No subject
Tue Dec 2 04:10:01 GMT 2003
with usmgr.
I habe to insert a value greater 2000000000 into ldap by hand , to
deactivate pwdmustchange.
get_single_attribute: [logonTime] = [0]
[2002/10/26 12:30:01, 2] passdb/pdb_ldap.c:get_single_attribute(360)
get_single_attribute: [logoffTime] = [0]
[2002/10/26 12:30:01, 2] passdb/pdb_ldap.c:get_single_attribute(360)
get_single_attribute: [kickoffTime] = [0]
[2002/10/26 12:30:01, 2] passdb/pdb_ldap.c:get_single_attribute(360)
get_single_attribute: [pwdCanChange] = [0]
[2002/10/26 12:30:01, 2] passdb/pdb_ldap.c:get_single_attribute(360)
get_single_attribute: [pwdMustChange] = [0]
When I log in with pwdmustchange next time, I am asked to change passwd.
If I do so, samba quits with
[2002/10/26 13:05:04, 3] smbd/password.c:authorise_login(854)
authorise_login: ACCEPTED: guest account and guest ok (gast)
[2002/10/26 13:05:04, 3] smbd/service.c:make_connection(487)
Connect path is /tmp
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:push_sec_ctx(296)
push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2002/10/26 13:05:04, 3] smbd/uid.c:push_conn_ctx(285)
push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:set_sec_ctx(328)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:get_current_groups(172)
get_current_groups: user is in 1 groups: 514
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:pop_sec_ctx(435)
pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:get_current_groups(172)
get_current_groups: user is in 1 groups: 514
[2002/10/26 13:05:04, 4]
rpc_server/srv_srvsvc_nt.c:get_share_security(211)
get_share_security: using default secdesc for IPC$
[2002/10/26 13:05:04, 3] lib/util_seaccess.c:se_access_check(269)
se_access_check: user sid is
S-1-5-21-3723159834-3326906825-3408399178-2200
[2002/10/26 13:05:04, 3] lib/util_seaccess.c:se_access_check(272)
se_access_check: also S-1-5-21-3723159834-3326906825-3408399178-2029
[2002/10/26 13:05:04, 3] lib/util_seaccess.c:se_access_check(272)
se_access_check: also S-1-1-0
[2002/10/26 13:05:04, 3] lib/util_seaccess.c:se_access_check(272)
se_access_check: also S-1-5-2
[2002/10/26 13:05:04, 3] lib/util_seaccess.c:se_access_check(272)
se_access_check: also S-1-5-32-546
[2002/10/26 13:05:04, 3] smbd/vfs.c:vfs_init_default(123)
Initialising default vfs hooks
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:set_sec_ctx(328)
setting sec ctx (600, 514) - sec_ctx_stack_ndx = 0
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:set_sec_ctx(334)
1 user groups:
514
[2002/10/26 13:05:04, 3] smbd/vfs.c:vfs_ChDir(569)
vfs_ChDir to /tmp
[2002/10/26 13:05:04, 3] smbd/service.c:make_connection(636)
barolo (192.168.0.6) connect to service IPC$ as user gast (uid=600,
gid=514) (pid 14794)
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:set_sec_ctx(328)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/10/26 13:05:04, 3] smbd/reply.c:reply_tcon_and_X(394)
tconX service=ipc$ user=gast
[2002/10/26 13:05:04, 3] smbd/process.c:process_smb(878)
Transaction 3 of length 93
[2002/10/26 13:05:04, 3] smbd/process.c:switch_message(685)
switch message SMBntcreateX (pid 14794)
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:set_sec_ctx(328)
setting sec ctx (600, 514) - sec_ctx_stack_ndx = 0
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:set_sec_ctx(334)
1 user groups:
514
[2002/10/26 13:05:04, 4] smbd/nttrans.c:nt_open_pipe(542)
nt_open_pipe: Opening pipe \samr.
[2002/10/26 13:05:04, 3] smbd/nttrans.c:nt_open_pipe(559)
nt_open_pipe: Known pipe samr opening.
[2002/10/26 13:05:04, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(146)
Open pipe requested samr (pipes_open=0)
[2002/10/26 13:05:04, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(261)
Opened pipe samr with handle 772a (pipes_open=1)
[2002/10/26 13:05:04, 3] smbd/process.c:process_smb(878)
Transaction 4 of length 195
[2002/10/26 13:05:04, 3] smbd/process.c:switch_message(685)
switch message SMBwriteX (pid 14794)
[2002/10/26 13:05:04, 4] smbd/uid.c:change_to_user(119)
change_to_user: Skipping user change - already user
[2002/10/26 13:05:04, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(994)
search for pipe pnum=772a
[2002/10/26 13:05:04, 3] rpc_server/srv_pipe.c:api_pipe_bind_req(749)
api_pipe_bind_req: \PIPE\samr -> \PIPE\lsass
[2002/10/26 13:05:04, 3] smbd/pipes.c:reply_pipe_write_and_X(197)
writeX-IPC pnum=772a nwritten=127
[2002/10/26 13:05:04, 3] smbd/process.c:process_smb(878)
Transaction 5 of length 63
[2002/10/26 13:05:04, 3] smbd/process.c:switch_message(685)
switch message SMBreadX (pid 14794)
[2002/10/26 13:05:04, 4] smbd/uid.c:change_to_user(119)
change_to_user: Skipping user change - already user
[2002/10/26 13:05:04, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(994)
search for pipe pnum=772a
[2002/10/26 13:05:04, 3] smbd/pipes.c:reply_pipe_read_and_X(238)
readX-IPC pnum=772a min=1024 max=1024 nread=116
[2002/10/26 13:05:04, 3] smbd/process.c:process_smb(878)
Transaction 6 of length 173
[2002/10/26 13:05:04, 3] smbd/process.c:switch_message(685)
switch message SMBwriteX (pid 14794)
[2002/10/26 13:05:04, 4] smbd/uid.c:change_to_user(119)
change_to_user: Skipping user change - already user
[2002/10/26 13:05:04, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(994)
search for pipe pnum=772a
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:push_sec_ctx(296)
push_sec_ctx(600, 514) : sec_ctx_stack_ndx = 1
[2002/10/26 13:05:04, 3] smbd/uid.c:push_conn_ctx(285)
push_conn_ctx(100) : conn_ctx_stack_ndx = 0
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:set_sec_ctx(328)
setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:get_current_groups(172)
get_current_groups: user is in 2 groups: -1, 514
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:pop_sec_ctx(435)
pop_sec_ctx (600, 514) - sec_ctx_stack_ndx = 0
[2002/10/26 13:05:04, 0] lib/util_sec.c:assert_gid(111)
Failed to set gid privileges to (0,514) now set to (0,-1) uid=(0,600)
[2002/10/26 13:05:04, 0] lib/util.c:smb_panic(1094)
PANIC: failed to set gid
It seems that the clients first connects as computer, than as user,
(both entries skipped) and than as guest (uid=600, gid=514)
What could be the reason for the
get_current_groups: user is in 2 groups: -1, 514 ??
I don't have a group -1
Last qustions:
Is it possible to add users with usrmgr?
Ok, a lot of questions.
I hope that the these questions aren't to userspecific for the technical
list.
Thank you very much.
Greetings form a stormy day in munich
Hansjörg
--
Dr. Hansjörg Maurer
Linprunstr. 10
D-80335 Muenchen
Ph/Fax +49 89 52 04 68-41/-59
More information about the samba-technical
mailing list