid=36865 smb_mid=5 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 68 (0x44) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 68 (0x44) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=69 [2008/12/09 16:14:22, 10] lib/util.c:dump_data(2223) [000] 48 05 00 0C 03 10 00 00 00 44 00 00 00 01 00 00 H....... .D...... [010] 00 B8 10 B8 10 BF 61 22 00 0C 00 5C 50 49 50 45 ......a" ...\PIPE [020] 5C 6C 73 61 73 73 00 00 01 01 00 00 00 00 00 00 \lsass.. ........ [030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H [040] 60 02 00 00 00 `.... [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:get_sequence_for_reply(80) get_sequence_for_reply: found seq = 7 mid = 5 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_debug(88) 000000 smb_io_rpc_hdr rpc_hdr [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0000 major : 05 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0001 minor : 00 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0002 pkt_type : 0c [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0003 flags : 03 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0004 pack_type0: 10 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0005 pack_type1: 00 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0006 pack_type2: 00 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0007 pack_type3: 00 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0008 frag_len : 0044 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 000a auth_len : 0000 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint32(718) 000c call_id : 00000001 [2008/12/09 16:14:22, 10] rpc_client/cli_pipe.c:rpc_api_pipe(842) rpc_api_pipe: got PDU len of 68 at offset 0 [2008/12/09 16:14:22, 10] rpc_client/cli_pipe.c:rpc_api_pipe(893) rpc_api_pipe: Remote machine bredde.ahus.no pipe \lsarpc fnum 0x400e returned 68 bytes. [2008/12/09 16:14:22, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2086) rpc_pipe_bind: Remote machine bredde.ahus.no pipe \lsarpc fnum 0x400e bind request returned ok. [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_debug(88) 000000 smb_io_rpc_hdr hdr [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0000 major : 05 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0001 minor : 00 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0002 pkt_type : 0c [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0003 flags : 03 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0004 pack_type0: 10 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0005 pack_type1: 00 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0006 pack_type2: 00 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0007 pack_type3: 00 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0008 frag_len : 0044 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 000a auth_len : 0000 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint32(718) 000c call_id : 00000001 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_debug(88) 000010 smb_io_rpc_hdr_ba [2008/12/09 16:14:22, 6] rpc_parse/parse_prs.c:prs_debug(88) 000010 smb_io_rpc_hdr_bba [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0010 max_tsize: 10b8 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0012 max_rsize: 10b8 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint32(718) 0014 assoc_gid: 002261bf [2008/12/09 16:14:22, 6] rpc_parse/parse_prs.c:prs_debug(88) 000018 smb_io_rpc_addr_str [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0018 len: 000c [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8s(865) 001a str: \PIPE\lsass. [2008/12/09 16:14:22, 6] rpc_parse/parse_prs.c:prs_debug(88) 000026 smb_io_rpc_results [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0028 num_results: 01 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 002c result : 0000 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 002e reason : 0000 [2008/12/09 16:14:22, 6] rpc_parse/parse_prs.c:prs_debug(88) 000030 smb_io_rpc_iface [2008/12/09 16:14:22, 7] rpc_parse/parse_prs.c:prs_debug(88) 000030 smb_io_uuid uuid [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint32(718) 0030 data : 8a885d04 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0034 data : 1ceb [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0036 data : 11c9 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8s(865) 0038 data : 9f e8 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8s(865) 003a data : 08 00 2b 10 48 60 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint32(718) 0040 version: 00000002 [2008/12/09 16:14:22, 5] rpc_client/cli_pipe.c:check_bind_response(1704) check_bind_response: accepted! [2008/12/09 16:14:22, 10] rpc_client/cli_pipe.c:cli_rpc_pipe_open_noauth(2282) cli_rpc_pipe_open_noauth: opened pipe \lsarpc to machine bredde.ahus.no and bound anonymously. dssetup_DsRoleGetPrimaryDomainInformation: struct dssetup_DsRoleGetPrimaryDomainInformation in: struct dssetup_DsRoleGetPrimaryDomainInformation level : DS_ROLE_BASIC_INFORMATION (1) [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_debug(88) 000000 smb_io_rpc_hdr hdr [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0000 major : 05 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0001 minor : 00 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0002 pkt_type : 00 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0003 flags : 03 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0004 pack_type0: 10 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0005 pack_type1: 00 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0006 pack_type2: 00 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0007 pack_type3: 00 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0008 frag_len : 001a [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 000a auth_len : 0000 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint32(718) 000c call_id : 00000002 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_debug(88) 000010 smb_io_rpc_hdr_req hdr_req [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint32(718) 0010 alloc_hint: 00000002 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0014 context_id: 0000 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0016 opnum : 0000 [2008/12/09 16:14:22, 5] rpc_client/cli_pipe.c:rpc_api_pipe(769) rpc_api_pipe: Remote machine bredde.ahus.no pipe \lsarpc fnum 0x400e [2008/12/09 16:14:22, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:22, 5] lib/util.c:show_msg(652) size=108 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=4102 smb_pid=4114 smb_uid=36865 smb_mid=6 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 26 (0x1A) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 4280 (0x10B8) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 26 (0x1A) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=16398 (0x400E) smb_bcc=41 [2008/12/09 16:14:22, 10] lib/util.c:dump_data(2223) [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 00 03 10 00 00 00 1A 00 00 00 02 00 00 00 02 ........ ........ [020] 00 00 00 00 00 00 00 01 00 ........ . [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:simple_packet_signature(285) simple_packet_signature: sequence number 8 [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:client_sign_outgoing_message(351) client_sign_outgoing_message: sent SMB signature of [2008/12/09 16:14:22, 10] lib/util.c:dump_data(2223) [000] 18 BC 10 54 1E C9 00 B1 ...T.... [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:store_sequence_for_reply(67) store_sequence_for_reply: stored seq = 9 mid = 6 [2008/12/09 16:14:22, 6] libsmb/clientgen.c:write_socket(236) write_socket(25,112) [2008/12/09 16:14:22, 6] libsmb/clientgen.c:write_socket(239) write_socket(25,112) wrote 112 [2008/12/09 16:14:22, 10] lib/util_sock.c:read_smb_length_return_keepalive(1118) got smb length of 208 [2008/12/09 16:14:22, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:22, 5] lib/util.c:show_msg(652) size=208 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51205 smb_tid=4102 smb_pid=4114 smb_uid=36865 smb_mid=6 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 152 (0x98) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 152 (0x98) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=153 [2008/12/09 16:14:22, 10] lib/util.c:dump_data(2223) [000] 1A 05 00 02 03 10 00 00 00 98 00 00 00 02 00 00 ........ ........ [010] 00 80 00 00 00 00 00 00 00 00 00 02 00 01 00 00 ........ ........ [020] 00 04 00 00 00 01 00 00 01 04 00 02 00 08 00 02 ........ ........ [030] 00 0C 00 02 00 2D F9 6D D3 8A 62 5E 43 BE DE 27 .....-.m ..b^C..' [040] CB 29 AA CD A1 05 00 00 00 00 00 00 00 05 00 00 .)...... ........ [050] 00 41 00 48 00 55 00 53 00 00 00 55 7A 08 00 00 .A.H.U.S ...Uz... [060] 00 00 00 00 00 08 00 00 00 61 00 68 00 75 00 73 ........ .a.h.u.s [070] 00 2E 00 6E 00 6F 00 00 00 08 00 00 00 00 00 00 ...n.o.. ........ [080] 00 08 00 00 00 61 00 68 00 75 00 73 00 2E 00 6E .....a.h .u.s...n [090] 00 6F 00 00 00 00 00 00 00 .o...... . [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:get_sequence_for_reply(80) get_sequence_for_reply: found seq = 9 mid = 6 [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:simple_packet_signature(285) simple_packet_signature: sequence number 9 [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:client_check_incoming_message(434) client_check_incoming_message: seq 9: got good SMB signature of [2008/12/09 16:14:22, 10] lib/util.c:dump_data(2223) [000] 00 E4 91 71 83 1C 11 41 ...q...A [2008/12/09 16:14:22, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:22, 5] lib/util.c:show_msg(652) size=208 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51205 smb_tid=4102 smb_pid=4114 smb_uid=36865 smb_mid=6 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 152 (0x98) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 152 (0x98) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=153 [2008/12/09 16:14:22, 10] lib/util.c:dump_data(2223) [000] 1A 05 00 02 03 10 00 00 00 98 00 00 00 02 00 00 ........ ........ [010] 00 80 00 00 00 00 00 00 00 00 00 02 00 01 00 00 ........ ........ [020] 00 04 00 00 00 01 00 00 01 04 00 02 00 08 00 02 ........ ........ [030] 00 0C 00 02 00 2D F9 6D D3 8A 62 5E 43 BE DE 27 .....-.m ..b^C..' [040] CB 29 AA CD A1 05 00 00 00 00 00 00 00 05 00 00 .)...... ........ [050] 00 41 00 48 00 55 00 53 00 00 00 55 7A 08 00 00 .A.H.U.S ...Uz... [060] 00 00 00 00 00 08 00 00 00 61 00 68 00 75 00 73 ........ .a.h.u.s [070] 00 2E 00 6E 00 6F 00 00 00 08 00 00 00 00 00 00 ...n.o.. ........ [080] 00 08 00 00 00 61 00 68 00 75 00 73 00 2E 00 6E .....a.h .u.s...n [090] 00 6F 00 00 00 00 00 00 00 .o...... . [2008/12/09 16:14:22, 10] libsmb/smb_signing.c:get_sequence_for_reply(80) get_sequence_for_reply: found seq = 9 mid = 6 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_debug(88) 000000 smb_io_rpc_hdr rpc_hdr [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0000 major : 05 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0001 minor : 00 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0002 pkt_type : 02 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0003 flags : 03 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0004 pack_type0: 10 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0005 pack_type1: 00 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0006 pack_type2: 00 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0007 pack_type3: 00 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0008 frag_len : 0098 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint16(689) 000a auth_len : 0000 [2008/12/09 16:14:22, 5] rpc_parse/parse_prs.c:prs_uint32(718) 000c call_id : 00000002 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_debug(88) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint32(718) 0010 alloc_hint: 00000080 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0014 context_id: 0000 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0016 cancel_ct : 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0017 reserved : 00 [2008/12/09 16:14:23, 10] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(576) cli_pipe_validate_current_pdu: got pdu len 152, data_len 128, ss_len 0 [2008/12/09 16:14:23, 10] rpc_client/cli_pipe.c:rpc_api_pipe(842) rpc_api_pipe: got PDU len of 152 at offset 0 [2008/12/09 16:14:23, 10] rpc_client/cli_pipe.c:rpc_api_pipe(893) rpc_api_pipe: Remote machine bredde.ahus.no pipe \lsarpc fnum 0x400e returned 256 bytes. dssetup_DsRoleGetPrimaryDomainInformation: struct dssetup_DsRoleGetPrimaryDomainInformation out: struct dssetup_DsRoleGetPrimaryDomainInformation info : * info : union dssetup_DsRoleInfo(case 1) basic: struct dssetup_DsRolePrimaryDomInfoBasic role : DS_ROLE_BACKUP_DC (4) flags : 0x01000001 (16777217) 1: DS_ROLE_PRIMARY_DS_RUNNING 0: DS_ROLE_PRIMARY_DS_MIXED_MODE 0: DS_ROLE_UPGRADE_IN_PROGRESS 1: DS_ROLE_PRIMARY_DOMAIN_GUID_PRESENT domain : * domain : 'AHUS' dns_domain : * dns_domain : 'ahus.no' forest : * forest : 'ahus.no' domain_guid : d36df92d-628a-435e-bede-27cb29aacda1 result : WERR_OK [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:simple_packet_signature(285) simple_packet_signature: sequence number 10 [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:client_sign_outgoing_message(351) client_sign_outgoing_message: sent SMB signature of [2008/12/09 16:14:23, 10] lib/util.c:dump_data(2223) [000] BF 60 B8 9F 91 4C 0F 94 .`...L.. [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:store_sequence_for_reply(67) store_sequence_for_reply: stored seq = 11 mid = 7 [2008/12/09 16:14:23, 6] libsmb/clientgen.c:write_socket(236) write_socket(25,45) [2008/12/09 16:14:23, 6] libsmb/clientgen.c:write_socket(239) write_socket(25,45) wrote 45 [2008/12/09 16:14:23, 10] lib/util_sock.c:read_smb_length_return_keepalive(1118) got smb length of 35 [2008/12/09 16:14:23, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:23, 5] lib/util.c:show_msg(652) size=35 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51205 smb_tid=4102 smb_pid=4114 smb_uid=36865 smb_mid=7 smt_wct=0 smb_bcc=0 [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:get_sequence_for_reply(80) get_sequence_for_reply: found seq = 11 mid = 7 [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:simple_packet_signature(285) simple_packet_signature: sequence number 11 [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:client_check_incoming_message(434) client_check_incoming_message: seq 11: got good SMB signature of [2008/12/09 16:14:23, 10] lib/util.c:dump_data(2223) [000] 76 F9 D9 8A 49 23 EA 34 v...I#.4 [2008/12/09 16:14:23, 10] libsmb/clientgen.c:cli_rpc_pipe_close(567) cli_rpc_pipe_close: closed pipe \lsarpc to machine bredde.ahus.no [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:simple_packet_signature(285) simple_packet_signature: sequence number 12 [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:client_sign_outgoing_message(351) client_sign_outgoing_message: sent SMB signature of [2008/12/09 16:14:23, 10] lib/util.c:dump_data(2223) [000] DA 00 6A 2B 9C 61 2A C8 ..j+.a*. [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:store_sequence_for_reply(67) store_sequence_for_reply: stored seq = 13 mid = 8 [2008/12/09 16:14:23, 6] libsmb/clientgen.c:write_socket(236) write_socket(25,104) [2008/12/09 16:14:23, 6] libsmb/clientgen.c:write_socket(239) write_socket(25,104) wrote 104 [2008/12/09 16:14:23, 10] lib/util_sock.c:read_smb_length_return_keepalive(1118) got smb length of 103 [2008/12/09 16:14:23, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:23, 5] lib/util.c:show_msg(652) size=103 smb_com=0xa2 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51205 smb_tid=4102 smb_pid=4114 smb_uid=36865 smb_mid=8 smt_wct=34 smb_vwv[ 0]= 255 (0xFF) smb_vwv[ 1]= 103 (0x67) smb_vwv[ 2]= 3840 (0xF00) smb_vwv[ 3]= 320 (0x140) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 0 (0x0) smb_vwv[11]= 0 (0x0) smb_vwv[12]= 0 (0x0) smb_vwv[13]= 0 (0x0) smb_vwv[14]= 0 (0x0) smb_vwv[15]= 0 (0x0) smb_vwv[16]= 0 (0x0) smb_vwv[17]= 0 (0x0) smb_vwv[18]= 0 (0x0) smb_vwv[19]= 0 (0x0) smb_vwv[20]= 0 (0x0) smb_vwv[21]=32768 (0x8000) smb_vwv[22]= 0 (0x0) smb_vwv[23]= 0 (0x0) smb_vwv[24]= 16 (0x10) smb_vwv[25]= 0 (0x0) smb_vwv[26]= 0 (0x0) smb_vwv[27]= 0 (0x0) smb_vwv[28]= 0 (0x0) smb_vwv[29]= 0 (0x0) smb_vwv[30]= 0 (0x0) smb_vwv[31]= 512 (0x200) smb_vwv[32]=65280 (0xFF00) smb_vwv[33]= 5 (0x5) smb_bcc=0 [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:get_sequence_for_reply(80) get_sequence_for_reply: found seq = 13 mid = 8 [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:simple_packet_signature(285) simple_packet_signature: sequence number 13 [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:client_check_incoming_message(434) client_check_incoming_message: seq 13: got good SMB signature of [2008/12/09 16:14:23, 10] lib/util.c:dump_data(2223) [000] 2D 16 C3 4C 0E B7 C9 A6 -..L.... [2008/12/09 16:14:23, 5] rpc_client/cli_pipe.c:rpc_pipe_bind(2049) Bind RPC Pipe[400f]: \lsarpc auth_type 0, auth_level 0 [2008/12/09 16:14:23, 5] rpc_client/cli_pipe.c:valid_pipe_name(1650) Bind Abstract Syntax: [000] 78 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 AB xW4.4... ...#Eg.. [010] 00 00 00 00 .... [2008/12/09 16:14:23, 5] rpc_client/cli_pipe.c:valid_pipe_name(1653) Bind Transfer Syntax: [000] 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]...... ....+.H` [010] 02 00 00 00 .... [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_debug(88) 000000 smb_io_rpc_hdr hdr [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0000 major : 05 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0001 minor : 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0002 pkt_type : 0b [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0003 flags : 03 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0004 pack_type0: 10 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0005 pack_type1: 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0006 pack_type2: 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0007 pack_type3: 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0008 frag_len : 0048 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 000a auth_len : 0000 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint32(718) 000c call_id : 00000003 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_debug(88) 000010 smb_io_rpc_hdr_rb [2008/12/09 16:14:23, 6] rpc_parse/parse_prs.c:prs_debug(88) 000010 smb_io_rpc_hdr_bba [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0010 max_tsize: 10b8 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0012 max_rsize: 10b8 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint32(718) 0014 assoc_gid: 00000000 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0018 num_contexts: 01 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 001c context_id : 0000 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 001e num_transfer_syntaxes: 01 [2008/12/09 16:14:23, 6] rpc_parse/parse_prs.c:prs_debug(88) 00001f smb_io_rpc_iface [2008/12/09 16:14:23, 7] rpc_parse/parse_prs.c:prs_debug(88) 000020 smb_io_uuid uuid [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint32(718) 0020 data : 12345778 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0024 data : 1234 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0026 data : abcd [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8s(865) 0028 data : ef 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8s(865) 002a data : 01 23 45 67 89 ab [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint32(718) 0030 version: 00000000 [2008/12/09 16:14:23, 6] rpc_parse/parse_prs.c:prs_debug(88) 000034 smb_io_rpc_iface [2008/12/09 16:14:23, 7] rpc_parse/parse_prs.c:prs_debug(88) 000034 smb_io_uuid uuid [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint32(718) 0034 data : 8a885d04 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0038 data : 1ceb [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 003a data : 11c9 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8s(865) 003c data : 9f e8 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8s(865) 003e data : 08 00 2b 10 48 60 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint32(718) 0044 version: 00000002 [2008/12/09 16:14:23, 5] rpc_client/cli_pipe.c:rpc_api_pipe(769) rpc_api_pipe: Remote machine bredde.ahus.no pipe \lsarpc fnum 0x400f [2008/12/09 16:14:23, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:23, 5] lib/util.c:show_msg(652) size=154 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=4102 smb_pid=4114 smb_uid=36865 smb_mid=9 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 72 (0x48) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 4280 (0x10B8) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 72 (0x48) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=16399 (0x400F) smb_bcc=87 [2008/12/09 16:14:23, 10] lib/util.c:dump_data(2223) [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 0B 03 10 00 00 00 48 00 00 00 03 00 00 00 B8 .......H ........ [020] 10 B8 10 00 00 00 00 01 00 00 00 00 00 01 00 78 ........ .......x [030] 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 AB 00 W4.4.... ..#Eg... [040] 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B ....]... .......+ [050] 10 48 60 02 00 00 00 .H`.... [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:simple_packet_signature(285) simple_packet_signature: sequence number 14 [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:client_sign_outgoing_message(351) client_sign_outgoing_message: sent SMB signature of [2008/12/09 16:14:23, 10] lib/util.c:dump_data(2223) [000] A6 6D A6 CB 76 7E D7 53 .m..v~.S [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:store_sequence_for_reply(67) store_sequence_for_reply: stored seq = 15 mid = 9 [2008/12/09 16:14:23, 6] libsmb/clientgen.c:write_socket(236) write_socket(25,158) [2008/12/09 16:14:23, 6] libsmb/clientgen.c:write_socket(239) write_socket(25,158) wrote 158 [2008/12/09 16:14:23, 10] lib/util_sock.c:read_smb_length_return_keepalive(1118) got smb length of 124 [2008/12/09 16:14:23, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:23, 5] lib/util.c:show_msg(652) size=124 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51205 smb_tid=4102 smb_pid=4114 smb_uid=36865 smb_mid=9 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 68 (0x44) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 68 (0x44) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=69 [2008/12/09 16:14:23, 10] lib/util.c:dump_data(2223) [000] 48 05 00 0C 03 10 00 00 00 44 00 00 00 03 00 00 H....... .D...... [010] 00 B8 10 B8 10 C0 61 22 00 0C 00 5C 50 49 50 45 ......a" ...\PIPE [020] 5C 6C 73 61 73 73 00 00 01 01 00 00 00 00 00 00 \lsass.. ........ [030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H [040] 60 02 00 00 00 `.... [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:get_sequence_for_reply(80) get_sequence_for_reply: found seq = 15 mid = 9 [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:simple_packet_signature(285) simple_packet_signature: sequence number 15 [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:client_check_incoming_message(434) client_check_incoming_message: seq 15: got good SMB signature of [2008/12/09 16:14:23, 10] lib/util.c:dump_data(2223) [000] 7D 58 51 C2 38 91 10 AE }XQ.8... [2008/12/09 16:14:23, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:23, 5] lib/util.c:show_msg(652) size=124 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51205 smb_tid=4102 smb_pid=4114 smb_uid=36865 smb_mid=9 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 68 (0x44) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 68 (0x44) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=69 [2008/12/09 16:14:23, 10] lib/util.c:dump_data(2223) [000] 48 05 00 0C 03 10 00 00 00 44 00 00 00 03 00 00 H....... .D...... [010] 00 B8 10 B8 10 C0 61 22 00 0C 00 5C 50 49 50 45 ......a" ...\PIPE [020] 5C 6C 73 61 73 73 00 00 01 01 00 00 00 00 00 00 \lsass.. ........ [030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H [040] 60 02 00 00 00 `.... [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:get_sequence_for_reply(80) get_sequence_for_reply: found seq = 15 mid = 9 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_debug(88) 000000 smb_io_rpc_hdr rpc_hdr [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0000 major : 05 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0001 minor : 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0002 pkt_type : 0c [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0003 flags : 03 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0004 pack_type0: 10 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0005 pack_type1: 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0006 pack_type2: 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0007 pack_type3: 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0008 frag_len : 0044 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 000a auth_len : 0000 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint32(718) 000c call_id : 00000003 [2008/12/09 16:14:23, 10] rpc_client/cli_pipe.c:rpc_api_pipe(842) rpc_api_pipe: got PDU len of 68 at offset 0 [2008/12/09 16:14:23, 10] rpc_client/cli_pipe.c:rpc_api_pipe(893) rpc_api_pipe: Remote machine bredde.ahus.no pipe \lsarpc fnum 0x400f returned 68 bytes. [2008/12/09 16:14:23, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2086) rpc_pipe_bind: Remote machine bredde.ahus.no pipe \lsarpc fnum 0x400f bind request returned ok. [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_debug(88) 000000 smb_io_rpc_hdr hdr [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0000 major : 05 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0001 minor : 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0002 pkt_type : 0c [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0003 flags : 03 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0004 pack_type0: 10 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0005 pack_type1: 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0006 pack_type2: 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0007 pack_type3: 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0008 frag_len : 0044 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 000a auth_len : 0000 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint32(718) 000c call_id : 00000003 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_debug(88) 000010 smb_io_rpc_hdr_ba [2008/12/09 16:14:23, 6] rpc_parse/parse_prs.c:prs_debug(88) 000010 smb_io_rpc_hdr_bba [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0010 max_tsize: 10b8 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0012 max_rsize: 10b8 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint32(718) 0014 assoc_gid: 002261c0 [2008/12/09 16:14:23, 6] rpc_parse/parse_prs.c:prs_debug(88) 000018 smb_io_rpc_addr_str [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0018 len: 000c [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8s(865) 001a str: \PIPE\lsass. [2008/12/09 16:14:23, 6] rpc_parse/parse_prs.c:prs_debug(88) 000026 smb_io_rpc_results [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0028 num_results: 01 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 002c result : 0000 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 002e reason : 0000 [2008/12/09 16:14:23, 6] rpc_parse/parse_prs.c:prs_debug(88) 000030 smb_io_rpc_iface [2008/12/09 16:14:23, 7] rpc_parse/parse_prs.c:prs_debug(88) 000030 smb_io_uuid uuid [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint32(718) 0030 data : 8a885d04 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0034 data : 1ceb [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0036 data : 11c9 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8s(865) 0038 data : 9f e8 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8s(865) 003a data : 08 00 2b 10 48 60 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint32(718) 0040 version: 00000002 [2008/12/09 16:14:23, 5] rpc_client/cli_pipe.c:check_bind_response(1704) check_bind_response: accepted! [2008/12/09 16:14:23, 10] rpc_client/cli_pipe.c:cli_rpc_pipe_open_noauth(2282) cli_rpc_pipe_open_noauth: opened pipe \lsarpc to machine bredde.ahus.no and bound anonymously. [2008/12/09 16:14:23, 5] rpc_client/init_lsa.c:init_lsa_sec_qos(70) init_lsa_sec_qos [2008/12/09 16:14:23, 5] rpc_client/init_lsa.c:init_lsa_obj_attr(90) init_lsa_obj_attr lsa_OpenPolicy2: struct lsa_OpenPolicy2 in: struct lsa_OpenPolicy2 system_name : * system_name : '' attr : * attr: struct lsa_ObjectAttribute len : 0x00000018 (24) root_dir : NULL object_name : NULL attributes : 0x00000000 (0) sec_desc : NULL sec_qos : * sec_qos: struct lsa_QosInfo len : 0x0000000c (12) impersonation_level : 0x0002 (2) context_mode : 0x01 (1) effective_only : 0x00 (0) access_mask : 0x02000000 (33554432) 0: LSA_POLICY_VIEW_LOCAL_INFORMATION 0: LSA_POLICY_VIEW_AUDIT_INFORMATION 0: LSA_POLICY_GET_PRIVATE_INFORMATION 0: LSA_POLICY_TRUST_ADMIN 0: LSA_POLICY_CREATE_ACCOUNT 0: LSA_POLICY_CREATE_SECRET 0: LSA_POLICY_CREATE_PRIVILEGE 0: LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS 0: LSA_POLICY_SET_AUDIT_REQUIREMENTS 0: LSA_POLICY_AUDIT_LOG_ADMIN 0: LSA_POLICY_SERVER_ADMIN 0: LSA_POLICY_LOOKUP_NAMES [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_debug(88) 000000 smb_io_rpc_hdr hdr [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0000 major : 05 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0001 minor : 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0002 pkt_type : 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0003 flags : 03 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0004 pack_type0: 10 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0005 pack_type1: 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0006 pack_type2: 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0007 pack_type3: 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0008 frag_len : 0050 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 000a auth_len : 0000 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint32(718) 000c call_id : 00000004 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_debug(88) 000010 smb_io_rpc_hdr_req hdr_req [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint32(718) 0010 alloc_hint: 00000038 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0014 context_id: 0000 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0016 opnum : 002c [2008/12/09 16:14:23, 5] rpc_client/cli_pipe.c:rpc_api_pipe(769) rpc_api_pipe: Remote machine bredde.ahus.no pipe \lsarpc fnum 0x400f [2008/12/09 16:14:23, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:23, 5] lib/util.c:show_msg(652) size=162 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=4102 smb_pid=4114 smb_uid=36865 smb_mid=10 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 80 (0x50) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 4280 (0x10B8) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 80 (0x50) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=16399 (0x400F) smb_bcc=95 [2008/12/09 16:14:23, 10] lib/util.c:dump_data(2223) [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 00 03 10 00 00 00 50 00 00 00 04 00 00 00 38 .......P .......8 [020] 00 00 00 00 00 2C 00 00 00 02 00 01 00 00 00 00 .....,.. ........ [030] 00 00 00 01 00 00 00 00 00 00 00 18 00 00 00 00 ........ ........ [040] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 ........ ........ [050] 00 02 00 0C 00 00 00 02 00 01 00 00 00 00 02 ........ ....... [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:simple_packet_signature(285) simple_packet_signature: sequence number 16 [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:client_sign_outgoing_message(351) client_sign_outgoing_message: sent SMB signature of [2008/12/09 16:14:23, 10] lib/util.c:dump_data(2223) [000] 5D 12 4A 85 EB 0A 78 8F ].J...x. [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:store_sequence_for_reply(67) store_sequence_for_reply: stored seq = 17 mid = 10 [2008/12/09 16:14:23, 6] libsmb/clientgen.c:write_socket(236) write_socket(25,166) [2008/12/09 16:14:23, 6] libsmb/clientgen.c:write_socket(239) write_socket(25,166) wrote 166 [2008/12/09 16:14:23, 10] lib/util_sock.c:read_smb_length_return_keepalive(1118) got smb length of 104 [2008/12/09 16:14:23, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:23, 5] lib/util.c:show_msg(652) size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51205 smb_tid=4102 smb_pid=4114 smb_uid=36865 smb_mid=10 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [2008/12/09 16:14:23, 10] lib/util.c:dump_data(2223) [000] 50 05 00 02 03 10 00 00 00 30 00 00 00 04 00 00 P....... .0...... [010] 00 18 00 00 00 00 00 00 00 00 00 00 00 A4 DB 09 ........ ........ [020] C2 62 32 00 44 AE 29 CA 1E B5 C4 9D EA 00 00 00 .b2.D.). ........ [030] 00 . [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:get_sequence_for_reply(80) get_sequence_for_reply: found seq = 17 mid = 10 [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:simple_packet_signature(285) simple_packet_signature: sequence number 17 [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:client_check_incoming_message(434) client_check_incoming_message: seq 17: got good SMB signature of [2008/12/09 16:14:23, 10] lib/util.c:dump_data(2223) [000] B7 79 25 90 13 80 A5 0C .y%..... [2008/12/09 16:14:23, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:23, 5] lib/util.c:show_msg(652) size=104 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51205 smb_tid=4102 smb_pid=4114 smb_uid=36865 smb_mid=10 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 48 (0x30) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 48 (0x30) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=49 [2008/12/09 16:14:23, 10] lib/util.c:dump_data(2223) [000] 50 05 00 02 03 10 00 00 00 30 00 00 00 04 00 00 P....... .0...... [010] 00 18 00 00 00 00 00 00 00 00 00 00 00 A4 DB 09 ........ ........ [020] C2 62 32 00 44 AE 29 CA 1E B5 C4 9D EA 00 00 00 .b2.D.). ........ [030] 00 . [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:get_sequence_for_reply(80) get_sequence_for_reply: found seq = 17 mid = 10 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_debug(88) 000000 smb_io_rpc_hdr rpc_hdr [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0000 major : 05 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0001 minor : 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0002 pkt_type : 02 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0003 flags : 03 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0004 pack_type0: 10 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0005 pack_type1: 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0006 pack_type2: 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0007 pack_type3: 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0008 frag_len : 0030 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 000a auth_len : 0000 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint32(718) 000c call_id : 00000004 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_debug(88) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint32(718) 0010 alloc_hint: 00000018 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0014 context_id: 0000 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0016 cancel_ct : 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0017 reserved : 00 [2008/12/09 16:14:23, 10] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(576) cli_pipe_validate_current_pdu: got pdu len 48, data_len 24, ss_len 0 [2008/12/09 16:14:23, 10] rpc_client/cli_pipe.c:rpc_api_pipe(842) rpc_api_pipe: got PDU len of 48 at offset 0 [2008/12/09 16:14:23, 10] rpc_client/cli_pipe.c:rpc_api_pipe(893) rpc_api_pipe: Remote machine bredde.ahus.no pipe \lsarpc fnum 0x400f returned 48 bytes. lsa_OpenPolicy2: struct lsa_OpenPolicy2 out: struct lsa_OpenPolicy2 handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : c209dba4-3262-4400-ae29-ca1eb5c49dea result : NT_STATUS_OK lsa_QueryInfoPolicy2: struct lsa_QueryInfoPolicy2 in: struct lsa_QueryInfoPolicy2 handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : c209dba4-3262-4400-ae29-ca1eb5c49dea level : LSA_POLICY_INFO_DNS (12) [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_debug(88) 000000 smb_io_rpc_hdr hdr [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0000 major : 05 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0001 minor : 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0002 pkt_type : 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0003 flags : 03 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0004 pack_type0: 10 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0005 pack_type1: 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0006 pack_type2: 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0007 pack_type3: 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0008 frag_len : 002e [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 000a auth_len : 0000 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint32(718) 000c call_id : 00000005 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_debug(88) 000010 smb_io_rpc_hdr_req hdr_req [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint32(718) 0010 alloc_hint: 00000016 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0014 context_id: 0000 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0016 opnum : 002e [2008/12/09 16:14:23, 5] rpc_client/cli_pipe.c:rpc_api_pipe(769) rpc_api_pipe: Remote machine bredde.ahus.no pipe \lsarpc fnum 0x400f [2008/12/09 16:14:23, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:23, 5] lib/util.c:show_msg(652) size=128 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=8 smb_flg2=51201 smb_tid=4102 smb_pid=4114 smb_uid=36865 smb_mid=11 smt_wct=16 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 46 (0x2E) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 4280 (0x10B8) smb_vwv[ 4]= 0 (0x0) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 0 (0x0) smb_vwv[ 7]= 0 (0x0) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_vwv[10]= 82 (0x52) smb_vwv[11]= 46 (0x2E) smb_vwv[12]= 82 (0x52) smb_vwv[13]= 2 (0x2) smb_vwv[14]= 38 (0x26) smb_vwv[15]=16399 (0x400F) smb_bcc=61 [2008/12/09 16:14:23, 10] lib/util.c:dump_data(2223) [000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 .\.P.I.P .E.\.... [010] 00 00 03 10 00 00 00 2E 00 00 00 05 00 00 00 16 ........ ........ [020] 00 00 00 00 00 2E 00 00 00 00 00 A4 DB 09 C2 62 ........ .......b [030] 32 00 44 AE 29 CA 1E B5 C4 9D EA 0C 00 2.D.)... ..... [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:simple_packet_signature(285) simple_packet_signature: sequence number 18 [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:client_sign_outgoing_message(351) client_sign_outgoing_message: sent SMB signature of [2008/12/09 16:14:23, 10] lib/util.c:dump_data(2223) [000] 9A 8C EE EC 99 D6 3B A0 ......;. [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:store_sequence_for_reply(67) store_sequence_for_reply: stored seq = 19 mid = 11 [2008/12/09 16:14:23, 6] libsmb/clientgen.c:write_socket(236) write_socket(25,132) [2008/12/09 16:14:23, 6] libsmb/clientgen.c:write_socket(239) write_socket(25,132) wrote 132 [2008/12/09 16:14:23, 10] lib/util_sock.c:read_smb_length_return_keepalive(1118) got smb length of 240 [2008/12/09 16:14:23, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:23, 5] lib/util.c:show_msg(652) size=240 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51205 smb_tid=4102 smb_pid=4114 smb_uid=36865 smb_mid=11 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 184 (0xB8) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 184 (0xB8) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=185 [2008/12/09 16:14:23, 10] lib/util.c:dump_data(2223) [000] 2E 05 00 02 03 10 00 00 00 B8 00 00 00 05 00 00 ........ ........ [010] 00 A0 00 00 00 00 00 00 00 00 00 02 00 0C 00 00 ........ ........ [020] 00 08 00 0A 00 04 00 02 00 0E 00 10 00 08 00 02 ........ ........ [030] 00 0E 00 10 00 0C 00 02 00 2D F9 6D D3 8A 62 5E ........ .-.m..b^ [040] 43 BE DE 27 CB 29 AA CD A1 10 00 02 00 05 00 00 C..'.).. ........ [050] 00 00 00 00 00 04 00 00 00 41 00 48 00 55 00 53 ........ .A.H.U.S [060] 00 08 00 00 00 00 00 00 00 07 00 00 00 61 00 68 ........ .....a.h [070] 00 75 00 73 00 2E 00 6E 00 6F 00 00 00 08 00 00 .u.s...n .o...... [080] 00 00 00 00 00 07 00 00 00 61 00 68 00 75 00 73 ........ .a.h.u.s [090] 00 2E 00 6E 00 6F 00 00 00 04 00 00 00 01 04 00 ...n.o.. ........ [0A0] 00 00 00 00 05 15 00 00 00 A6 5F B8 2F A0 A6 2D ........ .._./..- [0B0] 48 17 EF 24 40 00 00 00 00 H..$@... . [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:get_sequence_for_reply(80) get_sequence_for_reply: found seq = 19 mid = 11 [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:simple_packet_signature(285) simple_packet_signature: sequence number 19 [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:client_check_incoming_message(434) client_check_incoming_message: seq 19: got good SMB signature of [2008/12/09 16:14:23, 10] lib/util.c:dump_data(2223) [000] 1A 0B 4B 49 9E AE B4 87 ..KI.... [2008/12/09 16:14:23, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:23, 5] lib/util.c:show_msg(652) size=240 smb_com=0x25 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51205 smb_tid=4102 smb_pid=4114 smb_uid=36865 smb_mid=11 smt_wct=10 smb_vwv[ 0]= 0 (0x0) smb_vwv[ 1]= 184 (0xB8) smb_vwv[ 2]= 0 (0x0) smb_vwv[ 3]= 0 (0x0) smb_vwv[ 4]= 56 (0x38) smb_vwv[ 5]= 0 (0x0) smb_vwv[ 6]= 184 (0xB8) smb_vwv[ 7]= 56 (0x38) smb_vwv[ 8]= 0 (0x0) smb_vwv[ 9]= 0 (0x0) smb_bcc=185 [2008/12/09 16:14:23, 10] lib/util.c:dump_data(2223) [000] 2E 05 00 02 03 10 00 00 00 B8 00 00 00 05 00 00 ........ ........ [010] 00 A0 00 00 00 00 00 00 00 00 00 02 00 0C 00 00 ........ ........ [020] 00 08 00 0A 00 04 00 02 00 0E 00 10 00 08 00 02 ........ ........ [030] 00 0E 00 10 00 0C 00 02 00 2D F9 6D D3 8A 62 5E ........ .-.m..b^ [040] 43 BE DE 27 CB 29 AA CD A1 10 00 02 00 05 00 00 C..'.).. ........ [050] 00 00 00 00 00 04 00 00 00 41 00 48 00 55 00 53 ........ .A.H.U.S [060] 00 08 00 00 00 00 00 00 00 07 00 00 00 61 00 68 ........ .....a.h [070] 00 75 00 73 00 2E 00 6E 00 6F 00 00 00 08 00 00 .u.s...n .o...... [080] 00 00 00 00 00 07 00 00 00 61 00 68 00 75 00 73 ........ .a.h.u.s [090] 00 2E 00 6E 00 6F 00 00 00 04 00 00 00 01 04 00 ...n.o.. ........ [0A0] 00 00 00 00 05 15 00 00 00 A6 5F B8 2F A0 A6 2D ........ .._./..- [0B0] 48 17 EF 24 40 00 00 00 00 H..$@... . [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:get_sequence_for_reply(80) get_sequence_for_reply: found seq = 19 mid = 11 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_debug(88) 000000 smb_io_rpc_hdr rpc_hdr [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0000 major : 05 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0001 minor : 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0002 pkt_type : 02 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0003 flags : 03 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0004 pack_type0: 10 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0005 pack_type1: 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0006 pack_type2: 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0007 pack_type3: 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0008 frag_len : 00b8 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 000a auth_len : 0000 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint32(718) 000c call_id : 00000005 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_debug(88) 000010 smb_io_rpc_hdr_resp rpc_hdr_resp [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint32(718) 0010 alloc_hint: 000000a0 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint16(689) 0014 context_id: 0000 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0016 cancel_ct : 00 [2008/12/09 16:14:23, 5] rpc_parse/parse_prs.c:prs_uint8(624) 0017 reserved : 00 [2008/12/09 16:14:23, 10] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(576) cli_pipe_validate_current_pdu: got pdu len 184, data_len 160, ss_len 0 [2008/12/09 16:14:23, 10] rpc_client/cli_pipe.c:rpc_api_pipe(842) rpc_api_pipe: got PDU len of 184 at offset 0 [2008/12/09 16:14:23, 10] rpc_client/cli_pipe.c:rpc_api_pipe(893) rpc_api_pipe: Remote machine bredde.ahus.no pipe \lsarpc fnum 0x400f returned 320 bytes. lsa_QueryInfoPolicy2: struct lsa_QueryInfoPolicy2 out: struct lsa_QueryInfoPolicy2 info : * info : * info : union lsa_PolicyInformation(case 12) dns: struct lsa_DnsDomainInfo name: struct lsa_StringLarge length : 0x0008 (8) size : 0x000a (10) string : * string : 'AHUS' dns_domain: struct lsa_StringLarge length : 0x000e (14) size : 0x0010 (16) string : * string : 'ahus.no' dns_forest: struct lsa_StringLarge length : 0x000e (14) size : 0x0010 (16) string : * string : 'ahus.no' domain_guid : d36df92d-628a-435e-bede-27cb29aacda1 sid : * sid : S-1-5-21-800612262-1210951328-1076162327 result : NT_STATUS_OK [2008/12/09 16:14:23, 5] winbindd/winbindd_cm.c:set_dc_type_and_flags_connect(1895) set_dc_type_and_flags_connect: domain AHUS is in native mode. [2008/12/09 16:14:23, 5] winbindd/winbindd_cm.c:set_dc_type_and_flags_connect(1898) set_dc_type_and_flags_connect: domain AHUS is running active directory. [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:simple_packet_signature(285) simple_packet_signature: sequence number 20 [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:client_sign_outgoing_message(351) client_sign_outgoing_message: sent SMB signature of [2008/12/09 16:14:23, 10] lib/util.c:dump_data(2223) [000] D4 30 4B 7D EB A9 2C C3 .0K}..,. [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:store_sequence_for_reply(67) store_sequence_for_reply: stored seq = 21 mid = 12 [2008/12/09 16:14:23, 6] libsmb/clientgen.c:write_socket(236) write_socket(25,45) [2008/12/09 16:14:23, 6] libsmb/clientgen.c:write_socket(239) write_socket(25,45) wrote 45 [2008/12/09 16:14:23, 10] lib/util_sock.c:read_smb_length_return_keepalive(1118) got smb length of 35 [2008/12/09 16:14:23, 5] lib/util.c:show_msg(642) [2008/12/09 16:14:23, 5] lib/util.c:show_msg(652) size=35 smb_com=0x4 smb_rcls=0 smb_reh=0 smb_err=0 smb_flg=136 smb_flg2=51205 smb_tid=4102 smb_pid=4114 smb_uid=36865 smb_mid=12 smt_wct=0 smb_bcc=0 [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:get_sequence_for_reply(80) get_sequence_for_reply: found seq = 21 mid = 12 [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:simple_packet_signature(285) simple_packet_signature: sequence number 21 [2008/12/09 16:14:23, 10] libsmb/smb_signing.c:client_check_incoming_message(434) client_check_incoming_message: seq 21: got good SMB signature of [2008/12/09 16:14:23, 10] lib/util.c:dump_data(2223) [000] EC 8B 63 FE 36 00 E2 9A ..c.6... [2008/12/09 16:14:23, 10] libsmb/clientgen.c:cli_rpc_pipe_close(567) cli_rpc_pipe_close: closed pipe \lsarpc to machine bredde.ahus.no [2008/12/09 16:14:23, 10] lib/events.c:get_timed_events_timeout(318) timed_events_timeout: 144/789877 [2008/12/09 16:14:23, 10] lib/messages_local.c:message_dispatch(419) message_dispatch: received_signal = 1 [2008/12/09 16:14:23, 10] lib/messages_local.c:messaging_tdb_fetch(174) messaging_tdb_fetch: result: struct messaging_array num_messages : 0x00000001 (1) messages: ARRAY(1) messages: struct messaging_rec msg_version : 0x00000002 (2) msg_type : 0x00000403 (1027) dest: struct server_id id : 0x00001012 (4114) src: struct server_id id : 0x00001013 (4115) buf : DATA_BLOB length=5 [2008/12/09 16:14:23, 10] lib/util.c:dump_data(2223) [000] 41 48 55 53 00 AHUS. [2008/12/09 16:14:23, 5] winbindd/winbindd_dual.c:child_msg_online(893) child_msg_online received for domain AHUS. [2008/12/09 16:14:23, 10] winbindd/winbindd_dual.c:child_msg_online(896) child_msg_online: rejecting online message. [2008/12/09 16:14:23, 10] lib/events.c:get_timed_events_timeout(318) timed_events_timeout: 144/788301 [2008/12/09 16:15:56, 4] winbindd/winbindd_dual.c:fork_domain_child(1207) child daemon request 49 [2008/12/09 16:15:56, 10] winbindd/winbindd_dual.c:child_process_request(433) child_process_request: request fn DUAL_SID2GID [2008/12/09 16:15:56, 3] winbindd/winbindd_idmap.c:winbindd_dual_sid2gid(376) [ 4112]: sid to gid S-1-5-21-29509730-458046710-584457872-513 [2008/12/09 16:15:56, 10] winbindd/idmap_util.c:idmap_sid_to_gid(144) idmap_sid_to_gid: sid = [S-1-5-21-29509730-458046710-584457872-513] [2008/12/09 16:15:56, 10] winbindd/idmap_cache.c:idmap_cache_map_sid(369) Returning expired cache entry: key = IDMAP/SID/S-1-5-21-29509730-458046710-584457872-513, value = IDMAP/GID/10026, timeout = Tue Dec 9 12:39:17 2008 [2008/12/09 16:15:56, 10] winbindd/idmap.c:idmap_backends_sids_to_unixids(1191) Query backends to map sids->ids [2008/12/09 16:15:56, 10] winbindd/idmap.c:idmap_backends_sids_to_unixids(1216) SID S-1-5-21-29509730-458046710-584457872-513 is being handled by AHUS [2008/12/09 16:15:56, 10] winbindd/idmap.c:idmap_backends_sids_to_unixids(1237) Query ids from domain AHUS [2008/12/09 16:15:56, 10] winbindd/idmap_ldap.c:idmap_ldap_sids_to_unixids(1170) Filter: [(&(objectClass=sambaIdmapEntry)(sambaSID=S-1-5-21-29509730-458046710-584457872-513))] [2008/12/09 16:15:56, 5] lib/smbldap.c:smbldap_search_ext(1207) smbldap_search_ext: base => [ou=Idmap,dc=ahus,dc=no], filter => [(&(objectClass=sambaIdmapEntry)(sambaSID=S-1-5-21-29509730-458046710-584457872-513))], scope => [2] [2008/12/09 16:15:56, 10] lib/smbldap.c:smbldap_talloc_single_attribute(309) attribute uidNumber does not exist [2008/12/09 16:15:56, 10] winbindd/idmap_ldap.c:idmap_ldap_sids_to_unixids(1301) Mapped S-1-5-21-29509730-458046710-584457872-513 -> 10026 (2) [2008/12/09 16:15:56, 10] winbindd/idmap_cache.c:idmap_cache_set(150) Adding cache entry with key = IDMAP/SID/S-1-5-21-29509730-458046710-584457872-513; value = 1228836656/IDMAP/GID/10026 and timeout = Tue Dec 9 16:30:56 2008 (900 seconds ahead) [2008/12/09 16:15:56, 10] winbindd/idmap_cache.c:idmap_cache_set(172) Adding cache entry with key = IDMAP/GID/10026; value = 1228836656/IDMAP/SID/S-1-5-21-29509730-458046710-584457872-513 and timeout = Tue Dec 9 16:30:56 2008 (900 seconds ahead) [2008/12/09 16:15:56, 10] winbindd/winbindd_idmap.c:winbindd_dual_sid2gid(390) winbindd_dual_sid2gid: 0x00000000 - S-1-5-21-29509730-458046710-584457872-513 - 10026 [2008/12/09 16:15:56, 10] winbindd/winbindd_cache.c:cache_store_response(2423) Storing response for pid 4114, len 3496 [2008/12/09 16:15:56, 10] lib/events.c:get_timed_events_timeout(318) timed_events_timeout: 51/393322 [2008/12/09 16:16:47, 10] lib/events.c:get_timed_events_timeout(318) timed_events_timeout: 0/7714 [2008/12/09 16:16:47, 10] lib/events.c:run_events(263) Running event "smbldap_idle_fn" 84d67f0 [2008/12/09 16:16:47, 10] lib/events.c:timed_event_destructor(65) Destroying timed event 84d67f0 "smbldap_idle_fn" [2008/12/09 16:16:47, 7] lib/smbldap.c:smbldap_idle_fn(1599) ldap connection idle...closing connection [2008/12/09 16:16:47, 5] lib/smbldap.c:smbldap_close(1110) The connection to the LDAP server was closed [2008/12/09 16:16:47, 10] lib/events.c:get_timed_events_timeout(318) timed_events_timeout: 0/23052 [2008/12/09 16:16:47, 10] lib/events.c:run_events(263) Running event "smbldap_idle_fn" 84d6980 [2008/12/09 16:16:47, 10] lib/events.c:timed_event_destructor(65) Destroying timed event 84d6980 "smbldap_idle_fn" [2008/12/09 16:16:47, 10] lib/smbldap.c:smbldap_idle_fn(1589) ldap connection not idle... [2008/12/09 16:16:47, 10] lib/events.c:event_add_timed(128) Added timed event "smbldap_idle_fn": 84cac18 [2008/12/09 16:16:47, 10] lib/events.c:get_timed_events_timeout(318) timed_events_timeout: 149/859727 [2008/12/09 16:18:14, 4] winbindd/winbindd_dual.c:fork_domain_child(1207) child daemon request 49 [2008/12/09 16:18:14, 10] winbindd/winbindd_dual.c:child_process_request(433) child_process_request: request fn DUAL_SID2GID [2008/12/09 16:18:14, 3] winbindd/winbindd_idmap.c:winbindd_dual_sid2gid(376) [ 4112]: sid to gid S-1-5-21-29509730-458046710-584457872-513 [2008/12/09 16:18:14, 10] winbindd/idmap_util.c:idmap_sid_to_gid(144) idmap_sid_to_gid: sid = [S-1-5-21-29509730-458046710-584457872-513] [2008/12/09 16:18:14, 10] winbindd/idmap_cache.c:idmap_cache_map_sid(369) Returning valid cache entry: key = IDMAP/SID/S-1-5-21-29509730-458046710-584457872-513, value = IDMAP/GID/10026, timeout = Tue Dec 9 16:30:56 2008 [2008/12/09 16:18:14, 10] winbindd/winbindd_idmap.c:winbindd_dual_sid2gid(390) winbindd_dual_sid2gid: 0x00000000 - S-1-5-21-29509730-458046710-584457872-513 - 10026 [2008/12/09 16:18:14, 10] winbindd/winbindd_cache.c:cache_store_response(2423) Storing response for pid 4114, len 3496 [2008/12/09 16:18:14, 10] lib/events.c:get_timed_events_timeout(318) timed_events_timeout: 63/288826 [2008/12/09 16:19:17, 10] lib/events.c:get_timed_events_timeout(318) timed_events_timeout: 0/9705 [2008/12/09 16:19:17, 10] lib/events.c:run_events(263) Running event "async_request_timeout" 84ca6d8 [2008/12/09 16:19:17, 0] winbindd/winbindd_dual.c:async_request_timeout_handler(182) async_request_timeout_handler: child pid 4113 is not responding. Closing connection to it. [2008/12/09 16:19:17, 10] lib/events.c:timed_event_destructor(65) Destroying timed event 84ca6d8 "async_request_timeout" [2008/12/09 16:19:17, 5] winbindd/winbindd_dual.c:async_reply_recv(264) Could not receive async reply from child pid 4113 [2008/12/09 16:19:17, 5] winbindd/winbindd_util.c:init_child_recv(617) Received child initialization response for domain AHUS [2008/12/09 16:19:17, 3] winbindd/winbindd_util.c:init_child_recv(620) Could not init child [2008/12/09 16:19:17, 5] winbindd/winbindd_dual.c:domain_init_recv(368) Domain init returned an error [2008/12/09 16:19:17, 1] winbindd/winbindd_util.c:trustdom_recv(260) Could not receive trustdoms [2008/12/09 16:19:17, 10] lib/events.c:get_timed_events_timeout(318) timed_events_timeout: 0/136966 [2008/12/09 16:19:17, 10] lib/events.c:get_timed_events_timeout(318) timed_events_timeout: 0/545 [2008/12/09 16:19:17, 10] lib/events.c:run_events(263) Running event "smbldap_idle_fn" 84cac18 [2008/12/09 16:19:17, 10] lib/events.c:timed_event_destructor(65) Destroying timed event 84cac18 "smbldap_idle_fn" [2008/12/09 16:19:17, 7] lib/smbldap.c:smbldap_idle_fn(1599) ldap connection idle...closing connection [2008/12/09 16:19:17, 5] lib/smbldap.c:smbldap_close(1110) The connection to the LDAP server was closed [2008/12/09 16:19:47, 10] lib/messages_local.c:message_dispatch(419) message_dispatch: received_signal = 1 [2008/12/09 16:19:47, 10] lib/messages_local.c:messaging_tdb_fetch(174) messaging_tdb_fetch: result: struct messaging_array num_messages : 0x00000001 (1) messages: ARRAY(1) messages: struct messaging_rec msg_version : 0x00000002 (2) msg_type : 0x00000403 (1027) dest: struct server_id id : 0x00001012 (4114) src: struct server_id id : 0x0000114c (4428) buf : DATA_BLOB length=5 [2008/12/09 16:19:47, 10] lib/util.c:dump_data(2223) [000] 41 48 55 53 00 AHUS. [2008/12/09 16:19:47, 5] winbindd/winbindd_dual.c:child_msg_online(893) child_msg_online received for domain AHUS. [2008/12/09 16:19:47, 10] winbindd/winbindd_dual.c:child_msg_online(896) child_msg_online: rejecting online message.