Internal error being generated in LSA_LOOKUPSIDS
Andre Gerhard
andre at lme.usp.br
Mon Feb 16 19:47:26 GMT 1998
Hello,
I am getting the following error in my NT Wksta machine log file
(the NT workstation is denying access to any domain user after this
error occurs):
It appears to be coming from the LSA_LOOKUPSIDS RPC call
debug level 3:
api_rpc_command:
LSA_LOOKUPSIDS
=============================================================
==
INTERNAL ERROR: Signal 11 in pid 768 (ntdom-1.9.18alpha14)
Please read
the file BUGS.txt in the
distribution
===============================================================
chdir to /
Closing connections
02/16/1998 11:08:11 1micro1
(143.107.70.218) closed connection to service IPC$
Yielding connection to
12 IPC$
02/16/1998 11:08:11 1micro1 (143.107.70.218) closed connection to
service aluno3
Yielding connection to 58 aluno3
Yielding connection to 58
STATUS.
Yield successful
02/16/1998 11:08:11 1micro1 (143.107.70.218)
closed connection to service winsrv
Yielding connection to 72
winsrv
Yielding connection to 72 STATUS.
Yield successful
fd_attempt_close
on file_fd_struct 0, fd = 6, dev = 808, inode = 245cb, open_flags = 0,
ref_count = 1.
02/16/1998 11:08:11 aluno3 closed file
MSOffice/Access/SOA300.DLL (numopen=0)
Last message was
SMBtrans
size=188
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=24
smb
_flg2=3
smb_tid=12
smb_pid=51966
smb_uid=101
smb_mid=11712
smt_wct=16
smb_vw
v[0]=0 (0x0)
smb_vwv[1]=112 (0x70)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=1024
(0x400)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0
(0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0
(0x0)
smb_vwv[10]=76 (0x4C)
smb_vwv[11]=112 (0x70)
Increasing the debug level to 5:
api_rpc_command: api_ntlsa_rpc op 0xf - api_rpc_command:
LSA_LOOKUPSIDS
000018 lsa_io_q_lookup_sids
000018 data: 00 00 00
00 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f 10 11 12 13
00002c
num_entries : 00000002
000030 ptr_sid_enum: 00154238
000034
num_entries2: 00000002
000038 ptr_sid[0]: 00154e20
00003c
ptr_sid[1]: 00154e44
000040 num_auths: 00000006
000044 sid_rev_num: 01
000045 num_auths : 06
000046 id_auth[0] : 00
000047 id_auth[1] : 00
000048 id_auth[2] : 00
000049 id_auth[3] : 00
00004a id_auth[4] : 00
00004b id_auth[5] : 05
00004c sub_auths : 00000015 0000007b 000001c8 00000315 0000007b
000005dc
000064 num_auths: 00000006
000068
sid_rev_num: 01
000069 num_auths : 06
00006a id_auth[0] : 00
00006b id_auth[1] : 00
00006c id_auth[2] : 00
00006d id_auth[3] : 00
00006e id_auth[4] : 00
00006f id_auth[5] : 05
000070 sub_auths : 00000015 0000007b 000001c8 00000315 0000007b
000005dc
000088 num_entries : 00000000
00008c
ptr_trans_names: 00000000
000090 num_entries2 :
000f0002
===============================================================
INT
ERNAL ERROR: Signal 11 in pid 533 (ntdom-1.9.18alpha14)
Please read the
file BUGS.txt in the
distribution
===============================================================
chdir to /
unbecome_user now uid=(0,0) gid=(0,0)
Closing
connections
02/16/1998 15:32:24 1micro1 (143.107.70.218) closed connection
to service netlogon
Yielding connection to 6 netlogon
Yielding connection
to 6 STATUS.
Yield successful
closing dptr key 0
closing dptr key 1
closing
dptr key 2
closing dptr key 3
02/16/1998 15:32:24 1micro1 (143.107.70.218)
closed connection to service winsrv
Yielding connection to 11
winsrv
Yielding connection to 11 STATUS.
Yield successful
02/16/1998
15:32:24 1micro1 (143.107.70.218) closed connection to service
IPC$
Yielding connection to 12 IPC$
02/16/1998 15:32:24 1micro1
(143.107.70.218) closed connection to service aluno1
Yielding connection to
61 aluno1
Yielding connection to 61 STATUS.
Yield successful
02/16/1998
15:32:24 1micro1 (143.107.70.218) closed connection to service lp
Yielding
connection to 109 lp
Yielding connection to 109 STATUS.
Yield
successful
Last message was
SMBtrans
size=228
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=24
smb
_flg2=3
smb_tid=12
smb_pid=51966
smb_uid=100
smb_mid=10752
smt_wct=16
smb_vw
v[0]=0 (0x0)
smb_vwv[1]=152 (0x98)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=1024
(0x400)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0
(0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0
(0x0)
smb_vwv[10]=76 (0x4C)
smb_vwv[11]=152 (0x98)
smb_vwv[12]=76
(0x4C)
smb_vwv[13]=2 (0x2)
smb_vwv[14]=38 (0x26)
smb_vwv[15]=2050
(0x802)
smb_bcc=161
[000] 5C 50 49 50 45 5C 00 5C 00 05 00 00 03 10 00 00
\PIPE\.\ ........
[010] 00 98 00 00 00 04 00 00 00 80 00 00 00 00 00 0F
........ ........
[020] 00 00 00 00 00 04 05 06 07 08 09 0A 0B 0C 0D 0E
........ ........
[030] 0F 10 11 12 13 02 00 00 00 38 42 15 00 02 00 00
........ .8B.....
[040] 00 20 4E 15 00 44 4E 15 00 06 00 00 00 01 06 00 .
N..DN. ........
[050] 00 00 00 00 05 15 00 00 00 7B 00 00 00 C8 01 00
........ .{......
[060] 00 15 03 00 00 7B 00 00 00 DC 05 00 00 06 00 00
.....{.. ........
[070] 00 01 06 00 00 00 00 00 05 15 00 00 00 7B 00 00
........ .....{..
[080] 00 C8 01 00 00 15 03 00 00 7B 00 00 00 DC 05 00
........ .{......
[090] 00 00 00 00 00 00 00 00 00 02 00 0F 00 00 00 00
........ ........
[0A0] 00 .
===============================================================
Core
limits now 4194304 2147483647
Dumping core in /usr/local/samba/var/corefiles
No core file are being generated in /usr/local/samba/var/corefiles
Previous RPC commands that also appear in the log file:
LSA_OPENPOLICY
LSA_QUERYINFOPOLICY
The NT workstation is denying access after this error occurs ...
Unfortunately, I don't know what I have done to cause this problem,
so currently I am not being able to reproduce in a precise way what is
happening.
If anyone have any hint in how to debug more precisely this,
I would be glad to know ...
Sincerely,
Andre Gerhard
Systems/Network Administrator
Universidade de Sao Paulo - SP - BRAZIL
More information about the samba-ntdom
mailing list