cannot enum domains in head - BUFFER_OVERFLOW in log

Bradley W. Langhorst brad at langhorst.com
Thu Aug 1 17:15:02 GMT 2002


I'm trying to get domain group mapping to work on my test domain
(today's HEAD) but when I query the domain controller from an XP client
for groups i get no results. 
So i thought i'd try rpcclient to do a enumdomgroups -
NT_STATUS_UNSUCCESSFUL (see below)

smbgroupedit shows a bunch of groups.
I don't know what most of those with truncated SIDs are doing in there
(and i can't delete them...) but the Domain Guests, Domain Users, and
Domain Admins should show up right?

unheq1:/var/log/samba# smbgroupedit -vs
NT group (SID) -> Unix group
System Operators (S-1-5-32-549) -> -1
Domain Users (S-1-5-21-1995982474-3671514283-3045899775-513) -> -1
Replicators (S-1-5-32-552) -> -1
Guests (S-1-5-32-546) -> -1
Power Users (S-1-5-32-547) -> -1
Print Operators (S-1-5-32-550) -> -1
Administrators (S-1-5-32-544) -> -1
Domain Admins (S-1-5-21-1995982474-3671514283-3045899775-512) -> -1
Domain Guests (S-1-5-21-1995982474-3671514283-3045899775-514) -> -1
Account Operators (S-1-5-32-548) -> -1
Backup Operators (S-1-5-32-551) -> -1
Users (S-1-5-32-545) -> -1

I've just cleared out /var and reimported my SID from MACHINE.SID
and added the ldap admin password to be sure it was not an invalid tdb
problem.

unheq1:/var/log/samba# rpcclient -U root unheq1
Password:
rpcclient $> lsaquery
domain LAUELAB_TEST has sid S-1-5-21-1995982474-3671514283-3045899775
rpcclient $> enumdomgroups
result was NT_STATUS_UNSUCCESSFUL

here is a level 10 log excerpt

[2002/08/01 19:59:39, 5] rpc_parse/parse_prs.c:prs_uint32s(838)
                  0044 sub_auths : 00000015 76f8468a dad6dcab b58cbdff 
[2002/08/01 19:59:39, 5] rpc_parse/parse_prs.c:prs_ntstatus(641)
      0054 status: NT_STATUS_OK
[2002/08/01 19:59:39, 5] rpc_server/srv_pipe.c:api_rpcTNP(1206)
  api_rpcTNP: called api_ntlsa_rpc successfully
[2002/08/01 19:59:39, 3]
rpc_server/srv_pipe_hnd.c:free_pipe_context(548)
  free_pipe_context: destroying talloc pool of size 512
[2002/08/01 19:59:39, 10]
rpc_server/srv_pipe_hnd.c:write_to_internal_pipe(880)
  write_to_pipe: data_used = 30
[2002/08/01 19:59:39, 6] rpc_server/srv_pipe_hnd.c:read_from_pipe(911)
  read_from_pipe: 76a7 name: lsarpc len: 46
[2002/08/01 19:59:39, 10]
rpc_server/srv_pipe_hnd.c:read_from_internal_pipe(984)
  read_from_pipe: lsarpc: fault_state = 0 : data_sent_length = 0,
prs_offset(&p->out_data.rdata) = 88.
[2002/08/01 19:59:39, 5] rpc_parse/parse_prs.c:prs_debug(81)
  000000 smb_io_rpc_hdr hdr
[2002/08/01 19:59:39, 5] rpc_parse/parse_prs.c:prs_uint8(553)
      0000 major     : 05
[2002/08/01 19:59:39, 5] rpc_parse/parse_prs.c:prs_uint8(553)
      0001 minor     : 00
[2002/08/01 19:59:39, 5] rpc_parse/parse_prs.c:prs_uint8(553)
      0002 pkt_type  : 02
[2002/08/01 19:59:39, 5] rpc_parse/parse_prs.c:prs_uint8(553)
      0003 flags     : 03
[2002/08/01 19:59:39, 5] rpc_parse/parse_prs.c:prs_uint8(553)
      0004 pack_type0: 10
[2002/08/01 19:59:39, 5] rpc_parse/parse_prs.c:prs_uint8(553)
      0005 pack_type1: 00
[2002/08/01 19:59:39, 5] rpc_parse/parse_prs.c:prs_uint8(553)
      0006 pack_type2: 00
[2002/08/01 19:59:39, 5] rpc_parse/parse_prs.c:prs_uint8(553)
      0007 pack_type3: 00
[2002/08/01 19:59:39, 5] rpc_parse/parse_prs.c:prs_uint16(582)
      0008 frag_len  : 0070
[2002/08/01 19:59:39, 5] rpc_parse/parse_prs.c:prs_uint16(582)
      000a auth_len  : 0000
[2002/08/01 19:59:39, 5] rpc_parse/parse_prs.c:prs_uint32(611)
      000c call_id   : 00000003
[2002/08/01 19:59:39, 5] rpc_parse/parse_prs.c:prs_debug(81)
  000010 smb_io_rpc_hdr_resp resp
[2002/08/01 19:59:39, 5] rpc_parse/parse_prs.c:prs_uint32(611)
      0010 alloc_hint: 00000058
[2002/08/01 19:59:39, 5] rpc_parse/parse_prs.c:prs_uint16(582)
      0014 context_id: 0000
[2002/08/01 19:59:39, 5] rpc_parse/parse_prs.c:prs_uint8(553)
      0016 cancel_ct : 00
[2002/08/01 19:59:39, 5] rpc_parse/parse_prs.c:prs_uint8(553)
      0017 reserved  : 00
[2002/08/01 19:59:39, 5] smbd/ipc.c:send_trans_reply(91)
  send_trans_reply: buffer 46 too large
[2002/08/01 19:59:39, 3] smbd/error.c:error_packet(110)
  error packet at smbd/ipc.c(99) cmd=37 (SMBtrans)
STATUS_BUFFER_OVERFLOW
[2002/08/01 19:59:39, 5] smbd/ipc.c:copy_trans_params_and_data(62)
  copy_trans_params_and_data: params[0..0] data[0..46]
[2002/08/01 19:59:39, 5] lib/util.c:show_msg(272)





More information about the samba-technical mailing list