No subject


Tue Dec 2 04:10:01 GMT 2003 

with usmgr.
I habe to insert a value greater 2000000000 into ldap by hand , to
deactivate pwdmustchange.
get_single_attribute: [logonTime] = [0]
[2002/10/26 12:30:01, 2] passdb/pdb_ldap.c:get_single_attribute(360)
  get_single_attribute: [logoffTime] = [0]
[2002/10/26 12:30:01, 2] passdb/pdb_ldap.c:get_single_attribute(360)
  get_single_attribute: [kickoffTime] = [0]
[2002/10/26 12:30:01, 2] passdb/pdb_ldap.c:get_single_attribute(360)
  get_single_attribute: [pwdCanChange] = [0]
[2002/10/26 12:30:01, 2] passdb/pdb_ldap.c:get_single_attribute(360)
  get_single_attribute: [pwdMustChange] = [0]


When I log in with pwdmustchange next time, I am asked to change passwd.

If I do so, samba quits with


[2002/10/26 13:05:04, 3] smbd/password.c:authorise_login(854)
  authorise_login: ACCEPTED: guest account and guest ok (gast)
[2002/10/26 13:05:04, 3] smbd/service.c:make_connection(487)
  Connect path is /tmp
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:push_sec_ctx(296)
  push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
[2002/10/26 13:05:04, 3] smbd/uid.c:push_conn_ctx(285)
  push_conn_ctx(0) : conn_ctx_stack_ndx = 0
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:set_sec_ctx(328)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:get_current_groups(172)
  get_current_groups: user is in 1 groups: 514
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:pop_sec_ctx(435)
  pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:get_current_groups(172)
  get_current_groups: user is in 1 groups: 514
[2002/10/26 13:05:04, 4]
rpc_server/srv_srvsvc_nt.c:get_share_security(211)
  get_share_security: using default secdesc for IPC$
[2002/10/26 13:05:04, 3] lib/util_seaccess.c:se_access_check(269)
  se_access_check: user sid is
S-1-5-21-3723159834-3326906825-3408399178-2200
[2002/10/26 13:05:04, 3] lib/util_seaccess.c:se_access_check(272)
  se_access_check: also S-1-5-21-3723159834-3326906825-3408399178-2029
[2002/10/26 13:05:04, 3] lib/util_seaccess.c:se_access_check(272)
  se_access_check: also S-1-1-0
[2002/10/26 13:05:04, 3] lib/util_seaccess.c:se_access_check(272)
  se_access_check: also S-1-5-2
[2002/10/26 13:05:04, 3] lib/util_seaccess.c:se_access_check(272)
  se_access_check: also S-1-5-32-546
[2002/10/26 13:05:04, 3] smbd/vfs.c:vfs_init_default(123)
  Initialising default vfs hooks
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:set_sec_ctx(328)
  setting sec ctx (600, 514) - sec_ctx_stack_ndx = 0
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:set_sec_ctx(334)
  1 user groups:
  514
[2002/10/26 13:05:04, 3] smbd/vfs.c:vfs_ChDir(569)
  vfs_ChDir to /tmp
[2002/10/26 13:05:04, 3] smbd/service.c:make_connection(636)
  barolo (192.168.0.6) connect to service IPC$ as user gast (uid=600,
gid=514) (pid 14794)
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:set_sec_ctx(328)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
[2002/10/26 13:05:04, 3] smbd/reply.c:reply_tcon_and_X(394)
  tconX service=ipc$ user=gast
[2002/10/26 13:05:04, 3] smbd/process.c:process_smb(878)
  Transaction 3 of length 93
[2002/10/26 13:05:04, 3] smbd/process.c:switch_message(685)
  switch message SMBntcreateX (pid 14794)
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:set_sec_ctx(328)
  setting sec ctx (600, 514) - sec_ctx_stack_ndx = 0
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:set_sec_ctx(334)
  1 user groups:
  514
[2002/10/26 13:05:04, 4] smbd/nttrans.c:nt_open_pipe(542)
  nt_open_pipe: Opening pipe \samr.
[2002/10/26 13:05:04, 3] smbd/nttrans.c:nt_open_pipe(559)
  nt_open_pipe: Known pipe samr opening.
[2002/10/26 13:05:04, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(146)
  Open pipe requested samr (pipes_open=0)
[2002/10/26 13:05:04, 4] rpc_server/srv_pipe_hnd.c:open_rpc_pipe_p(261)
  Opened pipe samr with handle 772a (pipes_open=1)
[2002/10/26 13:05:04, 3] smbd/process.c:process_smb(878)
  Transaction 4 of length 195
[2002/10/26 13:05:04, 3] smbd/process.c:switch_message(685)
  switch message SMBwriteX (pid 14794)
[2002/10/26 13:05:04, 4] smbd/uid.c:change_to_user(119)
  change_to_user: Skipping user change - already user
[2002/10/26 13:05:04, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(994)
  search for pipe pnum=772a
[2002/10/26 13:05:04, 3] rpc_server/srv_pipe.c:api_pipe_bind_req(749)
  api_pipe_bind_req: \PIPE\samr -> \PIPE\lsass
[2002/10/26 13:05:04, 3] smbd/pipes.c:reply_pipe_write_and_X(197)
  writeX-IPC pnum=772a nwritten=127
[2002/10/26 13:05:04, 3] smbd/process.c:process_smb(878)
  Transaction 5 of length 63
[2002/10/26 13:05:04, 3] smbd/process.c:switch_message(685)
  switch message SMBreadX (pid 14794)
[2002/10/26 13:05:04, 4] smbd/uid.c:change_to_user(119)
  change_to_user: Skipping user change - already user
[2002/10/26 13:05:04, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(994)
  search for pipe pnum=772a
[2002/10/26 13:05:04, 3] smbd/pipes.c:reply_pipe_read_and_X(238)
  readX-IPC pnum=772a min=1024 max=1024 nread=116
[2002/10/26 13:05:04, 3] smbd/process.c:process_smb(878)
  Transaction 6 of length 173
[2002/10/26 13:05:04, 3] smbd/process.c:switch_message(685)
  switch message SMBwriteX (pid 14794)
[2002/10/26 13:05:04, 4] smbd/uid.c:change_to_user(119)
  change_to_user: Skipping user change - already user
[2002/10/26 13:05:04, 4] rpc_server/srv_pipe_hnd.c:get_rpc_pipe(994)
  search for pipe pnum=772a
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:push_sec_ctx(296)
  push_sec_ctx(600, 514) : sec_ctx_stack_ndx = 1
[2002/10/26 13:05:04, 3] smbd/uid.c:push_conn_ctx(285)
  push_conn_ctx(100) : conn_ctx_stack_ndx = 0
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:set_sec_ctx(328)
  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:get_current_groups(172)
  get_current_groups: user is in 2 groups: -1, 514
[2002/10/26 13:05:04, 3] smbd/sec_ctx.c:pop_sec_ctx(435)
  pop_sec_ctx (600, 514) - sec_ctx_stack_ndx = 0
[2002/10/26 13:05:04, 0] lib/util_sec.c:assert_gid(111)
  Failed to set gid privileges to (0,514) now set to (0,-1) uid=(0,600)
[2002/10/26 13:05:04, 0] lib/util.c:smb_panic(1094)
  PANIC: failed to set gid



It seems that the clients first connects as computer, than as user,
(both entries skipped) and than as guest (uid=600, gid=514)
What could be the reason for the
get_current_groups: user is in 2 groups: -1, 514  ??
I don't have a group -1

Last qustions:
Is it possible to add users with usrmgr?

Ok, a lot of questions.
I hope that the these questions aren't to userspecific for the technical
list.
Thank you very much.

Greetings form a stormy day in munich

Hansjörg









--
Dr. Hansjörg Maurer
Linprunstr. 10
D-80335 Muenchen
Ph/Fax +49 89 52 04 68-41/-59

More information about the samba-technical mailing list