samb4 torture eventlog failed. Need HELP!

Donghui Wen dhwen at protegonetworks.com
Fri Nov 12 01:32:35 GMT 2004 

I checked out samba4 from cvs this morning.
I just found out something: if I change the value of
DCERPC_EVENTLOG_OPENEVENTLOG
form 0x00 to 0x07 in librpc/gen_ndr/ndr_eventlog.h. The test can pass, and
then
I tried to call dcerpc_eventlog_GetNumRecords, it reported the same error,
I change the value of DCERPC_EVENTLOG_OPENEVENTLOG  to 0x04, it still
reports error, ethreal also complains mailformed packet.

I was wondering if anyone ever read windows eventlog successfully from
samba.

I tried samba-tng also, but it could not support digital signing.

Regards,
Donghui



On Fri, 2004-11-12 at 11:51, Donghui Wen wrote:
> Hi, Andrew and the other samba hacker,
>      I am trying to use samba4 to get eventlog from windows 2003. The
first thing
> I want to try is smbtorture.
>
> smbtorture //10.1.253.220/ -U administrator%pass RPC-EVENTLOG
>
> Here is the result:
> ------------------------
> Running RPC-EVENTLOG
>
> testing OpenEventLog
> OpenEventLog failed - NT_STATUS_NET_WRITE_FAULT
> TEST RPC-EVENTLOG FAILED!
> RPC-EVENTLOG took 0.277033 secs
>
> -------------------------
>
> I took a look at the ethreal trace, looks like smbtorture is sending
> a ElfrClearElFW instead a ElfrOpenElv when open the eventlog.
>
> I have spent some time in reading the source code, but still could
> not figure out the reason. Please help!

Have you tried current SVN?  What revision are you running?

In any case, I get past this call against Win2k3 - but there seems
something fishy about eventlog_ReadEventLogW()...

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at samba.org
Authentication Developer, Samba Team            http://samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net

----- Original Message ----- 
From: "Andrew Bartlett" <abartlet at samba.org>
To: "Donghui Wen" <dhwen at protegonetworks.com>
Cc: <samba-technical at lists.samba.org>
Sent: Thursday, November 11, 2004 5:11 PM
Subject: Re: samb4 torture eventlog failed. Need HELP!

More information about the samba-technical mailing list