[Samba] failed to set machine spn: Operations error
rajat swarup
rajats at gmail.com
Fri Sep 3 01:36:11 MDT 2010
On Wed, Sep 1, 2010 at 5:00 PM, Michael Wood <esiotrot at gmail.com> wrote:
> A quick search on google for that error turns up lots of hits, but I
> have not looked at any to see if there were solutions.
>
No luck yet!
The following is the sanitized debug dump of my net ads join command:
[2010/09/03 03:10:18, 5] lib/debug.c:407(debug_dump_status)
INFO: Current debug levels:
all: True/10
tdb: False/0
printdrivers: False/0
lanman: False/0
smb: False/0
rpc_parse: False/0
rpc_srv: False/0
rpc_cli: False/0
passdb: False/0
sam: False/0
auth: False/0
winbind: False/0
vfs: False/0
idmap: False/0
quota: False/0
acls: False/0
locking: False/0
msdfs: False/0
dmapi: False/0
registry: False/0
[2010/09/03 03:10:18, 3] param/loadparm.c:9039(lp_load_ex)
lp_load_ex: refreshing parameters
[2010/09/03 03:10:18, 3] param/loadparm.c:4848(init_globals)
Initialising global parameters
[2010/09/03 03:10:18, 2] param/loadparm.c:4707(max_open_files)
rlimit_max: rlimit_max (1024) below minimum Windows limit (16384)
[2010/09/03 03:10:18, 3] ../lib/util/params.c:550(pm_process)
params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
[2010/09/03 03:10:18, 3] param/loadparm.c:7726(do_section)
Processing section "[global]"
doing parameter security = ads
doing parameter workgroup = ABCDEFGH
doing parameter password server = 192.168.5.131 192.168.5.132
doing parameter realm = ABCDEFGH.COM
doing parameter netbios name = 0123456789a0003
[2010/09/03 03:10:18, 4] param/loadparm.c:7088(handle_netbios_name)
handle_netbios_name: set global_myname to: 0123456789A0003
doing parameter idmap uid = 16777216-33554431
doing parameter idmap gid = 16777216-33554431
doing parameter template shell = /bin/bash
doing parameter template homedir = /home/%D/%U
doing parameter client ntlmv2 auth = yes
doing parameter winbind use default domain = yes
doing parameter winbind offline logon = false
doing parameter winbind enum users = true
doing parameter winbind enum groups = yes
doing parameter client use spnego = yes
doing parameter encrypt passwords = yes
doing parameter restrict anonymous = 2
doing parameter server string = %h server (Samba, Ubuntu)
doing parameter dns proxy = no
doing parameter log file = /var/log/samba/log.%m
doing parameter max log size = 1000
doing parameter syslog = 0
doing parameter panic action = /usr/share/samba/panic-action %d
doing parameter encrypt passwords = true
doing parameter passdb backend = tdbsam
doing parameter obey pam restrictions = yes
doing parameter unix password sync = yes
doing parameter passwd program = /usr/bin/passwd %u
doing parameter passwd chat = *Enter\snew\s*\spassword:* %n\n
*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
doing parameter pam password change = yes
doing parameter map to guest = bad user
[2010/09/03 03:10:18, 4] param/loadparm.c:9074(lp_load_ex)
pm_process() returned Yes
[2010/09/03 03:10:18, 7] param/loadparm.c:9279(lp_servicenumber)
lp_servicenumber: couldn't find homes
[2010/09/03 03:10:18, 10] param/loadparm.c:8287(set_server_role)
set_server_role: role = ROLE_DOMAIN_MEMBER
[2010/09/03 03:10:18, 5] lib/iconv.c:104(smb_register_charset)
Attempting to register new charset UCS-2LE
[2010/09/03 03:10:18, 5] lib/iconv.c:112(smb_register_charset)
Registered charset UCS-2LE
[2010/09/03 03:10:18, 5] lib/iconv.c:104(smb_register_charset)
Attempting to register new charset UTF-16LE
[2010/09/03 03:10:18, 5] lib/iconv.c:112(smb_register_charset)
Registered charset UTF-16LE
[2010/09/03 03:10:18, 5] lib/iconv.c:104(smb_register_charset)
Attempting to register new charset UCS-2BE
[2010/09/03 03:10:18, 5] lib/iconv.c:112(smb_register_charset)
Registered charset UCS-2BE
[2010/09/03 03:10:18, 5] lib/iconv.c:104(smb_register_charset)
Attempting to register new charset UTF-16BE
[2010/09/03 03:10:18, 5] lib/iconv.c:112(smb_register_charset)
Registered charset UTF-16BE
[2010/09/03 03:10:18, 5] lib/iconv.c:104(smb_register_charset)
Attempting to register new charset UTF8
[2010/09/03 03:10:18, 5] lib/iconv.c:112(smb_register_charset)
Registered charset UTF8
[2010/09/03 03:10:18, 5] lib/iconv.c:104(smb_register_charset)
Attempting to register new charset UTF-8
[2010/09/03 03:10:18, 5] lib/iconv.c:112(smb_register_charset)
Registered charset UTF-8
[2010/09/03 03:10:18, 5] lib/iconv.c:104(smb_register_charset)
Attempting to register new charset ASCII
[2010/09/03 03:10:18, 5] lib/iconv.c:112(smb_register_charset)
Registered charset ASCII
[2010/09/03 03:10:18, 5] lib/iconv.c:104(smb_register_charset)
Attempting to register new charset 646
[2010/09/03 03:10:18, 5] lib/iconv.c:112(smb_register_charset)
Registered charset 646
[2010/09/03 03:10:18, 5] lib/iconv.c:104(smb_register_charset)
Attempting to register new charset ISO-8859-1
[2010/09/03 03:10:18, 5] lib/iconv.c:112(smb_register_charset)
Registered charset ISO-8859-1
[2010/09/03 03:10:18, 5] lib/iconv.c:104(smb_register_charset)
Attempting to register new charset UCS2-HEX
[2010/09/03 03:10:18, 5] lib/iconv.c:112(smb_register_charset)
Registered charset UCS2-HEX
[2010/09/03 03:10:18, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:18, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:18, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:18, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:18, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:18, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:18, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:18, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:18, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:18, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:18, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:18, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:18, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:18, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:18, 5] lib/util.c:266(init_names)
Netbios name list:-
my_netbios_names[0]="0123456789A0003"
[2010/09/03 03:10:18, 2] lib/interface.c:340(add_interface)
added interface eth0 ip=fe80::1aa9:5ff:fe76:3b64%eth0
bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff::
[2010/09/03 03:10:18, 2] lib/interface.c:340(add_interface)
added interface eth2 ip=fe80::f6ce:46ff:febe:e0f4%eth2
bcast=fe80::ffff:ffff:ffff:ffff%eth2 netmask=ffff:ffff:ffff:ffff::
[2010/09/03 03:10:18, 2] lib/interface.c:340(add_interface)
added interface eth2 ip=192.168.5.133 bcast=192.168.5.191
netmask=255.255.255.192
[2010/09/03 03:10:18, 2] lib/interface.c:340(add_interface)
added interface eth0 ip=10.10.10.6 bcast=10.10.10.63 netmask=255.255.255.192
[2010/09/03 03:10:23, 1] libnet/libnet_join.c:1872(libnet_Join)
libnet_Join:
libnet_JoinCtx: struct libnet_JoinCtx
in: struct libnet_JoinCtx
dc_name : NULL
machine_name : '0123456789A0003'
domain_name : *
domain_name : 'ABCDEFGH.COM'
account_ou : NULL
admin_account : 'dadmin'
admin_password : *
machine_password : NULL
join_flags : 0x00000023 (35)
0: WKSSVC_JOIN_FLAGS_IGNORE_UNSUPPORTED_FLAGS
0: WKSSVC_JOIN_FLAGS_JOIN_WITH_NEW_NAME
0: WKSSVC_JOIN_FLAGS_JOIN_DC_ACCOUNT
0: WKSSVC_JOIN_FLAGS_DEFER_SPN
0: WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED
0: WKSSVC_JOIN_FLAGS_JOIN_UNSECURE
1: WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED
0: WKSSVC_JOIN_FLAGS_WIN9X_UPGRADE
0: WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE
1: WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE
1: WKSSVC_JOIN_FLAGS_JOIN_TYPE
os_version : NULL
os_name : NULL
create_upn : 0x00 (0)
upn : NULL
modify_config : 0x00 (0)
ads : NULL
debug : 0x01 (1)
use_kerberos : 0x00 (0)
secure_channel_type : SEC_CHAN_WKSTA (2)
[2010/09/03 03:10:23, 10] libsmb/dsgetdcname.c:1167(dsgetdcname)
dsgetdcname: domain_name: ABCDEFGH.COM, domain_guid: (null),
site_name: (null), flags: 0x40001011
[2010/09/03 03:10:23, 10] libsmb/dsgetdcname.c:46(debug_dsdcinfo_flags)
debug_dsdcinfo_flags: 0x40001011
DS_FORCE_REDISCOVERY DS_DIRECTORY_SERVICE_REQUIRED
DS_WRITABLE_REQUIRED DS_RETURN_DNS_NAME
[2010/09/03 03:10:23, 5] lib/gencache.c:61(gencache_init)
Opening cache file at /var/run/samba/gencache.tdb
[2010/09/03 03:10:23, 10] lib/gencache.c:208(gencache_get)
Returning valid cache entry: key = AD_SITENAME/DOMAIN/ABCDEFGH.COM,
value = Default-First-Site-Name, timeout = Mon Jan 18 22:14:07 2038
[2010/09/03 03:10:23, 5] libads/dns.c:817(sitename_fetch)
sitename_fetch: Returning sitename for ABCDEFGH.COM: "Default-First-Site-Name"
[2010/09/03 03:10:23, 10] libsmb/dsgetdcname.c:1080(dsgetdcname_rediscover)
dsgetdcname_rediscover
[2010/09/03 03:10:23, 4] libads/dns.c:432(ads_dns_lookup_srv)
ads_dns_lookup_srv: 2 records returned in the answer section.
[2010/09/03 03:10:23, 10] libads/dns.c:213(ads_dns_parse_rr_srv)
ads_dns_parse_rr_srv: Parsed 0123456789a0001.abcdefgh.com [0, 100, 389]
[2010/09/03 03:10:23, 10] libads/dns.c:213(ads_dns_parse_rr_srv)
ads_dns_parse_rr_srv: Parsed 0123456789a0002.abcdefgh.com [0, 100, 389]
[2010/09/03 03:10:23, 10] libsmb/dsgetdcname.c:894(process_dc_dns)
LDAP ping to 0123456789a0001.abcdefgh.com
[2010/09/03 03:10:23, 10] lib/gencache.c:374(gencache_set_data_blob)
Adding cache entry with key = DSGETDCNAME/DOMAIN/ABCDEFGH; blob size
= 162 and timeout = Fri Sep 3 03:25:23 2010
(900 seconds ahead)
[2010/09/03 03:10:23, 10] libads/dns.c:778(sitename_store)
sitename_store: realm = [ABCDEFGH], sitename =
[Default-First-Site-Name], expire = [2147483647]
[2010/09/03 03:10:23, 10] lib/gencache.c:131(gencache_set)
Adding cache entry with key = AD_SITENAME/DOMAIN/ABCDEFGH; value =
Default-First-Site-Name and timeout = Mon Jan 18 22:14:07 2038
(863985824 seconds ahead)
[2010/09/03 03:10:23, 10] lib/gencache.c:374(gencache_set_data_blob)
Adding cache entry with key = DSGETDCNAME/DOMAIN/ABCDEFGH.COM; blob
size = 162 and timeout = Fri Sep 3 03:25:23 2010
(900 seconds ahead)
[2010/09/03 03:10:23, 10] libads/dns.c:778(sitename_store)
sitename_store: realm = [abcdefgh.com], sitename =
[Default-First-Site-Name], expire = [2147483647]
[2010/09/03 03:10:23, 10] lib/gencache.c:131(gencache_set)
Adding cache entry with key = AD_SITENAME/DOMAIN/ABCDEFGH.COM; value
= Default-First-Site-Name and timeout = Mon Jan 18 22:14:07 2038
(863985824 seconds ahead)
[2010/09/03 03:10:23, 3] libsmb/cliconnect.c:2032(cli_start_connection)
Connecting to host=0123456789A0001.abcdefgh.com
[2010/09/03 03:10:23, 10] lib/gencache.c:208(gencache_get)
Returning valid cache entry: key = AD_SITENAME/DOMAIN/ABCDEFGH.COM,
value = Default-First-Site-Name, timeout = Mon Jan 18 22:14:07 2038
[2010/09/03 03:10:23, 5] libads/dns.c:817(sitename_fetch)
sitename_fetch: Returning sitename for ABCDEFGH.COM: "Default-First-Site-Name"
[2010/09/03 03:10:23, 10] libsmb/namequery.c:1506(internal_resolve_name)
internal_resolve_name: looking up 0123456789A0001.abcdefgh.com#20
(sitename Default-First-Site-Name)
[2010/09/03 03:10:23, 10] lib/gencache.c:208(gencache_get)
Returning expired cache entry: key =
NBT/0123456789A0001.ABCDEFGH.COM#20, value =
192.168.5.131:0,10.10.10.4:0, timeout = Fri Sep 3 02:28:45 2010
[2010/09/03 03:10:23, 5] libsmb/namecache.c:208(namecache_fetch)
no entry for 0123456789A0001.abcdefgh.com#20 found.
[2010/09/03 03:10:23, 3] libsmb/namequery.c:1225(resolve_lmhosts)
resolve_lmhosts: Attempting lmhosts lookup for name
0123456789A0001.abcdefgh.com<0x20>
[2010/09/03 03:10:23, 4] libsmb/namequery.c:839(startlmhosts)
startlmhosts: Can't open lmhosts file /etc/samba/lmhosts. Error was
No such file or directory
[2010/09/03 03:10:23, 3] libsmb/namequery.c:1089(resolve_wins)
resolve_wins: Attempting wins lookup for name
0123456789A0001.abcdefgh.com<0x20>
[2010/09/03 03:10:23, 3] libsmb/namequery.c:1093(resolve_wins)
resolve_wins: WINS server resolution selected and no WINS servers listed.
[2010/09/03 03:10:23, 3] libsmb/namequery.c:1307(resolve_hosts)
resolve_hosts: Attempting host lookup for name
0123456789A0001.abcdefgh.com<0x20>
[2010/09/03 03:10:23, 10] libsmb/namequery.c:583(remove_duplicate_addrs2)
remove_duplicate_addrs2: looking for duplicate address/port pairs
[2010/09/03 03:10:23, 5] libsmb/namecache.c:122(namecache_store)
namecache_store: storing 2 addresses for
0123456789A0001.abcdefgh.com#20: 192.168.5.131,10.10.10.4
[2010/09/03 03:10:23, 10] lib/gencache.c:131(gencache_set)
Adding cache entry with key = NBT/0123456789A0001.ABCDEFGH.COM#20;
value = 192.168.5.131:0,10.10.10.4:0 and timeout = Fri Sep 3 03:21:23
2010
(660 seconds ahead)
[2010/09/03 03:10:23, 10] libsmb/namequery.c:1653(internal_resolve_name)
internal_resolve_name: returning 2 addresses: 192.168.5.131:0 10.10.10.4:0
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Added timed event "tevent_req_timedout": 0x7f0a3e414bf0
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Added timed event "tevent_req_timedout": 0x7f0a3e4151c0
[2010/09/03 03:10:23, 10] lib/events.c:105(run_events)
Running timed event "tevent_req_timedout" 0x7f0a3e414bf0
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Destroying timer event 0x7f0a3e414bf0 "tevent_req_timedout"
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Added timed event "tevent_req_timedout": 0x7f0a3e414bf0
[2010/09/03 03:10:23, 3] lib/util_sock.c:1033(open_socket_out_send)
Connecting to 192.168.5.131 at port 445
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Added timed event "tevent_req_timedout": 0x7f0a3e415c20
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Destroying timer event 0x7f0a3e415c20 "tevent_req_timedout"
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Destroying timer event 0x7f0a3e414bf0 "tevent_req_timedout"
[2010/09/03 03:10:23, 5] lib/util_sock.c:371(print_socket_options)
Socket options:
SO_KEEPALIVE = 0
SO_REUSEADDR = 0
SO_BROADCAST = 0
TCP_NODELAY = 1
TCP_KEEPCNT = 9
TCP_KEEPIDLE = 7200
TCP_KEEPINTVL = 75
IPTOS_LOWDELAY = 0
IPTOS_THROUGHPUT = 0
SO_SNDBUF = 16384
SO_RCVBUF = 87380
SO_SNDLOWAT = 1
SO_RCVLOWAT = 1
SO_SNDTIMEO = 0
SO_RCVTIMEO = 0
[2010/09/03 03:10:23, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:23, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:23, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:23, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:23, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:23, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:23, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:23, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:23, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:23, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:23, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:23, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:23, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:23, 5] lib/charcnv.c:82(charset_name)
Substituting charset 'UTF-8' for LOCALE
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:510(cli_chain_cork)
cli_chain_cork: mid=1
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu)
handle_incoming_pdu: got mid 1
[2010/09/03 03:10:23, 3] libsmb/cliconnect.c:940(cli_session_setup_spnego)
Doing spnego session setup (blob length=119)
[2010/09/03 03:10:23, 3] libsmb/cliconnect.c:967(cli_session_setup_spnego)
got OID=1.2.840.48018.1.2.2
[2010/09/03 03:10:23, 3] libsmb/cliconnect.c:967(cli_session_setup_spnego)
got OID=1.2.840.113554.1.2.2
[2010/09/03 03:10:23, 3] libsmb/cliconnect.c:967(cli_session_setup_spnego)
got OID=1.2.840.113554.1.2.2.3
[2010/09/03 03:10:23, 3] libsmb/cliconnect.c:967(cli_session_setup_spnego)
got OID=1.3.6.1.4.1.311.2.2.10
[2010/09/03 03:10:23, 3] libsmb/cliconnect.c:975(cli_session_setup_spnego)
got principal=0123456789a0001$@ABCDEFGH.COM
[2010/09/03 03:10:23, 6] libsmb/clientgen.c:245(write_socket)
write_socket(6,176)
[2010/09/03 03:10:23, 6] libsmb/clientgen.c:248(write_socket)
write_socket(6,176) wrote 176
[2010/09/03 03:10:23, 10] lib/util_sock.c:789(read_smb_length_return_keepalive)
got smb length of 484
[2010/09/03 03:10:23, 5] lib/util.c:632(show_msg)
[2010/09/03 03:10:23, 5] lib/util.c:642(show_msg)
size=484
smb_com=0x73
smb_rcls=22
smb_reh=0
smb_err=49152
smb_flg=136
smb_flg2=51205
smb_tid=0
smb_pid=22299
smb_uid=43010
smb_mid=2
smt_wct=4
smb_vwv[ 0]= 255 (0xFF)
smb_vwv[ 1]= 484 (0x1E4)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 301 (0x12D)
smb_bcc=441
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] A1 82 01 29 30 82 01 25 A0 03 0A 01 01 A1 0C 06 ...)0..% ........
[0010] 0A 2B 06 01 04 01 82 37 02 02 0A A2 82 01 0E 04 .+.....7 ........
[0020] 82 01 0A 4E 54 4C 4D 53 53 50 00 02 00 00 00 14 ...NTLMS SP......
[0030] 00 14 00 38 00 00 00 15 82 89 62 C8 B8 B0 07 A3 ...8.... ..b.....
[0040] 06 68 2C 00 00 00 00 00 00 00 00 BE 00 BE 00 4C .h,..... .......L
[SCRUBBED]
[01B0] 00 35 00 2E 00 32 00 00 00 .5...2.. .
[2010/09/03 03:10:23, 5] lib/util.c:632(show_msg)
[2010/09/03 03:10:23, 5] lib/util.c:642(show_msg)
size=484
smb_com=0x73
smb_rcls=22
smb_reh=0
smb_err=49152
smb_flg=136
smb_flg2=51205
smb_tid=0
smb_pid=22299
smb_uid=43010
smb_mid=2
smt_wct=4
smb_vwv[ 0]= 255 (0xFF)
smb_vwv[ 1]= 484 (0x1E4)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 301 (0x12D)
smb_bcc=441
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] A1 82 01 29 30 82 01 25 A0 03 0A 01 01 A1 0C 06 ...)0..% ........
[0010] 0A 2B 06 01 04 01 82 37 02 02 0A A2 82 01 0E 04 .+.....7 ........
[0020] 82 01 0A 4E 54 4C 4D 53 53 50 00 02 00 00 00 14 ...NTLMS SP......
[SCRUBBED]
[0030] 00 14 00 38 00 00 00 15 82 89 62 C8 B8 B0 07 A3 ...8.... ..b.....
[01A0] 00 32 00 30 00 30 00 33 00 20 00 52 00 32 00 20 .2.0.0.3 . .R.2.
[01B0] 00 35 00 2E 00 32 00 00 00 .5...2.. .
[2010/09/03 03:10:23, 3] libsmb/ntlmssp.c:1023(ntlmssp_client_challenge)
Got challenge flags:
[2010/09/03 03:10:23, 3] libsmb/ntlmssp.c:62(debug_ntlmssp_flags)
Got NTLMSSP neg_flags=0x62898215
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_SIGN
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_NEGOTIATE_NTLM2
NTLMSSP_CHAL_TARGET_INFO
NTLMSSP_NEGOTIATE_VERSION
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
[2010/09/03 03:10:23, 3] libsmb/ntlmssp.c:1045(ntlmssp_client_challenge)
NTLMSSP: Set final flags:
[2010/09/03 03:10:23, 3] libsmb/ntlmssp.c:62(debug_ntlmssp_flags)
Got NTLMSSP neg_flags=0x60088215
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_SIGN
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_NEGOTIATE_NTLM2
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
[2010/09/03 03:10:23, 3] libsmb/ntlmssp_sign.c:342(ntlmssp_sign_init)
NTLMSSP Sign/Seal - Initialising with flags:
[2010/09/03 03:10:23, 3] libsmb/ntlmssp.c:62(debug_ntlmssp_flags)
Got NTLMSSP neg_flags=0x60088215
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_SIGN
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_NEGOTIATE_NTLM2
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
[2010/09/03 03:10:23, 6] libsmb/clientgen.c:245(write_socket)
write_socket(6,482)
[2010/09/03 03:10:23, 6] libsmb/clientgen.c:248(write_socket)
write_socket(6,482) wrote 482
[2010/09/03 03:10:23, 10] lib/util_sock.c:789(read_smb_length_return_keepalive)
got smb length of 192
[2010/09/03 03:10:23, 5] lib/util.c:632(show_msg)
[2010/09/03 03:10:23, 5] lib/util.c:642(show_msg)
size=192
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51205
smb_tid=0
smb_pid=22299
smb_uid=43010
smb_mid=3
smt_wct=4
smb_vwv[ 0]= 255 (0xFF)
smb_vwv[ 1]= 192 (0xC0)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 9 (0x9)
smb_bcc=149
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] A1 07 30 05 A0 03 0A 01 00 57 00 69 00 6E 00 64 ..0..... .W.i.n.d
[0010] 00 6F 00 77 00 73 00 20 00 53 00 65 00 72 00 76 .o.w.s. .S.e.r.v
[SCRUBBED]
[0090] 00 32 00 00 00 .2...
[2010/09/03 03:10:23, 5] lib/util.c:632(show_msg)
[2010/09/03 03:10:23, 5] lib/util.c:642(show_msg)
size=192
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51205
smb_tid=0
smb_pid=22299
smb_uid=43010
smb_mid=3
smt_wct=4
smb_vwv[ 0]= 255 (0xFF)
smb_vwv[ 1]= 192 (0xC0)
smb_vwv[ 2]= 0 (0x0)
smb_vwv[ 3]= 9 (0x9)
smb_bcc=149
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] A1 07 30 05 A0 03 0A 01 00 57 00 69 00 6E 00 64 ..0..... .W.i.n.d
[0010] 00 6F 00 77 00 73 00 20 00 53 00 65 00 72 00 76 .o.w.s. .S.e.r.v
[SRUBBED]
[0090] 00 32 00 00 00 .2...
[2010/09/03 03:10:23, 5] libsmb/smb_signing.c:140(set_smb_signing_real_common)
Mandatory SMB signing enabled!
[2010/09/03 03:10:23, 5] libsmb/smb_signing.c:144(set_smb_signing_real_common)
SMB signing enabled!
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:494(cli_simple_set_signing)
cli_simple_set_signing: user_session_key
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] B4 39 EC 32 61 6E 5C 5E 1A 3A F9 64 4A 80 48 37 .9.2an\^ .:.dJ.H7
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:502(cli_simple_set_signing)
cli_simple_set_signing: NULL response_data
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 0
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:351(client_sign_outgoing_message)
client_sign_outgoing_message: sent SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] CF 87 80 74 1A DB 9D 64 ...t...d
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:67(store_sequence_for_reply)
store_sequence_for_reply: stored seq = 1 mid = 3
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 1 mid = 3
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 1
[2010/09/03 03:10:23, 10]
libsmb/smb_signing.c:434(client_check_incoming_message)
client_check_incoming_message: seq 1: got good SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 3F AA A7 43 52 CA B0 3B ?..CR..;
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:510(cli_chain_cork)
cli_chain_cork: mid=4
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 2
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:351(client_sign_outgoing_message)
client_sign_outgoing_message: sent SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] A2 61 FD 07 11 3C D5 A8 .a...<..
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:67(store_sequence_for_reply)
store_sequence_for_reply: stored seq = 3 mid = 4
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 3 mid = 4
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 3
[2010/09/03 03:10:23, 10]
libsmb/smb_signing.c:434(client_check_incoming_message)
client_check_incoming_message: seq 3: got good SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 77 DA EC CB 0A 6F 06 37 w....o.7
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu)
handle_incoming_pdu: got mid 4
[2010/09/03 03:10:23, 10] libsmb/clientgen.c:467(cli_init_creds)
cli_init_creds: user dadmin domain
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:510(cli_chain_cork)
cli_chain_cork: mid=5
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 4
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:351(client_sign_outgoing_message)
client_sign_outgoing_message: sent SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 23 47 2C 85 2D 4B BA E2 #G,.-K..
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:67(store_sequence_for_reply)
store_sequence_for_reply: stored seq = 5 mid = 5
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 5 mid = 5
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 5
[2010/09/03 03:10:23, 10]
libsmb/smb_signing.c:434(client_check_incoming_message)
client_check_incoming_message: seq 5: got good SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 7C 17 28 CC 9D D1 CB D5 |.(.....
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu)
handle_incoming_pdu: got mid 5
[2010/09/03 03:10:23, 5] rpc_client/cli_pipe.c:2555(rpc_pipe_bind_send)
Bind RPC Pipe: host 0123456789A0001.abcdefgh.com auth_type 0, auth_level 0
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 0b
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0048
000a auth_len : 0000
000c call_id : 00000001
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_rb
[2010/09/03 03:10:23, 6] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_bba
0010 max_tsize: 10b8
0012 max_rsize: 10b8
0014 assoc_gid: 00000000
0018 num_contexts: 01
001c context_id : 0000
001e num_transfer_syntaxes: 01
[2010/09/03 03:10:23, 6] rpc_parse/parse_prs.c:88(prs_debug)
00001f smb_io_rpc_iface
[2010/09/03 03:10:23, 7] rpc_parse/parse_prs.c:88(prs_debug)
000020 smb_io_uuid uuid
0020 data : 12345778
0024 data : 1234
0026 data : abcd
0028 data : ef 00
002a data : 01 23 45 67 89 ab
0030 version: 00000000
[2010/09/03 03:10:23, 6] rpc_parse/parse_prs.c:88(prs_debug)
000034 smb_io_rpc_iface
[2010/09/03 03:10:23, 7] rpc_parse/parse_prs.c:88(prs_debug)
000034 smb_io_uuid uuid
0034 data : 8a885d04
0038 data : 1ceb
003a data : 11c9
003c data : 9f e8
003e data : 08 00 2b 10 48 60
0044 version: 00000002
[2010/09/03 03:10:23, 5] rpc_client/cli_pipe.c:1280(rpc_api_pipe_send)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com
[2010/09/03 03:10:23, 10] libsmb/clitrans.c:825(cli_ship_trans)
num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0,
data_total=72, this_data=72, max_data=4280, param_offset=82,
param_disp=0, data_disp=0
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:510(cli_chain_cork)
cli_chain_cork: mid=6
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 6
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:351(client_sign_outgoing_message)
client_sign_outgoing_message: sent SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 47 63 F6 12 7D 87 D5 40 Gc..}..@
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:67(store_sequence_for_reply)
store_sequence_for_reply: stored seq = 7 mid = 6
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 7 mid = 6
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 7
[2010/09/03 03:10:23, 10]
libsmb/smb_signing.c:434(client_check_incoming_message)
client_check_incoming_message: seq 7: got good SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] ED D0 CF D7 2D 84 25 78 ....-.%x
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu)
handle_incoming_pdu: got mid 6
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 7 mid = 6
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 0c
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0044
000a auth_len : 0000
000c call_id : 00000001
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Added timed event "async_trigger": 0x7f0a3e416cc0
[2010/09/03 03:10:23, 10] lib/events.c:105(run_events)
Running timed event "async_trigger" 0x7f0a3e416cc0
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Destroying timer event 0x7f0a3e416cc0 "async_trigger"
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1382(rpc_api_pipe_got_pdu)
rpc_api_pipe: got frag len of 68 at offset 0: NT_STATUS_OK
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1433(rpc_api_pipe_got_pdu)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com returned 68 bytes.
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 0c
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0044
000a auth_len : 0000
000c call_id : 00000001
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_ba
[2010/09/03 03:10:23, 6] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_bba
0010 max_tsize: 10b8
0012 max_rsize: 10b8
0014 assoc_gid: 0000ddf4
[2010/09/03 03:10:23, 6] rpc_parse/parse_prs.c:88(prs_debug)
000018 smb_io_rpc_addr_str
0018 len: 000c
001a str: \PIPE\lsass.
[2010/09/03 03:10:23, 6] rpc_parse/parse_prs.c:88(prs_debug)
000026 smb_io_rpc_results
0028 num_results: 01
002c result : 0000
002e reason : 0000
[2010/09/03 03:10:23, 6] rpc_parse/parse_prs.c:88(prs_debug)
000030 smb_io_rpc_iface
[2010/09/03 03:10:23, 7] rpc_parse/parse_prs.c:88(prs_debug)
000030 smb_io_uuid uuid
0030 data : 8a885d04
0034 data : 1ceb
0036 data : 11c9
0038 data : 9f e8
003a data : 08 00 2b 10 48 60
0040 version: 00000002
[2010/09/03 03:10:23, 5] rpc_client/cli_pipe.c:2402(check_bind_response)
check_bind_response: accepted!
[2010/09/03 03:10:23, 10]
rpc_client/cli_pipe.c:3682(cli_rpc_pipe_open_noauth_transport)
cli_rpc_pipe_open_noauth: opened pipe \lsarpc to machine
0123456789A0001.abcdefgh.com and bound anonymously.
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
lsa_OpenPolicy: struct lsa_OpenPolicy
in: struct lsa_OpenPolicy
system_name : *
system_name : 0x005c (92)
attr : *
attr: struct lsa_ObjectAttribute
len : 0x00000018 (24)
root_dir : NULL
object_name : NULL
attributes : 0x00000000 (0)
sec_desc : NULL
sec_qos : *
sec_qos: struct lsa_QosInfo
len : 0x0000000c (12)
impersonation_level : 0x0002 (2)
context_mode : 0x01 (1)
effective_only : 0x00 (0)
access_mask : 0x02000000 (33554432)
0: LSA_POLICY_VIEW_LOCAL_INFORMATION
0: LSA_POLICY_VIEW_AUDIT_INFORMATION
0: LSA_POLICY_GET_PRIVATE_INFORMATION
0: LSA_POLICY_TRUST_ADMIN
0: LSA_POLICY_CREATE_ACCOUNT
0: LSA_POLICY_CREATE_SECRET
0: LSA_POLICY_CREATE_PRIVILEGE
0: LSA_POLICY_SET_DEFAULT_QUOTA_LIMITS
0: LSA_POLICY_SET_AUDIT_REQUIREMENTS
0: LSA_POLICY_AUDIT_LOG_ADMIN
0: LSA_POLICY_SERVER_ADMIN
0: LSA_POLICY_LOOKUP_NAMES
0: LSA_POLICY_NOTIFICATION
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0044
000a auth_len : 0000
000c call_id : 00000002
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 0000002c
0014 context_id: 0000
0016 opnum : 0006
[2010/09/03 03:10:23, 5] rpc_client/cli_pipe.c:1280(rpc_api_pipe_send)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com
[2010/09/03 03:10:23, 10] libsmb/clitrans.c:825(cli_ship_trans)
num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0,
data_total=68, this_data=68, max_data=4280, param_offset=82,
param_disp=0, data_disp=0
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:510(cli_chain_cork)
cli_chain_cork: mid=7
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 8
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:351(client_sign_outgoing_message)
client_sign_outgoing_message: sent SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 62 0E 54 AF 95 6B 47 AE b.T..kG.
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:67(store_sequence_for_reply)
store_sequence_for_reply: stored seq = 9 mid = 7
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 9 mid = 7
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 9
[2010/09/03 03:10:23, 10]
libsmb/smb_signing.c:434(client_check_incoming_message)
client_check_incoming_message: seq 9: got good SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 1C 93 E9 DF 0A 08 80 86 ........
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu)
handle_incoming_pdu: got mid 7
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 9 mid = 7
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0030
000a auth_len : 0000
000c call_id : 00000002
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Added timed event "async_trigger": 0x7f0a3e414bb0
[2010/09/03 03:10:23, 10] lib/events.c:105(run_events)
Running timed event "async_trigger" 0x7f0a3e414bb0
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Destroying timer event 0x7f0a3e414bb0 "async_trigger"
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 00000018
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
[2010/09/03 03:10:23, 10]
rpc_client/cli_pipe.c:905(cli_pipe_validate_current_pdu)
cli_pipe_validate_current_pdu: got pdu len 48, data_len 24, ss_len 0
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1382(rpc_api_pipe_got_pdu)
rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1433(rpc_api_pipe_got_pdu)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com returned 48 bytes.
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
lsa_OpenPolicy: struct lsa_OpenPolicy
out: struct lsa_OpenPolicy
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
a08dee01-88e1-4c62-a3ee-9cd7478d7fec
result : NT_STATUS_OK
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
lsa_QueryInfoPolicy2: struct lsa_QueryInfoPolicy2
in: struct lsa_QueryInfoPolicy2
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
a08dee01-88e1-4c62-a3ee-9cd7478d7fec
level : LSA_POLICY_INFO_DNS (12)
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 002e
000a auth_len : 0000
000c call_id : 00000003
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 00000016
0014 context_id: 0000
0016 opnum : 002e
[2010/09/03 03:10:23, 5] rpc_client/cli_pipe.c:1280(rpc_api_pipe_send)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com
[2010/09/03 03:10:23, 10] libsmb/clitrans.c:825(cli_ship_trans)
num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0,
data_total=46, this_data=46, max_data=4280, param_offset=82,
param_disp=0, data_disp=0
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:510(cli_chain_cork)
cli_chain_cork: mid=8
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 10
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:351(client_sign_outgoing_message)
client_sign_outgoing_message: sent SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 5A 14 A5 1F BB 80 B3 48 Z......H
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:67(store_sequence_for_reply)
store_sequence_for_reply: stored seq = 11 mid = 8
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 11 mid = 8
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 11
[2010/09/03 03:10:23, 10]
libsmb/smb_signing.c:434(client_check_incoming_message)
client_check_incoming_message: seq 11: got good SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] DD B1 3B 3F B4 5F 63 DE ..;?._c.
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu)
handle_incoming_pdu: got mid 8
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 11 mid = 8
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 00dc
000a auth_len : 0000
000c call_id : 00000003
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Added timed event "async_trigger": 0x7f0a3e4156b0
[2010/09/03 03:10:23, 10] lib/events.c:105(run_events)
Running timed event "async_trigger" 0x7f0a3e4156b0
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Destroying timer event 0x7f0a3e4156b0 "async_trigger"
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 000000c4
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
[2010/09/03 03:10:23, 10]
rpc_client/cli_pipe.c:905(cli_pipe_validate_current_pdu)
cli_pipe_validate_current_pdu: got pdu len 220, data_len 196, ss_len 0
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1382(rpc_api_pipe_got_pdu)
rpc_api_pipe: got frag len of 220 at offset 0: NT_STATUS_OK
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1433(rpc_api_pipe_got_pdu)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com returned 392 bytes.
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
lsa_QueryInfoPolicy2: struct lsa_QueryInfoPolicy2
out: struct lsa_QueryInfoPolicy2
info : *
info : *
info : union
lsa_PolicyInformation(case 12)
dns: struct lsa_DnsDomainInfo
name: struct lsa_StringLarge
length : 0x0014 (20)
size : 0x0016 (22)
string : *
string : 'ABCDEFGH'
dns_domain: struct lsa_StringLarge
length : 0x001c (28)
size : 0x001e (30)
string : *
string : 'abcdefgh.com'
dns_forest: struct lsa_StringLarge
length : 0x001c (28)
size : 0x001e (30)
string : *
string : 'abcdefgh.com'
domain_guid :
cf0ce0a9-7dce-4887-NNNN-NNNe165970cc
sid : *
sid :
S-1-5-21-XXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX
result : NT_STATUS_OK
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
lsa_Close: struct lsa_Close
in: struct lsa_Close
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
a08dee01-88e1-4c62-a3ee-9cd7478d7fec
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 002c
000a auth_len : 0000
000c call_id : 00000004
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 00000014
0014 context_id: 0000
0016 opnum : 0000
[2010/09/03 03:10:23, 5] rpc_client/cli_pipe.c:1280(rpc_api_pipe_send)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com
[2010/09/03 03:10:23, 10] libsmb/clitrans.c:825(cli_ship_trans)
num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0,
data_total=44, this_data=44, max_data=4280, param_offset=82,
param_disp=0, data_disp=0
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:510(cli_chain_cork)
cli_chain_cork: mid=9
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 12
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:351(client_sign_outgoing_message)
client_sign_outgoing_message: sent SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] B9 31 88 D4 BE 91 03 5F .1....._
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:67(store_sequence_for_reply)
store_sequence_for_reply: stored seq = 13 mid = 9
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 13 mid = 9
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 13
[2010/09/03 03:10:23, 10]
libsmb/smb_signing.c:434(client_check_incoming_message)
client_check_incoming_message: seq 13: got good SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 9D 7F DF 6E 25 38 B9 22 ...n%8."
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu)
handle_incoming_pdu: got mid 9
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 13 mid = 9
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0030
000a auth_len : 0000
000c call_id : 00000004
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Added timed event "async_trigger": 0x7f0a3e414b90
[2010/09/03 03:10:23, 10] lib/events.c:105(run_events)
Running timed event "async_trigger" 0x7f0a3e414b90
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Destroying timer event 0x7f0a3e414b90 "async_trigger"
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 00000018
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
[2010/09/03 03:10:23, 10]
rpc_client/cli_pipe.c:905(cli_pipe_validate_current_pdu)
cli_pipe_validate_current_pdu: got pdu len 48, data_len 24, ss_len 0
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1382(rpc_api_pipe_got_pdu)
rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1433(rpc_api_pipe_got_pdu)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com returned 48 bytes.
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
lsa_Close: struct lsa_Close
out: struct lsa_Close
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
00000000-0000-0000-0000-000000000000
result : NT_STATUS_OK
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:510(cli_chain_cork)
cli_chain_cork: mid=10
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 14
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:351(client_sign_outgoing_message)
client_sign_outgoing_message: sent SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 9A 0A 63 39 1E 22 E3 25 ..c9.".%
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:67(store_sequence_for_reply)
store_sequence_for_reply: stored seq = 15 mid = 10
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 15 mid = 10
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 15
[2010/09/03 03:10:23, 10]
libsmb/smb_signing.c:434(client_check_incoming_message)
client_check_incoming_message: seq 15: got good SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] EA D0 FE 59 CE 78 2D 0A ...Y.x-.
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu)
handle_incoming_pdu: got mid 10
[2010/09/03 03:10:23, 10]
rpc_client/rpc_transport_np.c:40(rpc_transport_np_state_destructor)
rpc_pipe_destructor: closed \lsarpc
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:510(cli_chain_cork)
cli_chain_cork: mid=11
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 16
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:351(client_sign_outgoing_message)
client_sign_outgoing_message: sent SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 90 6F EF B7 41 20 8E A2 .o..A ..
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:67(store_sequence_for_reply)
store_sequence_for_reply: stored seq = 17 mid = 11
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 17 mid = 11
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 17
[2010/09/03 03:10:23, 10]
libsmb/smb_signing.c:434(client_check_incoming_message)
client_check_incoming_message: seq 17: got good SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 52 A7 63 4E 85 FF 0B 85 R.cN....
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu)
handle_incoming_pdu: got mid 11
[2010/09/03 03:10:23, 5] rpc_client/cli_pipe.c:2555(rpc_pipe_bind_send)
Bind RPC Pipe: host 0123456789A0001.abcdefgh.com auth_type 0, auth_level 0
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 0b
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0048
000a auth_len : 0000
000c call_id : 00000005
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_rb
[2010/09/03 03:10:23, 6] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_bba
0010 max_tsize: 10b8
0012 max_rsize: 10b8
0014 assoc_gid: 00000000
0018 num_contexts: 01
001c context_id : 0000
001e num_transfer_syntaxes: 01
[2010/09/03 03:10:23, 6] rpc_parse/parse_prs.c:88(prs_debug)
00001f smb_io_rpc_iface
[2010/09/03 03:10:23, 7] rpc_parse/parse_prs.c:88(prs_debug)
000020 smb_io_uuid uuid
0020 data : 12345778
0024 data : 1234
0026 data : abcd
0028 data : ef 00
002a data : 01 23 45 67 89 ac
0030 version: 00000001
[2010/09/03 03:10:23, 6] rpc_parse/parse_prs.c:88(prs_debug)
000034 smb_io_rpc_iface
[2010/09/03 03:10:23, 7] rpc_parse/parse_prs.c:88(prs_debug)
000034 smb_io_uuid uuid
0034 data : 8a885d04
0038 data : 1ceb
003a data : 11c9
003c data : 9f e8
003e data : 08 00 2b 10 48 60
0044 version: 00000002
[2010/09/03 03:10:23, 5] rpc_client/cli_pipe.c:1280(rpc_api_pipe_send)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com
[2010/09/03 03:10:23, 10] libsmb/clitrans.c:825(cli_ship_trans)
num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0,
data_total=72, this_data=72, max_data=4280, param_offset=82,
param_disp=0, data_disp=0
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:510(cli_chain_cork)
cli_chain_cork: mid=12
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 18
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:351(client_sign_outgoing_message)
client_sign_outgoing_message: sent SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 15 FC 01 5C 18 DF 75 3E ...\..u>
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:67(store_sequence_for_reply)
store_sequence_for_reply: stored seq = 19 mid = 12
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 19 mid = 12
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 19
[2010/09/03 03:10:23, 10]
libsmb/smb_signing.c:434(client_check_incoming_message)
client_check_incoming_message: seq 19: got good SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 2B 56 8D 3E 7A D9 C2 AA +V.>z...
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu)
handle_incoming_pdu: got mid 12
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 19 mid = 12
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 0c
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0044
000a auth_len : 0000
000c call_id : 00000005
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Added timed event "async_trigger": 0x7f0a3e417760
[2010/09/03 03:10:23, 10] lib/events.c:105(run_events)
Running timed event "async_trigger" 0x7f0a3e417760
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Destroying timer event 0x7f0a3e417760 "async_trigger"
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1382(rpc_api_pipe_got_pdu)
rpc_api_pipe: got frag len of 68 at offset 0: NT_STATUS_OK
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1433(rpc_api_pipe_got_pdu)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com returned 68 bytes.
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 0c
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0044
000a auth_len : 0000
000c call_id : 00000005
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_ba
[2010/09/03 03:10:23, 6] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_bba
0010 max_tsize: 10b8
0012 max_rsize: 10b8
0014 assoc_gid: 0000ddf5
[2010/09/03 03:10:23, 6] rpc_parse/parse_prs.c:88(prs_debug)
000018 smb_io_rpc_addr_str
0018 len: 000c
001a str: \PIPE\lsass.
[2010/09/03 03:10:23, 6] rpc_parse/parse_prs.c:88(prs_debug)
000026 smb_io_rpc_results
0028 num_results: 01
002c result : 0000
002e reason : 0000
[2010/09/03 03:10:23, 6] rpc_parse/parse_prs.c:88(prs_debug)
000030 smb_io_rpc_iface
[2010/09/03 03:10:23, 7] rpc_parse/parse_prs.c:88(prs_debug)
000030 smb_io_uuid uuid
0030 data : 8a885d04
0034 data : 1ceb
0036 data : 11c9
0038 data : 9f e8
003a data : 08 00 2b 10 48 60
0040 version: 00000002
[2010/09/03 03:10:23, 5] rpc_client/cli_pipe.c:2402(check_bind_response)
check_bind_response: accepted!
[2010/09/03 03:10:23, 10]
rpc_client/cli_pipe.c:3682(cli_rpc_pipe_open_noauth_transport)
cli_rpc_pipe_open_noauth: opened pipe \samr to machine
0123456789A0001.abcdefgh.com and bound anonymously.
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
samr_Connect2: struct samr_Connect2
in: struct samr_Connect2
system_name : *
system_name : '0123456789A0001.abcdefgh.com'
access_mask : 0x00000030 (48)
0: SAMR_ACCESS_CONNECT_TO_SERVER
0: SAMR_ACCESS_SHUTDOWN_SERVER
0: SAMR_ACCESS_INITIALIZE_SERVER
0: SAMR_ACCESS_CREATE_DOMAIN
1: SAMR_ACCESS_ENUM_DOMAINS
1: SAMR_ACCESS_LOOKUP_DOMAIN
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 006c
000a auth_len : 0000
000c call_id : 00000006
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 00000054
0014 context_id: 0000
0016 opnum : 0039
[2010/09/03 03:10:23, 5] rpc_client/cli_pipe.c:1280(rpc_api_pipe_send)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com
[2010/09/03 03:10:23, 10] libsmb/clitrans.c:825(cli_ship_trans)
num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0,
data_total=108, this_data=108, max_data=4280, param_offset=82,
param_disp=0, data_disp=0
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:510(cli_chain_cork)
cli_chain_cork: mid=13
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 20
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:351(client_sign_outgoing_message)
client_sign_outgoing_message: sent SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 16 0A 63 E3 5D 7B AC 20 ..c.]{.
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:67(store_sequence_for_reply)
store_sequence_for_reply: stored seq = 21 mid = 13
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 21 mid = 13
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 21
[2010/09/03 03:10:23, 10]
libsmb/smb_signing.c:434(client_check_incoming_message)
client_check_incoming_message: seq 21: got good SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 01 33 17 79 94 A2 1A F3 .3.y....
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu)
handle_incoming_pdu: got mid 13
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 21 mid = 13
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0030
000a auth_len : 0000
000c call_id : 00000006
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Added timed event "async_trigger": 0x7f0a3e4163e0
[2010/09/03 03:10:23, 10] lib/events.c:105(run_events)
Running timed event "async_trigger" 0x7f0a3e4163e0
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Destroying timer event 0x7f0a3e4163e0 "async_trigger"
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 00000018
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
[2010/09/03 03:10:23, 10]
rpc_client/cli_pipe.c:905(cli_pipe_validate_current_pdu)
cli_pipe_validate_current_pdu: got pdu len 48, data_len 24, ss_len 0
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1382(rpc_api_pipe_got_pdu)
rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1433(rpc_api_pipe_got_pdu)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com returned 48 bytes.
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
samr_Connect2: struct samr_Connect2
out: struct samr_Connect2
connect_handle : *
connect_handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
2dba5d3b-1fe9-46b2-8255-7e1dc752bc5d
result : NT_STATUS_OK
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
samr_OpenDomain: struct samr_OpenDomain
in: struct samr_OpenDomain
connect_handle : *
connect_handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
2dba5d3b-1fe9-46b2-8255-7e1dc752bc5d
access_mask : 0x00000211 (529)
1: SAMR_DOMAIN_ACCESS_LOOKUP_INFO_1
0: SAMR_DOMAIN_ACCESS_SET_INFO_1
0: SAMR_DOMAIN_ACCESS_LOOKUP_INFO_2
0: SAMR_DOMAIN_ACCESS_SET_INFO_2
1: SAMR_DOMAIN_ACCESS_CREATE_USER
0: SAMR_DOMAIN_ACCESS_CREATE_GROUP
0: SAMR_DOMAIN_ACCESS_CREATE_ALIAS
0: SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS
0: SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS
1: SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT
0: SAMR_DOMAIN_ACCESS_SET_INFO_3
sid : *
sid :
S-1-5-21-NNNNNNNNN-NNNNNNNNNN-NNNNNNNNNN
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 004c
000a auth_len : 0000
000c call_id : 00000007
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 00000034
0014 context_id: 0000
0016 opnum : 0007
[2010/09/03 03:10:23, 5] rpc_client/cli_pipe.c:1280(rpc_api_pipe_send)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com
[2010/09/03 03:10:23, 10] libsmb/clitrans.c:825(cli_ship_trans)
num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0,
data_total=76, this_data=76, max_data=4280, param_offset=82,
param_disp=0, data_disp=0
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:510(cli_chain_cork)
cli_chain_cork: mid=14
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 22
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:351(client_sign_outgoing_message)
client_sign_outgoing_message: sent SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 5F 20 E2 75 FA 0C D3 7E _ .u...~
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:67(store_sequence_for_reply)
store_sequence_for_reply: stored seq = 23 mid = 14
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 23 mid = 14
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 23
[2010/09/03 03:10:23, 10]
libsmb/smb_signing.c:434(client_check_incoming_message)
client_check_incoming_message: seq 23: got good SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 63 8F C2 2B 60 B4 C6 38 c..+`..8
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu)
handle_incoming_pdu: got mid 14
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 23 mid = 14
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0030
000a auth_len : 0000
000c call_id : 00000007
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Added timed event "async_trigger": 0x7f0a3e4164b0
[2010/09/03 03:10:23, 10] lib/events.c:105(run_events)
Running timed event "async_trigger" 0x7f0a3e4164b0
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Destroying timer event 0x7f0a3e4164b0 "async_trigger"
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 00000018
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
[2010/09/03 03:10:23, 10]
rpc_client/cli_pipe.c:905(cli_pipe_validate_current_pdu)
cli_pipe_validate_current_pdu: got pdu len 48, data_len 24, ss_len 0
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1382(rpc_api_pipe_got_pdu)
rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1433(rpc_api_pipe_got_pdu)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com returned 48 bytes.
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
samr_OpenDomain: struct samr_OpenDomain
out: struct samr_OpenDomain
domain_handle : *
domain_handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
e8e2047c-9815-40c3-a690-aed4cf2ef015
result : NT_STATUS_OK
[2010/09/03 03:10:23, 10] libnet/libnet_join.c:824(libnet_join_joindomain_rpc)
Creating account with desired access mask: -536543056
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
samr_CreateUser2: struct samr_CreateUser2
in: struct samr_CreateUser2
domain_handle : *
domain_handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
e8e2047c-9815-40c3-a690-aed4cf2ef015
account_name : *
account_name: struct lsa_String
length : 0x0020 (32)
size : 0x0020 (32)
string : *
string : '0123456789a0003$'
acct_flags : 0x00000080 (128)
0: ACB_DISABLED
0: ACB_HOMDIRREQ
0: ACB_PWNOTREQ
0: ACB_TEMPDUP
0: ACB_NORMAL
0: ACB_MNS
0: ACB_DOMTRUST
1: ACB_WSTRUST
0: ACB_SVRTRUST
0: ACB_PWNOEXP
0: ACB_AUTOLOCK
0: ACB_ENC_TXT_PWD_ALLOWED
0: ACB_SMARTCARD_REQUIRED
0: ACB_TRUSTED_FOR_DELEGATION
0: ACB_NOT_DELEGATED
0: ACB_USE_DES_KEY_ONLY
0: ACB_DONT_REQUIRE_PREAUTH
0: ACB_PW_EXPIRED
0: ACB_NO_AUTH_DATA_REQD
access_mask : 0xe00500b0 (3758424240)
0: SAMR_USER_ACCESS_GET_NAME_ETC
0: SAMR_USER_ACCESS_GET_LOCALE
0: SAMR_USER_ACCESS_SET_LOC_COM
0: SAMR_USER_ACCESS_GET_LOGONINFO
1: SAMR_USER_ACCESS_GET_ATTRIBUTES
1: SAMR_USER_ACCESS_SET_ATTRIBUTES
0: SAMR_USER_ACCESS_CHANGE_PASSWORD
1: SAMR_USER_ACCESS_SET_PASSWORD
0: SAMR_USER_ACCESS_GET_GROUPS
0: SAMR_USER_ACCESS_GET_GROUP_MEMBERSHIP
0: SAMR_USER_ACCESS_CHANGE_GROUP_MEMBERSHIP
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0068
000a auth_len : 0000
000c call_id : 00000008
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 00000050
0014 context_id: 0000
0016 opnum : 0032
[2010/09/03 03:10:23, 5] rpc_client/cli_pipe.c:1280(rpc_api_pipe_send)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com
[2010/09/03 03:10:23, 10] libsmb/clitrans.c:825(cli_ship_trans)
num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0,
data_total=104, this_data=104, max_data=4280, param_offset=82,
param_disp=0, data_disp=0
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:510(cli_chain_cork)
cli_chain_cork: mid=15
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 24
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:351(client_sign_outgoing_message)
client_sign_outgoing_message: sent SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 04 F4 F2 43 50 F6 0D 98 ...CP...
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:67(store_sequence_for_reply)
store_sequence_for_reply: stored seq = 25 mid = 15
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 25 mid = 15
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 25
[2010/09/03 03:10:23, 10]
libsmb/smb_signing.c:434(client_check_incoming_message)
client_check_incoming_message: seq 25: got good SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 31 B4 1D 53 E4 60 93 3A 1..S.`.:
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu)
handle_incoming_pdu: got mid 15
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 25 mid = 15
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0038
000a auth_len : 0000
000c call_id : 00000008
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Added timed event "async_trigger": 0x7f0a3e4163e0
[2010/09/03 03:10:23, 10] lib/events.c:105(run_events)
Running timed event "async_trigger" 0x7f0a3e4163e0
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Destroying timer event 0x7f0a3e4163e0 "async_trigger"
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 00000020
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
[2010/09/03 03:10:23, 10]
rpc_client/cli_pipe.c:905(cli_pipe_validate_current_pdu)
cli_pipe_validate_current_pdu: got pdu len 56, data_len 32, ss_len 0
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1382(rpc_api_pipe_got_pdu)
rpc_api_pipe: got frag len of 56 at offset 0: NT_STATUS_OK
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1433(rpc_api_pipe_got_pdu)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com returned 64 bytes.
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
samr_CreateUser2: struct samr_CreateUser2
out: struct samr_CreateUser2
user_handle : *
user_handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
00000000-0000-0000-0000-000000000000
access_granted : *
access_granted : 0x00000000 (0)
rid : *
rid : 0x00000000 (0)
result : NT_STATUS_USER_EXISTS
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
samr_LookupNames: struct samr_LookupNames
in: struct samr_LookupNames
domain_handle : *
domain_handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
e8e2047c-9815-40c3-a690-aed4cf2ef015
num_names : 0x00000001 (1)
names: ARRAY(1)
names: struct lsa_String
length : 0x0020 (32)
size : 0x0020 (32)
string : *
string : '0123456789a0003$'
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0070
000a auth_len : 0000
000c call_id : 00000009
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 00000058
0014 context_id: 0000
0016 opnum : 0011
[2010/09/03 03:10:23, 5] rpc_client/cli_pipe.c:1280(rpc_api_pipe_send)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com
[2010/09/03 03:10:23, 10] libsmb/clitrans.c:825(cli_ship_trans)
num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0,
data_total=112, this_data=112, max_data=4280, param_offset=82,
param_disp=0, data_disp=0
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:510(cli_chain_cork)
cli_chain_cork: mid=16
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 26
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:351(client_sign_outgoing_message)
client_sign_outgoing_message: sent SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 53 AE 57 52 1A 31 41 F4 S.WR.1A.
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:67(store_sequence_for_reply)
store_sequence_for_reply: stored seq = 27 mid = 16
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 27 mid = 16
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 27
[2010/09/03 03:10:23, 10]
libsmb/smb_signing.c:434(client_check_incoming_message)
client_check_incoming_message: seq 27: got good SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] D6 60 73 48 E2 42 E1 BC .`sH.B..
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu)
handle_incoming_pdu: got mid 16
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 27 mid = 16
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 003c
000a auth_len : 0000
000c call_id : 00000009
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Added timed event "async_trigger": 0x7f0a3e414130
[2010/09/03 03:10:23, 10] lib/events.c:105(run_events)
Running timed event "async_trigger" 0x7f0a3e414130
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Destroying timer event 0x7f0a3e414130 "async_trigger"
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 00000024
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
[2010/09/03 03:10:23, 10]
rpc_client/cli_pipe.c:905(cli_pipe_validate_current_pdu)
cli_pipe_validate_current_pdu: got pdu len 60, data_len 36, ss_len 0
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1382(rpc_api_pipe_got_pdu)
rpc_api_pipe: got frag len of 60 at offset 0: NT_STATUS_OK
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1433(rpc_api_pipe_got_pdu)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com returned 72 bytes.
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
samr_LookupNames: struct samr_LookupNames
out: struct samr_LookupNames
rids : *
rids: struct samr_Ids
count : 0x00000001 (1)
ids : *
ids: ARRAY(1)
ids : 0x0000065e (1630)
types : *
types: struct samr_Ids
count : 0x00000001 (1)
ids : *
ids: ARRAY(1)
ids : 0x00000001 (1)
result : NT_STATUS_OK
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
samr_OpenUser: struct samr_OpenUser
in: struct samr_OpenUser
domain_handle : *
domain_handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
e8e2047c-9815-40c3-a690-aed4cf2ef015
access_mask : 0x02000000 (33554432)
0: SAMR_USER_ACCESS_GET_NAME_ETC
0: SAMR_USER_ACCESS_GET_LOCALE
0: SAMR_USER_ACCESS_SET_LOC_COM
0: SAMR_USER_ACCESS_GET_LOGONINFO
0: SAMR_USER_ACCESS_GET_ATTRIBUTES
0: SAMR_USER_ACCESS_SET_ATTRIBUTES
0: SAMR_USER_ACCESS_CHANGE_PASSWORD
0: SAMR_USER_ACCESS_SET_PASSWORD
0: SAMR_USER_ACCESS_GET_GROUPS
0: SAMR_USER_ACCESS_GET_GROUP_MEMBERSHIP
0: SAMR_USER_ACCESS_CHANGE_GROUP_MEMBERSHIP
rid : 0x0000065e (1630)
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0034
000a auth_len : 0000
000c call_id : 0000000a
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 0000001c
0014 context_id: 0000
0016 opnum : 0022
[2010/09/03 03:10:23, 5] rpc_client/cli_pipe.c:1280(rpc_api_pipe_send)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com
[2010/09/03 03:10:23, 10] libsmb/clitrans.c:825(cli_ship_trans)
num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0,
data_total=52, this_data=52, max_data=4280, param_offset=82,
param_disp=0, data_disp=0
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:510(cli_chain_cork)
cli_chain_cork: mid=17
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 28
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:351(client_sign_outgoing_message)
client_sign_outgoing_message: sent SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 0D FB 62 12 FB F1 44 7E ..b...D~
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:67(store_sequence_for_reply)
store_sequence_for_reply: stored seq = 29 mid = 17
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 29 mid = 17
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 29
[2010/09/03 03:10:23, 10]
libsmb/smb_signing.c:434(client_check_incoming_message)
client_check_incoming_message: seq 29: got good SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 37 32 FC E3 6D 35 37 F6 72..m57.
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu)
handle_incoming_pdu: got mid 17
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 29 mid = 17
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0030
000a auth_len : 0000
000c call_id : 0000000a
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Added timed event "async_trigger": 0x7f0a3e414290
[2010/09/03 03:10:23, 10] lib/events.c:105(run_events)
Running timed event "async_trigger" 0x7f0a3e414290
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Destroying timer event 0x7f0a3e414290 "async_trigger"
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 00000018
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
[2010/09/03 03:10:23, 10]
rpc_client/cli_pipe.c:905(cli_pipe_validate_current_pdu)
cli_pipe_validate_current_pdu: got pdu len 48, data_len 24, ss_len 0
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1382(rpc_api_pipe_got_pdu)
rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1433(rpc_api_pipe_got_pdu)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com returned 48 bytes.
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
samr_OpenUser: struct samr_OpenUser
out: struct samr_OpenUser
user_handle : *
user_handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
8ba0e2a0-ce50-4062-afb5-6beaca8150c0
result : NT_STATUS_OK
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
samr_SetUserInfo: struct samr_SetUserInfo
in: struct samr_SetUserInfo
user_handle : *
user_handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
8ba0e2a0-ce50-4062-afb5-6beaca8150c0
level : 0x0010 (16)
info : *
info : union samr_UserInfo(case 16)
info16: struct samr_UserInfo16
acct_flags : 0x00000280 (640)
0: ACB_DISABLED
0: ACB_HOMDIRREQ
0: ACB_PWNOTREQ
0: ACB_TEMPDUP
0: ACB_NORMAL
0: ACB_MNS
0: ACB_DOMTRUST
1: ACB_WSTRUST
0: ACB_SVRTRUST
1: ACB_PWNOEXP
0: ACB_AUTOLOCK
0: ACB_ENC_TXT_PWD_ALLOWED
0: ACB_SMARTCARD_REQUIRED
0: ACB_TRUSTED_FOR_DELEGATION
0: ACB_NOT_DELEGATED
0: ACB_USE_DES_KEY_ONLY
0: ACB_DONT_REQUIRE_PREAUTH
0: ACB_PW_EXPIRED
0: ACB_NO_AUTH_DATA_REQD
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0034
000a auth_len : 0000
000c call_id : 0000000b
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 0000001c
0014 context_id: 0000
0016 opnum : 0025
[2010/09/03 03:10:23, 5] rpc_client/cli_pipe.c:1280(rpc_api_pipe_send)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com
[2010/09/03 03:10:23, 10] libsmb/clitrans.c:825(cli_ship_trans)
num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0,
data_total=52, this_data=52, max_data=4280, param_offset=82,
param_disp=0, data_disp=0
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:510(cli_chain_cork)
cli_chain_cork: mid=18
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 30
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:351(client_sign_outgoing_message)
client_sign_outgoing_message: sent SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 17 8A A1 BD F2 F3 2C 22 ......,"
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:67(store_sequence_for_reply)
store_sequence_for_reply: stored seq = 31 mid = 18
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 31 mid = 18
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 31
[2010/09/03 03:10:23, 10]
libsmb/smb_signing.c:434(client_check_incoming_message)
client_check_incoming_message: seq 31: got good SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] CC 7A 38 BA B8 F3 FB C1 .z8.....
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu)
handle_incoming_pdu: got mid 18
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 31 mid = 18
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 001c
000a auth_len : 0000
000c call_id : 0000000b
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Added timed event "async_trigger": 0x7f0a3e414360
[2010/09/03 03:10:23, 10] lib/events.c:105(run_events)
Running timed event "async_trigger" 0x7f0a3e414360
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Destroying timer event 0x7f0a3e414360 "async_trigger"
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 00000004
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
[2010/09/03 03:10:23, 10]
rpc_client/cli_pipe.c:905(cli_pipe_validate_current_pdu)
cli_pipe_validate_current_pdu: got pdu len 28, data_len 4, ss_len 0
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1382(rpc_api_pipe_got_pdu)
rpc_api_pipe: got frag len of 28 at offset 0: NT_STATUS_OK
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1433(rpc_api_pipe_got_pdu)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com returned 8 bytes.
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
samr_SetUserInfo: struct samr_SetUserInfo
out: struct samr_SetUserInfo
result : NT_STATUS_OK
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
samr_SetUserInfo2: struct samr_SetUserInfo2
in: struct samr_SetUserInfo2
user_handle : *
user_handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
8ba0e2a0-ce50-4062-afb5-6beaca8150c0
level : 0x001a (26)
info : *
info : union samr_UserInfo(case 26)
info26: struct samr_UserInfo26
password: struct samr_CryptPasswordEx
data :
ca2585f0b5fae0af526285f3b9d3928e2d1baf57cf53f8cc7dd2e0772d5c6b924b5b3e03c1fa741bec8ded3e3049eb3aae37fac35d81d35145832eb5219b21ba409ae271320ed23b64e5bc030b2a9f1f175856d9fc43ffb5f19a4632a4546b5298f8fd1f5ba257e82c3ce7ca212c3326fa8b698df06ce0b6d8349ef8c39ba01ea309dbd9ce688353d2163879f33bd67b09db4e2db8b4c1c9dcfc60dbe8bcf1d2e27459fd2e6b7e601e7800af09f9c5a8237b58bdbe4064075afd74c5e8e1abbf08bbf82c22f16d9bd0fb2ffb1a262be80ba4b0265fb0b52da4f87e3fc01143f86745f9971182cb8d7294113d82cb2dcc8a11d34d42e825c38a46282f980295b8e5bb1f7342ed377ef90db182c7e830c78be2e07bbdbcbd9cf2c4bcb24c9bf62b68295261915e98020245b433ee5488ad924afc23d246c1e179d09f4c170048d84821aa30fa044c9f7fcc7aa62538f083a93d0a13db068cc7ddab99076c042a849838dba640436c2cbefc7fad3cd243e70265b4686237f62fde73de2689f561a073e51f4c98eed71dcf9ff1a220b13197d827b4b605b12cee3b5a49e8c955ef76912536dd394eca3f438d939e37e9896882a15f1b6229e331561cbc90b1824e19657c60ea54bffdebef085e0d06a950fa55f59bf9d19dd490bfa5c1338cdf6d496396dc7155
+>
25a4eb0aefac03b512afbd0b52e75c928549ac2ad64c48e4bfe90c826e10460c614f7a6d7031f4fe1e851899a92d7e
password_expired : 0x00 (0)
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0245
000a auth_len : 0000
000c call_id : 0000000c
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 0000022d
0014 context_id: 0000
0016 opnum : 003a
[2010/09/03 03:10:23, 5] rpc_client/cli_pipe.c:1280(rpc_api_pipe_send)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com
[2010/09/03 03:10:23, 10] libsmb/clitrans.c:825(cli_ship_trans)
num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0,
data_total=581, this_data=581, max_data=4280, param_offset=82,
param_disp=0, data_disp=0
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:510(cli_chain_cork)
cli_chain_cork: mid=19
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 32
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:351(client_sign_outgoing_message)
client_sign_outgoing_message: sent SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] B9 D1 07 1B E8 4F 9A 7D .....O.}
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:67(store_sequence_for_reply)
store_sequence_for_reply: stored seq = 33 mid = 19
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 33 mid = 19
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 33
[2010/09/03 03:10:23, 10]
libsmb/smb_signing.c:434(client_check_incoming_message)
client_check_incoming_message: seq 33: got good SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] CA E3 CE 75 CE B8 4E 50 ...u..NP
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu)
handle_incoming_pdu: got mid 19
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 33 mid = 19
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 001c
000a auth_len : 0000
000c call_id : 0000000c
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Added timed event "async_trigger": 0x7f0a3e4147a0
[2010/09/03 03:10:23, 10] lib/events.c:105(run_events)
Running timed event "async_trigger" 0x7f0a3e4147a0
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Destroying timer event 0x7f0a3e4147a0 "async_trigger"
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 00000004
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
[2010/09/03 03:10:23, 10]
rpc_client/cli_pipe.c:905(cli_pipe_validate_current_pdu)
cli_pipe_validate_current_pdu: got pdu len 28, data_len 4, ss_len 0
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1382(rpc_api_pipe_got_pdu)
rpc_api_pipe: got frag len of 28 at offset 0: NT_STATUS_OK
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1433(rpc_api_pipe_got_pdu)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com returned 8 bytes.
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
samr_SetUserInfo2: struct samr_SetUserInfo2
out: struct samr_SetUserInfo2
result : NT_STATUS_OK
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
samr_Close: struct samr_Close
in: struct samr_Close
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
2dba5d3b-1fe9-46b2-8255-7e1dc752bc5d
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 002c
000a auth_len : 0000
000c call_id : 0000000d
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 00000014
0014 context_id: 0000
0016 opnum : 0001
[2010/09/03 03:10:23, 5] rpc_client/cli_pipe.c:1280(rpc_api_pipe_send)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com
[2010/09/03 03:10:23, 10] libsmb/clitrans.c:825(cli_ship_trans)
num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0,
data_total=44, this_data=44, max_data=4280, param_offset=82,
param_disp=0, data_disp=0
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:510(cli_chain_cork)
cli_chain_cork: mid=20
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 34
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:351(client_sign_outgoing_message)
client_sign_outgoing_message: sent SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 79 79 5B 0E DD 98 02 EB yy[.....
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:67(store_sequence_for_reply)
store_sequence_for_reply: stored seq = 35 mid = 20
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 35 mid = 20
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 35
[2010/09/03 03:10:23, 10]
libsmb/smb_signing.c:434(client_check_incoming_message)
client_check_incoming_message: seq 35: got good SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 8E 5D 2B B1 CC A6 79 CE .]+...y.
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu)
handle_incoming_pdu: got mid 20
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 35 mid = 20
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0030
000a auth_len : 0000
000c call_id : 0000000d
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Added timed event "async_trigger": 0x7f0a3e414360
[2010/09/03 03:10:23, 10] lib/events.c:105(run_events)
Running timed event "async_trigger" 0x7f0a3e414360
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Destroying timer event 0x7f0a3e414360 "async_trigger"
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 00000018
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
[2010/09/03 03:10:23, 10]
rpc_client/cli_pipe.c:905(cli_pipe_validate_current_pdu)
cli_pipe_validate_current_pdu: got pdu len 48, data_len 24, ss_len 0
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1382(rpc_api_pipe_got_pdu)
rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1433(rpc_api_pipe_got_pdu)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com returned 48 bytes.
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
samr_Close: struct samr_Close
out: struct samr_Close
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
00000000-0000-0000-0000-000000000000
result : NT_STATUS_OK
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
samr_Close: struct samr_Close
in: struct samr_Close
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
e8e2047c-9815-40c3-a690-aed4cf2ef015
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 002c
000a auth_len : 0000
000c call_id : 0000000e
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 00000014
0014 context_id: 0000
0016 opnum : 0001
[2010/09/03 03:10:23, 5] rpc_client/cli_pipe.c:1280(rpc_api_pipe_send)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com
[2010/09/03 03:10:23, 10] libsmb/clitrans.c:825(cli_ship_trans)
num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0,
data_total=44, this_data=44, max_data=4280, param_offset=82,
param_disp=0, data_disp=0
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:510(cli_chain_cork)
cli_chain_cork: mid=21
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 36
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:351(client_sign_outgoing_message)
client_sign_outgoing_message: sent SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 0C 5B BE AD C8 A7 7C 5F .[....|_
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:67(store_sequence_for_reply)
store_sequence_for_reply: stored seq = 37 mid = 21
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 37 mid = 21
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 37
[2010/09/03 03:10:23, 10]
libsmb/smb_signing.c:434(client_check_incoming_message)
client_check_incoming_message: seq 37: got good SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] BD E4 7D C0 B2 27 11 1B ..}..'..
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu)
handle_incoming_pdu: got mid 21
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 37 mid = 21
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0030
000a auth_len : 0000
000c call_id : 0000000e
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Added timed event "async_trigger": 0x7f0a3e4141a0
[2010/09/03 03:10:23, 10] lib/events.c:105(run_events)
Running timed event "async_trigger" 0x7f0a3e4141a0
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Destroying timer event 0x7f0a3e4141a0 "async_trigger"
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 00000018
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
[2010/09/03 03:10:23, 10]
rpc_client/cli_pipe.c:905(cli_pipe_validate_current_pdu)
cli_pipe_validate_current_pdu: got pdu len 48, data_len 24, ss_len 0
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1382(rpc_api_pipe_got_pdu)
rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1433(rpc_api_pipe_got_pdu)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com returned 48 bytes.
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
samr_Close: struct samr_Close
out: struct samr_Close
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
00000000-0000-0000-0000-000000000000
result : NT_STATUS_OK
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
samr_Close: struct samr_Close
in: struct samr_Close
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
8ba0e2a0-ce50-4062-afb5-6beaca8150c0
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 002c
000a auth_len : 0000
000c call_id : 0000000f
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 00000014
0014 context_id: 0000
0016 opnum : 0001
[2010/09/03 03:10:23, 5] rpc_client/cli_pipe.c:1280(rpc_api_pipe_send)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com
[2010/09/03 03:10:23, 10] libsmb/clitrans.c:825(cli_ship_trans)
num_setup=2, max_setup=0, param_total=0, this_param=0, max_param=0,
data_total=44, this_data=44, max_data=4280, param_offset=82,
param_disp=0, data_disp=0
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:510(cli_chain_cork)
cli_chain_cork: mid=22
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 38
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:351(client_sign_outgoing_message)
client_sign_outgoing_message: sent SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 74 69 F0 27 77 5A AB 6A ti.'wZ.j
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:67(store_sequence_for_reply)
store_sequence_for_reply: stored seq = 39 mid = 22
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 39 mid = 22
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 39
[2010/09/03 03:10:23, 10]
libsmb/smb_signing.c:434(client_check_incoming_message)
client_check_incoming_message: seq 39: got good SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 0B BE E5 DA E3 D4 51 D3 ......Q.
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu)
handle_incoming_pdu: got mid 22
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 39 mid = 22
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0030
000a auth_len : 0000
000c call_id : 0000000f
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Added timed event "async_trigger": 0x7f0a3e416da0
[2010/09/03 03:10:23, 10] lib/events.c:105(run_events)
Running timed event "async_trigger" 0x7f0a3e416da0
[2010/09/03 03:10:23, 10] lib/events.c:287(s3_event_debug)
s3_event: Destroying timer event 0x7f0a3e416da0 "async_trigger"
[2010/09/03 03:10:23, 5] rpc_parse/parse_prs.c:88(prs_debug)
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 00000018
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
[2010/09/03 03:10:23, 10]
rpc_client/cli_pipe.c:905(cli_pipe_validate_current_pdu)
cli_pipe_validate_current_pdu: got pdu len 48, data_len 24, ss_len 0
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1382(rpc_api_pipe_got_pdu)
rpc_api_pipe: got frag len of 48 at offset 0: NT_STATUS_OK
[2010/09/03 03:10:23, 10] rpc_client/cli_pipe.c:1433(rpc_api_pipe_got_pdu)
rpc_api_pipe: host 0123456789A0001.abcdefgh.com returned 48 bytes.
[2010/09/03 03:10:23, 1] ../librpc/ndr/ndr.c:251(ndr_print_function_debug)
samr_Close: struct samr_Close
out: struct samr_Close
handle : *
handle: struct policy_handle
handle_type : 0x00000000 (0)
uuid :
00000000-0000-0000-0000-000000000000
result : NT_STATUS_OK
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:510(cli_chain_cork)
cli_chain_cork: mid=23
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 40
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:351(client_sign_outgoing_message)
client_sign_outgoing_message: sent SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 0C 4B 4B 50 F1 DF 21 BD .KKP..!.
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:67(store_sequence_for_reply)
store_sequence_for_reply: stored seq = 41 mid = 23
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 41 mid = 23
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 41
[2010/09/03 03:10:23, 10]
libsmb/smb_signing.c:434(client_check_incoming_message)
client_check_incoming_message: seq 41: got good SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] FE 8B 76 AB 0E C9 3D B8 ..v...=.
[2010/09/03 03:10:23, 10] libsmb/async_smb.c:939(handle_incoming_pdu)
handle_incoming_pdu: got mid 23
[2010/09/03 03:10:23, 10]
rpc_client/rpc_transport_np.c:40(rpc_transport_np_state_destructor)
rpc_pipe_destructor: closed \samr
[2010/09/03 03:10:23, 10] lib/dbwrap_tdb.c:100(db_tdb_fetch_locked)
Locking key 534543524554532F5349
[2010/09/03 03:10:23, 10] lib/dbwrap_tdb.c:129(db_tdb_fetch_locked)
Allocated locked data 0x0x7f0a3e417970
[2010/09/03 03:10:23, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr)
Unlocking key 534543524554532F5349
[2010/09/03 03:10:23, 10] lib/dbwrap_tdb.c:100(db_tdb_fetch_locked)
Locking key 534543524554532F4D41
[2010/09/03 03:10:23, 10] lib/dbwrap_tdb.c:129(db_tdb_fetch_locked)
Allocated locked data 0x0x7f0a3e414db0
[2010/09/03 03:10:23, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr)
Unlocking key 534543524554532F4D41
[2010/09/03 03:10:23, 10] lib/dbwrap_tdb.c:100(db_tdb_fetch_locked)
Locking key 534543524554532F4D41
[2010/09/03 03:10:23, 10] lib/dbwrap_tdb.c:129(db_tdb_fetch_locked)
Allocated locked data 0x0x7f0a3e415900
[2010/09/03 03:10:23, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr)
Unlocking key 534543524554532F4D41
[2010/09/03 03:10:23, 10] lib/dbwrap_tdb.c:100(db_tdb_fetch_locked)
Locking key 534543524554532F4D41
[2010/09/03 03:10:23, 10] lib/dbwrap_tdb.c:129(db_tdb_fetch_locked)
Allocated locked data 0x0x7f0a3e415900
[2010/09/03 03:10:23, 10] lib/dbwrap_tdb.c:42(db_tdb_record_destr)
Unlocking key 534543524554532F4D41
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 42
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:351(client_sign_outgoing_message)
client_sign_outgoing_message: sent SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] A6 1F 35 1C 12 D3 F6 82 ..5.....
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:67(store_sequence_for_reply)
store_sequence_for_reply: stored seq = 43 mid = 24
[2010/09/03 03:10:23, 6] libsmb/clientgen.c:245(write_socket)
write_socket(6,39)
[2010/09/03 03:10:23, 6] libsmb/clientgen.c:248(write_socket)
write_socket(6,39) wrote 39
[2010/09/03 03:10:23, 10] lib/util_sock.c:789(read_smb_length_return_keepalive)
got smb length of 35
[2010/09/03 03:10:23, 5] lib/util.c:632(show_msg)
[2010/09/03 03:10:23, 5] lib/util.c:642(show_msg)
size=35
smb_com=0x71
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=51205
smb_tid=36866
smb_pid=22299
smb_uid=43010
smb_mid=24
smt_wct=0
smb_bcc=0
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:80(get_sequence_for_reply)
get_sequence_for_reply: found seq = 43 mid = 24
[2010/09/03 03:10:23, 10] libsmb/smb_signing.c:285(simple_packet_signature)
simple_packet_signature: sequence number 43
[2010/09/03 03:10:23, 10]
libsmb/smb_signing.c:434(client_check_incoming_message)
client_check_incoming_message: seq 43: got good SMB signature of
[2010/09/03 03:10:23, 10] ../lib/util/util.c:304(_dump_data)
[0000] 78 24 7D 18 4E 3C DA 3F x$}.N<.?
[2010/09/03 03:10:23, 10] libsmb/namequery.c:118(saf_join_store)
saf_join_store: domain = [ABCDEFGH], server =
[0123456789A0001.abcdefgh.com], expire = [1283501423]
[2010/09/03 03:10:23, 10] lib/gencache.c:131(gencache_set)
Adding cache entry with key = SAFJOIN/DOMAIN/ABCDEFGH; value =
0123456789A0001.abcdefgh.com and timeout = Fri Sep 3 04:10:23 2010
(3600 seconds ahead)
[2010/09/03 03:10:23, 10] libsmb/namequery.c:118(saf_join_store)
saf_join_store: domain = [abcdefgh.com], server =
[0123456789A0001.abcdefgh.com], expire = [1283501423]
[2010/09/03 03:10:23, 10] lib/gencache.c:131(gencache_set)
Adding cache entry with key = SAFJOIN/DOMAIN/ABCDEFGH.COM; value =
0123456789A0001.abcdefgh.com and timeout = Fri Sep 3 04:10:23 2010
(3600 seconds ahead)
[2010/09/03 03:10:23, 5] libads/ldap.c:203(ads_try_connect)
ads_try_connect: sending CLDAP request to
0123456789A0001.abcdefgh.com (realm: abcdefgh.com)
[2010/09/03 03:10:23, 10] libads/dns.c:778(sitename_store)
sitename_store: realm = [ABCDEFGH], sitename =
[Default-First-Site-Name], expire = [2147483647]
[2010/09/03 03:10:23, 10] lib/gencache.c:131(gencache_set)
Adding cache entry with key = AD_SITENAME/DOMAIN/ABCDEFGH; value =
Default-First-Site-Name and timeout = Mon Jan 18 22:14:07 2038
(863985824 seconds ahead)
[2010/09/03 03:10:23, 10] libads/dns.c:778(sitename_store)
sitename_store: realm = [abcdefgh.com], sitename =
[Default-First-Site-Name], expire = [2147483647]
[2010/09/03 03:10:23, 10] lib/gencache.c:131(gencache_set)
Adding cache entry with key = AD_SITENAME/DOMAIN/ABCDEFGH.COM; value
= Default-First-Site-Name and timeout = Mon Jan 18 22:14:07 2038
(863985824 seconds ahead)
[2010/09/03 03:10:23, 3] libads/ldap.c:621(ads_connect)
Successfully contacted LDAP server 192.168.5.131
[2010/09/03 03:10:23, 10] libads/ldap.c:62(ldap_open_with_timeout)
Opening connection to LDAP server
'0123456789A0001.abcdefgh.com:389', timeout 15 seconds
[2010/09/03 03:10:23, 10] libads/ldap.c:76(ldap_open_with_timeout)
Connected to LDAP server '0123456789A0001.abcdefgh.com:389'
[2010/09/03 03:10:23, 3] libads/ldap.c:675(ads_connect)
Connected to LDAP server 0123456789A0001.abcdefgh.com
[2010/09/03 03:10:23, 10] libads/ldap.c:165(ads_closest_dc)
ads_closest_dc: NBT_SERVER_CLOSEST flag set
[2010/09/03 03:10:23, 10] libsmb/namequery.c:86(saf_store)
saf_store: domain = [ABCDEFGH], server =
[0123456789A0001.abcdefgh.com], expire = [1283498723]
[2010/09/03 03:10:23, 10] lib/gencache.c:131(gencache_set)
Adding cache entry with key = SAF/DOMAIN/ABCDEFGH; value =
0123456789A0001.abcdefgh.com and timeout = Fri Sep 3 03:25:23 2010
(900 seconds ahead)
[2010/09/03 03:10:23, 10] libsmb/namequery.c:86(saf_store)
saf_store: domain = [abcdefgh.com], server =
[0123456789A0001.abcdefgh.com], expire = [1283498723]
[2010/09/03 03:10:23, 10] lib/gencache.c:131(gencache_set)
Adding cache entry with key = SAF/DOMAIN/ABCDEFGH.COM; value =
0123456789A0001.abcdefgh.com and timeout = Fri Sep 3 03:25:23 2010
(900 seconds ahead)
[2010/09/03 03:10:23, 4] libads/ldap.c:2849(ads_current_time)
time offset is 0 seconds
[2010/09/03 03:10:23, 4] libads/sasl.c:1112(ads_sasl_bind)
Found SASL mechanism GSS-SPNEGO
[2010/09/03 03:10:23, 3] libads/sasl.c:780(ads_sasl_spnego_bind)
ads_sasl_spnego_bind: got OID=1.2.840.48018.1.2.2
[2010/09/03 03:10:23, 3] libads/sasl.c:780(ads_sasl_spnego_bind)
ads_sasl_spnego_bind: got OID=1.2.840.113554.1.2.2
[2010/09/03 03:10:23, 3] libads/sasl.c:780(ads_sasl_spnego_bind)
ads_sasl_spnego_bind: got OID=1.2.840.113554.1.2.2.3
[2010/09/03 03:10:23, 3] libads/sasl.c:780(ads_sasl_spnego_bind)
ads_sasl_spnego_bind: got OID=1.3.6.1.4.1.311.2.2.10
[2010/09/03 03:10:23, 3] libads/sasl.c:789(ads_sasl_spnego_bind)
ads_sasl_spnego_bind: got server principal name =
0123456789a0001$@ABCDEFGH.COM
[2010/09/03 03:10:23, 3] libsmb/clikrb5.c:687(ads_krb5_mk_req)
ads_krb5_mk_req: krb5_cc_get_principal failed (No credentials cache found)
[2010/09/03 03:10:23, 10] libads/sasl.c:810(ads_sasl_spnego_bind)
ads_sasl_spnego_krb5_bind failed with: No credentials cache found,
calling kinit
[2010/09/03 03:10:23, 10] libads/kerberos.c:188(kerberos_kinit_password_ext)
kerberos_kinit_password: as dadmin at ABCDEFGH.COM using
[MEMORY:net_ads] as ccache and config [(null)]
[2010/09/03 03:10:23, 3] libsmb/clikrb5.c:620(ads_cleanup_expired_creds)
ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads]
expiration Fri, 03 Sep 2010 13:10:23 EDT
[2010/09/03 03:10:23, 10] libsmb/clikrb5.c:718(ads_krb5_mk_req)
ads_krb5_mk_req: Ticket (0123456789a0001$@ABCDEFGH.COM) in ccache
(MEMORY:net_ads) is valid until: (Fri, 03 Sep 2010 13:10:23 EDT -
1283533823)
[2010/09/03 03:10:23, 3] libsmb/clikrb5.c:729(ads_krb5_mk_req)
ads_krb5_mk_req: server marked as OK to delegate to, building forwardable TGT
[2010/09/03 03:10:23, 10] libsmb/clikrb5.c:896(get_krb5_smb_session_key)
Got KRB5 session key of length 16
[2010/09/03 03:10:23, 1] libnet/libnet_join.c:1903(libnet_Join)
libnet_Join:
libnet_JoinCtx: struct libnet_JoinCtx
out: struct libnet_JoinCtx
account_name : NULL
netbios_domain_name : 'ABCDEFGH'
dns_domain_name : 'abcdefgh.com'
forest_name : 'abcdefgh.com'
dn : NULL
domain_sid : *
domain_sid :
S-1-5-21-NNNNNNNNN-NNNNNNNNNN-NNNNNNNNNN
modified_config : 0x00 (0)
error_string : 'failed to set machine spn:
Operations error'
domain_is_ad : 0x01 (1)
result : WERR_GENERAL_FAILURE
[2010/09/03 03:10:23, 10] intl/lang_tdb.c:138(lang_tdb_init)
lang_tdb_init: /usr/share/samba/en_US.UTF-8.msg: No such file or directory
[2010/09/03 03:10:23, 2] utils/net.c:779(main)
return code = -1
Could this have something to do with Kerberos or LDAP? The account
used for executing this command is a domain admin account. net rpc
join works but not net ads join. Does anyone see what could be going
wrong here?
Thanks,
--
Rajat Swarup
www.rajatswarup.com
More information about the samba
mailing list