Samba4: regtree (and regshell) do not list keys - kill
regsvc.exe on windows side
Willi Mann
willi at wm1.at
Sun Jan 15 14:04:02 GMT 2006
Willi Mann schrieb:
> I just tried out regtree against Windows 2000 Sp2 german. The output
> does not seem very promising, and regsvc.exe dies on the windows side.
>
> I have the trace available on request per private mail.
Here is the output with --debuglevel=10
$ regtree --remote=ncacn_np:172.16.197.153 -c "administrator" -U
administrator HKEY_LOCAL_MACHINE --debuglevel=10
Initialising global parameters
lp_load: refreshing parameters from /etc/samba/smb.conf
params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
Processing section "[globals]"
pm_process() returned Yes
adding hidden service IPC$
adding hidden service ADMIN$
failed to get principal from default ccache: No such file or directory:
open(/tmp/krb5cc_1000): No such file or directory
Using binding ncacn_np:172.16.197.153
Mapped to DCERPC endpoint \pipe\winreg
Shutdown SMB signing
SMB Signing is not negotiated by the peer
Starting GENSEC mechanism ntlmssp
Got challenge flags:
Got NTLMSSP neg_flags=0x608a0215
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_SIGN
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_NTLM2
NTLMSSP_CHAL_TARGET_INFO
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x60080215
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_SIGN
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_NTLM2
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
Password for [WMI\administrator]:
NTLMSSP challenge set by NTLM2
challenge is:
[000] F7 FA EC D5 18 77 48 D9 .....wH.
SMB Signing is not negotiated by the peer
SMB Signing is not negotiated by the peer
rpc request data:
[000] 00 00 00 00 00 00 00 02 ........
rpc reply data:
[000] 00 00 00 00 16 2D A2 61 CF 85 DA 11 81 D8 00 50 .....-.a .......P
[010] FC 3A 1F 03 00 00 00 00 .:......
HKEY_CLASSES_ROOT
rpc request data:
[000] 00 00 00 00 16 2D A2 61 CF 85 DA 11 81 D8 00 50 .....-.a .......P
[010] FC 3A 1F 03 00 00 00 00 00 00 00 04 00 00 00 00 .:...... ........
[020] 00 00 02 00 00 00 00 00 00 00 00 00 04 00 02 00 ........ ........
[030] 00 00 00 00 00 00 00 00 ........
Error occured while fetching subkeys for '': DOS code 0x00000030
rpc request data:
[000] 00 00 00 00 16 2D A2 61 CF 85 DA 11 81 D8 00 50 .....-.a .......P
[010] FC 3A 1F 03 00 00 00 00 00 00 00 00 .:...... ....
QueryInfoKey failed - NT_STATUS_INVALID_PIPE_STATE
Error occured while fetching values for '': DOS code 0x000000e6
Backend 'rpc' doesn't support method get_sec_desc
rpc request data:
[000] 00 00 00 00 00 00 00 02 ........
Error executing open
Skipping HKEY_CURRENT_USER
rpc request data:
[000] 00 00 00 00 00 00 00 02 ........
Error executing open
Skipping HKEY_LOCAL_MACHINE
rpc request data:
[000] 00 00 00 00 00 00 00 02 ........
Error executing open
Skipping HKEY_USERS
rpc request data:
[000] 00 00 00 00 00 00 00 02 ........
Error executing open
Skipping HKEY_PERFORMANCE_DATA
rpc request data:
[000] 00 00 00 00 00 00 00 02 ........
Error executing open
Skipping HKEY_CURRENT_CONFIG
rpc request data:
[000] 00 00 00 00 00 00 00 02 ........
Error executing open
Skipping HKEY_DYN_DATA
No such hive -2147483641
Skipping (null)
No such hive -2147483640
Skipping (null)
No such hive -2147483639
Skipping (null)
No such hive -2147483638
Skipping (null)
...
No such hive -2147483571
Skipping (null)
No such hive -2147483570
Skipping (null)
No such hive -2147483569
Skipping (null)
No such hive -2147483568
Skipping HKEY_PERFORMANCE_TEXT
No such hive -2147483567
Skipping (null)
..
I hope it's useful.
Willi
More information about the samba-technical
mailing list