[Fwd: Problems with 2.4.2 - msrpc redirect failed]

Phil Mayers p.mayers at ic.ac.uk
Fri Apr 21 15:36:41 GMT 2000

I'm having problems with the 2.4.2 release on RedHat 6.2

[root at gw samba]# ./configure
[root at gw samba]# make
[root at gw samba]# make install
[root at gw samba]# cp scripts/samba-init.d /usr/local/samba
[root at gw samba]# cd /usr/local/samba
[root at gw samba]# mkdir var
[root at gw samba]# mkdir var/private
[root at gw samba]# touch var/private/smbpasswd
[root at gw samba]# ./samba-init.d start
Starting SMB services: smbd nmbd netlogond samrd browserd lsarpcd
srvsvcd winregd wkssvcd spoolssd 
[root at gw samba]# bin/rpcclient -S . -U root%password
added interface ip= bcast= nmask=
[root at .]$ createuser root -p password
createuser root -p password
SAM Create Domain User
Domain: MODEMS Name: root ACB: [U          ]
Create Domain User: OK
[root at .]$ enumusers
SAM Enumerate Users
User RID:      3e8  User Name: root
[root at .]$ quit

= Everything works fine to here =

[root at gw samba]# bin/rpcclient -S gw -U root%password
added interface ip= bcast= nmask=
Server: \\GW:   User:   root    Domain:
Connection:     error connecting to (Connection refused)
session setup ok
Domain=[MODEMS] OS=[Unix] Server=[Samba TNG-alpha]
[root at GW]$ enumusers
cli_nt_session_open: cli_nt_create failed on pipe \samr to machine GW. 
Error was ERRSRV - ERRacces
s (The requester does not have  the  necessary  access  rights  within 
the specified  context for 
the reque
ncacn_np_use_add: connection failed
please use 'lsaquery' first, to ascertain the SID

Needless to say, using lsaquery doesn't work.

The relevant portion of the log is:

got smb length of 89
got message type 0x0 of len 0x59
Transaction 4 of length 93
smb_vwv[0]=255 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]=1280 (0x500)
smb_vwv[3]=1536 (0x600)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=40704 (0x9F00)
smb_vwv[8]=513 (0x201)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=0 (0x0)
smb_vwv[11]=0 (0x0)
smb_vwv[12]=0 (0x0)
smb_vwv[13]=0 (0x0)
smb_vwv[14]=0 (0x0)
smb_vwv[15]=768 (0x300)
smb_vwv[16]=0 (0x0)
smb_vwv[17]=256 (0x100)
smb_vwv[18]=0 (0x0)
smb_vwv[19]=0 (0x0)
smb_vwv[20]=0 (0x0)
smb_vwv[21]=512 (0x200)
smb_vwv[22]=0 (0x0)
smb_vwv[23]=0 (0x0)
[000] 5C 73 61 6D 72 00                                 \samr. 
switch message SMBntcreateX (pid 16967)
smb_vwv[18]=0 (0x0)
smb_vwv[19]=0 (0x0)
smb_vwv[20]=0 (0x0)
smb_vwv[21]=512 (0x200)
smb_vwv[22]=0 (0x0)
smb_vwv[23]=0 (0x0)
[000] 5C 73 61 6D 72 00                                 \samr. 
switch message SMBntcreateX (pid 16967)
lookup user 4247,66
000000 vuid_io_key key
0000 pid : 00004247
0004 vuid: 0066
unbecome_to_initial_uid: 127
become_unix_sec_ctx: 0 0 7 0x80b1258
Setting 0 in 7 groups: 0, 1, 2, 3, 4, 6, 10
become_unix_sec_ctx uid=(0,0) gid=(0,0) vuser=(16967,66)
dos_ChDir to /tmp
map_create_disposition: Mapped create_disposition 1 to 1
get_filename: data_offset = 87, data_len = 6, fname_len = 5
nt_open_pipe: Opening pipe \samr.
nt_open_pipe: Known pipe samr opening.
Open pipe requested samr by [16967,66] (pipes_open=0)
lookup user 4247,66
000000 vuid_io_key key
0000 pid : 00004247
0004 vuid: 0066
become_root_depth zero: saving 0 0 7 0x80b1258
become_root: 0 0
ncalrpc_l_find: samr [16967,66]
ncalrpc_l_find[0]: NETLOGON [16967,65]
unbecome_root: 0 0 7 0x80b1258
0, 1, 2, 3, 4, 6, 10
open pipes: msrpc redirect failed
error packet at line 519 cmd=162 (SMBntcreateX) eclass=2 ecode=4

To be clear:

doing a "net use z: \\gw\root /user:modems\root" works fine - it's the
msrpc redirect that's failing (as far as I can tell, for all RPC
services). It's failing on a comparison of the string "NETLOGON" to
"samr" when trying to identigy the pipe (in ncalrcp_l_find).

*But* doing "rpcclient -S . <stuff>" works OK, which indicates the RPC
services are actually sort-of working.

Things I have tried:

I have all daemons started
I have tried deleting the ./var/locks directory and restarting

I even tried ./configure.developer, putting a sleep() in after the
fork(), attaching xxgdb to the child process and stepping through - it's
definitely failing at that point.  ncalrpc_l_use_add is returning false
because it isn't finding the pipe, and the reuse bool parameter is set
to true.

Which raises another point - what's the best way of debugging Samba -
the read-with-timeout means that my method doesn't work too well, and I
don't fancy decoding debug logs, really.

Attached is my smb.conf, and I have a full level debug log available
if anyone wants it.

-------------- next part --------------

   workgroup = MODEMS

   server string = Samba Server TNT-2.4.2-Alpha

#   debug level = 100

   printcap name = /etc/printcap
   load printers = yes

   log file = /usr/local/samba/var/log.%m
   max log size = 5000

   security = user
   encrypt passwords = yes
   smb passwd file = /usr/local/samba/var/private/smbpasswd

   socket options = TCP_NODELAY 
   interfaces = 

   local master = yes
   os level = 128
   domain master = yes 
   preferred master = yes
   domain logons = yes
   logon script = scr.bat
   logon path = \\%L\profiles\%U

   wins support = yes

# Case Preservation can be handy - system default is _no_
# NOTE: These can be set on a per share basis
;  preserve case = no
;  short preserve case = no
# Default case is normally upper case for all DOS files
;  default case = lower
# Be very careful with case sensitivity - it can break things!
;  case sensitive = no

#============================ Share Definitions ==============================
   comment = Home Directories
   browseable = no
   writable = yes

# Un-comment the following and create the netlogon directory for Domain Logons
   comment = Network Logon Service
   path = /samba/netlogon
   guest ok = yes
   writable = no
   share modes = no

# Un-comment the following to provide a specific roving profile share
# the default is to use the user's home directory
    path = /samba/profiles
    browseable = no
    guest ok = yes

# This one is useful for people to share files
   comment = Temporary file space
   path = /tmp
   read only = no
   public = yes
   browseable = yes

More information about the samba-ntdom mailing list