API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 26th, 2017
103
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 42.88 KB | None | 0 0
raw download clone embed print report
  1. [2011/07/26 12:04:02.467774, 3] smbd/oplock.c:895(init_oplocks)
  2. init_oplocks: initializing messages.
  3. [2011/07/26 12:04:02.467908, 3] smbd/oplock_linux.c:224(linux_init_kernel_oplocks)
  4. Linux kernel oplocks enabled
  5. [2011/07/26 12:04:02.467996, 3] smbd/process.c:1489(process_smb)
  6. Transaction 0 of length 72 (0 toread)
  7. [2011/07/26 12:04:02.468026, 2] smbd/reply.c:554(reply_special)
  8. netbios connect: name1=SOL 0x20 name2=COSSSLT07 0x0
  9. [2011/07/26 12:04:02.468062, 2] smbd/reply.c:565(reply_special)
  10. netbios connect: local=sol remote=cossslt07, name type = 0
  11. [2011/07/26 12:04:02.469234, 3] smbd/process.c:1489(process_smb)
  12. Transaction 0 of length 159 (0 toread)
  13. [2011/07/26 12:04:02.469282, 3] smbd/process.c:1298(switch_message)
  14. switch message SMBnegprot (pid 24641) conn 0x0
  15. [2011/07/26 12:04:02.469304, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  16. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
  17. [2011/07/26 12:04:02.469391, 3] smbd/negprot.c:586(reply_negprot)
  18. Requested protocol [PC NETWORK PROGRAM 1.0]
  19. [2011/07/26 12:04:02.469412, 3] smbd/negprot.c:586(reply_negprot)
  20. Requested protocol [LANMAN1.0]
  21. [2011/07/26 12:04:02.469429, 3] smbd/negprot.c:586(reply_negprot)
  22. Requested protocol [Windows for Workgroups 3.1a]
  23. [2011/07/26 12:04:02.469444, 3] smbd/negprot.c:586(reply_negprot)
  24. Requested protocol [LM1.2X002]
  25. [2011/07/26 12:04:02.469462, 3] smbd/negprot.c:586(reply_negprot)
  26. Requested protocol [LANMAN2.1]
  27. [2011/07/26 12:04:02.469477, 3] smbd/negprot.c:586(reply_negprot)
  28. Requested protocol [NT LM 0.12]
  29. [2011/07/26 12:04:02.469492, 3] smbd/negprot.c:586(reply_negprot)
  30. Requested protocol [SMB 2.002]
  31. [2011/07/26 12:04:02.469514, 3] smbd/negprot.c:586(reply_negprot)
  32. Requested protocol [SMB 2.???]
  33. [2011/07/26 12:04:02.469696, 3] smbd/negprot.c:404(reply_nt1)
  34. using SPNEGO
  35. [2011/07/26 12:04:02.469741, 3] smbd/negprot.c:691(reply_negprot)
  36. Selected protocol NT LM 0.12
  37. [2011/07/26 12:04:02.471664, 3] smbd/process.c:1489(process_smb)
  38. Transaction 1 of length 142 (0 toread)
  39. [2011/07/26 12:04:02.471693, 3] smbd/process.c:1298(switch_message)
  40. switch message SMBsesssetupX (pid 24641) conn 0x0
  41. [2011/07/26 12:04:02.471710, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  42. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
  43. [2011/07/26 12:04:02.471737, 3] smbd/sesssetup.c:1436(reply_sesssetup_and_X)
  44. wct=12 flg2=0xc807
  45. [2011/07/26 12:04:02.471766, 2] smbd/sesssetup.c:1391(setup_new_vc_session)
  46. setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
  47. [2011/07/26 12:04:02.471784, 3] smbd/sesssetup.c:1190(reply_sesssetup_and_X_spnego)
  48. Doing spnego session setup
  49. [2011/07/26 12:04:02.471801, 3] smbd/sesssetup.c:1232(reply_sesssetup_and_X_spnego)
  50. NativeOS=[] NativeLanMan=[] PrimaryDomain=[]
  51. [2011/07/26 12:04:02.471856, 3] smbd/sesssetup.c:806(reply_spnego_negotiate)
  52. reply_spnego_negotiate: Got secblob of size 40
  53. [2011/07/26 12:04:02.471888, 5] auth/auth.c:481(make_auth_context_subsystem)
  54. Making default auth method list for DC, security=user, encrypt passwords = yes
  55. [2011/07/26 12:04:02.471911, 5] auth/auth.c:46(smb_register_auth)
  56. Attempting to register auth backend sam
  57. [2011/07/26 12:04:02.471926, 5] auth/auth.c:58(smb_register_auth)
  58. Successfully added auth method 'sam'
  59. [2011/07/26 12:04:02.471941, 5] auth/auth.c:46(smb_register_auth)
  60. Attempting to register auth backend sam_ignoredomain
  61. [2011/07/26 12:04:02.471955, 5] auth/auth.c:58(smb_register_auth)
  62. Successfully added auth method 'sam_ignoredomain'
  63. [2011/07/26 12:04:02.471971, 5] auth/auth.c:46(smb_register_auth)
  64. Attempting to register auth backend unix
  65. [2011/07/26 12:04:02.471987, 5] auth/auth.c:58(smb_register_auth)
  66. Successfully added auth method 'unix'
  67. [2011/07/26 12:04:02.472002, 5] auth/auth.c:46(smb_register_auth)
  68. Attempting to register auth backend winbind
  69. [2011/07/26 12:04:02.472016, 5] auth/auth.c:58(smb_register_auth)
  70. Successfully added auth method 'winbind'
  71. [2011/07/26 12:04:02.472032, 5] auth/auth.c:46(smb_register_auth)
  72. Attempting to register auth backend wbc
  73. [2011/07/26 12:04:02.472047, 5] auth/auth.c:58(smb_register_auth)
  74. Successfully added auth method 'wbc'
  75. [2011/07/26 12:04:02.472061, 5] auth/auth.c:46(smb_register_auth)
  76. Attempting to register auth backend smbserver
  77. [2011/07/26 12:04:02.472076, 5] auth/auth.c:58(smb_register_auth)
  78. Successfully added auth method 'smbserver'
  79. [2011/07/26 12:04:02.472092, 5] auth/auth.c:46(smb_register_auth)
  80. Attempting to register auth backend trustdomain
  81. [2011/07/26 12:04:02.472106, 5] auth/auth.c:58(smb_register_auth)
  82. Successfully added auth method 'trustdomain'
  83. [2011/07/26 12:04:02.472120, 5] auth/auth.c:46(smb_register_auth)
  84. Attempting to register auth backend ntdomain
  85. [2011/07/26 12:04:02.472135, 5] auth/auth.c:58(smb_register_auth)
  86. Successfully added auth method 'ntdomain'
  87. [2011/07/26 12:04:02.472152, 5] auth/auth.c:46(smb_register_auth)
  88. Attempting to register auth backend guest
  89. [2011/07/26 12:04:02.472167, 5] auth/auth.c:58(smb_register_auth)
  90. Successfully added auth method 'guest'
  91. [2011/07/26 12:04:02.472181, 5] auth/auth.c:46(smb_register_auth)
  92. Attempting to register auth backend netlogond
  93. [2011/07/26 12:04:02.472198, 5] auth/auth.c:58(smb_register_auth)
  94. Successfully added auth method 'netlogond'
  95. [2011/07/26 12:04:02.472212, 5] auth/auth.c:383(load_auth_module)
  96. load_auth_module: Attempting to find an auth method to match guest
  97. [2011/07/26 12:04:02.472229, 5] auth/auth.c:408(load_auth_module)
  98. load_auth_module: auth method guest has a valid init
  99. [2011/07/26 12:04:02.472244, 5] auth/auth.c:383(load_auth_module)
  100. load_auth_module: Attempting to find an auth method to match sam
  101. [2011/07/26 12:04:02.472267, 5] auth/auth.c:408(load_auth_module)
  102. load_auth_module: auth method sam has a valid init
  103. [2011/07/26 12:04:02.472282, 5] auth/auth.c:383(load_auth_module)
  104. load_auth_module: Attempting to find an auth method to match winbind:trustdomain
  105. [2011/07/26 12:04:02.472316, 5] auth/auth.c:383(load_auth_module)
  106. load_auth_module: Attempting to find an auth method to match trustdomain
  107. [2011/07/26 12:04:02.472332, 5] auth/auth.c:408(load_auth_module)
  108. load_auth_module: auth method trustdomain has a valid init
  109. [2011/07/26 12:04:02.472346, 5] auth/auth.c:408(load_auth_module)
  110. load_auth_module: auth method winbind has a valid init
  111. [2011/07/26 12:04:02.472378, 3] libsmb/ntlmssp.c:65(debug_ntlmssp_flags)
  112. Got NTLMSSP neg_flags=0xe2088297
  113. [2011/07/26 12:04:02.472399, 5] auth/auth.c:97(get_ntlm_challenge)
  114. auth_get_challenge: module guest did not want to specify a challenge
  115. [2011/07/26 12:04:02.472414, 5] auth/auth.c:97(get_ntlm_challenge)
  116. auth_get_challenge: module sam did not want to specify a challenge
  117. [2011/07/26 12:04:02.472428, 5] auth/auth.c:97(get_ntlm_challenge)
  118. auth_get_challenge: module winbind did not want to specify a challenge
  119. [2011/07/26 12:04:02.472448, 5] auth/auth.c:132(get_ntlm_challenge)
  120. auth_context challenge created by random
  121. [2011/07/26 12:04:02.472463, 5] auth/auth.c:133(get_ntlm_challenge)
  122. challenge is:
  123. [2011/07/26 12:04:02.474144, 3] smbd/process.c:1489(process_smb)
  124. Transaction 2 of length 200 (0 toread)
  125. [2011/07/26 12:04:02.474176, 3] smbd/process.c:1298(switch_message)
  126. switch message SMBsesssetupX (pid 24641) conn 0x0
  127. [2011/07/26 12:04:02.474194, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  128. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
  129. [2011/07/26 12:04:02.474216, 3] smbd/sesssetup.c:1436(reply_sesssetup_and_X)
  130. wct=12 flg2=0xc807
  131. [2011/07/26 12:04:02.474232, 2] smbd/sesssetup.c:1391(setup_new_vc_session)
  132. setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources.
  133. [2011/07/26 12:04:02.474247, 3] smbd/sesssetup.c:1190(reply_sesssetup_and_X_spnego)
  134. Doing spnego session setup
  135. [2011/07/26 12:04:02.474265, 3] smbd/sesssetup.c:1232(reply_sesssetup_and_X_spnego)
  136. NativeOS=[] NativeLanMan=[] PrimaryDomain=[]
  137. [2011/07/26 12:04:02.474301, 3] libsmb/ntlmssp.c:747(ntlmssp_server_auth)
  138. Got user=[] domain=[] workstation=[COSSSLT07] len1=1 len2=0
  139. [2011/07/26 12:04:02.474350, 5] auth/auth_util.c:211(make_user_info_map)
  140. Mapping user []\[] from workstation [COSSSLT07]
  141. [2011/07/26 12:04:02.474372, 5] auth/auth_util.c:232(make_user_info_map)
  142. Mapped domain from [] to [SOLAR] for user [] from workstation [COSSSLT07]
  143. [2011/07/26 12:04:02.474388, 5] auth/auth_util.c:122(make_user_info)
  144. attempting to make a user_info for ()
  145. [2011/07/26 12:04:02.474402, 5] auth/auth_util.c:132(make_user_info)
  146. making strings for 's user_info struct
  147. [2011/07/26 12:04:02.474418, 5] auth/auth_util.c:164(make_user_info)
  148. making blobs for 's user_info struct
  149. [2011/07/26 12:04:02.474433, 10] auth/auth_util.c:182(make_user_info)
  150. made an encrypted user_info for ()
  151. [2011/07/26 12:04:02.474448, 3] auth/auth.c:216(check_ntlm_password)
  152. check_ntlm_password: Checking password for unmapped user []\[]@[COSSSLT07] with the new password interface
  153. [2011/07/26 12:04:02.474464, 3] auth/auth.c:219(check_ntlm_password)
  154. check_ntlm_password: mapped user is: [SOLAR]\[]@[COSSSLT07]
  155. [2011/07/26 12:04:02.474479, 10] auth/auth.c:228(check_ntlm_password)
  156. check_ntlm_password: auth_context challenge created by random
  157. [2011/07/26 12:04:02.474493, 10] auth/auth.c:230(check_ntlm_password)
  158. challenge is:
  159. [2011/07/26 12:04:02.474570, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  160. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  161. [2011/07/26 12:04:02.474594, 3] smbd/uid.c:429(push_conn_ctx)
  162. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  163. [2011/07/26 12:04:02.474611, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  164. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  165. [2011/07/26 12:04:02.474636, 5] passdb/pdb_interface.c:1473(lookup_global_sam_rid)
  166. lookup_global_sam_rid: looking up RID 514.
  167. [2011/07/26 12:04:02.474655, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  168. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
  169. [2011/07/26 12:04:02.474670, 3] smbd/uid.c:429(push_conn_ctx)
  170. push_conn_ctx(0) : conn_ctx_stack_ndx = 1
  171. [2011/07/26 12:04:02.474685, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  172. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
  173. [2011/07/26 12:04:02.474854, 2] lib/smbldap.c:950(smbldap_open_connection)
  174. smbldap_open_connection: connection opened
  175. [2011/07/26 12:04:02.477791, 3] lib/smbldap.c:1166(smbldap_connect_system)
  176. ldap_connect_system: successful connection to the LDAP server
  177. [2011/07/26 12:04:02.480696, 4] passdb/pdb_ldap.c:1695(ldapsam_getsampwsid)
  178. ldapsam_getsampwsid: Unable to locate SID [S-1-5-21-1048866067-1567326443-2860397223-514] count=0
  179. [2011/07/26 12:04:02.483800, 2] passdb/pdb_ldap.c:2446(init_group_from_ldap)
  180. init_group_from_ldap: Entry found for group: 65534
  181. [2011/07/26 12:04:02.483848, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  182. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
  183. [2011/07/26 12:04:02.483866, 5] passdb/pdb_interface.c:1595(pdb_default_lookup_rids)
  184. lookup_rids: Domain Guests:2
  185. [2011/07/26 12:04:02.483886, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  186. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  187. [2011/07/26 12:04:02.483912, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  188. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  189. [2011/07/26 12:04:02.483928, 3] smbd/uid.c:429(push_conn_ctx)
  190. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  191. [2011/07/26 12:04:02.483943, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  192. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  193. [2011/07/26 12:04:02.484001, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  194. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  195. [2011/07/26 12:04:02.484049, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  196. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  197. [2011/07/26 12:04:02.484070, 3] smbd/uid.c:429(push_conn_ctx)
  198. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  199. [2011/07/26 12:04:02.484085, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  200. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  201. [2011/07/26 12:04:02.484115, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  202. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  203. [2011/07/26 12:04:02.484138, 3] auth/auth.c:265(check_ntlm_password)
  204. check_ntlm_password: guest authentication for user [] succeeded
  205. [2011/07/26 12:04:02.484154, 5] auth/auth.c:304(check_ntlm_password)
  206. check_ntlm_password: guest authentication for user [] -> [] -> [nobody] succeeded
  207. [2011/07/26 12:04:02.484170, 5] auth/auth_util.c:2119(free_user_info)
  208. attempting to free (and zero) a user_info structure
  209. [2011/07/26 12:04:02.484184, 10] auth/auth_util.c:2123(free_user_info)
  210. structure was created for
  211. [2011/07/26 12:04:02.484209, 3] libsmb/ntlmssp_sign.c:343(ntlmssp_sign_init)
  212. NTLMSSP Sign/Seal - Initialising with flags:
  213. [2011/07/26 12:04:02.484224, 3] libsmb/ntlmssp.c:65(debug_ntlmssp_flags)
  214. Got NTLMSSP neg_flags=0xe2088215
  215. [2011/07/26 12:04:02.484256, 3] smbd/password.c:282(register_existing_vuid)
  216. register_existing_vuid: User name: nobody Real name: nobody
  217. [2011/07/26 12:04:02.484275, 3] smbd/password.c:292(register_existing_vuid)
  218. register_existing_vuid: UNIX uid 65534 is UNIX user nobody, and will be vuid 100
  219. [2011/07/26 12:04:02.485599, 3] smbd/process.c:1489(process_smb)
  220. Transaction 3 of length 76 (0 toread)
  221. [2011/07/26 12:04:02.485648, 3] smbd/process.c:1298(switch_message)
  222. switch message SMBtconX (pid 24641) conn 0x0
  223. [2011/07/26 12:04:02.485666, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  224. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
  225. [2011/07/26 12:04:02.485770, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  226. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  227. [2011/07/26 12:04:02.485790, 3] smbd/uid.c:429(push_conn_ctx)
  228. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  229. [2011/07/26 12:04:02.485805, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  230. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  231. [2011/07/26 12:04:02.485844, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  232. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  233. [2011/07/26 12:04:02.485889, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  234. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  235. [2011/07/26 12:04:02.485907, 3] smbd/uid.c:429(push_conn_ctx)
  236. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  237. [2011/07/26 12:04:02.485921, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  238. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  239. [2011/07/26 12:04:02.485952, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  240. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  241. [2011/07/26 12:04:02.486015, 3] smbd/service.c:807(make_connection_snum)
  242. Connect path is '/tmp' for service [IPC$]
  243. [2011/07/26 12:04:02.486061, 3] smbd/vfs.c:97(vfs_init_default)
  244. Initialising default vfs hooks
  245. [2011/07/26 12:04:02.486087, 3] smbd/vfs.c:122(vfs_init_custom)
  246. Initialising custom vfs hooks from [/[Default VFS]/]
  247. [2011/07/26 12:04:02.486176, 3] lib/util_sid.c:228(string_to_sid)
  248. string_to_sid: Sid root does not start with 'S-'.
  249. [2011/07/26 12:04:02.486213, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  250. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  251. [2011/07/26 12:04:02.486230, 3] smbd/uid.c:429(push_conn_ctx)
  252. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  253. [2011/07/26 12:04:02.486245, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  254. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  255. [2011/07/26 12:04:02.491128, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap)
  256. init_sam_from_ldap: Entry found for user: root
  257. [2011/07/26 12:04:02.491286, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  258. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
  259. [2011/07/26 12:04:02.491320, 3] smbd/uid.c:429(push_conn_ctx)
  260. push_conn_ctx(0) : conn_ctx_stack_ndx = 1
  261. [2011/07/26 12:04:02.491339, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  262. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
  263. [2011/07/26 12:04:02.491375, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  264. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
  265. [2011/07/26 12:04:02.491460, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  266. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
  267. [2011/07/26 12:04:02.491476, 3] smbd/uid.c:429(push_conn_ctx)
  268. push_conn_ctx(0) : conn_ctx_stack_ndx = 1
  269. [2011/07/26 12:04:02.491491, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  270. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
  271. [2011/07/26 12:04:02.491524, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  272. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
  273. [2011/07/26 12:04:02.493314, 4] passdb/pdb_ldap.c:2562(ldapsam_getgroup)
  274. ldapsam_getgroup: Did not find group, filter was (&(objectClass=sambaGroupMapping)(gidNumber=0))
  275. [2011/07/26 12:04:02.493341, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  276. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
  277. [2011/07/26 12:04:02.493360, 3] smbd/uid.c:429(push_conn_ctx)
  278. push_conn_ctx(0) : conn_ctx_stack_ndx = 1
  279. [2011/07/26 12:04:02.493377, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  280. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
  281. [2011/07/26 12:04:02.493410, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  282. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
  283. [2011/07/26 12:04:02.493448, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  284. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
  285. [2011/07/26 12:04:02.493468, 3] smbd/uid.c:429(push_conn_ctx)
  286. push_conn_ctx(0) : conn_ctx_stack_ndx = 1
  287. [2011/07/26 12:04:02.493486, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  288. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
  289. [2011/07/26 12:04:02.493519, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  290. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
  291. [2011/07/26 12:04:02.493545, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  292. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  293. [2011/07/26 12:04:02.493573, 3] lib/util_sid.c:228(string_to_sid)
  294. string_to_sid: Sid @adm does not start with 'S-'.
  295. [2011/07/26 12:04:02.493919, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  296. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  297. [2011/07/26 12:04:02.493939, 3] smbd/uid.c:429(push_conn_ctx)
  298. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  299. [2011/07/26 12:04:02.493953, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  300. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  301. [2011/07/26 12:04:02.497512, 2] passdb/pdb_ldap.c:2446(init_group_from_ldap)
  302. init_group_from_ldap: Entry found for group: 4
  303. [2011/07/26 12:04:02.497556, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  304. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  305. [2011/07/26 12:04:02.497656, 3] lib/util_sid.c:228(string_to_sid)
  306. string_to_sid: Sid @bdctechs does not start with 'S-'.
  307. [2011/07/26 12:04:02.497688, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  308. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  309. [2011/07/26 12:04:02.497705, 3] smbd/uid.c:429(push_conn_ctx)
  310. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  311. [2011/07/26 12:04:02.497722, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  312. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  313. [2011/07/26 12:04:02.501281, 2] passdb/pdb_ldap.c:2446(init_group_from_ldap)
  314. init_group_from_ldap: Entry found for group: 65539
  315. [2011/07/26 12:04:02.501324, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  316. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  317. [2011/07/26 12:04:02.501356, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  318. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  319. [2011/07/26 12:04:02.501373, 3] smbd/uid.c:429(push_conn_ctx)
  320. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  321. [2011/07/26 12:04:02.501392, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  322. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  323. [2011/07/26 12:04:02.501425, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  324. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  325. [2011/07/26 12:04:02.501459, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  326. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 1
  327. [2011/07/26 12:04:02.501476, 3] smbd/uid.c:429(push_conn_ctx)
  328. push_conn_ctx(0) : conn_ctx_stack_ndx = 0
  329. [2011/07/26 12:04:02.501493, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  330. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  331. [2011/07/26 12:04:02.501524, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  332. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 0
  333. [2011/07/26 12:04:02.501551, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  334. setting sec ctx (65534, 65534) - sec_ctx_stack_ndx = 0
  335. [2011/07/26 12:04:02.501590, 3] smbd/service.c:1070(make_connection_snum)
  336. cossslt07 (::ffff:172.16.14.118) connect to service IPC$ initially as user nobody (uid=65534, gid=65534) (pid 24641)
  337. [2011/07/26 12:04:02.501613, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  338. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
  339. [2011/07/26 12:04:02.501638, 3] smbd/reply.c:865(reply_tcon_and_X)
  340. tconX service=IPC$
  341. [2011/07/26 12:04:02.502900, 3] smbd/process.c:1489(process_smb)
  342. Transaction 4 of length 108 (0 toread)
  343. [2011/07/26 12:04:02.502921, 3] smbd/process.c:1298(switch_message)
  344. switch message SMBntcreateX (pid 24641) conn 0xb7d0deb0
  345. [2011/07/26 12:04:02.502938, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  346. setting sec ctx (65534, 65534) - sec_ctx_stack_ndx = 0
  347. [2011/07/26 12:04:02.503032, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  348. push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
  349. [2011/07/26 12:04:02.503051, 3] smbd/uid.c:429(push_conn_ctx)
  350. push_conn_ctx(100) : conn_ctx_stack_ndx = 0
  351. [2011/07/26 12:04:02.503066, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  352. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  353. [2011/07/26 12:04:02.503100, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  354. pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
  355. [2011/07/26 12:04:02.503129, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  356. push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
  357. [2011/07/26 12:04:02.503148, 3] smbd/uid.c:429(push_conn_ctx)
  358. push_conn_ctx(100) : conn_ctx_stack_ndx = 0
  359. [2011/07/26 12:04:02.503162, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  360. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  361. [2011/07/26 12:04:02.503195, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  362. pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
  363. [2011/07/26 12:04:02.504236, 3] smbd/process.c:1489(process_smb)
  364. Transaction 5 of length 76 (0 toread)
  365. [2011/07/26 12:04:02.504272, 3] smbd/process.c:1298(switch_message)
  366. switch message SMBtrans2 (pid 24641) conn 0xb7d0deb0
  367. [2011/07/26 12:04:02.505444, 3] smbd/process.c:1489(process_smb)
  368. Transaction 6 of length 184 (0 toread)
  369. [2011/07/26 12:04:02.505472, 3] smbd/process.c:1298(switch_message)
  370. switch message SMBwriteX (pid 24641) conn 0xb7d0deb0
  371. [2011/07/26 12:04:02.505525, 3] rpc_server/srv_pipe.c:1668(api_pipe_bind_req)
  372. api_pipe_bind_req: \PIPE\netlogon -> \PIPE\netlogon
  373. [2011/07/26 12:04:02.505549, 3] rpc_server/srv_pipe.c:998(check_bind_req)
  374. check_bind_req for \netlogon
  375. [2011/07/26 12:04:02.505592, 3] smbd/pipes.c:352(pipe_write_andx_done)
  376. writeX-IPC nwritten=116
  377. [2011/07/26 12:04:02.506690, 3] smbd/process.c:1489(process_smb)
  378. Transaction 7 of length 63 (0 toread)
  379. [2011/07/26 12:04:02.506726, 3] smbd/process.c:1298(switch_message)
  380. switch message SMBreadX (pid 24641) conn 0xb7d0deb0
  381. [2011/07/26 12:04:02.506762, 3] smbd/pipes.c:462(pipe_read_andx_done)
  382. readX-IPC min=1024 max=1024 nread=72
  383. [2011/07/26 12:04:02.507880, 3] smbd/process.c:1489(process_smb)
  384. Transaction 8 of length 160 (0 toread)
  385. [2011/07/26 12:04:02.507914, 3] smbd/process.c:1298(switch_message)
  386. switch message SMBwriteX (pid 24641) conn 0xb7d0deb0
  387. [2011/07/26 12:04:02.507947, 3] rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
  388. free_pipe_context: destroying talloc pool of size 122
  389. [2011/07/26 12:04:02.507984, 3] rpc_server/srv_pipe.c:2415(api_rpcTNP)
  390. api_rpcTNP: rpc command: NETR_SERVERREQCHALLENGE
  391. [2011/07/26 12:04:02.508042, 3] rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
  392. free_pipe_context: destroying talloc pool of size 0
  393. [2011/07/26 12:04:02.508070, 3] smbd/pipes.c:352(pipe_write_andx_done)
  394. writeX-IPC nwritten=92
  395. [2011/07/26 12:04:02.509176, 3] smbd/process.c:1489(process_smb)
  396. Transaction 9 of length 63 (0 toread)
  397. [2011/07/26 12:04:02.509199, 3] smbd/process.c:1298(switch_message)
  398. switch message SMBreadX (pid 24641) conn 0xb7d0deb0
  399. [2011/07/26 12:04:02.509231, 3] smbd/pipes.c:462(pipe_read_andx_done)
  400. readX-IPC min=1024 max=1024 nread=36
  401. [2011/07/26 12:04:02.510403, 3] smbd/process.c:1489(process_smb)
  402. Transaction 10 of length 200 (0 toread)
  403. [2011/07/26 12:04:02.510431, 3] smbd/process.c:1298(switch_message)
  404. switch message SMBwriteX (pid 24641) conn 0xb7d0deb0
  405. [2011/07/26 12:04:02.510458, 3] rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
  406. free_pipe_context: destroying talloc pool of size 0
  407. [2011/07/26 12:04:02.510477, 3] rpc_server/srv_pipe.c:2415(api_rpcTNP)
  408. api_rpcTNP: rpc command: NETR_SERVERAUTHENTICATE3
  409. [2011/07/26 12:04:02.510515, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  410. push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
  411. [2011/07/26 12:04:02.510537, 3] smbd/uid.c:429(push_conn_ctx)
  412. push_conn_ctx(100) : conn_ctx_stack_ndx = 0
  413. [2011/07/26 12:04:02.510552, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  414. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  415. [2011/07/26 12:04:02.514693, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap)
  416. init_sam_from_ldap: Entry found for user: cossslt07$
  417. [2011/07/26 12:04:02.514819, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  418. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
  419. [2011/07/26 12:04:02.514840, 3] smbd/uid.c:429(push_conn_ctx)
  420. push_conn_ctx(100) : conn_ctx_stack_ndx = 1
  421. [2011/07/26 12:04:02.514858, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  422. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
  423. [2011/07/26 12:04:02.514898, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  424. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
  425. [2011/07/26 12:04:02.514966, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  426. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
  427. [2011/07/26 12:04:02.514983, 3] smbd/uid.c:429(push_conn_ctx)
  428. push_conn_ctx(100) : conn_ctx_stack_ndx = 1
  429. [2011/07/26 12:04:02.514998, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  430. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
  431. [2011/07/26 12:04:02.515028, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  432. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
  433. [2011/07/26 12:04:02.519012, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  434. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
  435. [2011/07/26 12:04:02.519036, 3] smbd/uid.c:429(push_conn_ctx)
  436. push_conn_ctx(100) : conn_ctx_stack_ndx = 1
  437. [2011/07/26 12:04:02.519053, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  438. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
  439. [2011/07/26 12:04:02.521909, 2] passdb/pdb_ldap.c:2446(init_group_from_ldap)
  440. init_group_from_ldap: Entry found for group: 421
  441. [2011/07/26 12:04:02.521951, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  442. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
  443. [2011/07/26 12:04:02.521983, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  444. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
  445. [2011/07/26 12:04:02.522001, 3] smbd/uid.c:429(push_conn_ctx)
  446. push_conn_ctx(100) : conn_ctx_stack_ndx = 1
  447. [2011/07/26 12:04:02.522018, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  448. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
  449. [2011/07/26 12:04:02.522041, 5] passdb/pdb_interface.c:1473(lookup_global_sam_rid)
  450. lookup_global_sam_rid: looking up RID 515.
  451. [2011/07/26 12:04:02.522060, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  452. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
  453. [2011/07/26 12:04:02.522090, 3] smbd/uid.c:429(push_conn_ctx)
  454. push_conn_ctx(100) : conn_ctx_stack_ndx = 2
  455. [2011/07/26 12:04:02.522108, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  456. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
  457. [2011/07/26 12:04:02.524803, 4] passdb/pdb_ldap.c:1695(ldapsam_getsampwsid)
  458. ldapsam_getsampwsid: Unable to locate SID [S-1-5-21-1048866067-1567326443-2860397223-515] count=0
  459. [2011/07/26 12:04:02.527764, 2] passdb/pdb_ldap.c:2446(init_group_from_ldap)
  460. init_group_from_ldap: Entry found for group: 421
  461. [2011/07/26 12:04:02.527805, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  462. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
  463. [2011/07/26 12:04:02.527824, 5] passdb/pdb_interface.c:1595(pdb_default_lookup_rids)
  464. lookup_rids: machines:2
  465. [2011/07/26 12:04:02.527843, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  466. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
  467. [2011/07/26 12:04:02.527865, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  468. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
  469. [2011/07/26 12:04:02.527882, 3] smbd/uid.c:429(push_conn_ctx)
  470. push_conn_ctx(100) : conn_ctx_stack_ndx = 1
  471. [2011/07/26 12:04:02.527899, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  472. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
  473. [2011/07/26 12:04:02.527933, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  474. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
  475. [2011/07/26 12:04:02.527969, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  476. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
  477. [2011/07/26 12:04:02.527988, 3] smbd/uid.c:429(push_conn_ctx)
  478. push_conn_ctx(100) : conn_ctx_stack_ndx = 1
  479. [2011/07/26 12:04:02.528005, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  480. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
  481. [2011/07/26 12:04:02.528035, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  482. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
  483. [2011/07/26 12:04:02.528061, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  484. pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
  485. [2011/07/26 12:04:02.528164, 2] ../libcli/auth/credentials.c:307(netlogon_creds_server_check_internal)
  486. credentials check failed
  487. [2011/07/26 12:04:02.528183, 0] rpc_server/srv_netlog_nt.c:714(_netr_ServerAuthenticate3)
  488. _netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting auth request from client COSSSLT07 machine account COSSSLT07$
  489. [2011/07/26 12:04:02.528243, 3] rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
  490. free_pipe_context: destroying talloc pool of size 0
  491. [2011/07/26 12:04:02.528270, 3] smbd/pipes.c:352(pipe_write_andx_done)
  492. writeX-IPC nwritten=132
  493. [2011/07/26 12:04:02.529396, 3] smbd/process.c:1489(process_smb)
  494. Transaction 11 of length 63 (0 toread)
  495. [2011/07/26 12:04:02.529430, 3] smbd/process.c:1298(switch_message)
  496. switch message SMBreadX (pid 24641) conn 0xb7d0deb0
  497. [2011/07/26 12:04:02.529463, 3] smbd/pipes.c:462(pipe_read_andx_done)
  498. readX-IPC min=1024 max=1024 nread=44
  499. [2011/07/26 12:04:02.530846, 3] smbd/process.c:1489(process_smb)
  500. Transaction 12 of length 160 (0 toread)
  501. [2011/07/26 12:04:02.530869, 3] smbd/process.c:1298(switch_message)
  502. switch message SMBwriteX (pid 24641) conn 0xb7d0deb0
  503. [2011/07/26 12:04:02.530892, 3] rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
  504. free_pipe_context: destroying talloc pool of size 0
  505. [2011/07/26 12:04:02.530911, 3] rpc_server/srv_pipe.c:2415(api_rpcTNP)
  506. api_rpcTNP: rpc command: NETR_SERVERREQCHALLENGE
  507. [2011/07/26 12:04:02.530940, 3] rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
  508. free_pipe_context: destroying talloc pool of size 0
  509. [2011/07/26 12:04:02.530964, 3] smbd/pipes.c:352(pipe_write_andx_done)
  510. writeX-IPC nwritten=92
  511. [2011/07/26 12:04:02.532127, 3] smbd/process.c:1489(process_smb)
  512. Transaction 13 of length 63 (0 toread)
  513. [2011/07/26 12:04:02.532162, 3] smbd/process.c:1298(switch_message)
  514. switch message SMBreadX (pid 24641) conn 0xb7d0deb0
  515. [2011/07/26 12:04:02.532195, 3] smbd/pipes.c:462(pipe_read_andx_done)
  516. readX-IPC min=1024 max=1024 nread=36
  517. [2011/07/26 12:04:02.533339, 3] smbd/process.c:1489(process_smb)
  518. Transaction 14 of length 200 (0 toread)
  519. [2011/07/26 12:04:02.533368, 3] smbd/process.c:1298(switch_message)
  520. switch message SMBwriteX (pid 24641) conn 0xb7d0deb0
  521. [2011/07/26 12:04:02.533405, 3] rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
  522. free_pipe_context: destroying talloc pool of size 0
  523. [2011/07/26 12:04:02.533424, 3] rpc_server/srv_pipe.c:2415(api_rpcTNP)
  524. api_rpcTNP: rpc command: NETR_SERVERAUTHENTICATE3
  525. [2011/07/26 12:04:02.533448, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  526. push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
  527. [2011/07/26 12:04:02.533468, 3] smbd/uid.c:429(push_conn_ctx)
  528. push_conn_ctx(100) : conn_ctx_stack_ndx = 0
  529. [2011/07/26 12:04:02.533483, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  530. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  531. [2011/07/26 12:04:02.537556, 2] passdb/pdb_ldap.c:572(init_sam_from_ldap)
  532. init_sam_from_ldap: Entry found for user: cossslt07$
  533. [2011/07/26 12:04:02.537676, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  534. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
  535. [2011/07/26 12:04:02.537695, 3] smbd/uid.c:429(push_conn_ctx)
  536. push_conn_ctx(100) : conn_ctx_stack_ndx = 1
  537. [2011/07/26 12:04:02.537712, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  538. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
  539. [2011/07/26 12:04:02.537745, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  540. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
  541. [2011/07/26 12:04:02.537806, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  542. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
  543. [2011/07/26 12:04:02.537822, 3] smbd/uid.c:429(push_conn_ctx)
  544. push_conn_ctx(100) : conn_ctx_stack_ndx = 1
  545. [2011/07/26 12:04:02.537837, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  546. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
  547. [2011/07/26 12:04:02.537867, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  548. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
  549. [2011/07/26 12:04:02.537893, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  550. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
  551. [2011/07/26 12:04:02.537909, 3] smbd/uid.c:429(push_conn_ctx)
  552. push_conn_ctx(100) : conn_ctx_stack_ndx = 1
  553. [2011/07/26 12:04:02.537923, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  554. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
  555. [2011/07/26 12:04:02.537942, 5] passdb/pdb_interface.c:1473(lookup_global_sam_rid)
  556. lookup_global_sam_rid: looking up RID 515.
  557. [2011/07/26 12:04:02.537957, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  558. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 3
  559. [2011/07/26 12:04:02.537972, 3] smbd/uid.c:429(push_conn_ctx)
  560. push_conn_ctx(100) : conn_ctx_stack_ndx = 2
  561. [2011/07/26 12:04:02.537987, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  562. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 3
  563. [2011/07/26 12:04:02.540638, 4] passdb/pdb_ldap.c:1695(ldapsam_getsampwsid)
  564. ldapsam_getsampwsid: Unable to locate SID [S-1-5-21-1048866067-1567326443-2860397223-515] count=0
  565. [2011/07/26 12:04:02.543539, 2] passdb/pdb_ldap.c:2446(init_group_from_ldap)
  566. init_group_from_ldap: Entry found for group: 421
  567. [2011/07/26 12:04:02.543581, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  568. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 2
  569. [2011/07/26 12:04:02.543600, 5] passdb/pdb_interface.c:1595(pdb_default_lookup_rids)
  570. lookup_rids: machines:2
  571. [2011/07/26 12:04:02.543619, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  572. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
  573. [2011/07/26 12:04:02.543640, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  574. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
  575. [2011/07/26 12:04:02.543657, 3] smbd/uid.c:429(push_conn_ctx)
  576. push_conn_ctx(100) : conn_ctx_stack_ndx = 1
  577. [2011/07/26 12:04:02.543673, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  578. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
  579. [2011/07/26 12:04:02.543707, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  580. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
  581. [2011/07/26 12:04:02.543738, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  582. push_sec_ctx(0, 0) : sec_ctx_stack_ndx = 2
  583. [2011/07/26 12:04:02.543757, 3] smbd/uid.c:429(push_conn_ctx)
  584. push_conn_ctx(100) : conn_ctx_stack_ndx = 1
  585. [2011/07/26 12:04:02.543774, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  586. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 2
  587. [2011/07/26 12:04:02.543807, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  588. pop_sec_ctx (0, 0) - sec_ctx_stack_ndx = 1
  589. [2011/07/26 12:04:02.543839, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  590. pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
  591. [2011/07/26 12:04:02.543933, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  592. push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
  593. [2011/07/26 12:04:02.543966, 3] smbd/uid.c:429(push_conn_ctx)
  594. push_conn_ctx(100) : conn_ctx_stack_ndx = 0
  595. [2011/07/26 12:04:02.543982, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  596. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  597. [2011/07/26 12:04:02.544073, 3] ../libcli/auth/schannel_state_tdb.c:68(schannel_store_session_key_tdb)
  598. schannel_store_session_key_tdb: stored schannel info with key SECRETS/SCHANNEL/COSSSLT07
  599. [2011/07/26 12:04:02.544103, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  600. pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
  601. [2011/07/26 12:04:02.544126, 3] rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
  602. free_pipe_context: destroying talloc pool of size 1177
  603. [2011/07/26 12:04:02.544150, 3] smbd/pipes.c:352(pipe_write_andx_done)
  604. writeX-IPC nwritten=132
  605. [2011/07/26 12:04:02.545223, 3] smbd/process.c:1489(process_smb)
  606. Transaction 15 of length 63 (0 toread)
  607. [2011/07/26 12:04:02.545254, 3] smbd/process.c:1298(switch_message)
  608. switch message SMBreadX (pid 24641) conn 0xb7d0deb0
  609. [2011/07/26 12:04:02.545285, 3] smbd/pipes.c:462(pipe_read_andx_done)
  610. readX-IPC min=1024 max=1024 nread=44
  611. [2011/07/26 12:04:02.546454, 3] smbd/process.c:1489(process_smb)
  612. Transaction 16 of length 108 (0 toread)
  613. [2011/07/26 12:04:02.546485, 3] smbd/process.c:1298(switch_message)
  614. switch message SMBntcreateX (pid 24641) conn 0xb7d0deb0
  615. [2011/07/26 12:04:02.546529, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  616. push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
  617. [2011/07/26 12:04:02.546550, 3] smbd/uid.c:429(push_conn_ctx)
  618. push_conn_ctx(100) : conn_ctx_stack_ndx = 0
  619. [2011/07/26 12:04:02.546565, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  620. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  621. [2011/07/26 12:04:02.546606, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  622. pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
  623. [2011/07/26 12:04:02.546640, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  624. push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
  625. [2011/07/26 12:04:02.546660, 3] smbd/uid.c:429(push_conn_ctx)
  626. push_conn_ctx(100) : conn_ctx_stack_ndx = 0
  627. [2011/07/26 12:04:02.546680, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  628. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  629. [2011/07/26 12:04:02.546714, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  630. pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
  631. [2011/07/26 12:04:02.547893, 3] smbd/process.c:1489(process_smb)
  632. Transaction 17 of length 183 (0 toread)
  633. [2011/07/26 12:04:02.547922, 3] smbd/process.c:1298(switch_message)
  634. switch message SMBwriteX (pid 24641) conn 0xb7d0deb0
  635. [2011/07/26 12:04:02.547960, 3] rpc_server/srv_pipe.c:1668(api_pipe_bind_req)
  636. api_pipe_bind_req: \PIPE\netlogon -> \PIPE\netlogon
  637. [2011/07/26 12:04:02.548002, 3] smbd/sec_ctx.c:210(push_sec_ctx)
  638. push_sec_ctx(65534, 65534) : sec_ctx_stack_ndx = 1
  639. [2011/07/26 12:04:02.548023, 3] smbd/uid.c:429(push_conn_ctx)
  640. push_conn_ctx(100) : conn_ctx_stack_ndx = 0
  641. [2011/07/26 12:04:02.548039, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  642. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 1
  643. [2011/07/26 12:04:02.548128, 3] ../libcli/auth/schannel_state_tdb.c:132(schannel_fetch_session_key_tdb)
  644. schannel_fetch_session_key_tdb: restored schannel info key SECRETS/SCHANNEL/COSSSLT07
  645. [2011/07/26 12:04:02.548163, 3] smbd/sec_ctx.c:418(pop_sec_ctx)
  646. pop_sec_ctx (65534, 65534) - sec_ctx_stack_ndx = 0
  647. [2011/07/26 12:04:02.548189, 3] rpc_server/srv_pipe.c:998(check_bind_req)
  648. check_bind_req for \netlogon
  649. [2011/07/26 12:04:02.548221, 3] smbd/pipes.c:352(pipe_write_andx_done)
  650. writeX-IPC nwritten=115
  651. [2011/07/26 12:04:02.549264, 3] smbd/process.c:1489(process_smb)
  652. Transaction 18 of length 63 (0 toread)
  653. [2011/07/26 12:04:02.549290, 3] smbd/process.c:1298(switch_message)
  654. switch message SMBreadX (pid 24641) conn 0xb7d0deb0
  655. [2011/07/26 12:04:02.549316, 3] smbd/pipes.c:462(pipe_read_andx_done)
  656. readX-IPC min=1024 max=1024 nread=92
  657. [2011/07/26 12:04:02.550520, 3] smbd/process.c:1489(process_smb)
  658. Transaction 19 of length 268 (0 toread)
  659. [2011/07/26 12:04:02.550546, 3] smbd/process.c:1298(switch_message)
  660. switch message SMBwriteX (pid 24641) conn 0xb7d0deb0
  661. [2011/07/26 12:04:02.550613, 3] rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
  662. free_pipe_context: destroying talloc pool of size 74
  663. [2011/07/26 12:04:02.550634, 3] rpc_server/srv_pipe.c:2415(api_rpcTNP)
  664. api_rpcTNP: rpc command: NETR_LOGONGETCAPABILITIES
  665. [2011/07/26 12:04:02.550675, 3] rpc_server/srv_pipe_hnd.c:344(free_pipe_context)
  666. free_pipe_context: destroying talloc pool of size 0
  667. [2011/07/26 12:04:02.550700, 3] smbd/pipes.c:352(pipe_write_andx_done)
  668. writeX-IPC nwritten=200
  669. [2011/07/26 12:04:02.551755, 3] smbd/process.c:1489(process_smb)
  670. Transaction 20 of length 63 (0 toread)
  671. [2011/07/26 12:04:02.551779, 3] smbd/process.c:1298(switch_message)
  672. switch message SMBreadX (pid 24641) conn 0xb7d0deb0
  673. [2011/07/26 12:04:02.551835, 3] smbd/pipes.c:462(pipe_read_andx_done)
  674. readX-IPC min=1024 max=1024 nread=88
  675. [2011/07/26 12:04:02.556723, 3] smbd/process.c:1489(process_smb)
  676. Transaction 21 of length 142 (0 toread)
  677. [2011/07/26 12:04:02.556749, 3] smbd/process.c:1298(switch_message)
  678. switch message SMBsesssetupX (pid 24641) conn 0x0
  679. [2011/07/26 12:04:02.556766, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  680. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
  681. [2011/07/26 12:04:02.556789, 3] smbd/sesssetup.c:1436(reply_sesssetup_and_X)
  682. wct=12 flg2=0xc807
  683. [2011/07/26 12:04:02.556806, 3] smbd/sesssetup.c:1190(reply_sesssetup_and_X_spnego)
  684. Doing spnego session setup
  685. [2011/07/26 12:04:02.556823, 3] smbd/sesssetup.c:1232(reply_sesssetup_and_X_spnego)
  686. NativeOS=[] NativeLanMan=[] PrimaryDomain=[]
  687. [2011/07/26 12:04:02.556865, 3] smbd/sesssetup.c:806(reply_spnego_negotiate)
  688. reply_spnego_negotiate: Got secblob of size 40
  689. [2011/07/26 12:04:02.556887, 5] auth/auth.c:481(make_auth_context_subsystem)
  690. Making default auth method list for DC, security=user, encrypt passwords = yes
  691. [2011/07/26 12:04:02.556909, 5] auth/auth.c:383(load_auth_module)
  692. load_auth_module: Attempting to find an auth method to match guest
  693. [2011/07/26 12:04:02.556926, 5] auth/auth.c:408(load_auth_module)
  694. load_auth_module: auth method guest has a valid init
  695. [2011/07/26 12:04:02.556942, 5] auth/auth.c:383(load_auth_module)
  696. load_auth_module: Attempting to find an auth method to match sam
  697. [2011/07/26 12:04:02.556959, 5] auth/auth.c:408(load_auth_module)
  698. load_auth_module: auth method sam has a valid init
  699. [2011/07/26 12:04:02.556975, 5] auth/auth.c:383(load_auth_module)
  700. load_auth_module: Attempting to find an auth method to match winbind:trustdomain
  701. [2011/07/26 12:04:02.556991, 5] auth/auth.c:383(load_auth_module)
  702. load_auth_module: Attempting to find an auth method to match trustdomain
  703. [2011/07/26 12:04:02.557007, 5] auth/auth.c:408(load_auth_module)
  704. load_auth_module: auth method trustdomain has a valid init
  705. [2011/07/26 12:04:02.557022, 5] auth/auth.c:408(load_auth_module)
  706. load_auth_module: auth method winbind has a valid init
  707. [2011/07/26 12:04:02.557042, 3] libsmb/ntlmssp.c:65(debug_ntlmssp_flags)
  708. Got NTLMSSP neg_flags=0xe2088297
  709. [2011/07/26 12:04:02.557058, 5] auth/auth.c:97(get_ntlm_challenge)
  710. auth_get_challenge: module guest did not want to specify a challenge
  711. [2011/07/26 12:04:02.557073, 5] auth/auth.c:97(get_ntlm_challenge)
  712. auth_get_challenge: module sam did not want to specify a challenge
  713. [2011/07/26 12:04:02.557088, 5] auth/auth.c:97(get_ntlm_challenge)
  714. auth_get_challenge: module winbind did not want to specify a challenge
  715. [2011/07/26 12:04:02.557120, 5] auth/auth.c:132(get_ntlm_challenge)
  716. auth_context challenge created by random
  717. [2011/07/26 12:04:02.557135, 5] auth/auth.c:133(get_ntlm_challenge)
  718. challenge is:
  719. [2011/07/26 12:04:02.558640, 3] smbd/process.c:1489(process_smb)
  720. Transaction 22 of length 280 (0 toread)
  721. [2011/07/26 12:04:02.558665, 3] smbd/process.c:1298(switch_message)
  722. switch message SMBsesssetupX (pid 24641) conn 0x0
  723. [2011/07/26 12:04:02.558682, 3] smbd/sec_ctx.c:310(set_sec_ctx)
  724. setting sec ctx (0, 0) - sec_ctx_stack_ndx = 0
  725. [2011/07/26 12:04:02.558703, 3] smbd/sesssetup.c:1436(reply_sesssetup_and_X)
  726. wct=12 flg2=0xc807
  727. [2011/07/26 12:04:02.558720, 3] smbd/sesssetup.c:1190(reply_sesssetup_and_X_spnego)
  728. Doing spnego session setup
  729. [2011/07/26 12:04:02.558748, 3] smbd/sesssetup.c:1232(reply_sesssetup_and_X_spnego)
  730. NativeOS=[] NativeLanMan=[] PrimaryDomain=[]
  731. [2011/07/26 12:04:02.558782, 3] libsmb/ntlmssp.c:747(ntlmssp_server_auth)
  732. Got user=[COSSSLT07$] domain=[SOLAR] workstation=[COSSSLT07] len1=24 len2=24
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!