[Samba-it] log problema autenticazione dominio SAMBA PDC+LDAP
giacomo
giacomo at webfiere.net
Mon Feb 7 11:52:02 MST 2005
La password di samba è la stessa di ldap. I samba tools riescono a
scrivere gli utenti sull'ldap, quindi non credo sia un problema di
permessi. Questa è la mia configurazione di samba:
# Samba config file created using SWAT
# from 0.0.0.0 (0.0.0.0)
# Date: 2004/12/01 18:20:15
# Global parameters
[global]
realm = DOMAIN.INTRA
workgroup = DOMAIN
netbios name = SRV2
server string = LAN Autenthication Server
username map = /etc/samba/smbusers
admin users = @"Domain Admins"
#admin users = testuser
hosts allow = 172.16.0.0/255.255.255.0
security = user
encrypt passwords = Yes
obey pam restrictions = No
ldap passwd sync = Yes
log level = 2
syslog = 1
log file = /var/log/samba/log.%m
max log size = 10000
time server = Yes
#interfaces = eth0, lo
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
mangling method = hash2
Dos charset = 850
Unix charset = ISO8859-1
logon script = logon.bat
logon drive = H:
logon home =
logon path =
domain logons = Yes
os level = 70
preferred master = Yes
domain master = Yes
local master = Yes
wins support = Yes
passdb backend = ldapsam:ldap://172.16.0.60/
ldap admin dn = cn=Manager,dc=domain,dc=intra
ldap suffix = dc=domain,dc=intra
ldap group suffix = ou=Groups
ldap user suffix = ou=Users
ldap machine suffix = ou=Computers
ldap idmap suffix = ou=Idmap
idmap backend = ldap:ldap://172.16.0.60
idmap uid = 0-20000
idmap gid = 500-20000
#winbind separator = +
#winbind enum users = yes
#winbind enum groups = yes
#winbind uid = 1000-20000
#winbind gid = 1000-20000
#ldap ssl = start tls
ldap ssl = no
add user script = /usr/sbin/smbldap-useradd -m "%u"
ldap delete dn = Yes
#delete user script = /usr/sbin/smbldap-userdel "%u"
add machine script = /usr/sbin/smbldap-useradd -w "%u"
add group script = /usr/sbin/smbldap-groupadd -p "%g"
#delete group script = /usr/sbin/smbldap-groupdel "%g"
add user to group script = /usr/sbin/smbldap-groupmod -m "%u" "%g"
delete user from group script = /usr/sbin/smbldap-groupmod -x
"%u" "%g"
set primary group script = /usr/sbin/smbldap-usermod -g "%g" "%u"
# printers configuration
printer admin = @"Print Operators"
load printers = Yes
create mask = 0640
directory mask = 0750
nt acl support = No
printing = cups
printcap name = cups
deadtime = 10
dont descend = /proc,/dev,/etc,/lib,/lost+found,/initrd
show add printer wizard = yes
; to maintain capital letters in shortcuts in any of the profile
folders:
preserve case = yes
short preserve case = yes
case sensitive = no
[homes]
comment = repertoire de %U, %u
read only = No
create mask = 0644
directory mask = 0775
browseable = No
[netlogon]
path = /home/samba/netlogon/
browseable = No
read only = yes
[profiles]
path = /home/samba/profiles
read only = no
create mask = 0600
directory mask = 0700
browseable = No
guest ok = No
profile acls = Yes
nt acl support = Yes
csc policy = disable
# next line is a great way to secure the profiles
force user = %U
# next line allows administrator to access all profiles
valid users = %U @"Domain Admins"
# valid users = %U @"Domain Users"
#[printers]
# comment = Network Printers
# printer admin = @"Print Operators"
# guest ok = yes
# printable = yes
# path = /home/spool/
# browseable = No
# read only = Yes
# printable = Yes
# print command = /usr/bin/lpr -P%p -r %s
# lpq command = /usr/bin/lpq -P%p
# lprm command = /usr/bin/lprm -P%p %j
[print$]
path = /home/printers
guest ok = No
browseable = Yes
read only = Yes
valid users = @"Print Operators"
write list = @"Print Operators"
create mask = 0664
directory mask = 0775
#[public]
# comment = Repertoire public
# path = /home/public
# browseable = Yes
# guest ok = Yes
# read only = No
# directory mask = 0775
# create mask = 0664
Ho provato a mettere il livello di log 4(a livello 5 veniva un log
lunghissimo) . Questo è il log della macchina che tenta di accedere al
dominio:
[2005/02/07 12:29:41, 3] smbd/process.c:process_smb(1091)
Transaction 1 of length 137
[2005/02/07 12:29:41, 3] smbd/process.c:switch_message(886)
switch message SMBnegprot (pid 2554) conn 0x0
[2005/02/07 12:29:41, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/02/07 12:29:41, 3] smbd/negprot.c:reply_negprot(461)
Requested protocol [PC NETWORK PROGRAM 1.0]
[2005/02/07 12:29:41, 3] smbd/negprot.c:reply_negprot(461)
Requested protocol [LANMAN1.0]
[2005/02/07 12:29:41, 3] smbd/negprot.c:reply_negprot(461)
Requested protocol [Windows for Workgroups 3.1a]
[2005/02/07 12:29:41, 3] smbd/negprot.c:reply_negprot(461)
Requested protocol [LM1.2X002]
[2005/02/07 12:29:41, 3] smbd/negprot.c:reply_negprot(461)
Requested protocol [LANMAN2.1]
[2005/02/07 12:29:41, 3] smbd/negprot.c:reply_negprot(461)
Requested protocol [NT LM 0.12]
[2005/02/07 12:29:41, 3] smbd/negprot.c:reply_nt1(333)
using SPNEGO
[2005/02/07 12:29:41, 3] smbd/negprot.c:reply_negprot(549)
Selected protocol NT LM 0.12
[2005/02/07 12:29:41, 3] smbd/process.c:process_smb(1091)
Transaction 2 of length 202
[2005/02/07 12:29:41, 3] smbd/process.c:switch_message(886)
switch message SMBsesssetupX (pid 2554) conn 0x0
[2005/02/07 12:29:41, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/02/07 12:29:41, 3] smbd/sesssetup.c:reply_sesssetup_and_X(655)
wct=12 flg2=0xc807
[2005/02/07 12:29:41, 2] smbd/sesssetup.c:setup_new_vc_session(608)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2005/02/07 12:29:41, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(535)
Doing spnego session setup
[2005/02/07 12:29:41, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(566)
NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0]
PrimaryDomain=[]
[2005/02/07 12:29:41, 3] smbd/sesssetup.c:reply_spnego_negotiate(444)
Got OID 1 3 6 1 4 1 311 2 2 10
[2005/02/07 12:29:41, 3] smbd/sesssetup.c:reply_spnego_negotiate(447)
Got secblob of size 32
[2005/02/07 12:29:41, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
Got NTLMSSP neg_flags=0xe0088297
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_NEGOTIATE_OEM
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_SIGN
NTLMSSP_NEGOTIATE_LM_KEY
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_NEGOTIATE_NTLM2
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
[2005/02/07 12:29:41, 3] smbd/process.c:process_smb(1091)
Transaction 3 of length 340
[2005/02/07 12:29:41, 3] smbd/process.c:switch_message(886)
switch message SMBsesssetupX (pid 2554) conn 0x0
[2005/02/07 12:29:41, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/02/07 12:29:41, 3] smbd/sesssetup.c:reply_sesssetup_and_X(655)
wct=12 flg2=0xc807
[2005/02/07 12:29:41, 2] smbd/sesssetup.c:setup_new_vc_session(608)
setup_new_vc_session: New VC == 0, if NT4.x compatible we would close
all old resources.
[2005/02/07 12:29:41, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(535)
Doing spnego session setup
[2005/02/07 12:29:41, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(566)
NativeOS=[Windows 2000 2195] NativeLanMan=[Windows 2000 5.0]
PrimaryDomain=[]
[2005/02/07 12:29:41, 3] libsmb/ntlmssp.c:ntlmssp_server_auth(615)
Got user=[Administrator] domain=[mapasasnc] workstation=[WRK-PII350]
len1=24 len2=24
[2005/02/07 12:29:41, 4] lib/username.c:map_username(132)
Scanning username map /etc/samba/smbusers
[2005/02/07 12:29:41, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/02/07 12:29:41, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/02/07 12:29:41, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/02/07 12:29:41, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/02/07 12:29:41, 3] auth/auth.c:check_ntlm_password(219)
check_ntlm_password: Checking password for unmapped user
[mapasasnc]\[Administrator]@[WRK-PII350] with the new password interface
[2005/02/07 12:29:41, 3] auth/auth.c:check_ntlm_password(222)
check_ntlm_password: mapped user is:
[mapasasnc]\[Administrator]@[WRK-PII350]
[2005/02/07 12:29:41, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/02/07 12:29:41, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/02/07 12:29:41, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/02/07 12:29:41, 2] passdb/pdb_ldap.c:init_sam_from_ldap(511)
init_sam_from_ldap: Entry found for user: Administrator
[2005/02/07 12:29:41, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/02/07 12:29:41, 4] libsmb/ntlm_check.c:ntlm_password_check(326)
ntlm_password_check: Checking NT MD4 password
[2005/02/07 12:29:41, 4] auth/auth_sam.c:sam_account_ok(119)
sam_account_ok: Checking SMB password for user Administrator
[2005/02/07 12:29:41, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/02/07 12:29:41, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/02/07 12:29:41, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/02/07 12:29:41, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/02/07 12:29:41, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/02/07 12:29:41, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/02/07 12:29:41, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/02/07 12:29:41, 2] passdb/pdb_ldap.c:init_group_from_ldap(2011)
init_group_from_ldap: Entry found for group: 512
[2005/02/07 12:29:41, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/02/07 12:29:41, 3] auth/auth.c:check_ntlm_password(268)
check_ntlm_password: sam authentication for user [Administrator] succeeded
[2005/02/07 12:29:41, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2005/02/07 12:29:41, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2005/02/07 12:29:41, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/02/07 12:29:41, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/02/07 12:29:41, 2] auth/auth.c:check_ntlm_password(305)
check_ntlm_password: authentication for user [Administrator] ->
[Administrator] -> [Administrator] succeeded
[2005/02/07 12:29:41, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(319)
NTLMSSP Sign/Seal - Initialising with flags:
[2005/02/07 12:29:41, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62)
Got NTLMSSP neg_flags=0x60088215
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_SIGN
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_NEGOTIATE_NTLM2
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
[2005/02/07 12:29:41, 3] smbd/password.c:register_vuid(222)
User name: Administrator Real name: Administrator
[2005/02/07 12:29:41, 3] smbd/password.c:register_vuid(241)
UNIX uid 0 is UNIX user Administrator, and will be vuid 100
[2005/02/07 12:29:41, 3] smbd/password.c:register_vuid(270)
Adding homes service for user 'Administrator' using home directory:
'/home/Administrator'
[2005/02/07 12:29:41, 3] param/loadparm.c:lp_add_home(2346)
adding home's share [Administrator] for user 'Administrator' at
'/home/Administrator'
[2005/02/07 12:29:41, 3] smbd/process.c:process_smb(1091)
Transaction 4 of length 88
[2005/02/07 12:29:41, 3] smbd/process.c:switch_message(886)
switch message SMBtconX (pid 2554) conn 0x0
[2005/02/07 12:29:41, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/02/07 12:29:41, 4] smbd/reply.c:reply_tcon_and_X(408)
Client requested device type [?????] for share [IPC$]
[2005/02/07 12:29:41, 3] lib/access.c:check_access(313)
check_access: no hostnames in host allow/deny list.
[2005/02/07 12:29:41, 2] lib/access.c:check_access(324)
Allowed connection from (172.16.0.190)
[2005/02/07 12:29:41, 3] smbd/service.c:make_connection_snum(472)
Connect path is '/tmp' for service [IPC$]
[2005/02/07 12:29:41, 4] rpc_server/srv_srvsvc_nt.c:get_share_security(217)
get_share_security: using default secdesc for IPC$
[2005/02/07 12:29:41, 3] lib/util_seaccess.c:se_access_check(251)
[2005/02/07 12:29:41, 3] lib/util_seaccess.c:se_access_check(252)
se_access_check: user sid is S-1-5-21-3334972162-3902999861-873044367-2996
se_access_check: also S-1-5-21-3334972162-3902999861-873044367-512
se_access_check: also S-1-1-0
se_access_check: also S-1-5-2
se_access_check: also S-1-5-11
[2005/02/07 12:29:41, 3] smbd/vfs.c:vfs_init_default(203)
Initialising default vfs hooks
[2005/02/07 12:29:41, 4] rpc_server/srv_srvsvc_nt.c:get_share_security(217)
get_share_security: using default secdesc for IPC$
[2005/02/07 12:29:41, 3] lib/util_seaccess.c:se_access_check(251)
[2005/02/07 12:29:41, 3] lib/util_seaccess.c:se_access_check(252)
se_access_check: user sid is S-1-5-21-3334972162-3902999861-873044367-2996
se_access_check: also S-1-5-21-3334972162-3902999861-873044367-512
se_access_check: also S-1-1-0
se_access_check: also S-1-5-2
se_access_check: also S-1-5-11
[2005/02/07 12:29:41, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 512) - sec_ctx_stack_ndx = 0
[2005/02/07 12:29:41, 3] smbd/service.c:make_connection_snum(648)
wrk-pii350 (172.16.0.190) connect to service IPC$ initially as user
Administrator (uid=0, gid=512) (pid 2554)
[2005/02/07 12:29:41, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/02/07 12:29:41, 3] smbd/reply.c:reply_tcon_and_X(456)
tconX service=IPC$
[2005/02/07 12:29:41, 3] smbd/process.c:process_smb(1091)
Transaction 5 of length 104
[2005/02/07 12:29:41, 3] smbd/process.c:switch_message(886)
switch message SMBntcreateX (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:41, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 512) - sec_ctx_stack_ndx = 0
[2005/02/07 12:29:41, 4] smbd/vfs.c:vfs_ChDir(654)
vfs_ChDir to /tmp
[2005/02/07 12:29:41, 4] smbd/nttrans.c:nt_open_pipe(497)
nt_open_pipe: Opening pipe \lsarpc.
[2005/02/07 12:29:41, 3] smbd/nttrans.c:nt_open_pipe(514)
nt_open_pipe: Known pipe lsarpc opening.
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(178)
Open pipe requested lsarpc (pipes_open=0)
[2005/02/07 12:29:41, 4]
rpc_server/srv_pipe_hnd.c:make_internal_rpc_pipe_p(278)
Create pipe requested lsarpc
[2005/02/07 12:29:41, 4]
rpc_server/srv_pipe_hnd.c:make_internal_rpc_pipe_p(370)
Created internal pipe lsarpc (pipes_open=0)
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(257)
Opened pipe lsarpc with handle 70df (pipes_open=1)
[2005/02/07 12:29:41, 3] smbd/process.c:process_smb(1091)
Transaction 6 of length 160
[2005/02/07 12:29:41, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:41, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:41, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=72 params=0 setup=2
[2005/02/07 12:29:41, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=70df
[2005/02/07 12:29:41, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "lsarpc" (pnum 70df)
[2005/02/07 12:29:41, 3] rpc_server/srv_pipe.c:api_pipe_bind_req(887)
api_pipe_bind_req: \PIPE\lsarpc -> \PIPE\lsass
[2005/02/07 12:29:41, 3] rpc_server/srv_pipe.c:check_bind_req(762)
check_bind_req for \PIPE\lsarpc
[2005/02/07 12:29:41, 3] smbd/process.c:process_smb(1091)
Transaction 7 of length 180
[2005/02/07 12:29:41, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:41, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:41, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=92 params=0 setup=2
[2005/02/07 12:29:41, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=70df
[2005/02/07 12:29:41, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "lsarpc" (pnum 70df)
[2005/02/07 12:29:41, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: lsarpc op 0x2c - api_rpcTNP: rpc command: LSA_OPENPOLICY2
[2005/02/07 12:29:41, 3] lib/util_seaccess.c:se_access_check(251)
[2005/02/07 12:29:41, 3] lib/util_seaccess.c:se_access_check(252)
se_access_check: user sid is S-1-5-21-3334972162-3902999861-873044367-2996
se_access_check: also S-1-5-21-3334972162-3902999861-873044367-512
se_access_check: also S-1-1-0
se_access_check: also S-1-5-2
se_access_check: also S-1-5-11
[2005/02/07 12:29:41, 4] rpc_server/srv_lsa_hnd.c:create_policy_hnd(142)
Opened policy hnd[1] [000] 00 00 00 00 01 00 00 00 00 00 00 00 25 51
07 42 ........ ....%Q.B
[010] FA 09 00 00 ....
[2005/02/07 12:29:41, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 824
[2005/02/07 12:29:41, 3] smbd/process.c:process_smb(1091)
Transaction 8 of length 134
[2005/02/07 12:29:41, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:41, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:41, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=46 params=0 setup=2
[2005/02/07 12:29:41, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=70df
[2005/02/07 12:29:41, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "lsarpc" (pnum 70df)
[2005/02/07 12:29:41, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: lsarpc op 0x2e - unknown
[2005/02/07 12:29:41, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/02/07 12:29:41, 3] smbd/process.c:process_smb(1091)
Transaction 9 of length 134
[2005/02/07 12:29:41, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:41, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:41, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=46 params=0 setup=2
[2005/02/07 12:29:41, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=70df
[2005/02/07 12:29:41, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "lsarpc" (pnum 70df)
[2005/02/07 12:29:41, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: lsarpc op 0x7 - api_rpcTNP: rpc command: LSA_QUERYINFOPOLICY
[2005/02/07 12:29:41, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 01 00 00 00 00 00 00 00 25 51
07 42 ........ ....%Q.B
[010] FA 09 00 00 ....
[2005/02/07 12:29:41, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 512
[2005/02/07 12:29:41, 3] smbd/process.c:process_smb(1091)
Transaction 10 of length 104
[2005/02/07 12:29:41, 3] smbd/process.c:switch_message(886)
switch message SMBntcreateX (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:41, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:41, 4] smbd/nttrans.c:nt_open_pipe(497)
nt_open_pipe: Opening pipe \winreg.
[2005/02/07 12:29:41, 3] smbd/nttrans.c:nt_open_pipe(514)
nt_open_pipe: Known pipe winreg opening.
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(178)
Open pipe requested winreg (pipes_open=1)
[2005/02/07 12:29:41, 4]
rpc_server/srv_pipe_hnd.c:make_internal_rpc_pipe_p(278)
Create pipe requested winreg
[2005/02/07 12:29:41, 4]
rpc_server/srv_pipe_hnd.c:make_internal_rpc_pipe_p(370)
Created internal pipe winreg (pipes_open=1)
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(257)
Opened pipe winreg with handle 70e0 (pipes_open=2)
[2005/02/07 12:29:41, 3] smbd/process.c:process_smb(1091)
Transaction 11 of length 160
[2005/02/07 12:29:41, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:41, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:41, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=72 params=0 setup=2
[2005/02/07 12:29:41, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=70e0
[2005/02/07 12:29:41, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "winreg" (pnum 70e0)
[2005/02/07 12:29:41, 3] rpc_server/srv_pipe.c:api_pipe_bind_req(887)
api_pipe_bind_req: \PIPE\winreg -> \PIPE\winreg
[2005/02/07 12:29:41, 3] rpc_server/srv_pipe.c:check_bind_req(762)
check_bind_req for \PIPE\winreg
[2005/02/07 12:29:41, 3] smbd/process.c:process_smb(1091)
Transaction 12 of length 124
[2005/02/07 12:29:41, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:41, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:41, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=36 params=0 setup=2
[2005/02/07 12:29:41, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=70e0
[2005/02/07 12:29:41, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "winreg" (pnum 70e0)
[2005/02/07 12:29:41, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: winreg op 0x2 - api_rpcTNP: rpc command: REG_OPEN_HKLM
[2005/02/07 12:29:41, 4] rpc_server/srv_lsa_hnd.c:create_policy_hnd(142)
Opened policy hnd[1] [000] 00 00 00 00 02 00 00 00 00 00 00 00 25 51
07 42 ........ ....%Q.B
[010] FA 09 00 00 ....
[2005/02/07 12:29:41, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/02/07 12:29:41, 3] smbd/process.c:process_smb(1091)
Transaction 13 of length 272
[2005/02/07 12:29:41, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:41, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:41, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=184 params=0 setup=2
[2005/02/07 12:29:41, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=70e0
[2005/02/07 12:29:41, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "winreg" (pnum 70e0)
[2005/02/07 12:29:41, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: winreg op 0xf - api_rpcTNP: rpc command: REG_OPEN_ENTRY
[2005/02/07 12:29:41, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 02 00 00 00 00 00 00 00 25 51
07 42 ........ ....%Q.B
[010] FA 09 00 00 ....
[2005/02/07 12:29:41, 4] rpc_server/srv_lsa_hnd.c:create_policy_hnd(142)
Opened policy hnd[2] [000] 00 00 00 00 03 00 00 00 00 00 00 00 25 51
07 42 ........ ....%Q.B
[010] FA 09 00 00 ....
[2005/02/07 12:29:41, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 110
[2005/02/07 12:29:41, 3] smbd/process.c:process_smb(1091)
Transaction 14 of length 236
[2005/02/07 12:29:41, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:41, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:41, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=148 params=0 setup=2
[2005/02/07 12:29:41, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=70e0
[2005/02/07 12:29:41, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "winreg" (pnum 70e0)
[2005/02/07 12:29:41, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: winreg op 0x11 - api_rpcTNP: rpc command: REG_INFO
[2005/02/07 12:29:41, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 03 00 00 00 00 00 00 00 25 51
07 42 ........ ....%Q.B
[010] FA 09 00 00 ....
[2005/02/07 12:29:41, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 42
[2005/02/07 12:29:41, 3] smbd/process.c:process_smb(1091)
Transaction 15 of length 132
[2005/02/07 12:29:41, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:41, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:41, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=44 params=0 setup=2
[2005/02/07 12:29:41, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=70e0
[2005/02/07 12:29:41, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "winreg" (pnum 70e0)
[2005/02/07 12:29:41, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: winreg op 0x5 - api_rpcTNP: rpc command: REG_CLOSE
[2005/02/07 12:29:41, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 03 00 00 00 00 00 00 00 25 51
07 42 ........ ....%Q.B
[010] FA 09 00 00 ....
[2005/02/07 12:29:41, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 03 00 00 00 00 00 00 00 25 51
07 42 ........ ....%Q.B
[010] FA 09 00 00 ....
[2005/02/07 12:29:41, 3] rpc_server/srv_lsa_hnd.c:close_policy_hnd(200)
Closed policy
[2005/02/07 12:29:41, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/02/07 12:29:41, 3] smbd/process.c:process_smb(1091)
Transaction 16 of length 132
[2005/02/07 12:29:41, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:41, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:41, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=44 params=0 setup=2
[2005/02/07 12:29:41, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=70e0
[2005/02/07 12:29:41, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "winreg" (pnum 70e0)
[2005/02/07 12:29:41, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: winreg op 0x5 - api_rpcTNP: rpc command: REG_CLOSE
[2005/02/07 12:29:41, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 02 00 00 00 00 00 00 00 25 51
07 42 ........ ....%Q.B
[010] FA 09 00 00 ....
[2005/02/07 12:29:41, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 02 00 00 00 00 00 00 00 25 51
07 42 ........ ....%Q.B
[010] FA 09 00 00 ....
[2005/02/07 12:29:41, 3] rpc_server/srv_lsa_hnd.c:close_policy_hnd(200)
Closed policy
[2005/02/07 12:29:41, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/02/07 12:29:41, 3] smbd/process.c:process_smb(1091)
Transaction 17 of length 45
[2005/02/07 12:29:41, 3] smbd/process.c:switch_message(886)
switch message SMBclose (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:41, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=70e0
[2005/02/07 12:29:41, 4] rpc_server/srv_pipe_hnd.c:close_rpc_pipe_hnd(1081)
closed pipe name winreg pnum=70e0 (pipes_open=1)
[2005/02/07 12:29:42, 3] smbd/process.c:process_smb(1091)
Transaction 18 of length 100
[2005/02/07 12:29:42, 3] smbd/process.c:switch_message(886)
switch message SMBntcreateX (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:42, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:42, 4] smbd/nttrans.c:nt_open_pipe(497)
nt_open_pipe: Opening pipe \samr.
[2005/02/07 12:29:42, 3] smbd/nttrans.c:nt_open_pipe(514)
nt_open_pipe: Known pipe samr opening.
[2005/02/07 12:29:42, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(178)
Open pipe requested samr (pipes_open=1)
[2005/02/07 12:29:42, 4]
rpc_server/srv_pipe_hnd.c:make_internal_rpc_pipe_p(278)
Create pipe requested samr
[2005/02/07 12:29:42, 4]
rpc_server/srv_pipe_hnd.c:make_internal_rpc_pipe_p(370)
Created internal pipe samr (pipes_open=1)
[2005/02/07 12:29:42, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(257)
Opened pipe samr with handle 70e1 (pipes_open=2)
[2005/02/07 12:29:42, 3] smbd/process.c:process_smb(1091)
Transaction 19 of length 160
[2005/02/07 12:29:42, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:42, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:42, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=72 params=0 setup=2
[2005/02/07 12:29:42, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/02/07 12:29:42, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=70e1
[2005/02/07 12:29:42, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "samr" (pnum 70e1)
[2005/02/07 12:29:42, 3] rpc_server/srv_pipe.c:api_pipe_bind_req(887)
api_pipe_bind_req: \PIPE\samr -> \PIPE\lsass
[2005/02/07 12:29:42, 3] rpc_server/srv_pipe.c:check_bind_req(762)
check_bind_req for \PIPE\samr
[2005/02/07 12:29:42, 3] smbd/process.c:process_smb(1091)
Transaction 20 of length 160
[2005/02/07 12:29:42, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:42, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:42, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=72 params=0 setup=2
[2005/02/07 12:29:42, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/02/07 12:29:42, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=70e1
[2005/02/07 12:29:42, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "samr" (pnum 70e1)
[2005/02/07 12:29:42, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/02/07 12:29:42, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: samr op 0x3e - api_rpcTNP: rpc command: SAMR_CONNECT4
[2005/02/07 12:29:42, 3] lib/util_seaccess.c:se_access_check(251)
[2005/02/07 12:29:42, 3] lib/util_seaccess.c:se_access_check(252)
se_access_check: user sid is S-1-5-21-3334972162-3902999861-873044367-2996
se_access_check: also S-1-5-21-3334972162-3902999861-873044367-512
se_access_check: also S-1-1-0
se_access_check: also S-1-5-2
se_access_check: also S-1-5-11
[2005/02/07 12:29:42, 4] rpc_server/srv_lsa_hnd.c:create_policy_hnd(142)
Opened policy hnd[2] [000] 00 00 00 00 04 00 00 00 00 00 00 00 26 51
07 42 ........ ....&Q.B
[010] FA 09 00 00 ....
[2005/02/07 12:29:42, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 756
[2005/02/07 12:29:42, 3] smbd/process.c:process_smb(1091)
Transaction 21 of length 140
[2005/02/07 12:29:42, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:42, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:42, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=52 params=0 setup=2
[2005/02/07 12:29:42, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/02/07 12:29:42, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=70e1
[2005/02/07 12:29:42, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "samr" (pnum 70e1)
[2005/02/07 12:29:42, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/02/07 12:29:42, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: samr op 0x6 - api_rpcTNP: rpc command: SAMR_ENUM_DOMAINS
[2005/02/07 12:29:42, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 04 00 00 00 00 00 00 00 26 51
07 42 ........ ....&Q.B
[010] FA 09 00 00 ....
[2005/02/07 12:29:42, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 1080
[2005/02/07 12:29:42, 3] smbd/process.c:process_smb(1091)
Transaction 22 of length 170
[2005/02/07 12:29:42, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:42, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:42, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=82 params=0 setup=2
[2005/02/07 12:29:42, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/02/07 12:29:42, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=70e1
[2005/02/07 12:29:42, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "samr" (pnum 70e1)
[2005/02/07 12:29:42, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/02/07 12:29:42, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: samr op 0x5 - api_rpcTNP: rpc command: SAMR_LOOKUP_DOMAIN
[2005/02/07 12:29:42, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 04 00 00 00 00 00 00 00 26 51
07 42 ........ ....&Q.B
[010] FA 09 00 00 ....
[2005/02/07 12:29:42, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2482)
Returning domain sid for domain MAPASASNC ->
S-1-5-21-3334972162-3902999861-873044367
[2005/02/07 12:29:42, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 18
[2005/02/07 12:29:42, 3] smbd/process.c:process_smb(1091)
Transaction 23 of length 164
[2005/02/07 12:29:42, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:42, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:42, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=76 params=0 setup=2
[2005/02/07 12:29:42, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/02/07 12:29:42, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=70e1
[2005/02/07 12:29:42, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "samr" (pnum 70e1)
[2005/02/07 12:29:42, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/02/07 12:29:42, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: samr op 0x7 - api_rpcTNP: rpc command: SAMR_OPEN_DOMAIN
[2005/02/07 12:29:42, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 04 00 00 00 00 00 00 00 26 51
07 42 ........ ....&Q.B
[010] FA 09 00 00 ....
[2005/02/07 12:29:42, 3] lib/util_seaccess.c:se_access_check(251)
[2005/02/07 12:29:42, 3] lib/util_seaccess.c:se_access_check(252)
se_access_check: user sid is S-1-5-21-3334972162-3902999861-873044367-2996
se_access_check: also S-1-5-21-3334972162-3902999861-873044367-512
se_access_check: also S-1-1-0
se_access_check: also S-1-5-2
se_access_check: also S-1-5-11
[2005/02/07 12:29:42, 4]
rpc_server/srv_samr_nt.c:access_check_samr_object(87)
_samr_open_domain: ACCESS should be DENIED (requested: 0x00000211)
but overritten by euid == sec_initial_uid()
[2005/02/07 12:29:42, 4] rpc_server/srv_lsa_hnd.c:create_policy_hnd(142)
Opened policy hnd[3] [000] 00 00 00 00 05 00 00 00 00 00 00 00 26 51
07 42 ........ ....&Q.B
[010] FA 09 00 00 ....
[2005/02/07 12:29:42, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 732
[2005/02/07 12:29:42, 3] smbd/process.c:process_smb(1091)
Transaction 24 of length 184
[2005/02/07 12:29:42, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:42, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:42, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=96 params=0 setup=2
[2005/02/07 12:29:42, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/02/07 12:29:42, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=70e1
[2005/02/07 12:29:42, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "samr" (pnum 70e1)
[2005/02/07 12:29:42, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/02/07 12:29:42, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: samr op 0x32 - api_rpcTNP: rpc command: SAMR_CREATE_USER
[2005/02/07 12:29:42, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 05 00 00 00 00 00 00 00 26 51
07 42 ........ ....&Q.B
[010] FA 09 00 00 ....
[2005/02/07 12:29:42, 3] smbd/sec_ctx.c:push_sec_ctx(256)
push_sec_ctx(0, 512) : sec_ctx_stack_ndx = 1
[2005/02/07 12:29:42, 3] smbd/uid.c:push_conn_ctx(365)
push_conn_ctx(100) : conn_ctx_stack_ndx = 0
[2005/02/07 12:29:42, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2005/02/07 12:29:42, 4] passdb/pdb_ldap.c:ldapsam_getsampwnam(1300)
ldapsam_getsampwnam: Unable to locate user [wrk-pii350$] count=0
[2005/02/07 12:29:42, 3] smbd/sec_ctx.c:pop_sec_ctx(386)
pop_sec_ctx (0, 512) - sec_ctx_stack_ndx = 0
[2005/02/07 12:29:44, 3] rpc_server/srv_samr_nt.c:_samr_create_user(2250)
_samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w
"wrk-pii350$"' gave 9
[2005/02/07 12:29:44, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 24
[2005/02/07 12:29:44, 3] smbd/process.c:process_smb(1091)
Transaction 25 of length 132
[2005/02/07 12:29:44, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:44, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:44, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=44 params=0 setup=2
[2005/02/07 12:29:44, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/02/07 12:29:44, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=70e1
[2005/02/07 12:29:44, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "samr" (pnum 70e1)
[2005/02/07 12:29:44, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/02/07 12:29:44, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: samr op 0x1 - api_rpcTNP: rpc command: SAMR_CLOSE_HND
[2005/02/07 12:29:44, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 05 00 00 00 00 00 00 00 26 51
07 42 ........ ....&Q.B
[010] FA 09 00 00 ....
[2005/02/07 12:29:44, 3] rpc_server/srv_lsa_hnd.c:close_policy_hnd(200)
Closed policy
[2005/02/07 12:29:44, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/02/07 12:29:44, 3] smbd/process.c:process_smb(1091)
Transaction 26 of length 132
[2005/02/07 12:29:44, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:44, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:44, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=44 params=0 setup=2
[2005/02/07 12:29:44, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/02/07 12:29:44, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=70e1
[2005/02/07 12:29:44, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "samr" (pnum 70e1)
[2005/02/07 12:29:44, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/02/07 12:29:44, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: samr op 0x1 - api_rpcTNP: rpc command: SAMR_CLOSE_HND
[2005/02/07 12:29:44, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 04 00 00 00 00 00 00 00 26 51
07 42 ........ ....&Q.B
[010] FA 09 00 00 ....
[2005/02/07 12:29:44, 3] rpc_server/srv_lsa_hnd.c:close_policy_hnd(200)
Closed policy
[2005/02/07 12:29:44, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/02/07 12:29:44, 3] smbd/process.c:process_smb(1091)
Transaction 27 of length 45
[2005/02/07 12:29:44, 3] smbd/process.c:switch_message(886)
switch message SMBclose (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:44, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:44, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=70e1
[2005/02/07 12:29:44, 4] rpc_server/srv_pipe_hnd.c:close_rpc_pipe_hnd(1081)
closed pipe name samr pnum=70e1 (pipes_open=1)
[2005/02/07 12:29:44, 3] smbd/process.c:process_smb(1091)
Transaction 28 of length 132
[2005/02/07 12:29:44, 3] smbd/process.c:switch_message(886)
switch message SMBtrans (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:44, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:44, 3] smbd/ipc.c:reply_trans(538)
trans <\PIPE\> data=44 params=0 setup=2
[2005/02/07 12:29:44, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2005/02/07 12:29:44, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=70df
[2005/02/07 12:29:44, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "lsarpc" (pnum 70df)
[2005/02/07 12:29:44, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/02/07 12:29:44, 4] rpc_server/srv_pipe.c:api_rpcTNP(1531)
api_rpcTNP: lsarpc op 0x0 - api_rpcTNP: rpc command: LSA_CLOSE
[2005/02/07 12:29:44, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 01 00 00 00 00 00 00 00 25 51
07 42 ........ ....%Q.B
[010] FA 09 00 00 ....
[2005/02/07 12:29:44, 4]
rpc_server/srv_lsa_hnd.c:find_policy_by_hnd_internal(162)
Found policy hnd[0] [000] 00 00 00 00 01 00 00 00 00 00 00 00 25 51
07 42 ........ ....%Q.B
[010] FA 09 00 00 ....
[2005/02/07 12:29:44, 3] rpc_server/srv_lsa_hnd.c:close_policy_hnd(200)
Closed policy
[2005/02/07 12:29:44, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(542)
free_pipe_context: destroying talloc pool of size 0
[2005/02/07 12:29:44, 3] smbd/process.c:process_smb(1091)
Transaction 29 of length 45
[2005/02/07 12:29:44, 3] smbd/process.c:switch_message(886)
switch message SMBclose (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:44, 4] smbd/uid.c:change_to_user(194)
change_to_user: Skipping user change - already user
[2005/02/07 12:29:44, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(1168)
search for pipe pnum=70df
[2005/02/07 12:29:44, 4] rpc_server/srv_pipe_hnd.c:close_rpc_pipe_hnd(1081)
closed pipe name lsarpc pnum=70df (pipes_open=0)
[2005/02/07 12:29:44, 3] smbd/process.c:process_smb(1091)
Transaction 30 of length 39
[2005/02/07 12:29:44, 3] smbd/process.c:switch_message(886)
switch message SMBtdis (pid 2554) conn 0x83e99e0
[2005/02/07 12:29:44, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/02/07 12:29:44, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/02/07 12:29:44, 3] smbd/service.c:close_cnum(836)
wrk-pii350 (172.16.0.190) closed connection to service IPC$
[2005/02/07 12:29:44, 3] smbd/connection.c:yield_connection(69)
Yielding connection to IPC$
[2005/02/07 12:29:44, 4] smbd/vfs.c:vfs_ChDir(654)
vfs_ChDir to /
[2005/02/07 12:29:44, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/02/07 12:29:44, 3] smbd/process.c:process_smb(1091)
Transaction 31 of length 43
[2005/02/07 12:29:44, 3] smbd/process.c:switch_message(886)
switch message SMBulogoffX (pid 2554) conn 0x0
[2005/02/07 12:29:44, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/02/07 12:29:44, 3] smbd/reply.c:reply_ulogoffX(1249)
ulogoffX vuid=100
[2005/02/07 12:29:44, 3] smbd/process.c:timeout_processing(1336)
timeout_processing: End of file from client (client has disconnected).
[2005/02/07 12:29:44, 3] smbd/sec_ctx.c:set_sec_ctx(288)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2005/02/07 12:29:44, 2] smbd/server.c:exit_server(571)
Closing connections
[2005/02/07 12:29:44, 3] smbd/connection.c:yield_connection(69)
Yielding connection to
[2005/02/07 12:29:44, 3] smbd/server.c:exit_server(614)
Server exit (normal exit)
Questo è tutto. Non sò più cosa fare. L'accesso alla risorsa di rete
avviene normalmente, è solo l'accesso al dominio che non avviene.
Aspetto vostri consigli.
Grazie
-------------- next part --------------
An embedded message was scrubbed...
From: giacomo <giacomo at webfiere.net>
Subject: Problema autenticazione dominio SAMBA PDC+LDAP
Date: Sat, 05 Feb 2005 10:55:05 +0100
Size: 2313
URL: <http://lists.samba.org/pipermail/samba-it/attachments/20050207/ac2d21a2/attachment.mht>
More information about the samba-it
mailing list