WIN NT 4.0 NO GO & YES I HAVE ENCRYPTED PASSWORDS

Gerry Maddock gerrym at futuremetals.com
Thu Oct 11 11:04:04 GMT 2001 

Ok, I changed log level to =3, now I'm getting some logs. Here is the log
file for the NT box I am testing with. I didnt attach the whole log, its now
HUGE. I can forward the entire log if needed. Here is part of it.
2001/10/11 13:55:58, 3] smbd/process.c:process_smb(837)
  Transaction 1 of length 174
[2001/10/11 13:55:58, 3] smbd/process.c:switch_message(650)
  switch message SMBnegprot (pid 1269)
[2001/10/11 13:55:58, 3] smbd/sec_ctx.c:set_sec_ctx(316)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2001/10/11 13:55:58, 3] smbd/negprot.c:reply_negprot(349)
  Requested protocol [PC NETWORK PROGRAM 1.0]
[2001/10/11 13:55:58, 3] smbd/negprot.c:reply_negprot(349)
  Requested protocol [XENIX CORE]
[2001/10/11 13:55:58, 3] smbd/negprot.c:reply_negprot(349)
  Requested protocol [MICROSOFT NETWORKS 1.03]
[2001/10/11 13:55:58, 3] smbd/negprot.c:reply_negprot(349)
  Requested protocol [LANMAN1.0]
[2001/10/11 13:55:58, 3] smbd/negprot.c:reply_negprot(349)
  Requested protocol [Windows for Workgroups 3.1a]
[2001/10/11 13:55:58, 3] smbd/negprot.c:reply_negprot(349)
  Requested protocol [LM1.2X002]
[2001/10/11 13:55:58, 3] smbd/negprot.c:reply_negprot(349)
  Requested protocol [LANMAN2.1]
[2001/10/11 13:55:58, 3] smbd/negprot.c:reply_negprot(349)
  Requested protocol [NT LM 0.12]
[2001/10/11 13:55:58, 3] smbd/negprot.c:reply_negprot(433)
  Selected protocol NT LM 0.12
[2001/10/11 13:55:58, 3] smbd/process.c:process_smb(837)
  Transaction 2 of length 198
[2001/10/11 13:55:58, 3] smbd/process.c:switch_message(650)
  switch message SMBsesssetupX (pid 1269)
[2001/10/11 13:55:58, 3] smbd/sec_ctx.c:set_sec_ctx(316)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2001/10/11 13:55:58, 3] smbd/reply.c:reply_sesssetup_and_X(865)
  Domain=[SHADOW]  NativeOS=[Windows NT 1381] NativeLanMan=[]
[2001/10/11 13:55:58, 3] smbd/reply.c:reply_sesssetup_and_X(876)
  sesssetupX:name=[administrator]
[2001/10/11 13:55:58, 3] smbd/sec_ctx.c:push_sec_ctx(284)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2001/10/11 13:55:58, 3] smbd/sec_ctx.c:set_sec_ctx(316)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2001/10/11 13:55:58, 3] smbd/sec_ctx.c:get_current_groups(167)
  get_current_groups: uid 0 is in 1 groups: 547
[2001/10/11 13:55:58, 3] smbd/sec_ctx.c:pop_sec_ctx(423)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2001/10/11 13:55:58, 3] smbd/sec_ctx.c:get_current_groups(167)
  get_current_groups: uid 0 is in 1 groups: 547
[2001/10/11 13:55:58, 3] smbd/password.c:register_vuid(322)
  uid 595 registered to name administrator
[2001/10/11 13:55:58, 3] smbd/password.c:register_vuid(324)
  Clearing default real name
[2001/10/11 13:55:58, 3] smbd/password.c:register_vuid(326)
  User name: administrator      Real name:
[2001/10/11 13:55:58, 3] smbd/process.c:chain_reply(982)
  Chained message
[2001/10/11 13:55:58, 3] smbd/process.c:switch_message(650)
  switch message SMBtconX (pid 1269)
[2001/10/11 13:55:58, 3] smbd/sec_ctx.c:set_sec_ctx(316)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2001/10/11 13:55:58, 3] smbd/password.c:authorise_login(787)
  authorise_login: ACCEPTED: validated uid ok as non-guest
(user=administrator)
[2001/10/11 13:55:58, 3] smbd/service.c:make_connection(477)
  Connect path is /tmp
[2001/10/11 13:55:58, 3] smbd/sec_ctx.c:push_sec_ctx(284)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2001/10/11 13:55:58, 3] smbd/sec_ctx.c:set_sec_ctx(316)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2001/10/11 13:55:58, 3] smbd/sec_ctx.c:get_current_groups(167)
  get_current_groups: uid 0 is in 1 groups: 547
[2001/10/11 13:55:58, 3] smbd/sec_ctx.c:pop_sec_ctx(423)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2001/10/11 13:55:58, 3] smbd/sec_ctx.c:get_current_groups(167)
  get_current_groups: uid 0 is in 1 groups: 547
[2001/10/11 13:55:58, 3] lib/util_seaccess.c:se_access_check(239)
  se_access_check: user sid is
S-1-5-21-1132588640-3893169706-2677359455-2190
[2001/10/11 13:55:58, 3] lib/util_seaccess.c:se_access_check(242)
  se_access_check: also S-1-5-21-1132588640-3893169706-2677359455-2095
[2001/10/11 13:55:58, 3] lib/util_seaccess.c:se_access_check(242)
  se_access_check: also S-1-1-0
[2001/10/11 13:55:58, 3] lib/util_seaccess.c:se_access_check(242)
  se_access_check: also S-1-5-2
[2001/10/11 13:55:58, 3] lib/util_seaccess.c:se_access_check(242)
  se_access_check: also S-1-5-11
[2001/10/11 13:55:58, 3] smbd/vfs.c:vfs_init_default(98)
  Initialising default vfs hooks
[2001/10/11 13:55:58, 3] smbd/sec_ctx.c:set_sec_ctx(316)
  setting sec ctx (595, 547) - sec_ctx_stack_ndx = 0
[2001/10/11 13:55:58, 3] smbd/sec_ctx.c:set_sec_ctx(322)
  1 user groups:
  547
[2001/10/11 13:55:58, 3] smbd/vfs.c:vfs_ChDir(643)
 vfs_ChDir to /tmp
[2001/10/11 13:55:58, 3] smbd/service.c:make_connection(606)
  shadow (10.1.1.108) connect to service IPC$ as user administrator
(uid=595, gid=547) (pid
1269)
[2001/10/11 13:55:58, 3] smbd/sec_ctx.c:set_sec_ctx(316)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2001/10/11 13:55:58, 3] smbd/reply.c:reply_tcon_and_X(387)
  tconX service=ipc$ user=administrator
[2001/10/11 13:55:58, 3] smbd/process.c:process_smb(837)
  Transaction 3 of length 95
[2001/10/11 13:55:58, 3] smbd/process.c:switch_message(650)
  switch message SMBntcreateX (pid 1269)
[2001/10/11 13:55:58, 3] smbd/sec_ctx.c:set_sec_ctx(316)
  setting sec ctx (595, 547) - sec_ctx_stack_ndx = 0
[2001/10/11 13:55:58, 3] smbd/sec_ctx.c:set_sec_ctx(322)
  1 user groups:
  547
[2001/10/11 13:55:58, 3] smbd/nttrans.c:nt_open_pipe(621)
  nt_open_pipe: Known pipe srvsvc opening.
[2001/10/11 13:55:58, 3] smbd/process.c:process_smb(837)
  Transaction 4 of length 152
[2001/10/11 13:55:58, 3] smbd/process.c:switch_message(650)
  switch message SMBtrans (pid 1269)
[2001/10/11 13:55:58, 3] smbd/ipc.c:reply_trans(484)
  trans <\PIPE\> data=72 params=0 setup=2
[2001/10/11 13:55:58, 3] smbd/ipc.c:named_pipe(336)
  named pipe command on <> name
[2001/10/11 13:55:58, 1] smbd/ipc.c:api_fd_reply(294)
  api_fd_reply: INVALID PIPE HANDLE: 86c5
[2001/10/11 13:55:58, 3] smbd/ipc.c:api_no_reply(256)
  Unsupported API fd command
[2001/10/11 13:55:58, 3] smbd/process.c:process_smb(837)
  Transaction 5 of length 46
[2001/10/11 13:55:58, 3] smbd/process.c:switch_message(650)
  switch message SMBclose (pid 1269)
[2001/10/11 13:55:58, 3] smbd/error.c:error_packet(136)
  error packet at line 255 cmd=4 (SMBclose) eclass=1 ecode=6
[2001/10/11 13:55:58, 3] smbd/process.c:process_smb(837)
  Transaction 6 of length 95
[2001/10/11 13:55:58, 3] smbd/process.c:switch_message(650)
  switch message SMBntcreateX (pid 1269)
[2001/10/11 13:55:58, 3] smbd/nttrans.c:nt_open_pipe(621)
  nt_open_pipe: Known pipe srvsvc opening.
[2001/10/11 13:55:58, 3] smbd/process.c:process_smb(837)
 Transaction 7 of length 152
[2001/10/11 13:55:58, 3] smbd/process.c:switch_message(650)
  switch message SMBtrans (pid 1269)
[2001/10/11 13:55:58, 3] smbd/ipc.c:reply_trans(484)
  trans <\PIPE\> data=72 params=0 setup=2
[2001/10/11 13:55:58, 3] smbd/ipc.c:named_pipe(336)
  named pipe command on <> name
[2001/10/11 13:55:58, 1] smbd/ipc.c:api_fd_reply(294)
  api_fd_reply: INVALID PIPE HANDLE: 86c6
[2001/10/11 13:55:58, 3] smbd/ipc.c:api_no_reply(256)
  Unsupported API fd command
[2001/10/11 13:55:58, 3] smbd/process.c:process_smb(837)
  Transaction 8 of length 46
[2001/10/11 13:55:58, 3] smbd/process.c:switch_message(650)
  switch message SMBclose (pid 1269)
[2001/10/11 13:55:58, 3] smbd/error.c:error_packet(136)
  error packet at line 255 cmd=4 (SMBclose) eclass=1 ecode=6
[2001/10/11 13:55:58, 3] smbd/process.c:process_smb(837)
  Transaction 9 of length 95
[2001/10/11 13:55:58, 3] smbd/process.c:switch_message(650)
  switch message SMBntcreateX (pid 1269)
[2001/10/11 13:55:58, 3] smbd/nttrans.c:nt_open_pipe(621)
  nt_open_pipe: Known pipe srvsvc opening.
[2001/10/11 13:55:58, 3] smbd/process.c:process_smb(837)
  Transaction 10 of length 152
[2001/10/11 13:55:58, 3] smbd/process.c:switch_message(650)
  switch message SMBtrans (pid 1269)
[2001/10/11 13:55:58, 3] smbd/ipc.c:reply_trans(484)
  trans <\PIPE\> data=72 params=0 setup=2
[2001/10/11 13:55:58, 3] smbd/ipc.c:named_pipe(336)
  named pipe command on <> name
[2001/10/11 13:55:58, 1] smbd/ipc.c:api_fd_reply(294)
  api_fd_reply: INVALID PIPE HANDLE: 86c7
[2001/10/11 13:55:58, 3] smbd/ipc.c:api_no_reply(256)
  Unsupported API fd command
[2001/10/11 13:55:58, 3] smbd/process.c:process_smb(837)
  Transaction 11 of length 46
[2001/10/11 13:55:58, 3] smbd/process.c:switch_message(650)
  switch message SMBclose (pid 1269)
[2001/10/11 13:55:58, 3] smbd/error.c:error_packet(136)
  error packet at line 255 cmd=4 (SMBclose) eclass=1 ecode=6
[2001/10/11 13:55:58, 3] smbd/process.c:process_smb(837)
  Transaction 12 of length 95
[2001/10/11 13:55:58, 3] smbd/process.c:switch_message(650)


-----Original Message-----
From: samba-ntdom-admin at lists.samba.org
[mailto:samba-ntdom-admin at lists.samba.org]On Behalf Of Joseph
Sent: Thursday, October 11, 2001 1:45 PM
To: Gerry Maddock
Cc: samba-ntdom at lists.samba.org
Subject: Re: WIN NT 4.0 NO GO & YES I HAVE ENCRYPTED PASSWORDS


Try increasing the debug level a little and see if you get anything
useful in the log files.

Gerry Maddock wrote:

> I thought it might have been some of the "optimizations" I added to
> /etc/sysctl.conf,so I reverted back to the orinal sysctl.conf with no
> optimizations straight off the RH7.1 install, rebooted and still nothing.
> However, once I lost the "optimizations" I did notice a log.shadow, which
> Shadow is one of the NT boxes I'm trying to connect from, but the
log.shadow
> was empty. Currently, I'm still running the default sysctl.conf from the
> RH7.1 install (with no added "optimizations" just to rule this out....
>
> -----Original Message-----
> From: samba-ntdom-admin at lists.samba.org
> [mailto:samba-ntdom-admin at lists.samba.org]On Behalf Of Bruno Gimenes
> Pereti
> Sent: Thursday, October 11, 2001 1:04 PM
> To: samba-ntdom at lists.samba.org
> Subject: Re: WIN NT 4.0 NO GO & YES I HAVE ENCRYPTED PASSWORDS
>
>
> I got a problem this week that may be related to your problem. I'd blocked
> icmp to the PDC (RedHat 7.1 Samba 2.2.1a rpm). No problem to access the
> server but when I tried to join the domain with a W2k I couldn't. I
allowed
> the icmp traffic and still couldn't join. When I restarted the smb daemon
I
> could join the domain as before.
>
> Maybe this can help you.
>
> Bruno Gimenes Pereti.
>
> ----- Original Message -----
> From: "Chris" <cknorton.nei-inc.com at mail.nei-inc.com>
> To: "Gerry Maddock" <gerrym at futuremetals.com>
> Cc: "William L. Terry" <bill at lynden2.sweye.com>;
> <samba-ntdom at lists.samba.org>
> Sent: Thursday, October 11, 2001 1:30 PM
> Subject: Re: WIN NT 4.0 NO GO & YES I HAVE ENCRYPTED PASSWORDS
>
>
>
>>I also, had this problem running RedHat 7.1 with samba -2.0.10-2.  I
>>would get the "\\SambaShare is not accessible" from my NT, W2K, and
>>WinMe machines but I  rebooted my samba server and then all of a sudden
>>I could access the samba share.
>>
>>Maybe this will give someone a clue as to what might be the problem.
>>
>>
>>Gerry Maddock wrote:
>>
>>
>>>Thanks! I'm glad I'm not the only one! If I hear anything or somehow rig
>>>
> it
>
>>>to work, I'll let you know what I did. Please do the same for me.
>>>
>>>-----Original Message-----
>>>From: samba-ntdom-admin at lists.samba.org
>>>[mailto:samba-ntdom-admin at lists.samba.org]On Behalf Of William L. Terry
>>>Sent: Thursday, October 11, 2001 11:47 AM
>>>To: samba-ntdom at lists.samba.org
>>>Subject: Re: WIN NT 4.0 NO GO & YES I HAVE ENCRYPTED PASSWORDS
>>>
>>>
>>>Gerry Maddock wrote
>>>
>>>
>>>>I am in the process of upgrading my existing samba 2.05a PDC on an
>>>>old box running RH6.2 to a new faster box running Samba 2.2.1a on a
>>>>RH7.1 box. I have all the same files and directories as the old samba
>>>>box including the same smb.conf file (the only thing changed in the
>>>>smb.conf were changes to its PDC so I wouldn't have 2 PDC's on the same
>>>>subnet). All of my Nt 4.0 boxes are sp6 with all of the latest security
>>>>patches. Whenever I try to connect to the new Samba box from my NT box I
>>>>get:>
>>>>
>>>>\\Penguin is not accessible.
>>>>
>>>>The remote procedure call failed and did not execute.
>>>>
>>>>
>>>
>>>I also have this problem with redhat 7.1 and samba 2.2.1a .  It is to the
>>>outside world as if this machine does not exist.   I have 16 samba boxes
>>>out there around the state serving up domains for our locations.  I have
>>>used everything from samba-tng2.5 to samba2.2.0 with success. The last
>>>
> good
>
>>>combination I got was 2.2.0 with a redhat 7.0 box.  I also use a 2.0.7 as
>>>
> a
>
>>>non domain controller on a redhat 7.1 box successfully.  I have tried
>>>
> with
>
>>>two
>>>separate installs to use 2.2.1a with redhat7.1.   I also suspected the
>>>firewall
>>>rules, but I intentionally blew these away with no positive results.  The
>>>only
>>>indication I get that the samba domain exists is that when I give the
>>>
> domain
>
>>>a
>>>name, the client sees that that domain exists, but can't see any machines
>>>
> in
>
>>>it.
>>>You can also do "nmblookup -B ACLIENT '* '" successfully.
>>>
>>>I am also stumped, but I will continue to slog along and see If I can
>>>stumble
>>>across something.
>>>
>>>--
>>>William L. Terry             (bill at sweye.com)
>>>Southwestern Eye Center       http://www.sweye.com/
>>>Information Systems
>>>480-892-8400 ext. 142
>>>
>
>

More information about the samba-ntdom mailing list