[Samba] Samba and Kerberos

Mark Cogan arcturus1966 at gmail.com
Wed Apr 27 18:16:13 UTC 2022


[2022/04/27 14:14:00.895242, 10, pid=17084, effective(0, 0), real(0, 0)]
../../lib/messaging/messages_dgm_ref.c:163(msg_dgm_ref_destructor)

  msg_dgm_ref_destructor: refs=(nil)

[2022/04/27 14:14:00.896142, 10, pid=17084, effective(0, 0), real(0, 0)]
../../lib/messaging/messages_dgm_ref.c:80(messaging_dgm_ref)

  messaging_dgm_ref: messaging_dgm_init returned Success

[2022/04/27 14:14:00.896171, 10, pid=17084, effective(0, 0), real(0, 0)]
../../lib/messaging/messages_dgm_ref.c:109(messaging_dgm_ref)

  messaging_dgm_ref: unique = 16432613736172089981

[2022/04/27 14:14:00.896185,  2, pid=17084, effective(0, 0), real(0, 0)]
../../source3/lib/tallocmsg.c:84(register_msg_pool_usage)

  Registered MSG_REQ_POOL_USAGE

[2022/04/27 14:14:00.896201,  5, pid=17084, effective(0, 0), real(0, 0),
class=passdb] ../../source3/passdb/pdb_interface.c:157(make_pdb_method_name)

  Attempting to find a passdb backend to match tdbsam (tdbsam)

[2022/04/27 14:14:00.896212,  5, pid=17084, effective(0, 0), real(0, 0),
class=passdb] ../../source3/passdb/pdb_interface.c:178(make_pdb_method_name)

  Found pdb backend tdbsam

[2022/04/27 14:14:00.896240,  5, pid=17084, effective(0, 0), real(0, 0),
class=passdb] ../../source3/passdb/pdb_interface.c:189(make_pdb_method_name)

  pdb backend tdbsam has a valid init

[2022/04/27 14:14:00.896260, 10, pid=17084, effective(0, 0), real(0, 0)]
../../source3/smbd/smbXsrv_client.c:548(smbXsrv_client_create)

[2022/04/27 14:14:00.896270, 10, pid=17084, effective(0, 0), real(0, 0)]
../../source3/smbd/smbXsrv_client.c:556(smbXsrv_client_create)

  smbXsrv_client_create: client_guid[00000000-0000-0000-0000-000000000000]
created

[2022/04/27 14:14:00.896288,  1, pid=17084, effective(0, 0), real(0, 0),
class=rpc_parse] ../../librpc/ndr/ndr.c:429(ndr_print_debug)

       &client_blob: struct smbXsrv_clientB

          version                  : SMBXSRV_VERSION_0 (0)

          reserved                 : 0x00000000 (0)

          info                     : union smbXsrv_clientU(case 0)

          info0                    : *

              info0: struct smbXsrv_client

                  table                    : *

                  raw_ev_ctx               : *

                  msg_ctx                  : *

                  global                   : *

                      global: struct smbXsrv_client_global0

                          db_rec                   : NULL

                          server_id: struct server_id

                              pid                      : 0x00000000000042bc
(17084)

                              task_id                  : 0x00000000 (0)

                              vnn                      : 0xffffffff
(4294967295)

                              unique_id                : 0xe40c5f211bbdf27d
(-2014130337537461635)

                          local_address            : NULL

                          remote_address           : NULL

                          remote_name              : NULL

                          initial_connect_time     : Wed Apr 27 02:14:01 PM
2022 EDT

                          client_guid              :
00000000-0000-0000-0000-000000000000

                          stored                   : 0x00 (0)

                  sconn                    : NULL

                  session_table            : NULL

                  tcon_table               : NULL

                  open_table               : NULL

                  connections              : NULL

                  server_multi_channel_enabled: 0x00 (0)

                  next_channel_id          : 0x0000000000000000 (0)

                  connection_pass_subreq   : NULL

                  pending_breaks           : NULL

[2022/04/27 14:14:00.896439,  5, pid=17084, effective(0, 0), real(0, 0)]
../../lib/util/util_net.c:990(print_socket_options)

  Socket options:

  SO_KEEPALIVE = 1

  SO_REUSEADDR = 1

  SO_BROADCAST = 0

  TCP_NODELAY = 1

  TCP_KEEPCNT = 9

  TCP_KEEPIDLE = 7200

  TCP_KEEPINTVL = 75

  IPTOS_LOWDELAY = 0

  IPTOS_THROUGHPUT = 0

  SO_REUSEPORT = 1

  SO_SNDBUF = 87040

  SO_RCVBUF = 369280

  SO_SNDLOWAT = 1

  SO_RCVLOWAT = 1

  SO_SNDTIMEO = 0

  SO_RCVTIMEO = 0

  TCP_QUICKACK = 1

  TCP_DEFER_ACCEPT = 0

  TCP_USER_TIMEOUT = 0

[2022/04/27 14:14:00.896491,  5, pid=17084, effective(0, 0), real(0, 0)]
../../lib/util/util_net.c:990(print_socket_options)

  Socket options:

  SO_KEEPALIVE = 1

  SO_REUSEADDR = 1

  SO_BROADCAST = 0

  TCP_NODELAY = 1

  TCP_KEEPCNT = 9

  TCP_KEEPIDLE = 7200

  TCP_KEEPINTVL = 75

  IPTOS_LOWDELAY = 0

  IPTOS_THROUGHPUT = 0

  SO_REUSEPORT = 1

  SO_SNDBUF = 87040

  SO_RCVBUF = 369280

  SO_SNDLOWAT = 1

  SO_RCVLOWAT = 1

  SO_SNDTIMEO = 0

  SO_RCVTIMEO = 0

  TCP_QUICKACK = 1

  TCP_DEFER_ACCEPT = 0

  TCP_USER_TIMEOUT = 0

[2022/04/27 14:14:00.896557,  3, pid=17084, effective(0, 0), real(0, 0)]
../../lib/util/access.c:372(allow_access)

  Allowed connection from 132.250.114.93 (132.250.114.93)

[2022/04/27 14:14:00.896564, 10, pid=17084, effective(0, 0), real(0, 0)]
../../source3/smbd/process.c:3919(smbd_add_connection)

  Connection allowed from ipv4:132.250.114.93:50258 to ipv4:
132.250.115.34:445

[2022/04/27 14:14:00.896599,  5, pid=17084, effective(0, 0), real(0, 0)]
../../lib/util/debug.c:811(debug_dump_status)

  INFO: Current debug levels:

    all: 10

    tdb: 10

    printdrivers: 10

    lanman: 10

    smb: 10

    rpc_parse: 10

    rpc_srv: 10

    rpc_cli: 10

    passdb: 10

    sam: 10

    auth: 10

    winbind: 10

    vfs: 10

    idmap: 10

    quota: 10

    acls: 10

    locking: 10

    msdfs: 10

    dmapi: 10

    registry: 10

    scavenger: 10

    dns: 10

    ldb: 10

    tevent: 10

    auth_audit: 10

    auth_json_audit: 10

    kerberos: 10

    drs_repl: 10

    smb2: 10

    smb2_credits: 10

    dsdb_audit: 10

    dsdb_json_audit: 10

    dsdb_password_audit: 10

    dsdb_password_json_audit: 10

    dsdb_transaction_audit: 10

    dsdb_transaction_json_audit: 10

    dsdb_group_audit: 10

    dsdb_group_json_audit: 10

[2022/04/27 14:14:01.049640, 10, pid=17085, effective(0, 0), real(0, 0)]
../../lib/messaging/messages_dgm_ref.c:163(msg_dgm_ref_destructor)

  msg_dgm_ref_destructor: refs=(nil)

[2022/04/27 14:14:01.049743, 10, pid=17085, effective(0, 0), real(0, 0)]
../../lib/messaging/messages_dgm_ref.c:80(messaging_dgm_ref)

  messaging_dgm_ref: messaging_dgm_init returned Success

[2022/04/27 14:14:01.049763, 10, pid=17085, effective(0, 0), real(0, 0)]
../../lib/messaging/messages_dgm_ref.c:109(messaging_dgm_ref)

  messaging_dgm_ref: unique = 16628607021123654522

[2022/04/27 14:14:01.049773,  2, pid=17085, effective(0, 0), real(0, 0)]
../../source3/lib/tallocmsg.c:84(register_msg_pool_usage)

  Registered MSG_REQ_POOL_USAGE

[2022/04/27 14:14:01.049784,  5, pid=17085, effective(0, 0), real(0, 0),
class=passdb] ../../source3/passdb/pdb_interface.c:157(make_pdb_method_name)

  Attempting to find a passdb backend to match tdbsam (tdbsam)

[2022/04/27 14:14:01.049791,  5, pid=17085, effective(0, 0), real(0, 0),
class=passdb] ../../source3/passdb/pdb_interface.c:178(make_pdb_method_name)

  Found pdb backend tdbsam

[2022/04/27 14:14:01.049806,  5, pid=17085, effective(0, 0), real(0, 0),
class=passdb] ../../source3/passdb/pdb_interface.c:189(make_pdb_method_name)

  pdb backend tdbsam has a valid init

[2022/04/27 14:14:01.049818, 10, pid=17085, effective(0, 0), real(0, 0)]
../../source3/smbd/smbXsrv_client.c:548(smbXsrv_client_create)

[2022/04/27 14:14:01.049825, 10, pid=17085, effective(0, 0), real(0, 0)]
../../source3/smbd/smbXsrv_client.c:556(smbXsrv_client_create)

  smbXsrv_client_create: client_guid[00000000-0000-0000-0000-000000000000]
created

[2022/04/27 14:14:01.049841,  1, pid=17085, effective(0, 0), real(0, 0),
class=rpc_parse] ../../librpc/ndr/ndr.c:429(ndr_print_debug)

       &client_blob: struct smbXsrv_clientB

          version                  : SMBXSRV_VERSION_0 (0)

          reserved                 : 0x00000000 (0)

          info                     : union smbXsrv_clientU(case 0)

          info0                    : *

              info0: struct smbXsrv_client

                  table                    : *

                  raw_ev_ctx               : *

                  msg_ctx                  : *

                  global                   : *

                      global: struct smbXsrv_client_global0

                          db_rec                   : NULL

                          server_id: struct server_id

                              pid                      : 0x00000000000042bd
(17085)

                              task_id                  : 0x00000000 (0)

                              vnn                      : 0xffffffff
(4294967295)

                              unique_id                : 0xe6c4adfbcba4537a
(-1818137052585897094)

                          local_address            : NULL

                          remote_address           : NULL

                          remote_name              : NULL

                          initial_connect_time     : Wed Apr 27 02:14:01 PM
2022 EDT

                          client_guid              :
00000000-0000-0000-0000-000000000000

                          stored                   : 0x00 (0)

                  sconn                    : NULL

                  session_table            : NULL

                  tcon_table               : NULL

                  open_table               : NULL

                  connections              : NULL

                  server_multi_channel_enabled: 0x00 (0)

                  next_channel_id          : 0x0000000000000000 (0)

                  connection_pass_subreq   : NULL

                  pending_breaks           : NULL

[2022/04/27 14:14:01.049956,  5, pid=17085, effective(0, 0), real(0, 0)]
../../lib/util/util_net.c:990(print_socket_options)

  Socket options:

  SO_KEEPALIVE = 1

  SO_REUSEADDR = 1

  SO_BROADCAST = 0

  TCP_NODELAY = 1

  TCP_KEEPCNT = 9

  TCP_KEEPIDLE = 7200

  TCP_KEEPINTVL = 75

  IPTOS_LOWDELAY = 0

  IPTOS_THROUGHPUT = 0

  SO_REUSEPORT = 1

  SO_SNDBUF = 87040

  SO_RCVBUF = 369280

  SO_SNDLOWAT = 1

  SO_RCVLOWAT = 1

  SO_SNDTIMEO = 0

  SO_RCVTIMEO = 0

  TCP_QUICKACK = 1

  TCP_DEFER_ACCEPT = 0

  TCP_USER_TIMEOUT = 0

[2022/04/27 14:14:01.049994,  5, pid=17085, effective(0, 0), real(0, 0)]
../../lib/util/util_net.c:990(print_socket_options)

  Socket options:

  SO_KEEPALIVE = 1

  SO_REUSEADDR = 1

  SO_BROADCAST = 0

  TCP_NODELAY = 1

  TCP_KEEPCNT = 9

  TCP_KEEPIDLE = 7200

  TCP_KEEPINTVL = 75

  IPTOS_LOWDELAY = 0

  IPTOS_THROUGHPUT = 0

  SO_REUSEPORT = 1

  SO_SNDBUF = 87040

  SO_RCVBUF = 369280

  SO_SNDLOWAT = 1

  SO_RCVLOWAT = 1

  SO_SNDTIMEO = 0

  SO_RCVTIMEO = 0

  TCP_QUICKACK = 1

  TCP_DEFER_ACCEPT = 0

  TCP_USER_TIMEOUT = 0

[2022/04/27 14:14:01.050034,  3, pid=17085, effective(0, 0), real(0, 0)]
../../lib/util/access.c:372(allow_access)

  Allowed connection from 132.250.114.93 (132.250.114.93)

[2022/04/27 14:14:01.050041, 10, pid=17085, effective(0, 0), real(0, 0)]
../../source3/smbd/process.c:3919(smbd_add_connection)

  Connection allowed from ipv4:132.250.114.93:50260 to ipv4:
132.250.115.34:445

[2022/04/27 14:14:01.050064,  5, pid=17085, effective(0, 0), real(0, 0)]
../../lib/util/debug.c:811(debug_dump_status)

  INFO: Current debug levels:

    all: 10

    tdb: 10

[2022/04/27 14:14:01.050579, 10, pid=17031, effective(0, 0), real(0, 0)]
../../lib/messaging/messages_dgm.c:1445(messaging_dgm_send)

  messaging_dgm_send: Sending message to 17034

[2022/04/27 14:14:01.050691, 10, pid=17034, effective(0, 0), real(0, 0)]
../../source3/lib/messages.c:428(messaging_recv_cb)

  messaging_recv_cb: Received message 0x314 len 0 (num_fds:0) from 17031

[2022/04/27 14:14:01.050954, 10, pid=17034, effective(0, 0), real(0, 0)]
../../source3/smbd/smbd_cleanupd.c:173(smbd_cleanupd_process_exited)

  smbd_cleanupd_process_exited: cleaned up pid 17084

[2022/04/27 14:15:01.091584, 10, pid=17031, effective(0, 0), real(0, 0)]
../../lib/messaging/messages_dgm.c:1445(messaging_dgm_send)

  messaging_dgm_send: Sending message to 17034

[2022/04/27 14:15:01.091685, 10, pid=17034, effective(0, 0), real(0, 0)]
../../source3/lib/messages.c:428(messaging_recv_cb)

  messaging_recv_cb: Received message 0x314 len 0 (num_fds:0) from 17031

[2022/04/27 14:15:01.091873, 10, pid=17034, effective(0, 0), real(0, 0)]
../../source3/smbd/smbd_cleanupd.c:173(smbd_cleanupd_process_exited)

  smbd_cleanupd_process_exited: cleaned up pid 17085

On Wed, Apr 27, 2022 at 2:06 PM Jeremy Allison <jra at samba.org> wrote:

> On Wed, Apr 27, 2022 at 02:02:39PM -0400, Mark Cogan via samba wrote:
> >Output from command line trying to connect:
> >
> >thig% smbclient -k -L //thig.<redacted>/
> >
> >session setup failed: NT_STATUS_ACCESS_DENIED
> >
> >
> >So it looks like it's just rejecting the Kerberos authentication, which is
> >why it would drop back down to asking for password (which doesn't work).
>
> Use a debug level 10 to get more details.
>


More information about the samba mailing list