lpcfg_load: refreshing parameters from /etc/samba/smb.conf params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" Processing section "[globals]" Processing section "[netlogon]" Processing section "[sysvol]" pm_process() returned Yes adding hidden service IPC$ adding hidden service ADMIN$ added interface ip=10.1.10.9 nmask=255.255.0.0 not adding duplicate interface 10.1.10.9 added interface ip=10.1.10.9 nmask=255.255.0.0 not adding duplicate interface 10.1.10.9 &response->data.nt5_ex: struct NETLOGON_SAM_LOGON_RESPONSE_EX command : LOGON_SAM_LOGON_RESPONSE_EX (23) sbz : 0x0000 (0) server_type : 0x000003fd (1021) 1: NBT_SERVER_PDC 1: NBT_SERVER_GC 1: NBT_SERVER_LDAP 1: NBT_SERVER_DS 1: NBT_SERVER_KDC 1: NBT_SERVER_TIMESERV 1: NBT_SERVER_CLOSEST 1: NBT_SERVER_WRITABLE 1: NBT_SERVER_GOOD_TIMESERV 0: NBT_SERVER_NDNC 0: NBT_SERVER_SELECT_SECRET_DOMAIN_6 0: NBT_SERVER_FULL_SECRET_DOMAIN_6 0: NBT_SERVER_ADS_WEB_SERVICE 0: NBT_SERVER_HAS_DNS_NAME 0: NBT_SERVER_IS_DEFAULT_NC 0: NBT_SERVER_FOREST_ROOT domain_uuid : c9294eda-9c32-4fa3-8de7-4e3ce02a5335 forest : 'foo.com' dns_domain : 'foo.com' pdc_dns_name : 'baz.foo.com' domain_name : 'FOO' pdc_name : '\\BAZ' user_name : '' server_site : 'Default-First-Site-Name' client_site : 'Default-First-Site-Name' sockaddr_size : 0x00 (0) sockaddr: struct nbt_sockaddr sockaddr_family : 0x00000000 (0) pdc_ip : (null) remaining : DATA_BLOB length=0 next_closest_site : NULL nt_version : 0x00000005 (5) 1: NETLOGON_NT_VERSION_1 0: NETLOGON_NT_VERSION_5 1: NETLOGON_NT_VERSION_5EX 0: NETLOGON_NT_VERSION_5EX_WITH_IP 0: NETLOGON_NT_VERSION_WITH_CLOSEST_SITE 0: NETLOGON_NT_VERSION_AVOID_NT4EMUL 0: NETLOGON_NT_VERSION_PDC 0: NETLOGON_NT_VERSION_IP 0: NETLOGON_NT_VERSION_LOCAL 0: NETLOGON_NT_VERSION_GC lmnt_token : 0xffff (65535) lm20_token : 0xffff (65535) Mapped to DCERPC endpoint \pipe\lsarpc added interface ip=10.1.10.9 nmask=255.255.0.0 not adding duplicate interface 10.1.10.9 added interface ip=10.1.10.9 nmask=255.255.0.0 not adding duplicate interface 10.1.10.9 Shutdown SMB signing BSRSPYL SMB signing enabled Shutdown SMB signing Starting GENSEC mechanism spnego Server claims it's principal name is BAZ$@FOO.COM Starting GENSEC submechanism gssapi_krb5 Received smb_krb5 packet of length 271 Received smb_krb5 packet of length 1285 Received smb_krb5 packet of length 1334 Received smb_krb5 packet of length 1318 gensec_gssapi: credentials were delegated GSSAPI Connection will have no cryptographic protection Got KRB5 session key of length 32 (done) SMB signing enabled! [0000] 72 23 42 32 C1 F5 0B 7D r#B2...} Seen valid packet, so turning signing on Seen valid packet, so marking signing as 'seen valid' sign_outgoing_message: SENT SIG (seq: 2): sent SMB signature of [0000] 35 95 47 AB 3C 33 9A 59 5.G.<3.Y [0000] 5C 81 B6 13 6C 5D AF EF \...l].. sign_outgoing_message: SENT SIG (seq: 4): sent SMB signature of [0000] F9 E7 72 A0 DA 1D 39 78 ..r...9x [0000] FA DE 01 24 13 98 91 A0 ...$.... sign_outgoing_message: SENT SIG (seq: 6): sent SMB signature of [0000] 41 A7 CE 43 EE 89 8C E3 A..C.... [0000] E5 73 70 4C 13 33 48 FE .spL.3H. smb_raw_trans2_recv_helper: done lsa_OpenPolicy2: struct lsa_OpenPolicy2 in: struct lsa_OpenPolicy2 system_name : * system_name : '\' attr : * attr: struct lsa_ObjectAttribute len : 0x00000000 (0) root_dir : NULL object_name : NULL attributes : 0x00000000 (0) sec_desc : NULL sec_qos : * sec_qos: struct lsa_QosInfo len : 0x00000000 (0) impersonation_level : 0x0002 (2) context_mode : 0x01 (1) effective_only : 0x00 (0) access_mask : 0x02000000 (33554432) 0: LSA_POLICY_VIEW_LOCAL_INFORMATION 0: LSA_POLICY_VIEW_AUDIT_INFORMATION 0: LSA_POLICY_GET_PRIVATE_INFORMATION 0: LSA_POLICY_TRUST_ADMIN 0: LSA_POLICY_CREATE_ACCOUNT 0: LSA_POLICY_CREATE_SECRET 0: LSA_POLICY_CREATE_PRIVILEGE 0: LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS 0: LSA_POLICY_SET_AUDIT_REQUIREMENTS 0: LSA_POLICY_AUDIT_LOG_ADMIN 0: LSA_POLICY_SERVER_ADMIN 0: LSA_POLICY_LOOKUP_NAMES 0: LSA_POLICY_NOTIFICATION rpc request data: [0000] 00 00 02 00 02 00 00 00 00 00 00 00 02 00 00 00 ........ ........ [0010] 5C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 \....... ........ [0020] 00 00 00 00 00 00 00 00 04 00 02 00 00 00 00 00 ........ ........ [0030] 02 00 01 00 00 00 00 02 ........ sign_outgoing_message: SENT SIG (seq: 8): sent SMB signature of [0000] 89 D1 A5 12 57 DA 91 BC ....W... [0000] 7A 46 81 95 FC 42 19 7B zF...B.{ smb_raw_trans2_recv_helper: done lsa_OpenPolicy2: struct lsa_OpenPolicy2 out: struct lsa_OpenPolicy2 handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0dc8b4df-2628-4d78-a40b-e4d9d507affb result : NT_STATUS_OK rpc reply data: [0000] 00 00 00 00 DF B4 C8 0D 28 26 78 4D A4 0B E4 D9 ........ (&xM.... [0010] D5 07 AF FB 00 00 00 00 ........ lsa_QueryInfoPolicy2: struct lsa_QueryInfoPolicy2 in: struct lsa_QueryInfoPolicy2 handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0dc8b4df-2628-4d78-a40b-e4d9d507affb level : LSA_POLICY_INFO_DNS (12) rpc request data: [0000] 00 00 00 00 DF B4 C8 0D 28 26 78 4D A4 0B E4 D9 ........ (&xM.... [0010] D5 07 AF FB 0C 00 ...... sign_outgoing_message: SENT SIG (seq: 10): sent SMB signature of [0000] A1 A6 83 98 67 0E 24 7B ....g.${ [0000] 7C D0 9F 6A 5C EC 90 73 |..j\..s smb_raw_trans2_recv_helper: done lsa_QueryInfoPolicy2: struct lsa_QueryInfoPolicy2 out: struct lsa_QueryInfoPolicy2 info : * info : * info : union lsa_PolicyInformation(case 12) dns: struct lsa_DnsDomainInfo name: struct lsa_StringLarge length : 0x0012 (18) size : 0x0014 (20) string : * string : 'FOO' dns_domain: struct lsa_StringLarge length : 0x001a (26) size : 0x001c (28) string : * string : 'foo.com' dns_forest: struct lsa_StringLarge length : 0x001a (26) size : 0x001c (28) string : * string : 'foo.com' domain_guid : c9294eda-9c32-4fa3-8de7-4e3ce02a5335 sid : * sid : S-1-5-21-3700255654-3351524420-2644064167 result : NT_STATUS_OK rpc reply data: [0000] 00 00 02 00 0C 00 00 00 12 00 14 00 04 00 02 00 ........ ........ [0010] 1A 00 1C 00 08 00 02 00 1A 00 1C 00 0C 00 02 00 ........ ........ [0020] DA 4E 29 C9 32 9C A3 4F 8D E7 4E 3C E0 2A 53 35 .N).2..O ..N<.*S5 [0030] 10 00 02 00 0A 00 00 00 00 00 00 00 09 00 00 00 ........ ........ ... [00B0] 15 00 00 00 A6 6B 8D DC 44 34 C4 C7 A7 37 99 9D .....k.. D4...7.. [00C0] 00 00 00 00 .... lsa_QueryInfoPolicy: struct lsa_QueryInfoPolicy in: struct lsa_QueryInfoPolicy handle : * handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0dc8b4df-2628-4d78-a40b-e4d9d507affb level : LSA_POLICY_INFO_DOMAIN (3) rpc request data: [0000] 00 00 00 00 DF B4 C8 0D 28 26 78 4D A4 0B E4 D9 ........ (&xM.... [0010] D5 07 AF FB 03 00 ...... sign_outgoing_message: SENT SIG (seq: 12): sent SMB signature of [0000] 21 68 0D FD 9D 21 71 A8 !h...!q. [0000] C9 85 29 DA B6 69 F2 8F ..)..i.. smb_raw_trans2_recv_helper: done lsa_QueryInfoPolicy: struct lsa_QueryInfoPolicy out: struct lsa_QueryInfoPolicy info : * info : * info : union lsa_PolicyInformation(case 3) domain: struct lsa_DomainInfo name: struct lsa_StringLarge length : 0x0012 (18) size : 0x0014 (20) string : * string : 'FOO' sid : * sid : S-1-5-21-3700255654-3351524420-2644064167 result : NT_STATUS_OK rpc reply data: [0000] 00 00 02 00 03 00 00 00 12 00 14 00 04 00 02 00 ........ ........ [0010] 08 00 02 00 0A 00 00 00 00 00 00 00 09 00 00 00 ........ ........ ... [0040] 15 00 00 00 A6 6B 8D DC 44 34 C4 C7 A7 37 99 9D .....k.. D4...7.. [0050] 00 00 00 00 .... sign_outgoing_message: SENT SIG (seq: 14): sent SMB signature of [0000] 27 6A DE 55 61 C8 B4 BC 'j.Ua... [0000] 13 AD B8 8A E6 32 EF D7 .....2.. sign_outgoing_message: SENT SIG (seq: 16): sent SMB signature of [0000] F0 D5 86 2A 5B 75 F5 59 ...*[u.Y [0000] 52 37 10 64 1B 7C 9B 8C R7.d.|.. smb_raw_trans2_recv_helper: done samr_Connect: struct samr_Connect in: struct samr_Connect system_name : NULL access_mask : 0x02000000 (33554432) 0: SAMR_ACCESS_CONNECT_TO_SERVER 0: SAMR_ACCESS_SHUTDOWN_SERVER 0: SAMR_ACCESS_INITIALIZE_SERVER 0: SAMR_ACCESS_CREATE_DOMAIN 0: SAMR_ACCESS_ENUM_DOMAINS 0: SAMR_ACCESS_LOOKUP_DOMAIN rpc request data: [0000] 00 00 00 00 00 00 00 02 ........ sign_outgoing_message: SENT SIG (seq: 18): sent SMB signature of [0000] 13 53 2A 6A 24 72 49 F3 .S*j$rI. [0000] C0 04 28 76 A7 8D E1 DF ..(v.... smb_raw_trans2_recv_helper: done samr_Connect: struct samr_Connect out: struct samr_Connect connect_handle : * connect_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 4ea6777a-babd-46ec-8f08-39c71fcd9501 result : NT_STATUS_OK rpc reply data: [0000] 00 00 00 00 7A 77 A6 4E BD BA EC 46 8F 08 39 C7 ....zw.N ...F..9. [0010] 1F CD 95 01 00 00 00 00 ........ samr_OpenDomain: struct samr_OpenDomain in: struct samr_OpenDomain connect_handle : * connect_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 4ea6777a-babd-46ec-8f08-39c71fcd9501 access_mask : 0x02000000 (33554432) 0: SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1 0: SAMR_DOMAIN_ACCESS_SET_INFO_1 0: SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2 0: SAMR_DOMAIN_ACCESS_SET_INFO_2 0: SAMR_DOMAIN_ACCESS_CREATE_USER 0: SAMR_DOMAIN_ACCESS_CREATE_GROUP 0: SAMR_DOMAIN_ACCESS_CREATE_ALIAS 0: SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS 0: SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS 0: SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT 0: SAMR_DOMAIN_ACCESS_SET_INFO_3 sid : * sid : S-1-5-21-3700255654-3351524420-2644064167 rpc request data: [0000] 00 00 00 00 7A 77 A6 4E BD BA EC 46 8F 08 39 C7 ....zw.N ...F..9. [0010] 1F CD 95 01 00 00 00 02 04 00 00 00 01 04 00 00 ........ ........ [0020] 00 00 00 05 15 00 00 00 A6 6B 8D DC 44 34 C4 C7 ........ .k..D4.. [0030] A7 37 99 9D .7.. sign_outgoing_message: SENT SIG (seq: 20): sent SMB signature of [0000] AA 7C 45 EE A5 9E 14 90 .|E..... [0000] A1 37 57 E9 B8 10 BD 78 .7W....x smb_raw_trans2_recv_helper: done samr_OpenDomain: struct samr_OpenDomain out: struct samr_OpenDomain domain_handle : * domain_handle: struct policy_handle handle_type : 0x00000001 (1) uuid : 6d3d2bd7-91c5-4f31-a655-56fc715e7f91 result : NT_STATUS_OK rpc reply data: [0000] 01 00 00 00 D7 2B 3D 6D C5 91 31 4F A6 55 56 FC .....+=m ..1O.UV. [0010] 71 5E 7F 91 00 00 00 00 q^...... samr_CreateUser2: struct samr_CreateUser2 in: struct samr_CreateUser2 domain_handle : * domain_handle: struct policy_handle handle_type : 0x00000001 (1) uuid : 6d3d2bd7-91c5-4f31-a655-56fc715e7f91 account_name : * account_name: struct lsa_String length : 0x0016 (22) size : 0x0016 (22) string : * string : 'BAR$' acct_flags : 0x00000080 (128) 0: ACB_DISABLED 0: ACB_HOMDIRREQ 0: ACB_PWNOTREQ 0: ACB_TEMPDUP 0: ACB_NORMAL 0: ACB_MNS 0: ACB_DOMTRUST 1: ACB_WSTRUST 0: ACB_SVRTRUST 0: ACB_PWNOEXP 0: ACB_AUTOLOCK 0: ACB_ENC_TXT_PWD_ALLOWED 0: ACB_SMARTCARD_REQUIRED 0: ACB_TRUSTED_FOR_DELEGATION 0: ACB_NOT_DELEGATED 0: ACB_USE_DES_KEY_ONLY 0: ACB_DONT_REQUIRE_PREAUTH 0: ACB_PW_EXPIRED 0: ACB_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION 0: ACB_NO_AUTH_DATA_REQD 0: ACB_PARTIAL_SECRETS_ACCOUNT 0: ACB_USE_AES_KEYS access_mask : 0x02000000 (33554432) 0: SAMR_USER_ACCESS_GET_NAME_ETC 0: SAMR_USER_ACCESS_GET_LOCALE 0: SAMR_USER_ACCESS_SET_LOC_COM 0: SAMR_USER_ACCESS_GET_LOGONINFO 0: SAMR_USER_ACCESS_GET_ATTRIBUTES 0: SAMR_USER_ACCESS_SET_ATTRIBUTES 0: SAMR_USER_ACCESS_CHANGE_PASSWORD 0: SAMR_USER_ACCESS_SET_PASSWORD 0: SAMR_USER_ACCESS_GET_GROUPS 0: SAMR_USER_ACCESS_GET_GROUP_MEMBERSHIP 0: SAMR_USER_ACCESS_CHANGE_GROUP_MEMBERSHIP rpc request data: [0000] 01 00 00 00 D7 2B 3D 6D C5 91 31 4F A6 55 56 FC .....+=m ..1O.UV. [0010] 71 5E 7F 91 16 00 16 00 00 00 02 00 0B 00 00 00 q^...... ........ ... [0040] 80 00 00 00 00 00 00 02 ........ sign_outgoing_message: SENT SIG (seq: 22): sent SMB signature of [0000] 57 EC 12 AB D8 2F 44 99 W..../D. [0000] 0B D3 DE 82 E5 10 D7 30 .......0 smb_raw_trans2_recv_helper: done samr_CreateUser2: struct samr_CreateUser2 out: struct samr_CreateUser2 user_handle : * user_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 00000000-0000-0000-0000-000000000000 access_granted : * access_granted : 0x00000000 (0) rid : * rid : 0x00000000 (0) result : NT_STATUS_USER_EXISTS rpc reply data: [0000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0010] 00 00 00 00 00 00 00 00 00 00 00 00 63 00 00 C0 ........ ....c... samr_LookupNames: struct samr_LookupNames in: struct samr_LookupNames domain_handle : * domain_handle: struct policy_handle handle_type : 0x00000001 (1) uuid : 6d3d2bd7-91c5-4f31-a655-56fc715e7f91 num_names : 0x00000001 (1) names: ARRAY(1) names: struct lsa_String length : 0x0016 (22) size : 0x0016 (22) string : * string : 'BAR$' rpc request data: [0000] 01 00 00 00 D7 2B 3D 6D C5 91 31 4F A6 55 56 FC .....+=m ..1O.UV. [0010] 71 5E 7F 91 01 00 00 00 E8 03 00 00 00 00 00 00 q^...... ........ [0020] 01 00 00 00 16 00 16 00 00 00 02 00 0B 00 00 00 ........ ........ ... sign_outgoing_message: SENT SIG (seq: 24): sent SMB signature of [0000] D4 32 F8 18 1C FF AB BF .2...... [0000] D9 EA B5 FE 8A DF 93 CF ........ smb_raw_trans2_recv_helper: done samr_LookupNames: struct samr_LookupNames out: struct samr_LookupNames rids : * rids: struct samr_Ids count : 0x00000001 (1) ids : * ids: ARRAY(1) ids : 0x00000481 (1153) types : * types: struct samr_Ids count : 0x00000001 (1) ids : * ids: ARRAY(1) ids : 0x00000001 (1) result : NT_STATUS_OK rpc reply data: [0000] 01 00 00 00 04 00 02 00 01 00 00 00 81 04 00 00 ........ ........ [0010] 01 00 00 00 08 00 02 00 01 00 00 00 01 00 00 00 ........ ........ [0020] 00 00 00 00 .... samr_OpenUser: struct samr_OpenUser in: struct samr_OpenUser domain_handle : * domain_handle: struct policy_handle handle_type : 0x00000001 (1) uuid : 6d3d2bd7-91c5-4f31-a655-56fc715e7f91 access_mask : 0x02000000 (33554432) 0: SAMR_USER_ACCESS_GET_NAME_ETC 0: SAMR_USER_ACCESS_GET_LOCALE 0: SAMR_USER_ACCESS_SET_LOC_COM 0: SAMR_USER_ACCESS_GET_LOGONINFO 0: SAMR_USER_ACCESS_GET_ATTRIBUTES 0: SAMR_USER_ACCESS_SET_ATTRIBUTES 0: SAMR_USER_ACCESS_CHANGE_PASSWORD 0: SAMR_USER_ACCESS_SET_PASSWORD 0: SAMR_USER_ACCESS_GET_GROUPS 0: SAMR_USER_ACCESS_GET_GROUP_MEMBERSHIP 0: SAMR_USER_ACCESS_CHANGE_GROUP_MEMBERSHIP rid : 0x00000481 (1153) rpc request data: [0000] 01 00 00 00 D7 2B 3D 6D C5 91 31 4F A6 55 56 FC .....+=m ..1O.UV. [0010] 71 5E 7F 91 00 00 00 02 81 04 00 00 q^...... .... sign_outgoing_message: SENT SIG (seq: 26): sent SMB signature of [0000] 29 FB C7 E4 62 0D 8F 04 )...b... [0000] 1C 92 BC C7 B4 BC 30 C7 ......0. smb_raw_trans2_recv_helper: done samr_OpenUser: struct samr_OpenUser out: struct samr_OpenUser user_handle : * user_handle: struct policy_handle handle_type : 0x00000002 (2) uuid : 48d0831a-41b9-4233-a9a6-9dc7bcd28ebb result : NT_STATUS_OK rpc reply data: [0000] 02 00 00 00 1A 83 D0 48 B9 41 33 42 A9 A6 9D C7 .......H .A3B.... [0010] BC D2 8E BB 00 00 00 00 ........ samr_QueryUserInfo: struct samr_QueryUserInfo in: struct samr_QueryUserInfo user_handle : * user_handle: struct policy_handle handle_type : 0x00000002 (2) uuid : 48d0831a-41b9-4233-a9a6-9dc7bcd28ebb level : UserControlInformation (16) rpc request data: [0000] 02 00 00 00 1A 83 D0 48 B9 41 33 42 A9 A6 9D C7 .......H .A3B.... [0010] BC D2 8E BB 10 00 ...... sign_outgoing_message: SENT SIG (seq: 28): sent SMB signature of [0000] A1 CF 11 25 F2 60 01 16 ...%.`.. [0000] DF F5 DB B7 A2 01 BF D8 ........ smb_raw_trans2_recv_helper: done samr_QueryUserInfo: struct samr_QueryUserInfo out: struct samr_QueryUserInfo info : * info : * info : union samr_UserInfo(case 16) info16: struct samr_UserInfo16 acct_flags : 0x00000080 (128) 0: ACB_DISABLED 0: ACB_HOMDIRREQ 0: ACB_PWNOTREQ 0: ACB_TEMPDUP 0: ACB_NORMAL 0: ACB_MNS 0: ACB_DOMTRUST 1: ACB_WSTRUST 0: ACB_SVRTRUST 0: ACB_PWNOEXP 0: ACB_AUTOLOCK 0: ACB_ENC_TXT_PWD_ALLOWED 0: ACB_SMARTCARD_REQUIRED 0: ACB_TRUSTED_FOR_DELEGATION 0: ACB_NOT_DELEGATED 0: ACB_USE_DES_KEY_ONLY 0: ACB_DONT_REQUIRE_PREAUTH 0: ACB_PW_EXPIRED 0: ACB_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION 0: ACB_NO_AUTH_DATA_REQD 0: ACB_PARTIAL_SECRETS_ACCOUNT 0: ACB_USE_AES_KEYS result : NT_STATUS_OK rpc reply data: [0000] 00 00 02 00 10 00 00 00 80 00 00 00 00 00 00 00 ........ ........ samr_GetUserPwInfo: struct samr_GetUserPwInfo in: struct samr_GetUserPwInfo user_handle : * user_handle: struct policy_handle handle_type : 0x00000002 (2) uuid : 48d0831a-41b9-4233-a9a6-9dc7bcd28ebb rpc request data: [0000] 02 00 00 00 1A 83 D0 48 B9 41 33 42 A9 A6 9D C7 .......H .A3B.... [0010] BC D2 8E BB .... sign_outgoing_message: SENT SIG (seq: 30): sent SMB signature of [0000] 83 CF B2 4A 31 77 B8 AE ...J1w.. [0000] C5 F0 9D C7 AA 73 A3 2B .....s.+ smb_raw_trans2_recv_helper: done samr_GetUserPwInfo: struct samr_GetUserPwInfo out: struct samr_GetUserPwInfo info : * info: struct samr_PwInfo min_password_length : 0x0006 (6) password_properties : 0x00000000 (0) 0: DOMAIN_PASSWORD_COMPLEX 0: DOMAIN_PASSWORD_NO_ANON_CHANGE 0: DOMAIN_PASSWORD_NO_CLEAR_CHANGE 0: DOMAIN_PASSWORD_LOCKOUT_ADMINS 0: DOMAIN_PASSWORD_STORE_CLEARTEXT 0: DOMAIN_REFUSE_PASSWORD_CHANGE result : NT_STATUS_OK rpc reply data: [0000] 06 00 00 00 00 00 00 00 00 00 00 00 ........ .... samr_SetUserInfo2: struct samr_SetUserInfo2 in: struct samr_SetUserInfo2 user_handle : * user_handle: struct policy_handle handle_type : 0x00000002 (2) uuid : 48d0831a-41b9-4233-a9a6-9dc7bcd28ebb level : UserInternal4InformationNew (25) info : * info : union samr_UserInfo(case 25) info25: struct samr_UserInfo25 info: struct samr_UserInfo21 last_logon : NTTIME(0) last_logoff : NTTIME(0) last_password_change : NTTIME(0) acct_expiry : NTTIME(0) allow_password_change : NTTIME(0) force_password_change : NTTIME(0) account_name: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : NULL full_name: struct lsa_String length : 0x0016 (22) size : 0x0016 (22) string : * string : 'BAR$' home_directory: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : NULL home_drive: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : NULL logon_script: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : NULL profile_path: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : NULL description: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : NULL workstations: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : NULL comment: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : NULL parameters: struct lsa_BinaryString length : 0x0000 (0) size : 0x0000 (0) array : NULL lm_owf_password: struct lsa_BinaryString length : 0x0000 (0) size : 0x0000 (0) array : NULL nt_owf_password: struct lsa_BinaryString length : 0x0000 (0) size : 0x0000 (0) array : NULL private_data: struct lsa_String length : 0x0000 (0) size : 0x0000 (0) string : NULL buf_count : 0x00000000 (0) buffer : NULL rid : 0x00000000 (0) primary_gid : 0x00000000 (0) acct_flags : 0x00000080 (128) 0: ACB_DISABLED 0: ACB_HOMDIRREQ 0: ACB_PWNOTREQ 0: ACB_TEMPDUP 0: ACB_NORMAL 0: ACB_MNS 0: ACB_DOMTRUST 1: ACB_WSTRUST 0: ACB_SVRTRUST 0: ACB_PWNOEXP 0: ACB_AUTOLOCK 0: ACB_ENC_TXT_PWD_ALLOWED 0: ACB_SMARTCARD_REQUIRED 0: ACB_TRUSTED_FOR_DELEGATION 0: ACB_NOT_DELEGATED 0: ACB_USE_DES_KEY_ONLY 0: ACB_DONT_REQUIRE_PREAUTH 0: ACB_PW_EXPIRED 0: ACB_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION 0: ACB_NO_AUTH_DATA_REQD 0: ACB_PARTIAL_SECRETS_ACCOUNT 0: ACB_USE_AES_KEYS fields_present : 0x01100002 (17825794) 0: SAMR_FIELD_ACCOUNT_NAME 1: SAMR_FIELD_FULL_NAME 0: SAMR_FIELD_RID 0: SAMR_FIELD_PRIMARY_GID 0: SAMR_FIELD_DESCRIPTION 0: SAMR_FIELD_COMMENT 0: SAMR_FIELD_HOME_DIRECTORY 0: SAMR_FIELD_HOME_DRIVE 0: SAMR_FIELD_LOGON_SCRIPT 0: SAMR_FIELD_PROFILE_PATH 0: SAMR_FIELD_WORKSTATIONS 0: SAMR_FIELD_LAST_LOGON 0: SAMR_FIELD_LAST_LOGOFF 0: SAMR_FIELD_LOGON_HOURS 0: SAMR_FIELD_BAD_PWD_COUNT 0: SAMR_FIELD_NUM_LOGONS 0: SAMR_FIELD_ALLOW_PWD_CHANGE 0: SAMR_FIELD_FORCE_PWD_CHANGE 0: SAMR_FIELD_LAST_PWD_CHANGE 0: SAMR_FIELD_ACCT_EXPIRY 1: SAMR_FIELD_ACCT_FLAGS 0: SAMR_FIELD_PARAMETERS 0: SAMR_FIELD_COUNTRY_CODE 0: SAMR_FIELD_CODE_PAGE 1: SAMR_FIELD_NT_PASSWORD_PRESENT 0: SAMR_FIELD_LM_PASSWORD_PRESENT 0: SAMR_FIELD_PRIVATE_DATA 0: SAMR_FIELD_EXPIRED_FLAG 0: SAMR_FIELD_SEC_DESC 0: SAMR_FIELD_OWF_PWD logon_hours: struct samr_LogonHours units_per_week : 0x0000 (0) bits : NULL bad_password_count : 0x0000 (0) logon_count : 0x0000 (0) country_code : 0x0000 (0) code_page : 0x0000 (0) lm_password_set : 0x00 (0) nt_password_set : 0x00 (0) password_expired : 0x00 (0) private_data_sensitive : 0x00 (0) password: struct samr_CryptPasswordEx data : 1bc5a0584ba3a350abfad3075926deebd0fffda2e930c51ad8eb161dbf654d8798b6da448ca7abdf4bf26e501730078046c044c754948272b8e6d8b568eff10003308d9dce3a834c761d895d487e5667e4847ebca0dc74ddeac0162814e556a448ed1ca5468107396ca5b08109b442d04ef3aa05a9ca9008788f7b576fe709b149bdcd2b513a4caccb35be84adbf19c26a661acdfefc7223b21fcbb5b8271064b278504377be857a4b71c2a56e77db73ae73e30009d6519df54d7efbd8d9606c013246bfae41dbd2c59d2a1458ae5997f717560fe3e0e52eb70e132219ab8ba167bdb9c29af446a4aea15f98a82b360c33346b30e9af61b144d30a1a640f41b2e104db64822a0daa8061e2e3eb83ea8d98737cd99422261e83b08f2c22b3aa55429720a9c59cf258da455fe25374fe675e4d6a225b989c11fe627cce6999048877f41ae61ae0b1351049fa704dd4f3b001edccdd4b081e12fc350aef63d460e95d0effaaaa16cfcd87f95382375119dce6bbfdcef53957668cdaf6b94864a29c90163adf8a4a3877266f8d5727499f89708749b4981e662fd53d5daba0843da9b7efba44384029ed8a2865fc37ad54d8bfa76badfd1e6410bfac483b7879d24ff343cc06ee67332a1f3c9a592b22418a26d6e20b6f176d6a369e5e1939e62e258dcbd5f65a2b1d2f96edfadab3db3beb1b0a27695704600f537106beebf128ec560dd98d01cf3a3f391083f3bc4baab414084ea9 rpc request data: [0000] 02 00 00 00 1A 83 D0 48 B9 41 33 42 A9 A6 9D C7 .......H .A3B.... [0010] BC D2 8E BB 19 00 19 00 00 00 00 00 00 00 00 00 ........ ........ [0020] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0040] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0050] 16 00 16 00 00 00 02 00 00 00 00 00 00 00 00 00 ........ ........ [0060] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0070] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0080] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0090] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [00A0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [00B0] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [00C0] 80 00 00 00 02 00 10 01 00 00 00 00 00 00 00 00 ........ ........ [00D0] 00 00 00 00 00 00 00 00 00 00 00 00 1B C5 A0 58 ........ .......X [00E0] 4B A3 A3 50 AB FA D3 07 59 26 DE EB D0 FF FD A2 K..P.... Y&...... [00F0] E9 30 C5 1A D8 EB 16 1D BF 65 4D 87 98 B6 DA 44 .0...... .eM....D [0100] 8C A7 AB DF 4B F2 6E 50 17 30 07 80 46 C0 44 C7 ....K.nP .0..F.D. [0110] 54 94 82 72 B8 E6 D8 B5 68 EF F1 00 03 30 8D 9D T..r.... h....0.. [0120] CE 3A 83 4C 76 1D 89 5D 48 7E 56 67 E4 84 7E BC .:.Lv..] H~Vg..~. [0130] A0 DC 74 DD EA C0 16 28 14 E5 56 A4 48 ED 1C A5 ..t....( ..V.H... [0140] 46 81 07 39 6C A5 B0 81 09 B4 42 D0 4E F3 AA 05 F..9l... ..B.N... [0150] A9 CA 90 08 78 8F 7B 57 6F E7 09 B1 49 BD CD 2B ....x.{W o...I..+ [0160] 51 3A 4C AC CB 35 BE 84 AD BF 19 C2 6A 66 1A CD Q:L..5.. ....jf.. [0170] FE FC 72 23 B2 1F CB B5 B8 27 10 64 B2 78 50 43 ..r#.... .'.d.xPC [0180] 77 BE 85 7A 4B 71 C2 A5 6E 77 DB 73 AE 73 E3 00 w..zKq.. nw.s.s.. [0190] 09 D6 51 9D F5 4D 7E FB D8 D9 60 6C 01 32 46 BF ..Q..M~. ..`l.2F. [01A0] AE 41 DB D2 C5 9D 2A 14 58 AE 59 97 F7 17 56 0F .A....*. X.Y...V. [01B0] E3 E0 E5 2E B7 0E 13 22 19 AB 8B A1 67 BD B9 C2 ......." ....g... [01C0] 9A F4 46 A4 AE A1 5F 98 A8 2B 36 0C 33 34 6B 30 ..F..._. .+6.34k0 [01D0] E9 AF 61 B1 44 D3 0A 1A 64 0F 41 B2 E1 04 DB 64 ..a.D... d.A....d [01E0] 82 2A 0D AA 80 61 E2 E3 EB 83 EA 8D 98 73 7C D9 .*...a.. .....s|. [01F0] 94 22 26 1E 83 B0 8F 2C 22 B3 AA 55 42 97 20 A9 ."&...., "..UB. . [0200] C5 9C F2 58 DA 45 5F E2 53 74 FE 67 5E 4D 6A 22 ...X.E_. St.g^Mj" [0210] 5B 98 9C 11 FE 62 7C CE 69 99 04 88 77 F4 1A E6 [....b|. i...w... [0220] 1A E0 B1 35 10 49 FA 70 4D D4 F3 B0 01 ED CC DD ...5.I.p M....... [0230] 4B 08 1E 12 FC 35 0A EF 63 D4 60 E9 5D 0E FF AA K....5.. c.`.]... [0240] AA 16 CF CD 87 F9 53 82 37 51 19 DC E6 BB FD CE ......S. 7Q...... [0250] F5 39 57 66 8C DA F6 B9 48 64 A2 9C 90 16 3A DF .9Wf.... Hd....:. [0260] 8A 4A 38 77 26 6F 8D 57 27 49 9F 89 70 87 49 B4 .J8w&o.W 'I..p.I. [0270] 98 1E 66 2F D5 3D 5D AB A0 84 3D A9 B7 EF BA 44 ..f/.=]. ..=....D [0280] 38 40 29 ED 8A 28 65 FC 37 AD 54 D8 BF A7 6B AD 8@)..(e. 7.T...k. [0290] FD 1E 64 10 BF AC 48 3B 78 79 D2 4F F3 43 CC 06 ..d...H; xy.O.C.. [02A0] EE 67 33 2A 1F 3C 9A 59 2B 22 41 8A 26 D6 E2 0B .g3*.<.Y +"A.&... [02B0] 6F 17 6D 6A 36 9E 5E 19 39 E6 2E 25 8D CB D5 F6 o.mj6.^. 9..%.... [02C0] 5A 2B 1D 2F 96 ED FA DA B3 DB 3B EB 1B 0A 27 69 Z+./.... ..;...'i [02D0] 57 04 60 0F 53 71 06 BE EB F1 28 EC 56 0D D9 8D W.`.Sq.. ..(.V... [02E0] 01 CF 3A 3F 39 10 83 F3 BC 4B AA B4 14 08 4E A9 ..:?9... .K....N. ... [0310] 24 00 $. sign_outgoing_message: SENT SIG (seq: 32): sent SMB signature of [0000] 96 BA 5C E5 AA CC 3C A0 ..\...<. [0000] B8 9B 6F 2F 35 2C 5D 90 ..o/5,]. smb_raw_trans2_recv_helper: done samr_SetUserInfo2: struct samr_SetUserInfo2 out: struct samr_SetUserInfo2 result : NT_STATUS_OK rpc reply data: [0000] 00 00 00 00 .... Mapped to DCERPC endpoint 135 added interface ip=10.1.10.9 nmask=255.255.0.0 not adding duplicate interface 10.1.10.9 added interface ip=10.1.10.9 nmask=255.255.0.0 not adding duplicate interface 10.1.10.9 rpc request data: [0000] 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0010] 00 00 00 00 02 00 00 00 4B 00 00 00 4B 00 00 00 ........ K...K... [0020] 05 00 13 00 0D 35 42 51 E3 06 4B D1 11 AB 04 00 .....5BQ ..K..... [0030] C0 4F C2 DC D2 04 00 02 00 00 00 13 00 0D 04 5D .O...... .......] [0040] 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 02 00 ........ ..+.H`.. [0050] 02 00 00 00 01 00 0B 02 00 00 00 01 00 07 02 00 ........ ........ [0060] 00 00 01 00 09 04 00 0A 01 0A 0A 00 00 00 00 00 ........ ........ [0070] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0080] 01 00 00 00 .... rpc reply data: [0000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0010] 00 00 00 00 01 00 00 00 01 00 00 00 00 00 00 00 ........ ........ [0020] 01 00 00 00 03 00 00 00 4B 00 00 00 4B 00 00 00 ........ K...K... [0030] 05 00 13 00 0D 35 42 51 E3 06 4B D1 11 AB 04 00 .....5BQ ..K..... [0040] C0 4F C2 DC D2 04 00 02 00 00 00 13 00 0D 04 5D .O...... .......] [0050] 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 02 00 ........ ..+.H`.. [0060] 02 00 00 00 01 00 0B 02 00 00 00 01 00 07 02 00 ........ ........ [0070] 04 00 01 00 09 04 00 00 00 00 00 00 00 00 00 00 ........ ........ Mapped to DCERPC endpoint 1024 added interface ip=10.1.10.9 nmask=255.255.0.0 not adding duplicate interface 10.1.10.9 added interface ip=10.1.10.9 nmask=255.255.0.0 not adding duplicate interface 10.1.10.9 Starting GENSEC mechanism spnego Starting GENSEC submechanism gssapi_krb5 Received smb_krb5 packet of length 271 Received smb_krb5 packet of length 1285 Received smb_krb5 packet of length 1334 Received smb_krb5 packet of length 1318 ../../librpc/rpc/dcerpc_util.c:139: auth_pad_length 0 gensec_gssapi: credentials were delegated GSSAPI Connection will be cryptographicly sealed ../../librpc/rpc/dcerpc_util.c:139: auth_pad_length 0 drsuapi_DsBind: struct drsuapi_DsBind in: struct drsuapi_DsBind bind_guid : * bind_guid : e24d201a-4fd6-11d1-a3da-0000f875ae0d bind_info : NULL rpc request data: [0000] 00 00 02 00 1A 20 4D E2 D6 4F D1 11 A3 DA 00 00 ..... M. .O...... [0010] F8 75 AE 0D 00 00 00 00 .u...... ../../librpc/rpc/dcerpc_util.c:139: auth_pad_length 0 drsuapi_DsBind: struct drsuapi_DsBind out: struct drsuapi_DsBind bind_info : * bind_info: struct drsuapi_DsBindInfoCtr length : 0x0000001c (28) info : union drsuapi_DsBindInfo(case 28) info28: struct drsuapi_DsBindInfo28 supported_extensions : 0x2fffff6f (805306223) 1: DRSUAPI_SUPPORTED_EXTENSION_BASE 1: DRSUAPI_SUPPORTED_EXTENSION_ASYNC_REPLICATION 1: DRSUAPI_SUPPORTED_EXTENSION_REMOVEAPI 1: DRSUAPI_SUPPORTED_EXTENSION_MOVEREQ_V2 0: DRSUAPI_SUPPORTED_EXTENSION_GETCHG_COMPRESS 1: DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V1 1: DRSUAPI_SUPPORTED_EXTENSION_RESTORE_USN_OPTIMIZATION 0: DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY 1: DRSUAPI_SUPPORTED_EXTENSION_KCC_EXECUTE 1: DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY_V2 1: DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATION 1: DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V2 1: DRSUAPI_SUPPORTED_EXTENSION_INSTANCE_TYPE_NOT_REQ_ON_MOD 1: DRSUAPI_SUPPORTED_EXTENSION_CRYPTO_BIND 1: DRSUAPI_SUPPORTED_EXTENSION_GET_REPL_INFO 1: DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTION 1: DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V01 1: DRSUAPI_SUPPORTED_EXTENSION_TRANSITIVE_MEMBERSHIP 1: DRSUAPI_SUPPORTED_EXTENSION_ADD_SID_HISTORY 1: DRSUAPI_SUPPORTED_EXTENSION_POST_BETA3 1: DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V5 1: DRSUAPI_SUPPORTED_EXTENSION_GET_MEMBERSHIPS2 1: DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V6 1: DRSUAPI_SUPPORTED_EXTENSION_NONDOMAIN_NCS 1: DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8 1: DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V5 1: DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V6 1: DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3 1: DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7 1: DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT 0: DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS 1: DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V10 0: DRSUAPI_SUPPORTED_EXTENSION_RESERVED_PART2 0: DRSUAPI_SUPPORTED_EXTENSION_RESERVED_PART3 site_guid : dc4579de-0f31-4867-a0da-0fd1bbeb3591 pid : 0x00000000 (0) repl_epoch : 0x00000000 (0) bind_handle : * bind_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0d413bae-79cb-453b-aa00-67e7acd0d96d result : WERR_OK rpc reply data: [0000] 04 00 02 00 1C 00 00 00 1C 00 00 00 6F FF FF 2F ........ ....o../ [0010] DE 79 45 DC 31 0F 67 48 A0 DA 0F D1 BB EB 35 91 .yE.1.gH ......5. [0020] 00 00 00 00 00 00 00 00 00 00 00 00 AE 3B 41 0D ........ .....;A. [0030] CB 79 3B 45 AA 00 67 E7 AC D0 D9 6D 00 00 00 00 .y;E..g. ...m.... drsuapi_DsCrackNames: struct drsuapi_DsCrackNames in: struct drsuapi_DsCrackNames bind_handle : * bind_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0d413bae-79cb-453b-aa00-67e7acd0d96d level : 0x00000001 (1) req : * req : union drsuapi_DsNameRequest(case 1) req1: struct drsuapi_DsNameRequest1 codepage : 0x000004e4 (1252) language : 0x00000407 (1031) format_flags : DRSUAPI_DS_NAME_FLAG_NO_FLAGS (0) format_offered : DRSUAPI_DS_NAME_FORMAT_SID_OR_SID_HISTORY (11) format_desired : DRSUAPI_DS_NAME_FORMAT_FQDN_1779 (1) count : 0x00000001 (1) names : * names: ARRAY(1) names: struct drsuapi_DsNameString str : * str : 'S-1-5-21-3700255654-3351524420-2644064167-1153' rpc request data: [0000] 00 00 00 00 AE 3B 41 0D CB 79 3B 45 AA 00 67 E7 .....;A. .y;E..g. [0010] AC D0 D9 6D 01 00 00 00 01 00 00 00 E4 04 00 00 ...m.... ........ [0020] 07 04 00 00 00 00 00 00 0B 00 00 00 01 00 00 00 ........ ........ [0030] 01 00 00 00 00 00 02 00 01 00 00 00 04 00 02 00 ........ ........ [0040] 2F 00 00 00 00 00 00 00 2F 00 00 00 53 00 2D 00 /....... /...S.-. [0050] 31 00 2D 00 35 00 2D 00 32 00 31 00 2D 00 33 00 1.-.5.-. 2.1.-.3. [0060] 37 00 30 00 30 00 32 00 35 00 35 00 36 00 35 00 7.0.0.2. 5.5.6.5. [0070] 34 00 2D 00 33 00 33 00 35 00 31 00 35 00 32 00 4.-.3.3. 5.1.5.2. [0080] 34 00 34 00 32 00 30 00 2D 00 32 00 36 00 34 00 4.4.2.0. -.2.6.4. [0090] 34 00 30 00 36 00 34 00 31 00 36 00 37 00 2D 00 4.0.6.4. 1.6.7.-. [00A0] 31 00 31 00 35 00 33 00 00 00 1.1.5.3. .. ../../librpc/rpc/dcerpc_util.c:139: auth_pad_length 4 drsuapi_DsCrackNames: struct drsuapi_DsCrackNames out: struct drsuapi_DsCrackNames level_out : * level_out : 0x00000001 (1) ctr : * ctr : union drsuapi_DsNameCtr(case 1) ctr1 : * ctr1: struct drsuapi_DsNameCtr1 count : 0x00000001 (1) array : * array: ARRAY(1) array: struct drsuapi_DsNameInfo1 status : DRSUAPI_DS_NAME_STATUS_OK (0) dns_domain_name : * dns_domain_name : 'foo.com' result_name : * result_name : 'CN=BAR,CN=Computers,DC=foo,DC=com' result : WERR_OK rpc reply data: [0000] 01 00 00 00 01 00 00 00 08 00 02 00 01 00 00 00 ........ ........ [0010] 0C 00 02 00 01 00 00 00 00 00 00 00 10 00 02 00 ........ ........ [0020] 14 00 02 00 0E 00 00 00 00 00 00 00 0E 00 00 00 ........ ........ ... [00B0] 6F 00 6D 00 00 00 00 00 00 00 00 00 o.m..... .... ldb: trying to load ldap from /usr/lib/samba/ldb/ldap.so added interface ip=10.1.10.9 nmask=255.255.0.0 not adding duplicate interface 10.1.10.9 added interface ip=10.1.10.9 nmask=255.255.0.0 not adding duplicate interface 10.1.10.9 Starting GENSEC mechanism spnego Starting GENSEC submechanism gssapi_krb5 Received smb_krb5 packet of length 271 Received smb_krb5 packet of length 1285 Received smb_krb5 packet of length 1334 Received smb_krb5 packet of length 1318 gensec_gssapi: credentials were delegated GSSAPI Connection will have no cryptographic protection ldb: No modules specified for this database ldb: ldb_trace_request: SEARCH dn: scope: base expr: (objectClass=*) attr: rootDomainNamingContext attr: configurationNamingContext attr: schemaNamingContext attr: defaultNamingContext control: ldb: ldb_trace_request: (ldap)->search ldb: ldb_trace_response: ENTRY dn: configurationNamingContext: CN=Configuration,DC=foo,DC=com defaultNamingContext: DC=foo,DC=com rootDomainNamingContext: DC=foo,DC=com schemaNamingContext: CN=Schema,CN=Configuration,DC=foo,DC=com ldb_wrap open of ldap://baz.foo.com ldb: ldb_trace_request: SEARCH dn: CN=BAR,CN=Computers,DC=foo,DC=com scope: base expr: (|(objectClass=*)(distinguishedName=*)) attr: msDS-KeyVersionNumber attr: servicePrincipalName attr: dNSHostName attr: objectGUID control: ldb: ldb_trace_request: (ldap)->search ldb: ldb_trace_response: ENTRY dn: CN=BAR,CN=Computers,DC=foo,DC=com objectGUID: 9bdc07c5-d46c-47a4-a179-f3da23731ad4 servicePrincipalName: host/bar.foo.com servicePrincipalName: host/bar servicePrincipalName: host/bar.foo.com/foo.com servicePrincipalName: host/bar/foo.com servicePrincipalName: host/bar.foo.com/FOO servicePrincipalName: host/bar/FOO dNSHostName: bar.foo.com msDS-KeyVersionNumber: 16 ldb: start ldb transaction (nesting: 0) ldb: ldb_trace_request: (ldap)->start_transaction ldb: start ldb transaction error: (null) ldb: ldb_trace_request: MODIFY dn: CN=BAR,CN=Computers,DC=foo,DC=com changetype: add servicePrincipalName: host/bar.foo.com servicePrincipalName: host/bar servicePrincipalName: host/bar.foo.com/foo.com servicePrincipalName: host/bar/foo.com servicePrincipalName: host/bar.foo.com/FOO servicePrincipalName: host/bar/FOO dNSHostName: bar.foo.com control: ldb: ldb_trace_request: (ldap)->modify ldb: commit ldb transaction (nesting: 0) ldb: ldb_trace_request: (ldap)->end_transaction ldb: start ldb transaction (nesting: 0) ldb: ldb_trace_request: (ldap)->start_transaction ldb: start ldb transaction error: (null) ldb: ldb_trace_request: MODIFY dn: CN=BAR,CN=Computers,DC=foo,DC=com changetype: add msDS-SupportedEncryptionTypes: 31 control: ldb: ldb_trace_request: (ldap)->modify ldb: commit ldb transaction (nesting: 0) ldb: ldb_trace_request: (ldap)->end_transaction drsuapi_DsCrackNames: struct drsuapi_DsCrackNames in: struct drsuapi_DsCrackNames bind_handle : * bind_handle: struct policy_handle handle_type : 0x00000000 (0) uuid : 0d413bae-79cb-453b-aa00-67e7acd0d96d level : 0x00000001 (1) req : * req : union drsuapi_DsNameRequest(case 1) req1: struct drsuapi_DsNameRequest1 codepage : 0x000004e4 (1252) language : 0x00000407 (1031) format_flags : DRSUAPI_DS_NAME_FLAG_NO_FLAGS (0) format_offered : DRSUAPI_DS_NAME_FORMAT_NT4_ACCOUNT (2) format_desired : DRSUAPI_DS_NAME_FORMAT_FQDN_1779 (1) count : 0x00000001 (1) names : * names: ARRAY(1) names: struct drsuapi_DsNameString str : * str : 'FOO\' rpc request data: [0000] 00 00 00 00 AE 3B 41 0D CB 79 3B 45 AA 00 67 E7 .....;A. .y;E..g. [0010] AC D0 D9 6D 01 00 00 00 01 00 00 00 E4 04 00 00 ...m.... ........ [0020] 07 04 00 00 00 00 00 00 02 00 00 00 01 00 00 00 ........ ........ [0030] 01 00 00 00 00 00 02 00 01 00 00 00 04 00 02 00 ........ ........ ... [0060] 00 00 .. ../../librpc/rpc/dcerpc_util.c:139: auth_pad_length 12 drsuapi_DsCrackNames: struct drsuapi_DsCrackNames out: struct drsuapi_DsCrackNames level_out : * level_out : 0x00000001 (1) ctr : * ctr : union drsuapi_DsNameCtr(case 1) ctr1 : * ctr1: struct drsuapi_DsNameCtr1 count : 0x00000001 (1) array : * array: ARRAY(1) array: struct drsuapi_DsNameInfo1 status : DRSUAPI_DS_NAME_STATUS_OK (0) dns_domain_name : * dns_domain_name : 'foo.com' result_name : * result_name : 'DC=foo,DC=com' result : WERR_OK rpc reply data: [0000] 01 00 00 00 01 00 00 00 08 00 02 00 01 00 00 00 ........ ........ [0010] 0C 00 02 00 01 00 00 00 00 00 00 00 10 00 02 00 ........ ........ [0020] 14 00 02 00 0E 00 00 00 00 00 00 00 0E 00 00 00 ........ ........ ... [0070] 2C 00 44 00 43 00 3D 00 63 00 6F 00 6D 00 00 00 ,.D.C.=. c.o.m... [0080] 00 00 00 00 .... &response->data.nt5_ex: struct NETLOGON_SAM_LOGON_RESPONSE_EX command : LOGON_SAM_LOGON_RESPONSE_EX (23) sbz : 0x0000 (0) server_type : 0x000003fd (1021) 1: NBT_SERVER_PDC 1: NBT_SERVER_GC 1: NBT_SERVER_LDAP 1: NBT_SERVER_DS 1: NBT_SERVER_KDC 1: NBT_SERVER_TIMESERV 1: NBT_SERVER_CLOSEST 1: NBT_SERVER_WRITABLE 1: NBT_SERVER_GOOD_TIMESERV 0: NBT_SERVER_NDNC 0: NBT_SERVER_SELECT_SECRET_DOMAIN_6 0: NBT_SERVER_FULL_SECRET_DOMAIN_6 0: NBT_SERVER_ADS_WEB_SERVICE 0: NBT_SERVER_HAS_DNS_NAME 0: NBT_SERVER_IS_DEFAULT_NC 0: NBT_SERVER_FOREST_ROOT domain_uuid : c9294eda-9c32-4fa3-8de7-4e3ce02a5335 forest : 'foo.com' dns_domain : 'foo.com' pdc_dns_name : 'baz.foo.com' domain_name : 'FOO' pdc_name : '\\BAZ' user_name : '' server_site : 'Default-First-Site-Name' client_site : 'Default-First-Site-Name' sockaddr_size : 0x00 (0) sockaddr: struct nbt_sockaddr sockaddr_family : 0x00000000 (0) pdc_ip : (null) remaining : DATA_BLOB length=0 next_closest_site : NULL nt_version : 0x00000005 (5) 1: NETLOGON_NT_VERSION_1 0: NETLOGON_NT_VERSION_5 1: NETLOGON_NT_VERSION_5EX 0: NETLOGON_NT_VERSION_5EX_WITH_IP 0: NETLOGON_NT_VERSION_WITH_CLOSEST_SITE 0: NETLOGON_NT_VERSION_AVOID_NT4EMUL 0: NETLOGON_NT_VERSION_PDC 0: NETLOGON_NT_VERSION_IP 0: NETLOGON_NT_VERSION_LOCAL 0: NETLOGON_NT_VERSION_GC lmnt_token : 0xffff (65535) lm20_token : 0xffff (65535) CLDAP response: forest=foo.com dns=foo.com netbios=FOO server_site=Default-First-Site-Name client_site=Default-First-Site-Name ldb: trying to load ldap from /usr/lib/samba/ldb/ldap.so added interface ip=10.1.10.9 nmask=255.255.0.0 not adding duplicate interface 10.1.10.9 added interface ip=10.1.10.9 nmask=255.255.0.0 not adding duplicate interface 10.1.10.9 Starting GENSEC mechanism spnego Starting GENSEC submechanism gssapi_krb5 Received smb_krb5 packet of length 271 Received smb_krb5 packet of length 1285 Received smb_krb5 packet of length 1334 Received smb_krb5 packet of length 1318 gensec_gssapi: credentials were delegated GSSAPI Connection will have no cryptographic protection ldb: No modules specified for this database ldb: ldb_trace_request: SEARCH dn: scope: base expr: (objectClass=*) attr: rootDomainNamingContext attr: configurationNamingContext attr: schemaNamingContext attr: defaultNamingContext control: ldb: ldb_trace_request: (ldap)->search ldb: ldb_trace_response: ENTRY dn: configurationNamingContext: CN=Configuration,DC=foo,DC=com defaultNamingContext: DC=foo,DC=com rootDomainNamingContext: DC=foo,DC=com schemaNamingContext: CN=Schema,CN=Configuration,DC=foo,DC=com ldb_wrap open of ldap://baz.foo.com/ ldb: ldb_trace_request: SEARCH dn: scope: base expr: (objectClass=*) attr: * control: ldb: ldb_trace_request: (ldap)->search ldb: ldb_trace_response: ENTRY dn: configurationNamingContext: CN=Configuration,DC=foo,DC=com defaultNamingContext: DC=foo,DC=com dsServiceName: CN=NTDS Settings,CN=BAZ,CN=Servers,CN=Default-First-Site- Name,CN=Sites,CN=Configuration,DC=foo,DC=com ldapServiceName: foo.com:BAZ$@FOO.COM ldapServiceName: foo.com:baz$@FOO.COM rootDomainNamingContext: DC=foo,DC=com schemaNamingContext: CN=Schema,CN=Configuration,DC=foo,DC=com serverName: CN=BAZ,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Con figuration,DC=foo,DC=com serverName: CN=BAZ,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Con figuration,DC=foo,DC=com subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=foo,DC=com supportedCapabilities: 1.2.840.113556.1.4.800 supportedCapabilities: 1.2.840.113556.1.4.1791 supportedCapabilities: 1.2.840.113556.1.4.1670 supportedCapabilities: 1.2.840.113556.1.4.1935 supportedCapabilities: 1.2.840.113556.1.4.2080 supportedLDAPVersion: 3 supportedLDAPVersion: 2 vendorName: Samba Team (http://samba.org) isSynchronized: TRUE dnsHostName: BAZ.foo.com dnsHostName: baz.foo.com currentTime: 20101015193747.0Z supportedControl: 1.2.840.113556.1.4.319 supportedControl: 1.2.840.113556.1.4.473 supportedControl: 1.2.840.113556.1.4.1504 supportedControl: 1.2.840.113556.1.4.801 supportedControl: 1.2.840.113556.1.4.801 supportedControl: 1.2.840.113556.1.4.805 supportedControl: 1.2.840.113556.1.4.529 supportedControl: 1.2.840.113556.1.4.417 supportedControl: 1.2.840.113556.1.4.1413 supportedControl: 1.2.840.113556.1.4.1413 supportedControl: 1.2.840.113556.1.4.1413 supportedControl: 1.2.840.113556.1.4.1339 supportedControl: 1.2.840.113556.1.4.1340 supportedControl: 1.2.840.113556.1.4.1413 namingContexts: DC=foo,DC=com namingContexts: CN=Configuration,DC=foo,DC=com namingContexts: CN=Schema,CN=Configuration,DC=foo,DC=com supportedSASLMechanisms: GSS-SPNEGO supportedSASLMechanisms: GSSAPI supportedSASLMechanisms: NTLM highestCommittedUSN: 14749 domainFunctionality: 2 forestFunctionality: 2 domainControllerFunctionality: 4 isGlobalCatalogReady: TRUE ldb: ldb_trace_request: SEARCH dn: CN=Configuration,DC=foo,DC=com scope: one expr: (cn=Partitions) attr: msDs-Behavior-Version control: ldb: ldb_trace_request: (ldap)->search ldb: ldb_trace_response: ENTRY dn: CN=Partitions,CN=Configuration,DC=foo,DC=com msDS-Behavior-Version: 2 ldb: ldb_trace_response: REFERRAL ref: ldap://foo.com/CN=Schema,CN=Configuration,DC=foo,DC=com??base ldb: ldb_trace_request: SEARCH dn: DC=foo,DC=com scope: base expr: (objectClass=*) attr: msDs-Behavior-Version control: ldb: ldb_trace_request: (ldap)->search ldb: ldb_trace_response: ENTRY dn: DC=foo,DC=com msDS-Behavior-Version: 2 ldb: ldb_trace_request: SEARCH dn: CN=Schema,CN=Configuration,DC=foo,DC=com scope: base expr: (objectClass=*) attr: objectVersion control: ldb: ldb_trace_request: (ldap)->search ldb: ldb_trace_response: ENTRY dn: CN=Schema,CN=Configuration,DC=foo,DC=com objectVersion: 47 ldb: ldb_trace_request: SEARCH dn: CN=Windows2003Update,CN=DomainUpdates,CN=System,DC=foo,DC=com scope: base expr: (objectClass=*) attr: revision control: ldb: ldb_trace_request: (ldap)->search ldb: ldb_trace_response: ENTRY dn: CN=Windows2003Update,CN=DomainUpdates,CN=System,DC=foo,DC=com revision: 9 ldb: ldb_trace_request: SEARCH dn: scope: base expr: (|(objectClass=*)(distinguishedName=*)) control: 1.2.840.113556.1.4.417 crit:1 data:no control: 1.2.840.113556.1.4.2064 crit:0 data:no ldb: ldb_trace_request: (ldap)->search ldb: ldb_trace_response: ENTRY dn: CN=Infrastructure,DC=foo,DC=com objectClass: top objectClass: infrastructureUpdate cn: Infrastructure instanceType: 4 whenCreated: 20100723000922.0Z uSNCreated: 3175 showInAdvancedViewOnly: TRUE name: Infrastructure objectGUID: 74c03a72-d478-404c-8a79-72a7cf38582b systemFlags: -1946157056 objectCategory: CN=Infrastructure-Update,CN=Schema,CN=Configuration,DC=hstarte ch,DC=com isCriticalSystemObject: TRUE fSMORoleOwner: CN=NTDS Settings,CN=BAZ,CN=Servers,CN=Default-First-Site- Name,CN=Sites,CN=Configuration,DC=foo,DC=com whenChanged: 20100723000923.0Z uSNChanged: 3389 distinguishedName: CN=Infrastructure,DC=foo,DC=com ldb: ldb_trace_request: SEARCH dn: CN=Infrastructure,DC=foo,DC=com scope: base expr: (|(objectClass=*)(distinguishedName=*)) attr: fSMORoleOwner control: ldb: ldb_trace_request: (ldap)->search ldb: ldb_trace_response: ENTRY dn: CN=Infrastructure,DC=foo,DC=com fSMORoleOwner: CN=NTDS Settings,CN=BAZ,CN=Servers,CN=Default-First-Site- Name,CN=Sites,CN=Configuration,DC=foo,DC=com ldb: ldb_trace_request: SEARCH dn: CN=BAZ,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=foo,DC=com scope: base expr: (objectClass=*) attr: dnsHostName control: ldb: ldb_trace_request: (ldap)->search ldb: ldb_trace_response: ENTRY dn: CN=BAZ,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=foo,DC=com dNSHostName: baz.foo.com ldb: ldb_trace_request: SEARCH dn: CN=NTDS Settings,CN=BAZ,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=foo,DC=com scope: base expr: (objectClass=*) attr: objectGUID control: ldb: ldb_trace_request: (ldap)->search ldb: ldb_trace_response: ENTRY dn: CN=NTDS Settings,CN=BAZ,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=foo,DC=com objectGUID: ac857a46-12f0-4943-8813-a71903c32f25 ldb: ldb_trace_request: SEARCH dn: DC=foo,DC=com scope: base expr: (objectClass=*) attr: rIDManagerReference control: ldb: ldb_trace_request: (ldap)->search ldb: ldb_trace_response: ENTRY dn: DC=foo,DC=com rIDManagerReference: CN=RID Manager$,CN=System,DC=foo,DC=com ldb: ldb_trace_request: SEARCH dn: CN=RID Manager$,CN=System,DC=foo,DC=com scope: base expr: (objectClass=*) attr: fSMORoleOwner control: ldb: ldb_trace_request: (ldap)->search ldb: ldb_trace_response: ENTRY dn: CN=RID Manager$,CN=System,DC=foo,DC=com fSMORoleOwner: CN=NTDS Settings,CN=BAZ,CN=Servers,CN=Default-First-Site- Name,CN=Sites,CN=Configuration,DC=foo,DC=com ldb: ldb_trace_request: SEARCH dn: CN=BAZ,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=foo,DC=com scope: base expr: (objectClass=*) attr: dnsHostName control: ldb: ldb_trace_request: (ldap)->search ldb: ldb_trace_response: ENTRY dn: CN=BAZ,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=foo,DC=com dNSHostName: baz.foo.com ldb: ldb_trace_request: SEARCH dn: CN=NTDS Settings,CN=BAZ,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=foo,DC=com scope: base expr: (objectClass=*) attr: objectGUID control: ldb: ldb_trace_request: (ldap)->search ldb: ldb_trace_response: ENTRY dn: CN=NTDS Settings,CN=BAZ,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=foo,DC=com objectGUID: ac857a46-12f0-4943-8813-a71903c32f25 ldb: ldb_trace_request: SEARCH dn: CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=foo,DC=com scope: base expr: (objectClass=*) attr: control: ldb: ldb_trace_request: (ldap)->search ldb: ldb_trace_response: ENTRY dn: CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=foo,DC=com objectClass: top objectClass: site cn: Default-First-Site-Name instanceType: 4 whenCreated: 20100723000920.0Z whenChanged: 20100723000920.0Z uSNCreated: 1758 uSNChanged: 1758 showInAdvancedViewOnly: TRUE name: Default-First-Site-Name objectGUID: dc4579de-0f31-4867-a0da-0fd1bbeb3591 systemFlags: 1107296256 objectCategory: CN=Site,CN=Schema,CN=Configuration,DC=foo,DC=com distinguishedName: CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=foo,DC=com Become DC [BAR] of Domain[FOO]/[foo.com] Promotion Partner is Server[baz.foo.com] from Site[Default-First-Site-Name] Options:crossRef behavior_version[2] schema object_version[47] domain behavior_version[2] domain w2k3_update_revision[9] ldb: ldb_trace_request: SEARCH dn: DC=foo,DC=com scope: sub expr: (&(|(objectClass=user)(objectClass=computer))(sAMAccountName=BAR$)) attr: distinguishedName attr: userAccountControl control: ldb: ldb_trace_request: (ldap)->search ldb: ldb_trace_response: ENTRY dn: CN=BAR,CN=Computers,DC=foo,DC=com userAccountControl: 4096 distinguishedName: CN=BAR,CN=Computers,DC=foo,DC=com ldb: ldb_trace_response: REFERRAL ref: ldap://foo.com/CN=Configuration,DC=foo,DC=com ldb: ldb_trace_request: SEARCH dn: CN=BAR,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=foo,DC=com scope: base expr: (objectClass=*) attr: control: ldb: ldb_trace_request: (ldap)->search ldb: ldb_trace_response: ENTRY dn: CN=BAR,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=foo,DC=com objectClass: top objectClass: server cn: BAR instanceType: 4 whenCreated: 20101001215510.0Z uSNCreated: 13459 showInAdvancedViewOnly: TRUE name: BAR objectGUID: cb7c7a0a-572b-4ca0-8d9e-01ffb609bd3d systemFlags: 1392177280 objectCategory: CN=Server,CN=Schema,CN=Configuration,DC=foo,DC=com serverReference: CN=BAR,CN=Computers,DC=foo,DC=com whenChanged: 20101015193735.0Z uSNChanged: 14747 distinguishedName: CN=BAR,CN=Servers,CN=Default-First-Site-Name,CN=Site s,CN=Configuration,DC=foo,DC=com ldb: start ldb transaction (nesting: 0) ldb: ldb_trace_request: (ldap)->start_transaction ldb: start ldb transaction error: (null) ldb: ldb_trace_request: MODIFY dn: CN=BAR,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=foo,DC=com changetype: add serverReference: CN=BAR,CN=Computers,DC=foo,DC=com control: ldb: ldb_trace_request: (ldap)->modify ldb: ldb_set_errstring: LDAP error 20 LDAP_ATTRIBUTE_OR_VALUE_EXISTS - <> ldb: cancel ldb transaction (nesting: 0) ldb: ldb_trace_request: (ldap)->del_transaction ldb: start ldb transaction (nesting: 0) ldb: ldb_trace_request: (ldap)->start_transaction ldb: start ldb transaction error: (null) ldb: ldb_trace_request: MODIFY dn: CN=BAR,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=foo,DC=com changetype: add serverReference: CN=BAR,CN=Computers,DC=foo,DC=com control: ldb: ldb_trace_request: (ldap)->modify ldb: commit ldb transaction (nesting: 0) ldb: ldb_trace_request: (ldap)->end_transaction Mapped to DCERPC endpoint 135 added interface ip=10.1.10.9 nmask=255.255.0.0 not adding duplicate interface 10.1.10.9 added interface ip=10.1.10.9 nmask=255.255.0.0 not adding duplicate interface 10.1.10.9 rpc request data: [0000] 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0010] 00 00 00 00 02 00 00 00 4B 00 00 00 4B 00 00 00 ........ K...K... [0020] 05 00 13 00 0D 35 42 51 E3 06 4B D1 11 AB 04 00 .....5BQ ..K..... [0030] C0 4F C2 DC D2 04 00 02 00 00 00 13 00 0D 04 5D .O...... .......] [0040] 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 02 00 ........ ..+.H`.. [0050] 02 00 00 00 01 00 0B 02 00 00 00 01 00 07 02 00 ........ ........ [0060] 00 00 01 00 09 04 00 00 00 00 00 00 00 00 00 00 ........ ........ [0070] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0080] 01 00 00 00 .... rpc reply data: [0000] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0010] 00 00 00 00 01 00 00 00 01 00 00 00 00 00 00 00 ........ ........ [0020] 01 00 00 00 03 00 00 00 4B 00 00 00 4B 00 00 00 ........ K...K... [0030] 05 00 13 00 0D 35 42 51 E3 06 4B D1 11 AB 04 00 .....5BQ ..K..... [0040] C0 4F C2 DC D2 04 00 02 00 00 00 13 00 0D 04 5D .O...... .......] [0050] 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 02 00 ........ ..+.H`.. [0060] 02 00 00 00 01 00 0B 02 00 00 00 01 00 07 02 00 ........ ........ [0070] 04 00 01 00 09 04 00 00 00 00 00 00 00 00 00 00 ........ ........ Mapped to DCERPC endpoint 1024 added interface ip=10.1.10.9 nmask=255.255.0.0 not adding duplicate interface 10.1.10.9 added interface ip=10.1.10.9 nmask=255.255.0.0 not adding duplicate interface 10.1.10.9 Starting GENSEC mechanism gssapi_krb5 Received smb_krb5 packet of length 271 Received smb_krb5 packet of length 1285 Received smb_krb5 packet of length 1334 Received smb_krb5 packet of length 1318 ../../librpc/rpc/dcerpc_util.c:139: auth_pad_length 0 gensec_gssapi: credentials were delegated GSSAPI Connection will be cryptographicly sealed Got KRB5 session key of length 32 (done) rpc request data: [0000] 00 00 02 00 9C B9 FA 6A 26 6E 4A 46 97 5F F5 8F .......j &nJF._.. [0010] 10 52 18 BC 04 00 02 00 1C 00 00 00 1C 00 00 00 .R...... ........ [0020] 7F FF FF 0F DE 79 45 DC 31 0F 67 48 A0 DA 0F D1 .....yE. 1.gH.... [0030] BB EB 35 91 00 00 00 00 00 00 00 00 ..5..... .... ../../librpc/rpc/dcerpc_util.c:139: auth_pad_length 0 rpc reply data: [0000] 08 00 02 00 1C 00 00 00 1C 00 00 00 6F FF FF 2F ........ ....o../ [0010] DE 79 45 DC 31 0F 67 48 A0 DA 0F D1 BB EB 35 91 .yE.1.gH ......5. [0020] 00 00 00 00 00 00 00 00 00 00 00 00 EE 5C 07 EE ........ .....\.. [0030] 20 8E A8 4F 9D FE 4F 94 C0 96 BC 1B 00 00 00 00 ..O..O. ........ rpc request data: [0000] 00 00 00 00 EE 5C 07 EE 20 8E A8 4F 9D FE 4F 94 .....\.. ..O..O. [0010] C0 96 BC 1B 02 00 00 00 02 00 00 00 00 00 00 00 ........ ........ [0020] 00 00 02 00 00 00 00 00 0B 00 00 00 04 00 02 00 ........ ........ [0030] 73 00 00 00 1E 01 00 00 00 00 00 00 00 00 00 00 s....... ........ [0040] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ [0050] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........ ... [08A0] 44 00 43 00 3D 00 63 00 6F 00 6D 00 00 00 D.C.=.c. o.m... ../../librpc/rpc/dcerpc_util.c:139: auth_pad_length 0 rpc reply data: [0000] 03 00 00 00 03 00 00 00 00 00 00 00 01 00 00 00 ........ ........ [0010] 70 00 02 00 00 00 00 00 00 00 00 00 01 00 00 00 p....... ........ [0020] EE 20 00 00 00 00 00 00 00 00 00 00 EE 20 00 00 . ...... ..... .. libnet_BecomeDC() failed - NT code 0xc00020ee Traceback (most recent call last): File "/usr/lib/python2.6/dist-packages/samba/netcmd/__init__.py", line 99, in _run return self.run(*args, **kwargs) File "/usr/lib/python2.6/dist-packages/samba/netcmd/vampire.py", line 51, in run (domain_name, domain_sid) = net.vampire(domain=domain, target_dir=target_dir) RuntimeError: NT code 0xc00020ee