[Samba] Samba and Kerberos

Mark Cogan arcturus1966 at gmail.com
Wed Apr 27 18:20:01 UTC 2022


And from the IP log trying to inbound:

[2022/04/27 14:15:01.088980, 10, pid=17085, effective(0, 0), real(0, 0)]
../../source3/lib/util_event.c:43(smbd_idle_event_handler)

  smbd_idle_event_handler: idle_evt(deadtime) (nil) called

[2022/04/27 14:15:01.089072,  2, pid=17085, effective(0, 0), real(0, 0)]
../../source3/smbd/process.c:2926(deadtime_fn)

  Closing idle connection

[2022/04/27 14:15:01.089095, 10, pid=17085, effective(0, 0), real(0, 0)]
../../source3/lib/util_event.c:47(smbd_idle_event_handler)

  smbd_idle_event_handler: idle_evt(deadtime) (nil) stopped

[2022/04/27 14:15:01.089115,  3, pid=17085, effective(0, 0), real(0, 0)]
../../source3/smbd/server.c:162(msg_exit_server)

  got a SHUTDOWN message

[2022/04/27 14:15:01.089142,  4, pid=17085, effective(0, 0), real(0, 0)]
../../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0

[2022/04/27 14:15:01.089153,  5, pid=17085, effective(0, 0), real(0, 0)]
../../libcli/security/security_token.c:47(security_token_debug)

  Security token: (NULL)

[2022/04/27 14:15:01.089162,  5, pid=17085, effective(0, 0), real(0, 0)]
../../source3/auth/token_util.c:874(debug_unix_user_token)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2022/04/27 14:15:01.089194,  5, pid=17085, effective(0, 0), real(0, 0)]
../../source3/smbd/uid.c:494(smbd_change_to_root_user)

  change_to_root_user: now uid=(0,0) gid=(0,0)

[2022/04/27 14:15:01.089275,  4, pid=17085, effective(0, 0), real(0, 0)]
../../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0

[2022/04/27 14:15:01.089288,  5, pid=17085, effective(0, 0), real(0, 0)]
../../libcli/security/security_token.c:47(security_token_debug)

  Security token: (NULL)

[2022/04/27 14:15:01.089296,  5, pid=17085, effective(0, 0), real(0, 0)]
../../source3/auth/token_util.c:874(debug_unix_user_token)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2022/04/27 14:15:01.089312,  5, pid=17085, effective(0, 0), real(0, 0)]
../../source3/smbd/uid.c:494(smbd_change_to_root_user)

  change_to_root_user: now uid=(0,0) gid=(0,0)

[2022/04/27 14:15:01.089322,  4, pid=17085, effective(0, 0), real(0, 0)]
../../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0

[2022/04/27 14:15:01.089331,  5, pid=17085, effective(0, 0), real(0, 0)]
../../libcli/security/security_token.c:47(security_token_debug)

  Security token: (NULL)

[2022/04/27 14:15:01.089339,  5, pid=17085, effective(0, 0), real(0, 0)]
../../source3/auth/token_util.c:874(debug_unix_user_token)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2022/04/27 14:15:01.089358,  5, pid=17085, effective(0, 0), real(0, 0)]
../../source3/smbd/uid.c:494(smbd_change_to_root_user)

  change_to_root_user: now uid=(0,0) gid=(0,0)

[2022/04/27 14:15:01.089370,  4, pid=17085, effective(0, 0), real(0, 0)]
../../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0

[2022/04/27 14:15:01.089379,  5, pid=17085, effective(0, 0), real(0, 0)]
../../libcli/security/security_token.c:47(security_token_debug)

  Security token: (NULL)

[2022/04/27 14:15:01.089387,  5, pid=17085, effective(0, 0), real(0, 0)]
../../source3/auth/token_util.c:874(debug_unix_user_token)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2022/04/27 14:15:01.089401,  5, pid=17085, effective(0, 0), real(0, 0)]
../../source3/smbd/uid.c:494(smbd_change_to_root_user)

  change_to_root_user: now uid=(0,0) gid=(0,0)

[2022/04/27 14:15:01.089414,  4, pid=17085, effective(0, 0), real(0, 0)]
../../source3/smbd/sec_ctx.c:320(set_sec_ctx_internal)

  setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0

[2022/04/27 14:15:01.089422,  5, pid=17085, effective(0, 0), real(0, 0)]
../../libcli/security/security_token.c:47(security_token_debug)

  Security token: (NULL)

[2022/04/27 14:15:01.089431,  5, pid=17085, effective(0, 0), real(0, 0)]
../../source3/auth/token_util.c:874(debug_unix_user_token)

  UNIX token of user 0

  Primary group is 0 and contains 0 supplementary groups

[2022/04/27 14:15:01.089444,  5, pid=17085, effective(0, 0), real(0, 0)]
../../source3/smbd/uid.c:494(smbd_change_to_root_user)

  change_to_root_user: now uid=(0,0) gid=(0,0)

[2022/04/27 14:15:01.089493, 10, pid=17085, effective(0, 0), real(0, 0)]
../../lib/messaging/messages_dgm_ref.c:163(msg_dgm_ref_destructor)

  msg_dgm_ref_destructor: refs=(nil)

[2022/04/27 14:15:01.089783,  3, pid=17085, effective(0, 0), real(0, 0)]
../../source3/smbd/server_exit.c:240(exit_server_common)

  Server exit (normal exit)

On Wed, Apr 27, 2022 at 2:16 PM Mark Cogan <arcturus1966 at gmail.com> wrote:

> [2022/04/27 14:14:00.895242, 10, pid=17084, effective(0, 0), real(0, 0)]
> ../../lib/messaging/messages_dgm_ref.c:163(msg_dgm_ref_destructor)
>
>   msg_dgm_ref_destructor: refs=(nil)
>
> [2022/04/27 14:14:00.896142, 10, pid=17084, effective(0, 0), real(0, 0)]
> ../../lib/messaging/messages_dgm_ref.c:80(messaging_dgm_ref)
>
>   messaging_dgm_ref: messaging_dgm_init returned Success
>
> [2022/04/27 14:14:00.896171, 10, pid=17084, effective(0, 0), real(0, 0)]
> ../../lib/messaging/messages_dgm_ref.c:109(messaging_dgm_ref)
>
>   messaging_dgm_ref: unique = 16432613736172089981
>
> [2022/04/27 14:14:00.896185,  2, pid=17084, effective(0, 0), real(0, 0)]
> ../../source3/lib/tallocmsg.c:84(register_msg_pool_usage)
>
>   Registered MSG_REQ_POOL_USAGE
>
> [2022/04/27 14:14:00.896201,  5, pid=17084, effective(0, 0), real(0, 0),
> class=passdb] ../../source3/passdb/pdb_interface.c:157(make_pdb_method_name)
>
>   Attempting to find a passdb backend to match tdbsam (tdbsam)
>
> [2022/04/27 14:14:00.896212,  5, pid=17084, effective(0, 0), real(0, 0),
> class=passdb] ../../source3/passdb/pdb_interface.c:178(make_pdb_method_name)
>
>   Found pdb backend tdbsam
>
> [2022/04/27 14:14:00.896240,  5, pid=17084, effective(0, 0), real(0, 0),
> class=passdb] ../../source3/passdb/pdb_interface.c:189(make_pdb_method_name)
>
>   pdb backend tdbsam has a valid init
>
> [2022/04/27 14:14:00.896260, 10, pid=17084, effective(0, 0), real(0, 0)]
> ../../source3/smbd/smbXsrv_client.c:548(smbXsrv_client_create)
>
> [2022/04/27 14:14:00.896270, 10, pid=17084, effective(0, 0), real(0, 0)]
> ../../source3/smbd/smbXsrv_client.c:556(smbXsrv_client_create)
>
>   smbXsrv_client_create:
> client_guid[00000000-0000-0000-0000-000000000000] created
>
> [2022/04/27 14:14:00.896288,  1, pid=17084, effective(0, 0), real(0, 0),
> class=rpc_parse] ../../librpc/ndr/ndr.c:429(ndr_print_debug)
>
>        &client_blob: struct smbXsrv_clientB
>
>           version                  : SMBXSRV_VERSION_0 (0)
>
>           reserved                 : 0x00000000 (0)
>
>           info                     : union smbXsrv_clientU(case 0)
>
>           info0                    : *
>
>               info0: struct smbXsrv_client
>
>                   table                    : *
>
>                   raw_ev_ctx               : *
>
>                   msg_ctx                  : *
>
>                   global                   : *
>
>                       global: struct smbXsrv_client_global0
>
>                           db_rec                   : NULL
>
>                           server_id: struct server_id
>
>                               pid                      :
> 0x00000000000042bc (17084)
>
>                               task_id                  : 0x00000000 (0)
>
>                               vnn                      : 0xffffffff
> (4294967295)
>
>                               unique_id                :
> 0xe40c5f211bbdf27d (-2014130337537461635)
>
>                           local_address            : NULL
>
>                           remote_address           : NULL
>
>                           remote_name              : NULL
>
>                           initial_connect_time     : Wed Apr 27 02:14:01
> PM 2022 EDT
>
>                           client_guid              :
> 00000000-0000-0000-0000-000000000000
>
>                           stored                   : 0x00 (0)
>
>                   sconn                    : NULL
>
>                   session_table            : NULL
>
>                   tcon_table               : NULL
>
>                   open_table               : NULL
>
>                   connections              : NULL
>
>                   server_multi_channel_enabled: 0x00 (0)
>
>                   next_channel_id          : 0x0000000000000000 (0)
>
>                   connection_pass_subreq   : NULL
>
>                   pending_breaks           : NULL
>
> [2022/04/27 14:14:00.896439,  5, pid=17084, effective(0, 0), real(0, 0)]
> ../../lib/util/util_net.c:990(print_socket_options)
>
>   Socket options:
>
>   SO_KEEPALIVE = 1
>
>   SO_REUSEADDR = 1
>
>   SO_BROADCAST = 0
>
>   TCP_NODELAY = 1
>
>   TCP_KEEPCNT = 9
>
>   TCP_KEEPIDLE = 7200
>
>   TCP_KEEPINTVL = 75
>
>   IPTOS_LOWDELAY = 0
>
>   IPTOS_THROUGHPUT = 0
>
>   SO_REUSEPORT = 1
>
>   SO_SNDBUF = 87040
>
>   SO_RCVBUF = 369280
>
>   SO_SNDLOWAT = 1
>
>   SO_RCVLOWAT = 1
>
>   SO_SNDTIMEO = 0
>
>   SO_RCVTIMEO = 0
>
>   TCP_QUICKACK = 1
>
>   TCP_DEFER_ACCEPT = 0
>
>   TCP_USER_TIMEOUT = 0
>
> [2022/04/27 14:14:00.896491,  5, pid=17084, effective(0, 0), real(0, 0)]
> ../../lib/util/util_net.c:990(print_socket_options)
>
>   Socket options:
>
>   SO_KEEPALIVE = 1
>
>   SO_REUSEADDR = 1
>
>   SO_BROADCAST = 0
>
>   TCP_NODELAY = 1
>
>   TCP_KEEPCNT = 9
>
>   TCP_KEEPIDLE = 7200
>
>   TCP_KEEPINTVL = 75
>
>   IPTOS_LOWDELAY = 0
>
>   IPTOS_THROUGHPUT = 0
>
>   SO_REUSEPORT = 1
>
>   SO_SNDBUF = 87040
>
>   SO_RCVBUF = 369280
>
>   SO_SNDLOWAT = 1
>
>   SO_RCVLOWAT = 1
>
>   SO_SNDTIMEO = 0
>
>   SO_RCVTIMEO = 0
>
>   TCP_QUICKACK = 1
>
>   TCP_DEFER_ACCEPT = 0
>
>   TCP_USER_TIMEOUT = 0
>
> [2022/04/27 14:14:00.896557,  3, pid=17084, effective(0, 0), real(0, 0)]
> ../../lib/util/access.c:372(allow_access)
>
>   Allowed connection from 132.250.114.93 (132.250.114.93)
>
> [2022/04/27 14:14:00.896564, 10, pid=17084, effective(0, 0), real(0, 0)]
> ../../source3/smbd/process.c:3919(smbd_add_connection)
>
>   Connection allowed from ipv4:132.250.114.93:50258 to ipv4:
> 132.250.115.34:445
>
> [2022/04/27 14:14:00.896599,  5, pid=17084, effective(0, 0), real(0, 0)]
> ../../lib/util/debug.c:811(debug_dump_status)
>
>   INFO: Current debug levels:
>
>     all: 10
>
>     tdb: 10
>
>     printdrivers: 10
>
>     lanman: 10
>
>     smb: 10
>
>     rpc_parse: 10
>
>     rpc_srv: 10
>
>     rpc_cli: 10
>
>     passdb: 10
>
>     sam: 10
>
>     auth: 10
>
>     winbind: 10
>
>     vfs: 10
>
>     idmap: 10
>
>     quota: 10
>
>     acls: 10
>
>     locking: 10
>
>     msdfs: 10
>
>     dmapi: 10
>
>     registry: 10
>
>     scavenger: 10
>
>     dns: 10
>
>     ldb: 10
>
>     tevent: 10
>
>     auth_audit: 10
>
>     auth_json_audit: 10
>
>     kerberos: 10
>
>     drs_repl: 10
>
>     smb2: 10
>
>     smb2_credits: 10
>
>     dsdb_audit: 10
>
>     dsdb_json_audit: 10
>
>     dsdb_password_audit: 10
>
>     dsdb_password_json_audit: 10
>
>     dsdb_transaction_audit: 10
>
>     dsdb_transaction_json_audit: 10
>
>     dsdb_group_audit: 10
>
>     dsdb_group_json_audit: 10
>
> [2022/04/27 14:14:01.049640, 10, pid=17085, effective(0, 0), real(0, 0)]
> ../../lib/messaging/messages_dgm_ref.c:163(msg_dgm_ref_destructor)
>
>   msg_dgm_ref_destructor: refs=(nil)
>
> [2022/04/27 14:14:01.049743, 10, pid=17085, effective(0, 0), real(0, 0)]
> ../../lib/messaging/messages_dgm_ref.c:80(messaging_dgm_ref)
>
>   messaging_dgm_ref: messaging_dgm_init returned Success
>
> [2022/04/27 14:14:01.049763, 10, pid=17085, effective(0, 0), real(0, 0)]
> ../../lib/messaging/messages_dgm_ref.c:109(messaging_dgm_ref)
>
>   messaging_dgm_ref: unique = 16628607021123654522
>
> [2022/04/27 14:14:01.049773,  2, pid=17085, effective(0, 0), real(0, 0)]
> ../../source3/lib/tallocmsg.c:84(register_msg_pool_usage)
>
>   Registered MSG_REQ_POOL_USAGE
>
> [2022/04/27 14:14:01.049784,  5, pid=17085, effective(0, 0), real(0, 0),
> class=passdb] ../../source3/passdb/pdb_interface.c:157(make_pdb_method_name)
>
>   Attempting to find a passdb backend to match tdbsam (tdbsam)
>
> [2022/04/27 14:14:01.049791,  5, pid=17085, effective(0, 0), real(0, 0),
> class=passdb] ../../source3/passdb/pdb_interface.c:178(make_pdb_method_name)
>
>   Found pdb backend tdbsam
>
> [2022/04/27 14:14:01.049806,  5, pid=17085, effective(0, 0), real(0, 0),
> class=passdb] ../../source3/passdb/pdb_interface.c:189(make_pdb_method_name)
>
>   pdb backend tdbsam has a valid init
>
> [2022/04/27 14:14:01.049818, 10, pid=17085, effective(0, 0), real(0, 0)]
> ../../source3/smbd/smbXsrv_client.c:548(smbXsrv_client_create)
>
> [2022/04/27 14:14:01.049825, 10, pid=17085, effective(0, 0), real(0, 0)]
> ../../source3/smbd/smbXsrv_client.c:556(smbXsrv_client_create)
>
>   smbXsrv_client_create:
> client_guid[00000000-0000-0000-0000-000000000000] created
>
> [2022/04/27 14:14:01.049841,  1, pid=17085, effective(0, 0), real(0, 0),
> class=rpc_parse] ../../librpc/ndr/ndr.c:429(ndr_print_debug)
>
>        &client_blob: struct smbXsrv_clientB
>
>           version                  : SMBXSRV_VERSION_0 (0)
>
>           reserved                 : 0x00000000 (0)
>
>           info                     : union smbXsrv_clientU(case 0)
>
>           info0                    : *
>
>               info0: struct smbXsrv_client
>
>                   table                    : *
>
>                   raw_ev_ctx               : *
>
>                   msg_ctx                  : *
>
>                   global                   : *
>
>                       global: struct smbXsrv_client_global0
>
>                           db_rec                   : NULL
>
>                           server_id: struct server_id
>
>                               pid                      :
> 0x00000000000042bd (17085)
>
>                               task_id                  : 0x00000000 (0)
>
>                               vnn                      : 0xffffffff
> (4294967295)
>
>                               unique_id                :
> 0xe6c4adfbcba4537a (-1818137052585897094)
>
>                           local_address            : NULL
>
>                           remote_address           : NULL
>
>                           remote_name              : NULL
>
>                           initial_connect_time     : Wed Apr 27 02:14:01
> PM 2022 EDT
>
>                           client_guid              :
> 00000000-0000-0000-0000-000000000000
>
>                           stored                   : 0x00 (0)
>
>                   sconn                    : NULL
>
>                   session_table            : NULL
>
>                   tcon_table               : NULL
>
>                   open_table               : NULL
>
>                   connections              : NULL
>
>                   server_multi_channel_enabled: 0x00 (0)
>
>                   next_channel_id          : 0x0000000000000000 (0)
>
>                   connection_pass_subreq   : NULL
>
>                   pending_breaks           : NULL
>
> [2022/04/27 14:14:01.049956,  5, pid=17085, effective(0, 0), real(0, 0)]
> ../../lib/util/util_net.c:990(print_socket_options)
>
>   Socket options:
>
>   SO_KEEPALIVE = 1
>
>   SO_REUSEADDR = 1
>
>   SO_BROADCAST = 0
>
>   TCP_NODELAY = 1
>
>   TCP_KEEPCNT = 9
>
>   TCP_KEEPIDLE = 7200
>
>   TCP_KEEPINTVL = 75
>
>   IPTOS_LOWDELAY = 0
>
>   IPTOS_THROUGHPUT = 0
>
>   SO_REUSEPORT = 1
>
>   SO_SNDBUF = 87040
>
>   SO_RCVBUF = 369280
>
>   SO_SNDLOWAT = 1
>
>   SO_RCVLOWAT = 1
>
>   SO_SNDTIMEO = 0
>
>   SO_RCVTIMEO = 0
>
>   TCP_QUICKACK = 1
>
>   TCP_DEFER_ACCEPT = 0
>
>   TCP_USER_TIMEOUT = 0
>
> [2022/04/27 14:14:01.049994,  5, pid=17085, effective(0, 0), real(0, 0)]
> ../../lib/util/util_net.c:990(print_socket_options)
>
>   Socket options:
>
>   SO_KEEPALIVE = 1
>
>   SO_REUSEADDR = 1
>
>   SO_BROADCAST = 0
>
>   TCP_NODELAY = 1
>
>   TCP_KEEPCNT = 9
>
>   TCP_KEEPIDLE = 7200
>
>   TCP_KEEPINTVL = 75
>
>   IPTOS_LOWDELAY = 0
>
>   IPTOS_THROUGHPUT = 0
>
>   SO_REUSEPORT = 1
>
>   SO_SNDBUF = 87040
>
>   SO_RCVBUF = 369280
>
>   SO_SNDLOWAT = 1
>
>   SO_RCVLOWAT = 1
>
>   SO_SNDTIMEO = 0
>
>   SO_RCVTIMEO = 0
>
>   TCP_QUICKACK = 1
>
>   TCP_DEFER_ACCEPT = 0
>
>   TCP_USER_TIMEOUT = 0
>
> [2022/04/27 14:14:01.050034,  3, pid=17085, effective(0, 0), real(0, 0)]
> ../../lib/util/access.c:372(allow_access)
>
>   Allowed connection from 132.250.114.93 (132.250.114.93)
>
> [2022/04/27 14:14:01.050041, 10, pid=17085, effective(0, 0), real(0, 0)]
> ../../source3/smbd/process.c:3919(smbd_add_connection)
>
>   Connection allowed from ipv4:132.250.114.93:50260 to ipv4:
> 132.250.115.34:445
>
> [2022/04/27 14:14:01.050064,  5, pid=17085, effective(0, 0), real(0, 0)]
> ../../lib/util/debug.c:811(debug_dump_status)
>
>   INFO: Current debug levels:
>
>     all: 10
>
>     tdb: 10
>
> [2022/04/27 14:14:01.050579, 10, pid=17031, effective(0, 0), real(0, 0)]
> ../../lib/messaging/messages_dgm.c:1445(messaging_dgm_send)
>
>   messaging_dgm_send: Sending message to 17034
>
> [2022/04/27 14:14:01.050691, 10, pid=17034, effective(0, 0), real(0, 0)]
> ../../source3/lib/messages.c:428(messaging_recv_cb)
>
>   messaging_recv_cb: Received message 0x314 len 0 (num_fds:0) from 17031
>
> [2022/04/27 14:14:01.050954, 10, pid=17034, effective(0, 0), real(0, 0)]
> ../../source3/smbd/smbd_cleanupd.c:173(smbd_cleanupd_process_exited)
>
>   smbd_cleanupd_process_exited: cleaned up pid 17084
>
> [2022/04/27 14:15:01.091584, 10, pid=17031, effective(0, 0), real(0, 0)]
> ../../lib/messaging/messages_dgm.c:1445(messaging_dgm_send)
>
>   messaging_dgm_send: Sending message to 17034
>
> [2022/04/27 14:15:01.091685, 10, pid=17034, effective(0, 0), real(0, 0)]
> ../../source3/lib/messages.c:428(messaging_recv_cb)
>
>   messaging_recv_cb: Received message 0x314 len 0 (num_fds:0) from 17031
>
> [2022/04/27 14:15:01.091873, 10, pid=17034, effective(0, 0), real(0, 0)]
> ../../source3/smbd/smbd_cleanupd.c:173(smbd_cleanupd_process_exited)
>
>   smbd_cleanupd_process_exited: cleaned up pid 17085
>
> On Wed, Apr 27, 2022 at 2:06 PM Jeremy Allison <jra at samba.org> wrote:
>
>> On Wed, Apr 27, 2022 at 02:02:39PM -0400, Mark Cogan via samba wrote:
>> >Output from command line trying to connect:
>> >
>> >thig% smbclient -k -L //thig.<redacted>/
>> >
>> >session setup failed: NT_STATUS_ACCESS_DENIED
>> >
>> >
>> >So it looks like it's just rejecting the Kerberos authentication, which
>> is
>> >why it would drop back down to asking for password (which doesn't work).
>>
>> Use a debug level 10 to get more details.
>>
>


More information about the samba mailing list