Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 1: NBT_SERVER_LDAP
- 1: NBT_SERVER_DS
- 1: NBT_SERVER_KDC
- 1: NBT_SERVER_TIMESERV
- 1: NBT_SERVER_CLOSEST
- 1: NBT_SERVER_WRITABLE
- 1: NBT_SERVER_GOOD_TIMESERV
- 0: NBT_SERVER_NDNC
- 0: NBT_SERVER_SELECT_SECRET_DOMAIN_6
- 1: NBT_SERVER_FULL_SECRET_DOMAIN_6
- 1: NBT_SERVER_ADS_WEB_SERVICE
- 0: NBT_SERVER_HAS_DNS_NAME
- 0: NBT_SERVER_IS_DEFAULT_NC
- 0: NBT_SERVER_FOREST_ROOT
- domain_uuid : 1438b128-8674-4c78-ae4f-c96610fdcab1
- forest : 'ednt.de'
- dns_domain : 'ednt.de'
- pdc_dns_name : 'SRV-DC01.ednt.de'
- domain_name : 'EDNT'
- pdc_name : 'SRV-DC01'
- user_name : ''
- server_site : 'Default-First-Site-Name'
- client_site : 'Default-First-Site-Name'
- sockaddr_size : 0x00 (0)
- sockaddr: struct nbt_sockaddr
- sockaddr_family : 0x00000000 (0)
- pdc_ip : (null)
- remaining : DATA_BLOB length=0
- next_closest_site : NULL
- nt_version : 0x00000005 (5)
- 1: NETLOGON_NT_VERSION_1
- 0: NETLOGON_NT_VERSION_5
- 1: NETLOGON_NT_VERSION_5EX
- 0: NETLOGON_NT_VERSION_5EX_WITH_IP
- 0: NETLOGON_NT_VERSION_WITH_CLOSEST_SITE
- 0: NETLOGON_NT_VERSION_AVOID_NT4EMUL
- 0: NETLOGON_NT_VERSION_PDC
- 0: NETLOGON_NT_VERSION_IP
- 0: NETLOGON_NT_VERSION_LOCAL
- 0: NETLOGON_NT_VERSION_GC
- lmnt_token : 0xffff (65535)
- lm20_token : 0xffff (65535)
- [2017/04/25 22:48:39.137535, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sitename_cache.c:70(sitename_store)
- sitename_store: realm = [EDNT], sitename = [Default-First-Site-Name], expire = [2147483647]
- [2017/04/25 22:48:39.137562, 10, pid=3802, effective(0, 0), real(0, 0), class=tdb] ../source3/lib/gencache.c:292(gencache_set_data_blob)
- Did not store value for AD_SITENAME/DOMAIN/EDNT, we already got it
- [2017/04/25 22:48:39.137579, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sitename_cache.c:70(sitename_store)
- sitename_store: realm = [ednt.de], sitename = [Default-First-Site-Name], expire = [2147483647]
- [2017/04/25 22:48:39.137603, 10, pid=3802, effective(0, 0), real(0, 0), class=tdb] ../source3/lib/gencache.c:292(gencache_set_data_blob)
- Did not store value for AD_SITENAME/DOMAIN/EDNT.DE, we already got it
- [2017/04/25 22:48:39.137622, 3, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/ldap.c:541(ads_connect)
- Successfully contacted LDAP server 192.168.18.130
- [2017/04/25 22:48:39.137653, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/ldap.c:72(ldap_open_with_timeout)
- Opening connection to LDAP server '192.168.18.130:389', timeout 15 seconds
- [2017/04/25 22:48:39.137970, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/ldap.c:107(ldap_open_with_timeout)
- Initialized connection for LDAP server 'ldap://192.168.18.130:389'
- [2017/04/25 22:48:39.137994, 3, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/ldap.c:584(ads_connect)
- Connected to LDAP server SRV-DC01.ednt.de
- [2017/04/25 22:48:39.138010, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/ldap.c:211(ads_closest_dc)
- ads_closest_dc: NBT_SERVER_CLOSEST flag set
- [2017/04/25 22:48:39.138039, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:87(saf_store)
- saf_store: domain = [EDNT], server = [SRV-DC01.ednt.de], expire = [1493154219]
- [2017/04/25 22:48:39.138066, 10, pid=3802, effective(0, 0), real(0, 0), class=tdb] ../source3/lib/gencache.c:292(gencache_set_data_blob)
- Did not store value for SAF/DOMAIN/EDNT, we already got it
- [2017/04/25 22:48:39.138088, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:87(saf_store)
- saf_store: domain = [ednt.de], server = [SRV-DC01.ednt.de], expire = [1493154219]
- [2017/04/25 22:48:39.138111, 10, pid=3802, effective(0, 0), real(0, 0), class=tdb] ../source3/lib/gencache.c:292(gencache_set_data_blob)
- Did not store value for SAF/DOMAIN/EDNT.DE, we already got it
- [2017/04/25 22:48:39.139516, 4, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/ldap.c:2870(ads_current_time)
- KDC time offset is -1 seconds
- [2017/04/25 22:48:39.140214, 4, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sasl.c:1082(ads_sasl_bind)
- Found SASL mechanism GSS-SPNEGO
- [2017/04/25 22:48:39.142032, 3, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sasl.c:732(ads_sasl_spnego_bind)
- ads_sasl_spnego_bind: got OID=1.3.6.1.4.1.311.2.2.30
- [2017/04/25 22:48:39.142083, 3, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sasl.c:732(ads_sasl_spnego_bind)
- ads_sasl_spnego_bind: got OID=1.2.840.48018.1.2.2
- [2017/04/25 22:48:39.142101, 3, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sasl.c:732(ads_sasl_spnego_bind)
- ads_sasl_spnego_bind: got OID=1.2.840.113554.1.2.2
- [2017/04/25 22:48:39.142117, 3, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sasl.c:732(ads_sasl_spnego_bind)
- ads_sasl_spnego_bind: got OID=1.2.840.113554.1.2.2.3
- [2017/04/25 22:48:39.142134, 3, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sasl.c:732(ads_sasl_spnego_bind)
- ads_sasl_spnego_bind: got OID=1.3.6.1.4.1.311.2.2.10
- [2017/04/25 22:48:39.142455, 5, pid=3802, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:672(gensec_start_mech)
- Starting GENSEC mechanism spnego
- [2017/04/25 22:48:39.142514, 5, pid=3802, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:672(gensec_start_mech)
- Starting GENSEC submechanism gse_krb5
- [2017/04/25 22:48:39.155386, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/librpc/crypto/gse.c:264(gse_init_client)
- gss_acquire_creds failed for GSS_C_NO_NAME with [ No credentials were supplied, or the credentials were unavailable or inaccessible.: unknown mech-code 0 for mech 1 2 840 113554 1 2 2] -the caller may retry after a kinit.
- [2017/04/25 22:48:39.155551, 4, pid=3802, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:679(gensec_start_mech)
- Failed to start GENSEC client mech gse_krb5: NT_STATUS_INTERNAL_ERROR
- [2017/04/25 22:48:39.155581, 10, pid=3802, effective(0, 0), real(0, 0)] ../auth/gensec/spnego.c:672(gensec_spnego_create_negTokenInit)
- Failed to setup SPNEGO negTokenInit request: NT_STATUS_INTERNAL_ERROR
- [2017/04/25 22:48:39.155623, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sasl.c:761(ads_sasl_spnego_bind)
- ads_sasl_spnego_gensec_bind(KRB5) failed with: An internal error occurred., calling kinit
- [2017/04/25 22:48:39.155731, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/kerberos.c:219(kerberos_kinit_password_ext)
- kerberos_kinit_password: as FS2$@EDNT.DE using [MEMORY:winbind_ccache] as ccache and config [/var/run/samba/smb_krb5/krb5.conf.EDNT]
- [2017/04/25 22:48:39.196076, 5, pid=3802, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:672(gensec_start_mech)
- Starting GENSEC mechanism spnego
- [2017/04/25 22:48:39.196169, 5, pid=3802, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:672(gensec_start_mech)
- Starting GENSEC submechanism gse_krb5
- [2017/04/25 22:48:39.215800, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/ldap_utils.c:81(ads_do_search_retry_internal)
- Search for (objectclass=*) in <> gave 1 replies
- [2017/04/25 22:48:39.215932, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:499(wcache_store_seqnum)
- wcache_store_seqnum: success [EDNT][6043364 @ 1493153319]
- [2017/04/25 22:48:39.215953, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:586(refresh_sequence_number)
- refresh_sequence_number: EDNT seq number is now 6043364
- [2017/04/25 22:48:39.215985, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:1873(name_to_sid)
- name_to_sid: [Cached] - doing backend query for name for domain EDNT
- [2017/04/25 22:48:39.216009, 3, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_msrpc.c:252(msrpc_name_to_sid)
- msrpc_name_to_sid: name=EDNT\KK
- [2017/04/25 22:48:39.216027, 3, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_msrpc.c:266(msrpc_name_to_sid)
- name_to_sid [rpc] EDNT\KK for domain EDNT
- [2017/04/25 22:48:39.216047, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cm.c:2666(cm_connect_lsa_tcp)
- cm_connect_lsa_tcp
- [2017/04/25 22:48:39.216104, 3, pid=3802, effective(0, 0), real(0, 0)] ../source3/lib/util_sock.c:636(open_socket_out_send)
- Connecting to 192.168.18.130 at port 135
- [2017/04/25 22:48:39.216562, 5, pid=3802, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:1055(print_socket_options)
- Socket options:
- SO_KEEPALIVE = 0
- SO_REUSEADDR = 0
- SO_BROADCAST = 0
- TCP_NODELAY = 1
- TCP_KEEPCNT = 9
- TCP_KEEPIDLE = 7200
- TCP_KEEPINTVL = 75
- IPTOS_LOWDELAY = 0
- IPTOS_THROUGHPUT = 0
- SO_REUSEPORT = 0
- SO_SNDBUF = 20120
- SO_RCVBUF = 87380
- SO_SNDLOWAT = 1
- SO_RCVLOWAT = 1
- Could not test socket option SO_SNDTIMEO.
- Could not test socket option SO_RCVTIMEO.
- TCP_QUICKACK = 1
- TCP_DEFER_ACCEPT = 0
- [2017/04/25 22:48:39.216869, 5, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:1872(rpc_pipe_bind_send)
- Bind RPC Pipe: host SRV-DC01.ednt.de auth_type 0, auth_level 1
- [2017/04/25 22:48:39.216904, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
- &r: struct ncacn_packet
- rpc_vers : 0x05 (5)
- rpc_vers_minor : 0x00 (0)
- ptype : DCERPC_PKT_BIND (11)
- pfc_flags : 0x03 (3)
- 1: DCERPC_PFC_FLAG_FIRST
- 1: DCERPC_PFC_FLAG_LAST
- 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
- 0: DCERPC_PFC_FLAG_CONC_MPX
- 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
- 0: DCERPC_PFC_FLAG_MAYBE
- 0: DCERPC_PFC_FLAG_OBJECT_UUID
- drep: ARRAY(4)
- [0] : 0x10 (16)
- [1] : 0x00 (0)
- [2] : 0x00 (0)
- [3] : 0x00 (0)
- frag_length : 0x0048 (72)
- auth_length : 0x0000 (0)
- call_id : 0x0000000d (13)
- u : union dcerpc_payload(case 11)
- bind: struct dcerpc_bind
- max_xmit_frag : 0x10b8 (4280)
- max_recv_frag : 0x10b8 (4280)
- assoc_group_id : 0x00000000 (0)
- num_contexts : 0x01 (1)
- ctx_list: ARRAY(1)
- ctx_list: struct dcerpc_ctx_list
- context_id : 0x0000 (0)
- num_transfer_syntaxes : 0x01 (1)
- abstract_syntax: struct ndr_syntax_id
- uuid : e1af8308-5d1f-11c9-91a4-08002b14a0fa
- if_version : 0x00000003 (3)
- transfer_syntaxes: ARRAY(1)
- transfer_syntaxes: struct ndr_syntax_id
- uuid : 8a885d04-1ceb-11c9-9fe8-08002b104860
- if_version : 0x00000002 (2)
- auth_info : DATA_BLOB length=0
- [2017/04/25 22:48:39.217215, 5, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:826(rpc_api_pipe_send)
- rpc_api_pipe: host SRV-DC01.ednt.de
- [2017/04/25 22:48:39.217234, 5, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:178(rpc_write_send)
- rpc_write_send: data_to_write: 72
- [2017/04/25 22:48:39.217763, 5, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:98(rpc_read_send)
- rpc_read_send: data_to_read: 44
- [2017/04/25 22:48:39.217815, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
- r: struct ncacn_packet
- rpc_vers : 0x05 (5)
- rpc_vers_minor : 0x00 (0)
- ptype : DCERPC_PKT_BIND_ACK (12)
- pfc_flags : 0x03 (3)
- 1: DCERPC_PFC_FLAG_FIRST
- 1: DCERPC_PFC_FLAG_LAST
- 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
- 0: DCERPC_PFC_FLAG_CONC_MPX
- 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
- 0: DCERPC_PFC_FLAG_MAYBE
- 0: DCERPC_PFC_FLAG_OBJECT_UUID
- drep: ARRAY(4)
- [0] : 0x10 (16)
- [1] : 0x00 (0)
- [2] : 0x00 (0)
- [3] : 0x00 (0)
- frag_length : 0x003c (60)
- auth_length : 0x0000 (0)
- call_id : 0x0000000d (13)
- u : union dcerpc_payload(case 12)
- bind_ack: struct dcerpc_bind_ack
- max_xmit_frag : 0x10b8 (4280)
- max_recv_frag : 0x10b8 (4280)
- assoc_group_id : 0x0000d1a1 (53665)
- secondary_address_size : 0x0004 (4)
- secondary_address : '135'
- _pad1 : DATA_BLOB length=2
- [0000] 00 00 ..
- num_results : 0x01 (1)
- ctx_list: ARRAY(1)
- ctx_list: struct dcerpc_ack_ctx
- result : DCERPC_BIND_ACK_RESULT_ACCEPTANCE (0)
- reason : union dcerpc_bind_ack_reason(case 0)
- value : DCERPC_BIND_ACK_REASON_NOT_SPECIFIED (0)
- syntax: struct ndr_syntax_id
- uuid : 8a885d04-1ceb-11c9-9fe8-08002b104860
- if_version : 0x00000002 (2)
- auth_info : DATA_BLOB length=0
- [2017/04/25 22:48:39.218101, 10, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:975(rpc_api_pipe_got_pdu)
- rpc_api_pipe: got frag len of 60 at offset 0: NT_STATUS_OK
- [2017/04/25 22:48:39.218120, 10, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:1075(rpc_api_pipe_got_pdu)
- rpc_api_pipe: host SRV-DC01.ednt.de returned 60 bytes.
- [2017/04/25 22:48:39.218140, 5, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:1745(check_bind_response)
- check_bind_response: accepted!
- [2017/04/25 22:48:39.218216, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
- epm_Map: struct epm_Map
- in: struct epm_Map
- object : *
- object : 12345778-1234-abcd-ef00-0123456789ab
- map_tower : *
- map_tower: struct epm_twr_t
- tower_length : 0x0000004b (75)
- tower: struct epm_tower
- num_floors : 0x0005 (5)
- floors: ARRAY(5)
- floors: struct epm_floor
- lhs: struct epm_lhs
- protocol : EPM_PROTOCOL_UUID (13)
- lhs_data : DATA_BLOB length=18
- [0000] 78 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 AB xW4.4... ...#Eg..
- [0010] 00 00 ..
- rhs : union epm_rhs(case 13)
- uuid: struct epm_rhs_uuid
- unknown : DATA_BLOB length=2
- [0000] 00 00 ..
- floors: struct epm_floor
- lhs: struct epm_lhs
- protocol : EPM_PROTOCOL_UUID (13)
- lhs_data : DATA_BLOB length=18
- [0000] 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]...... ....+.H`
- [0010] 02 00 ..
- rhs : union epm_rhs(case 13)
- uuid: struct epm_rhs_uuid
- unknown : DATA_BLOB length=2
- [0000] 00 00 ..
- floors: struct epm_floor
- lhs: struct epm_lhs
- protocol : EPM_PROTOCOL_NCACN (11)
- lhs_data : DATA_BLOB length=0
- rhs : union epm_rhs(case 11)
- ncacn: struct epm_rhs_ncacn
- minor_version : 0x0000 (0)
- floors: struct epm_floor
- lhs: struct epm_lhs
- protocol : EPM_PROTOCOL_TCP (7)
- lhs_data : DATA_BLOB length=0
- rhs : union epm_rhs(case 7)
- tcp: struct epm_rhs_tcp
- port : 0x0087 (135)
- floors: struct epm_floor
- lhs: struct epm_lhs
- protocol : EPM_PROTOCOL_IP (9)
- lhs_data : DATA_BLOB length=0
- rhs : union epm_rhs(case 9)
- ip: struct epm_rhs_ip
- ipaddr : 0.0.0.0
- entry_handle : *
- entry_handle: struct policy_handle
- handle_type : 0x00000000 (0)
- uuid : 00000000-0000-0000-0000-000000000000
- max_towers : 0x00000001 (1)
- [2017/04/25 22:48:39.218836, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
- &r: struct ncacn_packet
- rpc_vers : 0x05 (5)
- rpc_vers_minor : 0x00 (0)
- ptype : DCERPC_PKT_REQUEST (0)
- pfc_flags : 0x03 (3)
- 1: DCERPC_PFC_FLAG_FIRST
- 1: DCERPC_PFC_FLAG_LAST
- 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
- 0: DCERPC_PFC_FLAG_CONC_MPX
- 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
- 0: DCERPC_PFC_FLAG_MAYBE
- 0: DCERPC_PFC_FLAG_OBJECT_UUID
- drep: ARRAY(4)
- [0] : 0x10 (16)
- [1] : 0x00 (0)
- [2] : 0x00 (0)
- [3] : 0x00 (0)
- frag_length : 0x0018 (24)
- auth_length : 0x0000 (0)
- call_id : 0x0000000e (14)
- u : union dcerpc_payload(case 0)
- request: struct dcerpc_request
- alloc_hint : 0x00000084 (132)
- context_id : 0x0000 (0)
- opnum : 0x0003 (3)
- object : union dcerpc_object(case 0)
- empty: struct dcerpc_empty
- _pad : DATA_BLOB length=0
- stub_and_verifier : DATA_BLOB length=0
- [2017/04/25 22:48:39.219045, 5, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:826(rpc_api_pipe_send)
- rpc_api_pipe: host SRV-DC01.ednt.de
- [2017/04/25 22:48:39.219064, 5, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:178(rpc_write_send)
- rpc_write_send: data_to_write: 156
- [2017/04/25 22:48:39.220087, 5, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:98(rpc_read_send)
- rpc_read_send: data_to_read: 136
- [2017/04/25 22:48:39.220128, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
- r: struct ncacn_packet
- rpc_vers : 0x05 (5)
- rpc_vers_minor : 0x00 (0)
- ptype : DCERPC_PKT_RESPONSE (2)
- pfc_flags : 0x03 (3)
- 1: DCERPC_PFC_FLAG_FIRST
- 1: DCERPC_PFC_FLAG_LAST
- 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
- 0: DCERPC_PFC_FLAG_CONC_MPX
- 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
- 0: DCERPC_PFC_FLAG_MAYBE
- 0: DCERPC_PFC_FLAG_OBJECT_UUID
- drep: ARRAY(4)
- [0] : 0x10 (16)
- [1] : 0x00 (0)
- [2] : 0x00 (0)
- [3] : 0x00 (0)
- frag_length : 0x0098 (152)
- auth_length : 0x0000 (0)
- call_id : 0x0000000e (14)
- u : union dcerpc_payload(case 2)
- response: struct dcerpc_response
- alloc_hint : 0x00000080 (128)
- context_id : 0x0000 (0)
- cancel_count : 0x00 (0)
- _pad : DATA_BLOB length=1
- [0000] 00 .
- stub_and_verifier : DATA_BLOB length=128
- [0000] 00 00 00 00 A8 98 15 C8 F1 EA 59 45 B1 2D 65 F5 ........ ..YE.-e.
- [0010] 9F BF A8 4A 01 00 00 00 01 00 00 00 00 00 00 00 ...J.... ........
- [0020] 01 00 00 00 03 00 00 00 4B 00 00 00 4B 00 00 00 ........ K...K...
- [0030] 05 00 13 00 0D 78 57 34 12 34 12 CD AB EF 00 01 .....xW4 .4......
- [0040] 23 45 67 89 AB 00 00 02 00 00 00 13 00 0D 04 5D #Eg..... .......]
- [0050] 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 02 00 ........ ..+.H`..
- [0060] 02 00 00 00 01 00 0B 02 00 00 00 01 00 07 02 00 ........ ........
- [0070] C0 06 01 00 09 04 00 C0 A8 12 82 00 00 00 00 00 ........ ........
- [2017/04/25 22:48:39.220580, 10, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:525(cli_pipe_validate_current_pdu)
- Got pdu len 152, data_len 128
- [2017/04/25 22:48:39.220598, 10, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:975(rpc_api_pipe_got_pdu)
- rpc_api_pipe: got frag len of 152 at offset 0: NT_STATUS_OK
- [2017/04/25 22:48:39.220614, 10, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:1075(rpc_api_pipe_got_pdu)
- rpc_api_pipe: host SRV-DC01.ednt.de returned 128 bytes.
- [2017/04/25 22:48:39.220681, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
- epm_Map: struct epm_Map
- out: struct epm_Map
- entry_handle : *
- entry_handle: struct policy_handle
- handle_type : 0x00000000 (0)
- uuid : c81598a8-eaf1-4559-b12d-65f59fbfa84a
- num_towers : *
- num_towers : 0x00000001 (1)
- towers: ARRAY(1)
- towers: struct epm_twr_p_t
- twr : *
- twr: struct epm_twr_t
- tower_length : 0x0000004b (75)
- tower: struct epm_tower
- num_floors : 0x0005 (5)
- floors: ARRAY(5)
- floors: struct epm_floor
- lhs: struct epm_lhs
- protocol : EPM_PROTOCOL_UUID (13)
- lhs_data : DATA_BLOB length=18
- [0000] 78 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 AB xW4.4... ...#Eg..
- [0010] 00 00 ..
- rhs : union epm_rhs(case 13)
- uuid: struct epm_rhs_uuid
- unknown : DATA_BLOB length=2
- [0000] 00 00 ..
- floors: struct epm_floor
- lhs: struct epm_lhs
- protocol : EPM_PROTOCOL_UUID (13)
- lhs_data : DATA_BLOB length=18
- [0000] 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]...... ....+.H`
- [0010] 02 00 ..
- rhs : union epm_rhs(case 13)
- uuid: struct epm_rhs_uuid
- unknown : DATA_BLOB length=2
- [0000] 00 00 ..
- floors: struct epm_floor
- lhs: struct epm_lhs
- protocol : EPM_PROTOCOL_NCACN (11)
- lhs_data : DATA_BLOB length=0
- rhs : union epm_rhs(case 11)
- ncacn: struct epm_rhs_ncacn
- minor_version : 0x0000 (0)
- floors: struct epm_floor
- lhs: struct epm_lhs
- protocol : EPM_PROTOCOL_TCP (7)
- lhs_data : DATA_BLOB length=0
- rhs : union epm_rhs(case 7)
- tcp: struct epm_rhs_tcp
- port : 0xc006 (49158)
- floors: struct epm_floor
- lhs: struct epm_lhs
- protocol : EPM_PROTOCOL_IP (9)
- lhs_data : DATA_BLOB length=0
- rhs : union epm_rhs(case 9)
- ip: struct epm_rhs_ip
- ipaddr : 192.168.18.130
- result : 0x00000000 (0)
- [2017/04/25 22:48:39.221324, 3, pid=3802, effective(0, 0), real(0, 0)] ../source3/lib/util_sock.c:636(open_socket_out_send)
- Connecting to 192.168.18.130 at port 49158
- [2017/04/25 22:48:39.221764, 5, pid=3802, effective(0, 0), real(0, 0)] ../lib/util/util_net.c:1055(print_socket_options)
- Socket options:
- SO_KEEPALIVE = 0
- SO_REUSEADDR = 0
- SO_BROADCAST = 0
- TCP_NODELAY = 1
- TCP_KEEPCNT = 9
- TCP_KEEPIDLE = 7200
- TCP_KEEPINTVL = 75
- IPTOS_LOWDELAY = 0
- IPTOS_THROUGHPUT = 0
- SO_REUSEPORT = 0
- SO_SNDBUF = 20120
- SO_RCVBUF = 87380
- SO_SNDLOWAT = 1
- SO_RCVLOWAT = 1
- Could not test socket option SO_SNDTIMEO.
- Could not test socket option SO_RCVTIMEO.
- TCP_QUICKACK = 1
- TCP_DEFER_ACCEPT = 0
- [2017/04/25 22:48:39.221886, 5, pid=3802, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
- check lock order 2 for /var/run/samba/g_lock.tdb
- [2017/04/25 22:48:39.221905, 10, pid=3802, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
- lock order: 1:<none> 2:/var/run/samba/g_lock.tdb 3:<none>
- [2017/04/25 22:48:39.221928, 10, pid=3802, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:60(db_tdb_log_key)
- Locking key 434C495B4653322F4653
- [2017/04/25 22:48:39.221955, 10, pid=3802, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:144(db_tdb_fetch_locked_internal)
- Allocated locked data 0x0xb9654010
- [2017/04/25 22:48:39.221997, 10, pid=3802, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:60(db_tdb_log_key)
- Unlocking key 434C495B4653322F4653
- [2017/04/25 22:48:39.222017, 5, pid=3802, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
- release lock order 2 for /var/run/samba/g_lock.tdb
- [2017/04/25 22:48:39.222033, 10, pid=3802, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
- lock order: 1:<none> 2:<none> 3:<none>
- [2017/04/25 22:48:39.222248, 5, pid=3802, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:672(gensec_start_mech)
- Starting GENSEC mechanism schannel
- [2017/04/25 22:48:39.222273, 5, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:1872(rpc_pipe_bind_send)
- Bind RPC Pipe: host SRV-DC01.ednt.de auth_type 68, auth_level 6
- [2017/04/25 22:48:39.222292, 5, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:1139(create_generic_auth_rpc_bind_req)
- create_generic_auth_rpc_bind_req: generate first token
- [2017/04/25 22:48:39.222334, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
- &r: struct dcerpc_auth
- auth_type : DCERPC_AUTH_TYPE_SCHANNEL (68)
- auth_level : DCERPC_AUTH_LEVEL_PRIVACY (6)
- auth_pad_length : 0x00 (0)
- auth_reserved : 0x00 (0)
- auth_context_id : 0x00000001 (1)
- credentials : DATA_BLOB length=17
- [0000] 00 00 00 00 03 00 00 00 45 44 4E 54 00 46 53 32 ........ EDNT.FS2
- [0010] 00 .
- [2017/04/25 22:48:39.222442, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
- &r: struct ncacn_packet
- rpc_vers : 0x05 (5)
- rpc_vers_minor : 0x00 (0)
- ptype : DCERPC_PKT_BIND (11)
- pfc_flags : 0x07 (7)
- 1: DCERPC_PFC_FLAG_FIRST
- 1: DCERPC_PFC_FLAG_LAST
- 1: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
- 0: DCERPC_PFC_FLAG_CONC_MPX
- 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
- 0: DCERPC_PFC_FLAG_MAYBE
- 0: DCERPC_PFC_FLAG_OBJECT_UUID
- drep: ARRAY(4)
- [0] : 0x10 (16)
- [1] : 0x00 (0)
- [2] : 0x00 (0)
- [3] : 0x00 (0)
- frag_length : 0x0061 (97)
- auth_length : 0x0011 (17)
- call_id : 0x0000000f (15)
- u : union dcerpc_payload(case 11)
- bind: struct dcerpc_bind
- max_xmit_frag : 0x10b8 (4280)
- max_recv_frag : 0x10b8 (4280)
- assoc_group_id : 0x00000000 (0)
- num_contexts : 0x01 (1)
- ctx_list: ARRAY(1)
- ctx_list: struct dcerpc_ctx_list
- context_id : 0x0000 (0)
- num_transfer_syntaxes : 0x01 (1)
- abstract_syntax: struct ndr_syntax_id
- uuid : 12345778-1234-abcd-ef00-0123456789ab
- if_version : 0x00000000 (0)
- transfer_syntaxes: ARRAY(1)
- transfer_syntaxes: struct ndr_syntax_id
- uuid : 8a885d04-1ceb-11c9-9fe8-08002b104860
- if_version : 0x00000002 (2)
- auth_info : DATA_BLOB length=25
- [0000] 44 06 00 00 01 00 00 00 00 00 00 00 03 00 00 00 D....... ........
- [0010] 45 44 4E 54 00 46 53 32 00 EDNT.FS2 .
- [2017/04/25 22:48:39.222787, 5, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:826(rpc_api_pipe_send)
- rpc_api_pipe: host SRV-DC01.ednt.de
- [2017/04/25 22:48:39.222805, 5, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:178(rpc_write_send)
- rpc_write_send: data_to_write: 97
- [2017/04/25 22:48:39.223362, 5, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:98(rpc_read_send)
- rpc_read_send: data_to_read: 64
- [2017/04/25 22:48:39.223403, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
- r: struct ncacn_packet
- rpc_vers : 0x05 (5)
- rpc_vers_minor : 0x00 (0)
- ptype : DCERPC_PKT_BIND_ACK (12)
- pfc_flags : 0x07 (7)
- 1: DCERPC_PFC_FLAG_FIRST
- 1: DCERPC_PFC_FLAG_LAST
- 1: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
- 0: DCERPC_PFC_FLAG_CONC_MPX
- 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
- 0: DCERPC_PFC_FLAG_MAYBE
- 0: DCERPC_PFC_FLAG_OBJECT_UUID
- drep: ARRAY(4)
- [0] : 0x10 (16)
- [1] : 0x00 (0)
- [2] : 0x00 (0)
- [3] : 0x00 (0)
- frag_length : 0x0050 (80)
- auth_length : 0x000c (12)
- call_id : 0x0000000f (15)
- u : union dcerpc_payload(case 12)
- bind_ack: struct dcerpc_bind_ack
- max_xmit_frag : 0x10b8 (4280)
- max_recv_frag : 0x10b8 (4280)
- assoc_group_id : 0x000092e5 (37605)
- secondary_address_size : 0x0006 (6)
- secondary_address : '49158'
- _pad1 : DATA_BLOB length=0
- num_results : 0x01 (1)
- ctx_list: ARRAY(1)
- ctx_list: struct dcerpc_ack_ctx
- result : DCERPC_BIND_ACK_RESULT_ACCEPTANCE (0)
- reason : union dcerpc_bind_ack_reason(case 0)
- value : DCERPC_BIND_ACK_REASON_NOT_SPECIFIED (0)
- syntax: struct ndr_syntax_id
- uuid : 8a885d04-1ceb-11c9-9fe8-08002b104860
- if_version : 0x00000002 (2)
- auth_info : DATA_BLOB length=20
- [0000] 44 06 00 00 01 00 00 00 01 00 00 00 00 00 00 00 D....... ........
- [0010] 00 00 00 00 ....
- [2017/04/25 22:48:39.223738, 10, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:975(rpc_api_pipe_got_pdu)
- rpc_api_pipe: got frag len of 80 at offset 0: NT_STATUS_OK
- [2017/04/25 22:48:39.223756, 10, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:1075(rpc_api_pipe_got_pdu)
- rpc_api_pipe: host SRV-DC01.ednt.de returned 80 bytes.
- [2017/04/25 22:48:39.223775, 5, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:1745(check_bind_response)
- check_bind_response: accepted!
- [2017/04/25 22:48:39.223808, 5, pid=3802, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:178(dbwrap_check_lock_order)
- check lock order 2 for /var/run/samba/g_lock.tdb
- [2017/04/25 22:48:39.223826, 10, pid=3802, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
- lock order: 1:<none> 2:/var/run/samba/g_lock.tdb 3:<none>
- [2017/04/25 22:48:39.223846, 10, pid=3802, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:60(db_tdb_log_key)
- Locking key 434C495B4653322F4653
- [2017/04/25 22:48:39.223867, 10, pid=3802, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:144(db_tdb_fetch_locked_internal)
- Allocated locked data 0x0xb964fa30
- [2017/04/25 22:48:39.223905, 10, pid=3802, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap_tdb.c:60(db_tdb_log_key)
- Unlocking key 434C495B4653322F4653
- [2017/04/25 22:48:39.223925, 5, pid=3802, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:146(dbwrap_lock_order_state_destructor)
- release lock order 2 for /var/run/samba/g_lock.tdb
- [2017/04/25 22:48:39.223941, 10, pid=3802, effective(0, 0), real(0, 0)] ../lib/dbwrap/dbwrap.c:133(debug_lock_order)
- lock order: 1:<none> 2:<none> 3:<none>
- [2017/04/25 22:48:39.223960, 10, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:3234(cli_rpc_pipe_open_schannel_with_key)
- cli_rpc_pipe_open_schannel_with_key: opened pipe lsarpc to machine SRV-DC01.ednt.de for domain EDNT and bound using schannel.
- [2017/04/25 22:48:39.223995, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
- lsa_LookupNames4: struct lsa_LookupNames4
- in: struct lsa_LookupNames4
- num_names : 0x00000001 (1)
- names: ARRAY(1)
- names: struct lsa_String
- length : 0x000e (14)
- size : 0x000e (14)
- string : *
- string : 'EDNT\KK'
- sids : *
- sids: struct lsa_TransSidArray3
- count : 0x00000000 (0)
- sids : NULL
- level : LSA_LOOKUP_NAMES_ALL (1)
- count : *
- count : 0x00000000 (0)
- lookup_options : LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES (0)
- client_revision : LSA_CLIENT_REVISION_2 (2)
- [2017/04/25 22:48:39.224199, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
- t: struct dcerpc_sec_verification_trailer
- _pad : DATA_BLOB length=0
- magic : 0000000000000000
- count: struct dcerpc_sec_vt_count
- count : 0x0002 (2)
- commands: ARRAY(2)
- commands: struct dcerpc_sec_vt
- command : 0x0001 (1)
- 0x01: DCERPC_SEC_VT_COMMAND_ENUM (1)
- 0: DCERPC_SEC_VT_COMMAND_END
- 0: DCERPC_SEC_VT_MUST_PROCESS
- u : union dcerpc_sec_vt_union(case 0x1)
- bitmask1 : 0x00000001 (1)
- 1: DCERPC_SEC_VT_CLIENT_SUPPORTS_HEADER_SIGNING
- commands: struct dcerpc_sec_vt
- command : 0x4002 (16386)
- 0x02: DCERPC_SEC_VT_COMMAND_ENUM (2)
- 1: DCERPC_SEC_VT_COMMAND_END
- 0: DCERPC_SEC_VT_MUST_PROCESS
- u : union dcerpc_sec_vt_union(case 0x2)
- pcontext: struct dcerpc_sec_vt_pcontext
- abstract_syntax: struct ndr_syntax_id
- uuid : 12345778-1234-abcd-ef00-0123456789ab
- if_version : 0x00000000 (0)
- transfer_syntax: struct ndr_syntax_id
- uuid : 8a885d04-1ceb-11c9-9fe8-08002b104860
- if_version : 0x00000002 (2)
- [2017/04/25 22:48:39.224419, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
- &r: struct ncacn_packet
- rpc_vers : 0x05 (5)
- rpc_vers_minor : 0x00 (0)
- ptype : DCERPC_PKT_REQUEST (0)
- pfc_flags : 0x03 (3)
- 1: DCERPC_PFC_FLAG_FIRST
- 1: DCERPC_PFC_FLAG_LAST
- 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
- 0: DCERPC_PFC_FLAG_CONC_MPX
- 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
- 0: DCERPC_PFC_FLAG_MAYBE
- 0: DCERPC_PFC_FLAG_OBJECT_UUID
- drep: ARRAY(4)
- [0] : 0x10 (16)
- [1] : 0x00 (0)
- [2] : 0x00 (0)
- [3] : 0x00 (0)
- frag_length : 0x0018 (24)
- auth_length : 0x0038 (56)
- call_id : 0x00000010 (16)
- u : union dcerpc_payload(case 0)
- request: struct dcerpc_request
- alloc_hint : 0x00000080 (128)
- context_id : 0x0000 (0)
- opnum : 0x004d (77)
- object : union dcerpc_object(case 0)
- empty: struct dcerpc_empty
- _pad : DATA_BLOB length=0
- stub_and_verifier : DATA_BLOB length=0
- [2017/04/25 22:48:39.224620, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
- &r: struct dcerpc_auth
- auth_type : DCERPC_AUTH_TYPE_SCHANNEL (68)
- auth_level : DCERPC_AUTH_LEVEL_PRIVACY (6)
- auth_pad_length : 0x00 (0)
- auth_reserved : 0x00 (0)
- auth_context_id : 0x00000001 (1)
- credentials : DATA_BLOB length=0
- [2017/04/25 22:48:39.224736, 5, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:826(rpc_api_pipe_send)
- rpc_api_pipe: host SRV-DC01.ednt.de
- [2017/04/25 22:48:39.224755, 5, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:178(rpc_write_send)
- rpc_write_send: data_to_write: 216
- [2017/04/25 22:48:39.225897, 5, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:98(rpc_read_send)
- rpc_read_send: data_to_read: 232
- [2017/04/25 22:48:39.225945, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
- r: struct ncacn_packet
- rpc_vers : 0x05 (5)
- rpc_vers_minor : 0x00 (0)
- ptype : DCERPC_PKT_RESPONSE (2)
- pfc_flags : 0x03 (3)
- 1: DCERPC_PFC_FLAG_FIRST
- 1: DCERPC_PFC_FLAG_LAST
- 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
- 0: DCERPC_PFC_FLAG_CONC_MPX
- 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
- 0: DCERPC_PFC_FLAG_MAYBE
- 0: DCERPC_PFC_FLAG_OBJECT_UUID
- drep: ARRAY(4)
- [0] : 0x10 (16)
- [1] : 0x00 (0)
- [2] : 0x00 (0)
- [3] : 0x00 (0)
- frag_length : 0x00f8 (248)
- auth_length : 0x0038 (56)
- call_id : 0x00000010 (16)
- u : union dcerpc_payload(case 2)
- response: struct dcerpc_response
- alloc_hint : 0x00000094 (148)
- context_id : 0x0000 (0)
- cancel_count : 0x00 (0)
- _pad : DATA_BLOB length=1
- [0000] 00 .
- stub_and_verifier : DATA_BLOB length=224
- [0000] D7 AD 18 65 27 57 2C 1A FE 65 EB B5 07 F1 67 CE ...e'W,. .e....g.
- [0010] 8F 11 BD 94 70 B3 92 9E 3D 56 BF 35 F4 96 3D D2 ....p... =V.5..=.
- [0020] FD 1D 6C AB F5 AF AF AE 07 5E 5A 4E 09 59 07 9F ..l..... .^ZN.Y..
- [0030] FF 4E A6 2A B1 CA 38 15 3D BD F6 90 CE E9 4A A7 .N.*..8. =.....J.
- [0040] 62 78 A0 81 A0 A0 D3 58 27 6F FE 92 15 8F B3 47 bx.....X 'o.....G
- [0050] 28 52 50 E8 3D 12 F8 CD D1 10 D9 18 78 FA F4 BD (RP.=... ....x...
- [0060] D4 44 34 A0 29 DC A5 5F 84 5F 27 F2 46 53 D9 9F .D4.).._ ._'.FS..
- [0070] A1 DE C9 06 10 90 7C BF 6D 5E E3 D3 E4 D8 C8 36 ......|. m^.....6
- [0080] B5 28 EE E3 94 E9 61 4E 4B BE 84 10 F3 4B 24 C2 .(....aN K....K$.
- [0090] E9 B3 B1 62 C8 68 57 85 FC CE 9A 15 C7 05 96 7D ...b.hW. .......}
- [00A0] 44 06 0C 00 01 00 00 00 13 00 1A 00 FF FF 00 00 D....... ........
- [00B0] 24 9E 92 21 91 34 72 4E A4 95 48 43 2E 86 9B A7 $..!.4rN ..HC....
- [00C0] BE DD 50 A1 07 5B 96 CD E3 A0 B4 94 F8 2D D0 51 ..P..[.. .....-.Q
- [00D0] B9 9D 70 9A 19 5D 84 DF 89 37 E3 7D C3 F3 64 97 ..p..].. .7.}..d.
- [2017/04/25 22:48:39.226588, 10, pid=3802, effective(0, 0), real(0, 0), class=rpc_parse] ../source3/librpc/rpc/dcerpc_helpers.c:473(dcerpc_check_auth)
- Requested Privacy.
- [2017/04/25 22:48:39.226607, 10, pid=3802, effective(0, 0), real(0, 0), class=rpc_parse] ../source3/librpc/rpc/dcerpc_helpers.c:533(dcerpc_check_auth)
- GENSEC auth
- [2017/04/25 22:48:39.226677, 10, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:525(cli_pipe_validate_current_pdu)
- Got pdu len 248, data_len 148
- [2017/04/25 22:48:39.226694, 10, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:975(rpc_api_pipe_got_pdu)
- rpc_api_pipe: got frag len of 248 at offset 0: NT_STATUS_OK
- [2017/04/25 22:48:39.226710, 10, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:1075(rpc_api_pipe_got_pdu)
- rpc_api_pipe: host SRV-DC01.ednt.de returned 148 bytes.
- [2017/04/25 22:48:39.226748, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
- lsa_LookupNames4: struct lsa_LookupNames4
- out: struct lsa_LookupNames4
- domains : *
- domains : *
- domains: struct lsa_RefDomainList
- count : 0x00000001 (1)
- domains : *
- domains: ARRAY(1)
- domains: struct lsa_DomainInfo
- name: struct lsa_StringLarge
- length : 0x0008 (8)
- size : 0x000a (10)
- string : *
- string : 'EDNT'
- sid : *
- sid : S-1-5-21-4001112740-1724199908-163113746
- max_size : 0x00000020 (32)
- sids : *
- sids: struct lsa_TransSidArray3
- count : 0x00000001 (1)
- sids : *
- sids: ARRAY(1)
- sids: struct lsa_TranslatedSid3
- sid_type : SID_NAME_USER (1)
- sid : *
- sid : S-1-5-21-4001112740-1724199908-163113746-1106
- sid_index : 0x00000000 (0)
- flags : 0x00000000 (0)
- count : *
- count : 0x00000001 (1)
- result : NT_STATUS_OK
- [2017/04/25 22:48:39.227019, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:541(refresh_sequence_number)
- refresh_sequence_number: EDNT time ok
- [2017/04/25 22:48:39.227037, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:586(refresh_sequence_number)
- refresh_sequence_number: EDNT seq number is now 6043364
- [2017/04/25 22:48:39.227086, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:965(wcache_save_name_to_sid)
- wcache_save_name_to_sid: EDNT\KK -> S-1-5-21-4001112740-1724199908-163113746-1106 (NT_STATUS_OK)
- [2017/04/25 22:48:39.227123, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:995(wcache_save_sid_to_name)
- wcache_save_sid_to_name: S-1-5-21-4001112740-1724199908-163113746-1106 -> EDNT\kk (NT_STATUS_OK)
- [2017/04/25 22:48:39.227142, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
- wbint_LookupName: struct wbint_LookupName
- out: struct wbint_LookupName
- type : *
- type : SID_NAME_USER (1)
- sid : *
- sid : S-1-5-21-4001112740-1724199908-163113746-1106
- result : NT_STATUS_OK
- [2017/04/25 22:48:39.227218, 4, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_dual.c:1395(child_handler)
- Finished processing child request 59
- [2017/04/25 22:48:39.227235, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_dual.c:102(child_write_response)
- Writing 3532 bytes to parent
- [2017/04/25 22:48:39.227664, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_dual.c:68(child_read_request)
- Need to read 28 extra bytes
- [2017/04/25 22:48:39.227693, 4, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_dual.c:1387(child_handler)
- child daemon request 59
- [2017/04/25 22:48:39.227713, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_dual.c:510(child_process_request)
- child_process_request: request fn NDRCMD
- [2017/04/25 22:48:39.227730, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_dual_ndr.c:315(winbindd_dual_ndrcmd)
- winbindd_dual_ndrcmd: Running command WBINT_QUERYUSER (EDNT)
- [2017/04/25 22:48:39.227768, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
- wbint_QueryUser: struct wbint_QueryUser
- in: struct wbint_QueryUser
- sid : *
- sid : S-1-5-21-4001112740-1724199908-163113746-1106
- [2017/04/25 22:48:39.227816, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:541(refresh_sequence_number)
- refresh_sequence_number: EDNT time ok
- [2017/04/25 22:48:39.227832, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:586(refresh_sequence_number)
- refresh_sequence_number: EDNT seq number is now 6043364
- [2017/04/25 22:48:39.227855, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:2374(query_user)
- query_user: [Cached] - doing backend query for info for domain EDNT
- [2017/04/25 22:48:39.227874, 3, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_ads.c:623(query_user)
- ads: query_user
- [2017/04/25 22:48:39.227907, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/samlogon_cache.c:222(netsamlogon_cache_get)
- netsamlogon_cache_get: SID [S-1-5-21-4001112740-1724199908-163113746-1106]
- [2017/04/25 22:48:39.227982, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
- &r: struct netsamlogoncache_entry
- timestamp : Di Apr 25 22:11:00 2017 CEST
- info3: struct netr_SamInfo3
- base: struct netr_SamBaseInfo
- logon_time : Di Apr 25 20:11:31 2017 CEST
- logoff_time : Di Jan 19 04:14:07 2038 CET
- kickoff_time : Di Jan 19 04:14:07 2038 CET
- last_password_change : Mi Apr 19 17:23:21 2017 CEST
- allow_password_change : Do Apr 20 17:23:21 2017 CEST
- force_password_change : Di Jan 19 04:14:07 2038 CET
- account_name: struct lsa_String
- length : 0x0004 (4)
- size : 0x0004 (4)
- string : *
- string : 'kk'
- full_name: struct lsa_String
- length : 0x0036 (54)
- size : 0x0036 (54)
- string : *
- string : 'Karlheinz Knapp | EDNT GmbH'
- logon_script: struct lsa_String
- length : 0x0000 (0)
- size : 0x0000 (0)
- string : NULL
- profile_path: struct lsa_String
- length : 0x0000 (0)
- size : 0x0000 (0)
- string : NULL
- home_directory: struct lsa_String
- length : 0x0000 (0)
- size : 0x0000 (0)
- string : NULL
- home_drive: struct lsa_String
- length : 0x0000 (0)
- size : 0x0000 (0)
- string : NULL
- logon_count : 0x07af (1967)
- bad_password_count : 0x0000 (0)
- rid : 0x00000452 (1106)
- primary_gid : 0x00000201 (513)
- groups: struct samr_RidWithAttributeArray
- count : 0x0000001f (31)
- rids : *
- rids: ARRAY(31)
- rids: struct samr_RidWithAttribute
- rid : 0x00000471 (1137)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x00000476 (1142)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x0000046a (1130)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x000004c5 (1221)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x00000472 (1138)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x00000487 (1159)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x0000047b (1147)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x0000046c (1132)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x00000470 (1136)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x0000047c (1148)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x0000046b (1131)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x00000465 (1125)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x00000201 (513)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x00000462 (1122)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x00000477 (1143)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x00000463 (1123)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x00000200 (512)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x00000466 (1126)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x00000475 (1141)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x00000486 (1158)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x00000464 (1124)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x0000047a (1146)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x0000046d (1133)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x00000474 (1140)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x0000046e (1134)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x00000479 (1145)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x00000469 (1129)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x00000468 (1128)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x00000461 (1121)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x00000478 (1144)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- rids: struct samr_RidWithAttribute
- rid : 0x00000460 (1120)
- attributes : 0x00000007 (7)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 0: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- user_flags : 0x00000920 (2336)
- 0: NETLOGON_GUEST
- 0: NETLOGON_NOENCRYPTION
- 0: NETLOGON_CACHED_ACCOUNT
- 0: NETLOGON_USED_LM_PASSWORD
- 1: NETLOGON_EXTRA_SIDS
- 0: NETLOGON_SUBAUTH_SESSION_KEY
- 0: NETLOGON_SERVER_TRUST_ACCOUNT
- 1: NETLOGON_NTLMV2_ENABLED
- 0: NETLOGON_RESOURCE_GROUPS
- 0: NETLOGON_PROFILE_PATH_RETURNED
- 0: NETLOGON_GRACE_LOGON
- key: struct netr_UserSessionKey
- key : 74e4da0255d2bf5a58e1aeb865e88c04
- logon_server: struct lsa_StringLarge
- length : 0x0010 (16)
- size : 0x0012 (18)
- string : *
- string : 'SRV-DC01'
- logon_domain: struct lsa_StringLarge
- length : 0x0008 (8)
- size : 0x000a (10)
- string : *
- string : 'EDNT'
- domain_sid : *
- domain_sid : S-1-5-21-4001112740-1724199908-163113746
- LMSessKey: struct netr_LMSessionKey
- key : 74e4da0255d2bf5a
- acct_flags : 0x00000210 (528)
- 0: ACB_DISABLED
- 0: ACB_HOMDIRREQ
- 0: ACB_PWNOTREQ
- 0: ACB_TEMPDUP
- 1: ACB_NORMAL
- 0: ACB_MNS
- 0: ACB_DOMTRUST
- 0: ACB_WSTRUST
- 0: ACB_SVRTRUST
- 1: ACB_PWNOEXP
- 0: ACB_AUTOLOCK
- 0: ACB_ENC_TXT_PWD_ALLOWED
- 0: ACB_SMARTCARD_REQUIRED
- 0: ACB_TRUSTED_FOR_DELEGATION
- 0: ACB_NOT_DELEGATED
- 0: ACB_USE_DES_KEY_ONLY
- 0: ACB_DONT_REQUIRE_PREAUTH
- 0: ACB_PW_EXPIRED
- 0: ACB_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION
- 0: ACB_NO_AUTH_DATA_REQD
- 0: ACB_PARTIAL_SECRETS_ACCOUNT
- 0: ACB_USE_AES_KEYS
- sub_auth_status : 0x00000000 (0)
- last_successful_logon : NTTIME(0)
- last_failed_logon : NTTIME(0)
- failed_logon_count : 0x00000000 (0)
- reserved : 0x00000000 (0)
- sidcount : 0x00000002 (2)
- sids : *
- sids: ARRAY(2)
- sids: struct netr_SidAttr
- sid : *
- sid : S-1-5-21-4001112740-1724199908-163113746-572
- attributes : 0x20000007 (536870919)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 1: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- sids: struct netr_SidAttr
- sid : *
- sid : S-1-5-21-4001112740-1724199908-163113746-1233
- attributes : 0x20000007 (536870919)
- 1: SE_GROUP_MANDATORY
- 1: SE_GROUP_ENABLED_BY_DEFAULT
- 1: SE_GROUP_ENABLED
- 0: SE_GROUP_OWNER
- 0: SE_GROUP_USE_FOR_DENY_ONLY
- 1: SE_GROUP_RESOURCE
- 0x00: SE_GROUP_LOGON_ID (0)
- [2017/04/25 22:48:39.231385, 5, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_ads.c:633(query_user)
- query_user: Cache lookup succeeded for S-1-5-21-4001112740-1724199908-163113746-1106
- [2017/04/25 22:48:39.231412, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:541(refresh_sequence_number)
- refresh_sequence_number: EDNT time ok
- [2017/04/25 22:48:39.231427, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:586(refresh_sequence_number)
- refresh_sequence_number: EDNT seq number is now 6043364
- [2017/04/25 22:48:39.231457, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/winbindd/nss_info.c:318(nss_get_info)
- nss_get_info called for sid [S-1-5-21-4001112740-1724199908-163113746-1106] in domain 'EDNT'
- [2017/04/25 22:48:39.231499, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/winbindd/nss_info.c:80(smb_register_idmap_nss)
- smb_register_idmap_nss: Successfully added idmap nss backend 'template'
- [2017/04/25 22:48:39.231516, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/winbindd/nss_info.c:191(nss_init)
- parsed backend = 'rfc2307', domain = '(null)'
- [2017/04/25 22:48:39.231535, 5, pid=3802, effective(0, 0), real(0, 0)] ../lib/util/modules.c:171(do_smb_load_module)
- Probing module 'ad'
- [2017/04/25 22:48:39.231554, 5, pid=3802, effective(0, 0), real(0, 0)] ../lib/util/modules.c:185(do_smb_load_module)
- Probing module 'ad': Trying to load from /usr/lib/i386-linux-gnu/samba/idmap/ad.so
- [2017/04/25 22:48:39.233917, 2, pid=3802, effective(0, 0), real(0, 0)] ../lib/util/modules.c:196(do_smb_load_module)
- Module 'ad' loaded
- [2017/04/25 22:48:39.233972, 5, pid=3802, effective(0, 0), real(0, 0), class=idmap] ../source3/winbindd/idmap.c:154(smb_register_idmap)
- Successfully added idmap backend 'ad'
- [2017/04/25 22:48:39.233993, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/winbindd/nss_info.c:80(smb_register_idmap_nss)
- smb_register_idmap_nss: Successfully added idmap nss backend 'rfc2307'
- [2017/04/25 22:48:39.234010, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/winbindd/nss_info.c:80(smb_register_idmap_nss)
- smb_register_idmap_nss: Successfully added idmap nss backend 'sfu'
- [2017/04/25 22:48:39.234027, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/winbindd/nss_info.c:80(smb_register_idmap_nss)
- smb_register_idmap_nss: Successfully added idmap nss backend 'sfu20'
- [2017/04/25 22:48:39.234046, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/winbindd/nss_info.c:231(nss_init)
- nss_init: using 'rfc2307' as default backend.
- [2017/04/25 22:48:39.234063, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/winbindd/nss_info.c:147(nss_domain_list_add_domain)
- Added domain '(null)' with backend 'rfc2307' to nss_domain_list.
- [2017/04/25 22:48:39.234080, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/winbindd/nss_info.c:147(nss_domain_list_add_domain)
- Added domain 'EDNT' with backend 'rfc2307' to nss_domain_list.
- [2017/04/25 22:48:39.234098, 10, pid=3802, effective(0, 0), real(0, 0), class=idmap] ../source3/winbindd/idmap_ad.c:691(nss_ad_get_info)
- nss_ad_get_info called for sid [S-1-5-21-4001112740-1724199908-163113746-1106] in domain 'EDNT'
- [2017/04/25 22:48:39.234118, 10, pid=3802, effective(0, 0), real(0, 0), class=idmap] ../source3/winbindd/idmap_ad.c:64(ad_idmap_cached_connection)
- ad_idmap_cached_connection: called for domain 'EDNT'
- [2017/04/25 22:48:39.234168, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:212(saf_fetch)
- saf_fetch: Returning "SRV-DC01.ednt.de" for "EDNT" domain
- [2017/04/25 22:48:39.234186, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_ads.c:169(ads_idmap_cached_connection)
- ldap_server from saf cache: 'SRV-DC01.ednt.de'
- [2017/04/25 22:48:39.234204, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_ads.c:178(ads_idmap_cached_connection)
- find_domain_from_name found realm 'ednt.de' for domain 'EDNT'
- [2017/04/25 22:48:39.234270, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sitename_cache.c:105(sitename_fetch)
- sitename_fetch: Returning sitename for ednt.de: "Default-First-Site-Name"
- [2017/04/25 22:48:39.234290, 4, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery_dc.c:77(ads_dc_name)
- ads_dc_name: domain=EDNT
- [2017/04/25 22:48:39.234319, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sitename_cache.c:105(sitename_fetch)
- sitename_fetch: Returning sitename for ednt.de: "Default-First-Site-Name"
- [2017/04/25 22:48:39.234336, 6, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/ldap.c:408(ads_find_dc)
- ads_find_dc: (cldap) looking for realm 'ednt.de'
- [2017/04/25 22:48:39.234353, 8, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:3320(get_sorted_dc_list)
- get_sorted_dc_list: attempting lookup for name ednt.de (sitename Default-First-Site-Name)
- [2017/04/25 22:48:39.234389, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:212(saf_fetch)
- saf_fetch: Returning "SRV-DC01.ednt.de" for "ednt.de" domain
- [2017/04/25 22:48:39.234410, 3, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:3133(get_dc_list)
- get_dc_list: preferred server list: "SRV-DC01.ednt.de, *"
- [2017/04/25 22:48:39.234432, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:2628(internal_resolve_name)
- internal_resolve_name: looking up ednt.de#1c (sitename Default-First-Site-Name)
- [2017/04/25 22:48:39.234479, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namecache.c:165(namecache_fetch)
- name ednt.de#1C found.
- [2017/04/25 22:48:39.234520, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:1140(remove_duplicate_addrs2)
- remove_duplicate_addrs2: looking for duplicate address/port pairs
- [2017/04/25 22:48:39.234538, 8, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:3154(get_dc_list)
- Adding 1 DC's from auto lookup
- [2017/04/25 22:48:39.234567, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sitename_cache.c:105(sitename_fetch)
- sitename_fetch: Returning sitename for EDNT.DE: "Default-First-Site-Name"
- [2017/04/25 22:48:39.234584, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:2628(internal_resolve_name)
- internal_resolve_name: looking up SRV-DC01.ednt.de#20 (sitename Default-First-Site-Name)
- [2017/04/25 22:48:39.234609, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namecache.c:165(namecache_fetch)
- name SRV-DC01.ednt.de#20 found.
- [2017/04/25 22:48:39.234630, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:1140(remove_duplicate_addrs2)
- remove_duplicate_addrs2: looking for duplicate address/port pairs
- [2017/04/25 22:48:39.234658, 9, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/conncache.c:150(check_negative_conn_cache)
- check_negative_conn_cache returning result 0 for domain ednt.de server 192.168.18.130
- [2017/04/25 22:48:39.234683, 9, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/conncache.c:150(check_negative_conn_cache)
- check_negative_conn_cache returning result 0 for domain ednt.de server 192.168.18.130
- [2017/04/25 22:48:39.234700, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:1140(remove_duplicate_addrs2)
- remove_duplicate_addrs2: looking for duplicate address/port pairs
- [2017/04/25 22:48:39.234719, 4, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:3270(get_dc_list)
- get_dc_list: returning 1 ip addresses in an ordered list
- [2017/04/25 22:48:39.234735, 4, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:3271(get_dc_list)
- get_dc_list: 192.168.18.130:389
- [2017/04/25 22:48:39.234760, 9, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/conncache.c:150(check_negative_conn_cache)
- check_negative_conn_cache returning result 0 for domain ednt.de server 192.168.18.130
- [2017/04/25 22:48:39.234779, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/ldap.c:253(ads_try_connect)
- ads_try_connect: sending CLDAP request to 192.168.18.130 (realm: ednt.de)
- [2017/04/25 22:48:39.235872, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
- &response->data.nt5_ex: struct NETLOGON_SAM_LOGON_RESPONSE_EX
- command : LOGON_SAM_LOGON_RESPONSE_EX (23)
- sbz : 0x0000 (0)
- server_type : 0x0000f3fd (62461)
- 1: NBT_SERVER_PDC
- 1: NBT_SERVER_GC
- 1: NBT_SERVER_LDAP
- 1: NBT_SERVER_DS
- 1: NBT_SERVER_KDC
- 1: NBT_SERVER_TIMESERV
- 1: NBT_SERVER_CLOSEST
- 1: NBT_SERVER_WRITABLE
- 1: NBT_SERVER_GOOD_TIMESERV
- 0: NBT_SERVER_NDNC
- 0: NBT_SERVER_SELECT_SECRET_DOMAIN_6
- 1: NBT_SERVER_FULL_SECRET_DOMAIN_6
- 1: NBT_SERVER_ADS_WEB_SERVICE
- 0: NBT_SERVER_HAS_DNS_NAME
- 0: NBT_SERVER_IS_DEFAULT_NC
- 0: NBT_SERVER_FOREST_ROOT
- domain_uuid : 1438b128-8674-4c78-ae4f-c96610fdcab1
- forest : 'ednt.de'
- dns_domain : 'ednt.de'
- pdc_dns_name : 'SRV-DC01.ednt.de'
- domain_name : 'EDNT'
- pdc_name : 'SRV-DC01'
- user_name : ''
- server_site : 'Default-First-Site-Name'
- client_site : 'Default-First-Site-Name'
- sockaddr_size : 0x00 (0)
- sockaddr: struct nbt_sockaddr
- sockaddr_family : 0x00000000 (0)
- pdc_ip : (null)
- remaining : DATA_BLOB length=0
- next_closest_site : NULL
- nt_version : 0x00000005 (5)
- 1: NETLOGON_NT_VERSION_1
- 0: NETLOGON_NT_VERSION_5
- 1: NETLOGON_NT_VERSION_5EX
- 0: NETLOGON_NT_VERSION_5EX_WITH_IP
- 0: NETLOGON_NT_VERSION_WITH_CLOSEST_SITE
- 0: NETLOGON_NT_VERSION_AVOID_NT4EMUL
- 0: NETLOGON_NT_VERSION_PDC
- 0: NETLOGON_NT_VERSION_IP
- 0: NETLOGON_NT_VERSION_LOCAL
- 0: NETLOGON_NT_VERSION_GC
- lmnt_token : 0xffff (65535)
- lm20_token : 0xffff (65535)
- [2017/04/25 22:48:39.236215, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sitename_cache.c:70(sitename_store)
- sitename_store: realm = [EDNT], sitename = [Default-First-Site-Name], expire = [2147483647]
- [2017/04/25 22:48:39.236244, 10, pid=3802, effective(0, 0), real(0, 0), class=tdb] ../source3/lib/gencache.c:292(gencache_set_data_blob)
- Did not store value for AD_SITENAME/DOMAIN/EDNT, we already got it
- [2017/04/25 22:48:39.236262, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sitename_cache.c:70(sitename_store)
- sitename_store: realm = [ednt.de], sitename = [Default-First-Site-Name], expire = [2147483647]
- [2017/04/25 22:48:39.236285, 10, pid=3802, effective(0, 0), real(0, 0), class=tdb] ../source3/lib/gencache.c:292(gencache_set_data_blob)
- Did not store value for AD_SITENAME/DOMAIN/EDNT.DE, we already got it
- [2017/04/25 22:48:39.236305, 3, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/ldap.c:541(ads_connect)
- Successfully contacted LDAP server 192.168.18.130
- [2017/04/25 22:48:39.236333, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sitename_cache.c:105(sitename_fetch)
- sitename_fetch: Returning sitename for ednt.de: "Default-First-Site-Name"
- [2017/04/25 22:48:39.236354, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/ldap.c:211(ads_closest_dc)
- ads_closest_dc: NBT_SERVER_CLOSEST flag set
- [2017/04/25 22:48:39.236397, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/kerberos.c:865(create_local_private_krb5_conf_for_domain)
- create_local_private_krb5_conf_for_domain: fname = /var/run/samba/smb_krb5/krb5.conf.EDNT, realm = ednt.de, domain = EDNT
- [2017/04/25 22:48:39.236433, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:212(saf_fetch)
- saf_fetch: Returning "SRV-DC01.ednt.de" for "ednt.de" domain
- [2017/04/25 22:48:39.236451, 3, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:3133(get_dc_list)
- get_dc_list: preferred server list: "SRV-DC01.ednt.de, *"
- [2017/04/25 22:48:39.236481, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:2628(internal_resolve_name)
- internal_resolve_name: looking up ednt.de#1c (sitename Default-First-Site-Name)
- [2017/04/25 22:48:39.236505, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namecache.c:165(namecache_fetch)
- name ednt.de#1C found.
- [2017/04/25 22:48:39.236526, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:1140(remove_duplicate_addrs2)
- remove_duplicate_addrs2: looking for duplicate address/port pairs
- [2017/04/25 22:48:39.236542, 8, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:3154(get_dc_list)
- Adding 1 DC's from auto lookup
- [2017/04/25 22:48:39.236567, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sitename_cache.c:105(sitename_fetch)
- sitename_fetch: Returning sitename for EDNT.DE: "Default-First-Site-Name"
- [2017/04/25 22:48:39.236584, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:2628(internal_resolve_name)
- internal_resolve_name: looking up SRV-DC01.ednt.de#20 (sitename Default-First-Site-Name)
- [2017/04/25 22:48:39.236621, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namecache.c:165(namecache_fetch)
- name SRV-DC01.ednt.de#20 found.
- [2017/04/25 22:48:39.236641, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:1140(remove_duplicate_addrs2)
- remove_duplicate_addrs2: looking for duplicate address/port pairs
- [2017/04/25 22:48:39.236666, 9, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/conncache.c:150(check_negative_conn_cache)
- check_negative_conn_cache returning result 0 for domain ednt.de server 192.168.18.130
- [2017/04/25 22:48:39.236691, 9, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/conncache.c:150(check_negative_conn_cache)
- check_negative_conn_cache returning result 0 for domain ednt.de server 192.168.18.130
- [2017/04/25 22:48:39.236707, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:1140(remove_duplicate_addrs2)
- remove_duplicate_addrs2: looking for duplicate address/port pairs
- [2017/04/25 22:48:39.236724, 4, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:3270(get_dc_list)
- get_dc_list: returning 1 ip addresses in an ordered list
- [2017/04/25 22:48:39.236740, 4, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:3271(get_dc_list)
- get_dc_list: 192.168.18.130:389
- [2017/04/25 22:48:39.236772, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:212(saf_fetch)
- saf_fetch: Returning "SRV-DC01.ednt.de" for "ednt.de" domain
- [2017/04/25 22:48:39.236792, 3, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:3133(get_dc_list)
- get_dc_list: preferred server list: "SRV-DC01.ednt.de, *"
- [2017/04/25 22:48:39.236809, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:2628(internal_resolve_name)
- internal_resolve_name: looking up ednt.de#1c (sitename (null))
- [2017/04/25 22:48:39.236834, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namecache.c:165(namecache_fetch)
- name ednt.de#1C found.
- [2017/04/25 22:48:39.236854, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:1140(remove_duplicate_addrs2)
- remove_duplicate_addrs2: looking for duplicate address/port pairs
- [2017/04/25 22:48:39.236870, 8, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:3154(get_dc_list)
- Adding 1 DC's from auto lookup
- [2017/04/25 22:48:39.236896, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sitename_cache.c:105(sitename_fetch)
- sitename_fetch: Returning sitename for EDNT.DE: "Default-First-Site-Name"
- [2017/04/25 22:48:39.236913, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:2628(internal_resolve_name)
- internal_resolve_name: looking up SRV-DC01.ednt.de#20 (sitename Default-First-Site-Name)
- [2017/04/25 22:48:39.236937, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namecache.c:165(namecache_fetch)
- name SRV-DC01.ednt.de#20 found.
- [2017/04/25 22:48:39.236957, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:1140(remove_duplicate_addrs2)
- remove_duplicate_addrs2: looking for duplicate address/port pairs
- [2017/04/25 22:48:39.236980, 9, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/conncache.c:150(check_negative_conn_cache)
- check_negative_conn_cache returning result 0 for domain ednt.de server 192.168.18.130
- [2017/04/25 22:48:39.237005, 9, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/conncache.c:150(check_negative_conn_cache)
- check_negative_conn_cache returning result 0 for domain ednt.de server 192.168.18.130
- [2017/04/25 22:48:39.237021, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:1140(remove_duplicate_addrs2)
- remove_duplicate_addrs2: looking for duplicate address/port pairs
- [2017/04/25 22:48:39.237038, 4, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:3270(get_dc_list)
- get_dc_list: returning 1 ip addresses in an ordered list
- [2017/04/25 22:48:39.237055, 4, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:3271(get_dc_list)
- get_dc_list: 192.168.18.130:389
- [2017/04/25 22:48:39.237773, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
- &response->data.nt5_ex: struct NETLOGON_SAM_LOGON_RESPONSE_EX
- command : LOGON_SAM_LOGON_RESPONSE_EX (23)
- sbz : 0x0000 (0)
- server_type : 0x0000f3fd (62461)
- 1: NBT_SERVER_PDC
- 1: NBT_SERVER_GC
- 1: NBT_SERVER_LDAP
- 1: NBT_SERVER_DS
- 1: NBT_SERVER_KDC
- 1: NBT_SERVER_TIMESERV
- 1: NBT_SERVER_CLOSEST
- 1: NBT_SERVER_WRITABLE
- 1: NBT_SERVER_GOOD_TIMESERV
- 0: NBT_SERVER_NDNC
- 0: NBT_SERVER_SELECT_SECRET_DOMAIN_6
- 1: NBT_SERVER_FULL_SECRET_DOMAIN_6
- 1: NBT_SERVER_ADS_WEB_SERVICE
- 0: NBT_SERVER_HAS_DNS_NAME
- 0: NBT_SERVER_IS_DEFAULT_NC
- 0: NBT_SERVER_FOREST_ROOT
- domain_uuid : 1438b128-8674-4c78-ae4f-c96610fdcab1
- forest : 'ednt.de'
- dns_domain : 'ednt.de'
- pdc_dns_name : 'SRV-DC01.ednt.de'
- domain_name : 'EDNT'
- pdc_name : 'SRV-DC01'
- user_name : ''
- server_site : 'Default-First-Site-Name'
- client_site : 'Default-First-Site-Name'
- sockaddr_size : 0x00 (0)
- sockaddr: struct nbt_sockaddr
- sockaddr_family : 0x00000000 (0)
- pdc_ip : (null)
- remaining : DATA_BLOB length=0
- next_closest_site : NULL
- nt_version : 0x00000005 (5)
- 1: NETLOGON_NT_VERSION_1
- 0: NETLOGON_NT_VERSION_5
- 1: NETLOGON_NT_VERSION_5EX
- 0: NETLOGON_NT_VERSION_5EX_WITH_IP
- 0: NETLOGON_NT_VERSION_WITH_CLOSEST_SITE
- 0: NETLOGON_NT_VERSION_AVOID_NT4EMUL
- 0: NETLOGON_NT_VERSION_PDC
- 0: NETLOGON_NT_VERSION_IP
- 0: NETLOGON_NT_VERSION_LOCAL
- 0: NETLOGON_NT_VERSION_GC
- lmnt_token : 0xffff (65535)
- lm20_token : 0xffff (65535)
- [2017/04/25 22:48:39.238094, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/kerberos.c:794(get_kdc_ip_string)
- get_kdc_ip_string: Returning kdc = 192.168.18.130
- [2017/04/25 22:48:39.238182, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/kerberos.c:956(create_local_private_krb5_conf_for_domain)
- create_local_private_krb5_conf_for_domain: wrote file /var/run/samba/smb_krb5/krb5.conf.EDNT with realm EDNT.DE KDC list = kdc = 192.168.18.130
- [2017/04/25 22:48:39.238211, 4, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery_dc.c:151(ads_dc_name)
- ads_dc_name: using server='SRV-DC01.EDNT.DE' IP=192.168.18.130
- [2017/04/25 22:48:39.238241, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sitename_cache.c:105(sitename_fetch)
- sitename_fetch: Returning sitename for EDNT.DE: "Default-First-Site-Name"
- [2017/04/25 22:48:39.238258, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:2628(internal_resolve_name)
- internal_resolve_name: looking up SRV-DC01.ednt.de#20 (sitename Default-First-Site-Name)
- [2017/04/25 22:48:39.238283, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namecache.c:165(namecache_fetch)
- name SRV-DC01.ednt.de#20 found.
- [2017/04/25 22:48:39.238304, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:1140(remove_duplicate_addrs2)
- remove_duplicate_addrs2: looking for duplicate address/port pairs
- [2017/04/25 22:48:39.238322, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/ldap.c:253(ads_try_connect)
- ads_try_connect: sending CLDAP request to 192.168.18.130 (realm: ednt.de)
- [2017/04/25 22:48:39.238932, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
- &response->data.nt5_ex: struct NETLOGON_SAM_LOGON_RESPONSE_EX
- command : LOGON_SAM_LOGON_RESPONSE_EX (23)
- sbz : 0x0000 (0)
- server_type : 0x0000f3fd (62461)
- 1: NBT_SERVER_PDC
- 1: NBT_SERVER_GC
- 1: NBT_SERVER_LDAP
- 1: NBT_SERVER_DS
- 1: NBT_SERVER_KDC
- 1: NBT_SERVER_TIMESERV
- 1: NBT_SERVER_CLOSEST
- 1: NBT_SERVER_WRITABLE
- 1: NBT_SERVER_GOOD_TIMESERV
- 0: NBT_SERVER_NDNC
- 0: NBT_SERVER_SELECT_SECRET_DOMAIN_6
- 1: NBT_SERVER_FULL_SECRET_DOMAIN_6
- 1: NBT_SERVER_ADS_WEB_SERVICE
- 0: NBT_SERVER_HAS_DNS_NAME
- 0: NBT_SERVER_IS_DEFAULT_NC
- 0: NBT_SERVER_FOREST_ROOT
- domain_uuid : 1438b128-8674-4c78-ae4f-c96610fdcab1
- forest : 'ednt.de'
- dns_domain : 'ednt.de'
- pdc_dns_name : 'SRV-DC01.ednt.de'
- domain_name : 'EDNT'
- pdc_name : 'SRV-DC01'
- user_name : ''
- server_site : 'Default-First-Site-Name'
- client_site : 'Default-First-Site-Name'
- sockaddr_size : 0x00 (0)
- sockaddr: struct nbt_sockaddr
- sockaddr_family : 0x00000000 (0)
- pdc_ip : (null)
- remaining : DATA_BLOB length=0
- next_closest_site : NULL
- nt_version : 0x00000005 (5)
- 1: NETLOGON_NT_VERSION_1
- 0: NETLOGON_NT_VERSION_5
- 1: NETLOGON_NT_VERSION_5EX
- 0: NETLOGON_NT_VERSION_5EX_WITH_IP
- 0: NETLOGON_NT_VERSION_WITH_CLOSEST_SITE
- 0: NETLOGON_NT_VERSION_AVOID_NT4EMUL
- 0: NETLOGON_NT_VERSION_PDC
- 0: NETLOGON_NT_VERSION_IP
- 0: NETLOGON_NT_VERSION_LOCAL
- 0: NETLOGON_NT_VERSION_GC
- lmnt_token : 0xffff (65535)
- lm20_token : 0xffff (65535)
- [2017/04/25 22:48:39.239253, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sitename_cache.c:70(sitename_store)
- sitename_store: realm = [EDNT], sitename = [Default-First-Site-Name], expire = [2147483647]
- [2017/04/25 22:48:39.239279, 10, pid=3802, effective(0, 0), real(0, 0), class=tdb] ../source3/lib/gencache.c:292(gencache_set_data_blob)
- Did not store value for AD_SITENAME/DOMAIN/EDNT, we already got it
- [2017/04/25 22:48:39.239297, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sitename_cache.c:70(sitename_store)
- sitename_store: realm = [ednt.de], sitename = [Default-First-Site-Name], expire = [2147483647]
- [2017/04/25 22:48:39.239321, 10, pid=3802, effective(0, 0), real(0, 0), class=tdb] ../source3/lib/gencache.c:292(gencache_set_data_blob)
- Did not store value for AD_SITENAME/DOMAIN/EDNT.DE, we already got it
- [2017/04/25 22:48:39.239340, 3, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/ldap.c:541(ads_connect)
- Successfully contacted LDAP server 192.168.18.130
- [2017/04/25 22:48:39.239358, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/ldap.c:72(ldap_open_with_timeout)
- Opening connection to LDAP server '192.168.18.130:389', timeout 15 seconds
- [2017/04/25 22:48:39.239458, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/ldap.c:107(ldap_open_with_timeout)
- Initialized connection for LDAP server 'ldap://192.168.18.130:389'
- [2017/04/25 22:48:39.239489, 3, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/ldap.c:584(ads_connect)
- Connected to LDAP server SRV-DC01.ednt.de
- [2017/04/25 22:48:39.239523, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/ldap.c:211(ads_closest_dc)
- ads_closest_dc: NBT_SERVER_CLOSEST flag set
- [2017/04/25 22:48:39.239550, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:87(saf_store)
- saf_store: domain = [EDNT], server = [SRV-DC01.ednt.de], expire = [1493154219]
- [2017/04/25 22:48:39.239575, 10, pid=3802, effective(0, 0), real(0, 0), class=tdb] ../source3/lib/gencache.c:292(gencache_set_data_blob)
- Did not store value for SAF/DOMAIN/EDNT, we already got it
- [2017/04/25 22:48:39.239595, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libsmb/namequery.c:87(saf_store)
- saf_store: domain = [ednt.de], server = [SRV-DC01.ednt.de], expire = [1493154219]
- [2017/04/25 22:48:39.239619, 10, pid=3802, effective(0, 0), real(0, 0), class=tdb] ../source3/lib/gencache.c:292(gencache_set_data_blob)
- Did not store value for SAF/DOMAIN/EDNT.DE, we already got it
- [2017/04/25 22:48:39.240928, 4, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/ldap.c:2870(ads_current_time)
- KDC time offset is -1 seconds
- [2017/04/25 22:48:39.241431, 4, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sasl.c:1082(ads_sasl_bind)
- Found SASL mechanism GSS-SPNEGO
- [2017/04/25 22:48:39.242256, 3, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sasl.c:732(ads_sasl_spnego_bind)
- ads_sasl_spnego_bind: got OID=1.3.6.1.4.1.311.2.2.30
- [2017/04/25 22:48:39.242274, 3, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sasl.c:732(ads_sasl_spnego_bind)
- ads_sasl_spnego_bind: got OID=1.2.840.48018.1.2.2
- [2017/04/25 22:48:39.242290, 3, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sasl.c:732(ads_sasl_spnego_bind)
- ads_sasl_spnego_bind: got OID=1.2.840.113554.1.2.2
- [2017/04/25 22:48:39.242306, 3, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sasl.c:732(ads_sasl_spnego_bind)
- ads_sasl_spnego_bind: got OID=1.2.840.113554.1.2.2.3
- [2017/04/25 22:48:39.242322, 3, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/sasl.c:732(ads_sasl_spnego_bind)
- ads_sasl_spnego_bind: got OID=1.3.6.1.4.1.311.2.2.10
- [2017/04/25 22:48:39.242593, 5, pid=3802, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:672(gensec_start_mech)
- Starting GENSEC mechanism spnego
- [2017/04/25 22:48:39.242642, 5, pid=3802, effective(0, 0), real(0, 0)] ../auth/gensec/gensec_start.c:672(gensec_start_mech)
- Starting GENSEC submechanism gse_krb5
- [2017/04/25 22:48:39.257750, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/ldap_schema.c:231(ads_check_posix_schema_mapping)
- ads_check_posix_schema_mapping for schema mode: 3
- [2017/04/25 22:48:39.301264, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/ldap_utils.c:81(ads_do_search_retry_internal)
- Search for (|(attributeId=1.3.6.1.1.1.1.0)(attributeId=1.3.6.1.1.1.1.1)(attributeId=1.3.6.1.1.1.1.3)(attributeId=1.3.6.1.1.1.1.4)(attributeId=1.3.6.1.1.1.1.2)(attributeId=0.9.2342.19200300.100.1.1)) in <CN=Schema,CN=Configuration,DC=ednt,DC=de> gave 6 replies
- OID 0.9.2342.19200300.100.1.1 has name: uid
- OID 1.3.6.1.1.1.1.0 has name: uidNumber
- OID 1.3.6.1.1.1.1.1 has name: gidNumber
- OID 1.3.6.1.1.1.1.2 has name: gecos
- OID 1.3.6.1.1.1.1.3 has name: unixHomeDirectory
- OID 1.3.6.1.1.1.1.4 has name: loginShell
- [2017/04/25 22:48:39.301440, 10, pid=3802, effective(0, 0), real(0, 0), class=idmap] ../source3/winbindd/idmap_ad.c:718(nss_ad_get_info)
- nss_ad_get_info: no ads connection given, doing our own query
- [2017/04/25 22:48:39.302493, 5, pid=3802, effective(0, 0), real(0, 0)] ../source3/libads/ldap_utils.c:81(ads_do_search_retry_internal)
- Search for (objectSid=\01\05\00\00\00\00\00\05\15\00\00\00\A4\22\7C\EE\E43\C5f\12\EB\B8\09R\04\00\00) in <dc=EDNT,dc=DE> gave 1 replies
- [2017/04/25 22:48:39.302518, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:4886(nss_get_info_cached)
- nss_get_info returned NT_STATUS_OK
- [2017/04/25 22:48:39.302570, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:4889(nss_get_info_cached)
- result:
- homedir = '(null)'
- shell = '(null)'
- gecos = '(null)'
- gid = '4294967295'
- [2017/04/25 22:48:39.302660, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:4842(wcache_save_user_pwinfo)
- wcache_save_user_pwinfo: S-1-5-21-4001112740-1724199908-163113746-1106
- [2017/04/25 22:48:39.302696, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:541(refresh_sequence_number)
- refresh_sequence_number: EDNT time ok
- [2017/04/25 22:48:39.302713, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:586(refresh_sequence_number)
- refresh_sequence_number: EDNT seq number is now 6043364
- [2017/04/25 22:48:39.302740, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:541(refresh_sequence_number)
- refresh_sequence_number: EDNT time ok
- [2017/04/25 22:48:39.302757, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:586(refresh_sequence_number)
- refresh_sequence_number: EDNT seq number is now 6043364
- [2017/04/25 22:48:39.302794, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:1022(wcache_save_user)
- wcache_save_user: S-1-5-21-4001112740-1724199908-163113746-1106 (acct_name kk)
- [2017/04/25 22:48:39.302817, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
- wbint_QueryUser: struct wbint_QueryUser
- out: struct wbint_QueryUser
- info : *
- info: struct wbint_userinfo
- acct_name : *
- acct_name : 'kk'
- full_name : NULL
- homedir : NULL
- shell : NULL
- primary_gid : 0x00000000ffffffff (4294967295)
- user_sid : S-1-5-21-4001112740-1724199908-163113746-1106
- group_sid : S-1-5-21-4001112740-1724199908-163113746-513
- result : NT_STATUS_OK
- [2017/04/25 22:48:39.302950, 4, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_dual.c:1395(child_handler)
- Finished processing child request 59
- [2017/04/25 22:48:39.302967, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_dual.c:102(child_write_response)
- Writing 3596 bytes to parent
- [2017/04/25 22:48:39.306404, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_dual.c:68(child_read_request)
- Need to read 28 extra bytes
- [2017/04/25 22:48:39.306507, 4, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_dual.c:1387(child_handler)
- child daemon request 59
- [2017/04/25 22:48:39.306531, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_dual.c:510(child_process_request)
- child_process_request: request fn NDRCMD
- [2017/04/25 22:48:39.306550, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_dual_ndr.c:315(winbindd_dual_ndrcmd)
- winbindd_dual_ndrcmd: Running command WBINT_LOOKUPSID (EDNT)
- [2017/04/25 22:48:39.306580, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
- wbint_LookupSid: struct wbint_LookupSid
- in: struct wbint_LookupSid
- sid : *
- sid : S-1-5-21-4001112740-1724199908-163113746-513
- [2017/04/25 22:48:39.306656, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:541(refresh_sequence_number)
- refresh_sequence_number: EDNT time ok
- [2017/04/25 22:48:39.306674, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:586(refresh_sequence_number)
- refresh_sequence_number: EDNT seq number is now 6043364
- [2017/04/25 22:48:39.306760, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:1987(sid_to_name)
- sid_to_name: [Cached] - doing backend query for name for domain EDNT
- [2017/04/25 22:48:39.306789, 3, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_msrpc.c:300(msrpc_sid_to_name)
- msrpc_sid_to_name: S-1-5-21-4001112740-1724199908-163113746-513 for domain EDNT
- [2017/04/25 22:48:39.306809, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cm.c:2666(cm_connect_lsa_tcp)
- cm_connect_lsa_tcp
- [2017/04/25 22:48:39.306838, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/rpc_client/cli_lsarpc.c:410(dcerpc_lsa_lookup_sids_generic)
- rpccli_lsa_lookup_sids: processing items 0 -- 0 of 1.
- [2017/04/25 22:48:39.306890, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
- lsa_LookupSids3: struct lsa_LookupSids3
- in: struct lsa_LookupSids3
- sids : *
- sids: struct lsa_SidArray
- num_sids : 0x00000001 (1)
- sids : *
- sids: ARRAY(1)
- sids: struct lsa_SidPtr
- sid : *
- sid : S-1-5-21-4001112740-1724199908-163113746-513
- names : *
- names: struct lsa_TransNameArray2
- count : 0x00000000 (0)
- names : NULL
- level : LSA_LOOKUP_NAMES_ALL (1)
- count : *
- count : 0x00000000 (0)
- lookup_options : LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES (0)
- client_revision : LSA_CLIENT_REVISION_2 (2)
- [2017/04/25 22:48:39.307070, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
- &r: struct ncacn_packet
- rpc_vers : 0x05 (5)
- rpc_vers_minor : 0x00 (0)
- ptype : DCERPC_PKT_REQUEST (0)
- pfc_flags : 0x03 (3)
- 1: DCERPC_PFC_FLAG_FIRST
- 1: DCERPC_PFC_FLAG_LAST
- 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
- 0: DCERPC_PFC_FLAG_CONC_MPX
- 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
- 0: DCERPC_PFC_FLAG_MAYBE
- 0: DCERPC_PFC_FLAG_OBJECT_UUID
- drep: ARRAY(4)
- [0] : 0x10 (16)
- [1] : 0x00 (0)
- [2] : 0x00 (0)
- [3] : 0x00 (0)
- frag_length : 0x0018 (24)
- auth_length : 0x0038 (56)
- call_id : 0x00000011 (17)
- u : union dcerpc_payload(case 0)
- request: struct dcerpc_request
- alloc_hint : 0x00000048 (72)
- context_id : 0x0000 (0)
- opnum : 0x004c (76)
- object : union dcerpc_object(case 0)
- empty: struct dcerpc_empty
- _pad : DATA_BLOB length=0
- stub_and_verifier : DATA_BLOB length=0
- [2017/04/25 22:48:39.307282, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
- &r: struct dcerpc_auth
- auth_type : DCERPC_AUTH_TYPE_SCHANNEL (68)
- auth_level : DCERPC_AUTH_LEVEL_PRIVACY (6)
- auth_pad_length : 0x08 (8)
- auth_reserved : 0x00 (0)
- auth_context_id : 0x00000001 (1)
- credentials : DATA_BLOB length=0
- [2017/04/25 22:48:39.307401, 5, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:826(rpc_api_pipe_send)
- rpc_api_pipe: host SRV-DC01.ednt.de
- [2017/04/25 22:48:39.307422, 5, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:178(rpc_write_send)
- rpc_write_send: data_to_write: 168
- [2017/04/25 22:48:39.308826, 5, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:98(rpc_read_send)
- rpc_read_send: data_to_read: 248
- [2017/04/25 22:48:39.308894, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
- r: struct ncacn_packet
- rpc_vers : 0x05 (5)
- rpc_vers_minor : 0x00 (0)
- ptype : DCERPC_PKT_RESPONSE (2)
- pfc_flags : 0x03 (3)
- 1: DCERPC_PFC_FLAG_FIRST
- 1: DCERPC_PFC_FLAG_LAST
- 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
- 0: DCERPC_PFC_FLAG_CONC_MPX
- 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
- 0: DCERPC_PFC_FLAG_MAYBE
- 0: DCERPC_PFC_FLAG_OBJECT_UUID
- drep: ARRAY(4)
- [0] : 0x10 (16)
- [1] : 0x00 (0)
- [2] : 0x00 (0)
- [3] : 0x00 (0)
- frag_length : 0x0108 (264)
- auth_length : 0x0038 (56)
- call_id : 0x00000011 (17)
- u : union dcerpc_payload(case 2)
- response: struct dcerpc_response
- alloc_hint : 0x000000a4 (164)
- context_id : 0x0000 (0)
- cancel_count : 0x00 (0)
- _pad : DATA_BLOB length=1
- [0000] 00 .
- stub_and_verifier : DATA_BLOB length=240
- [0000] A0 ED FC 1A BE 41 4B 5B DB F2 72 B0 A9 36 DA 46 .....AK[ ..r..6.F
- [0010] F2 6E 8A 93 71 21 3D EF 55 5A DA CD 35 10 61 7D .n..q!=. UZ..5.a}
- [0020] 8E 05 A4 0B E2 A1 15 F2 A4 A3 2E F0 59 0C 49 43 ........ ....Y.IC
- [0030] 97 FF 3D F6 79 44 C3 30 F5 C0 2E D4 04 8D 62 6A ..=.yD.0 ......bj
- [0040] 09 4B 66 5B FA 6A 39 BA 4E FD 17 D9 FF 2C 83 CF .Kf[.j9. N....,..
- [0050] 2F E6 BC A2 51 1D E5 8F 1B C2 59 B0 75 D0 F5 82 /...Q... ..Y.u...
- [0060] 9D B4 52 16 CE 7F EF 97 23 A5 E5 6A CC 68 43 47 ..R..... #..j.hCG
- [0070] D5 97 4A FC 32 3C A8 AF 77 A0 86 89 AA 34 85 E1 ..J.2<.. w....4..
- [0080] C0 EA 7E CD AB D9 AE 2F AF A5 F6 06 9C A0 EA 3B ..~..../ .......;
- [0090] 05 B7 20 72 FC A9 C5 D4 93 29 05 0B 93 66 E3 DA .. r.... .)...f..
- [00A0] E3 9D 74 02 DB 4E 4D 14 43 A7 ED 14 B2 59 3B 82 ..t..NM. C....Y;.
- [00B0] 44 06 0C 00 01 00 00 00 13 00 1A 00 FF FF 00 00 D....... ........
- [00C0] 35 E7 61 42 EA B3 52 E2 47 19 B2 4A C4 02 33 B7 5.aB..R. G..J..3.
- [00D0] F0 C2 29 6F E3 21 14 71 89 37 E3 7D C3 F3 64 97 ..)o.!.q .7.}..d.
- [00E0] CD 40 8E F3 73 CB 4F 6A 3A 65 91 D9 05 69 3A 2B .@..s.Oj :e...i:+
- [2017/04/25 22:48:39.309510, 10, pid=3802, effective(0, 0), real(0, 0), class=rpc_parse] ../source3/librpc/rpc/dcerpc_helpers.c:473(dcerpc_check_auth)
- Requested Privacy.
- [2017/04/25 22:48:39.309530, 10, pid=3802, effective(0, 0), real(0, 0), class=rpc_parse] ../source3/librpc/rpc/dcerpc_helpers.c:533(dcerpc_check_auth)
- GENSEC auth
- [2017/04/25 22:48:39.309642, 10, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:525(cli_pipe_validate_current_pdu)
- Got pdu len 264, data_len 164
- [2017/04/25 22:48:39.309662, 10, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:975(rpc_api_pipe_got_pdu)
- rpc_api_pipe: got frag len of 264 at offset 0: NT_STATUS_OK
- [2017/04/25 22:48:39.309700, 10, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:1075(rpc_api_pipe_got_pdu)
- rpc_api_pipe: host SRV-DC01.ednt.de returned 164 bytes.
- [2017/04/25 22:48:39.309742, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
- lsa_LookupSids3: struct lsa_LookupSids3
- out: struct lsa_LookupSids3
- domains : *
- domains : *
- domains: struct lsa_RefDomainList
- count : 0x00000001 (1)
- domains : *
- domains: ARRAY(1)
- domains: struct lsa_DomainInfo
- name: struct lsa_StringLarge
- length : 0x0008 (8)
- size : 0x000a (10)
- string : *
- string : 'EDNT'
- sid : *
- sid : S-1-5-21-4001112740-1724199908-163113746
- max_size : 0x00000020 (32)
- names : *
- names: struct lsa_TransNameArray2
- count : 0x00000001 (1)
- names : *
- names: ARRAY(1)
- names: struct lsa_TranslatedName2
- sid_type : SID_NAME_DOM_GRP (2)
- name: struct lsa_String
- length : 0x0020 (32)
- size : 0x0020 (32)
- string : *
- string : 'Domänen-Benutzer'
- sid_index : 0x00000000 (0)
- unknown : 0x00000000 (0)
- count : *
- count : 0x00000001 (1)
- result : NT_STATUS_OK
- [2017/04/25 22:48:39.310021, 10, pid=3802, effective(0, 0), real(0, 0)] ../source3/rpc_client/cli_lsarpc.c:253(dcerpc_lsa_lookup_sids_noalloc)
- LSA_LOOKUPSIDS returned status: 'NT_STATUS_OK', result: 'NT_STATUS_OK', mapped count = 1'
- [2017/04/25 22:48:39.310043, 5, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_msrpc.c:320(msrpc_sid_to_name)
- Mapped sid to [EDNT]\[Domänen-Benutzer]
- [2017/04/25 22:48:39.310069, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:541(refresh_sequence_number)
- refresh_sequence_number: EDNT time ok
- [2017/04/25 22:48:39.310086, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:586(refresh_sequence_number)
- refresh_sequence_number: EDNT seq number is now 6043364
- [2017/04/25 22:48:39.310138, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:995(wcache_save_sid_to_name)
- wcache_save_sid_to_name: S-1-5-21-4001112740-1724199908-163113746-513 -> EDNT\Domänen-Benutzer (NT_STATUS_OK)
- [2017/04/25 22:48:39.310158, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
- wbint_LookupSid: struct wbint_LookupSid
- out: struct wbint_LookupSid
- type : *
- type : SID_NAME_DOM_GRP (2)
- domain : *
- domain : *
- domain : 'EDNT'
- name : *
- name : *
- name : 'Domänen-Benutzer'
- result : NT_STATUS_OK
- [2017/04/25 22:48:39.310272, 4, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_dual.c:1395(child_handler)
- Finished processing child request 59
- [2017/04/25 22:48:39.310290, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_dual.c:102(child_write_response)
- Writing 3564 bytes to parent
- [2017/04/25 22:48:47.360549, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_dual.c:68(child_read_request)
- Need to read 40 extra bytes
- [2017/04/25 22:48:47.360606, 4, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_dual.c:1387(child_handler)
- child daemon request 59
- [2017/04/25 22:48:47.360627, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_dual.c:510(child_process_request)
- child_process_request: request fn NDRCMD
- [2017/04/25 22:48:47.360645, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_dual_ndr.c:315(winbindd_dual_ndrcmd)
- winbindd_dual_ndrcmd: Running command WBINT_LOOKUPNAME (EDNT)
- [2017/04/25 22:48:47.360677, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
- wbint_LookupName: struct wbint_LookupName
- in: struct wbint_LookupName
- domain : *
- domain : 'EDNT'
- name : *
- name : '*'
- flags : 0x00000008 (8)
- [2017/04/25 22:48:47.360745, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:541(refresh_sequence_number)
- refresh_sequence_number: EDNT time ok
- [2017/04/25 22:48:47.360762, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:586(refresh_sequence_number)
- refresh_sequence_number: EDNT seq number is now 6043364
- [2017/04/25 22:48:47.360790, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:1873(name_to_sid)
- name_to_sid: [Cached] - doing backend query for name for domain EDNT
- [2017/04/25 22:48:47.360810, 3, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_msrpc.c:252(msrpc_name_to_sid)
- msrpc_name_to_sid: name=EDNT\*
- [2017/04/25 22:48:47.360828, 3, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_msrpc.c:266(msrpc_name_to_sid)
- name_to_sid [rpc] EDNT\* for domain EDNT
- [2017/04/25 22:48:47.360846, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cm.c:2666(cm_connect_lsa_tcp)
- cm_connect_lsa_tcp
- [2017/04/25 22:48:47.360892, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
- lsa_LookupNames4: struct lsa_LookupNames4
- in: struct lsa_LookupNames4
- num_names : 0x00000001 (1)
- names: ARRAY(1)
- names: struct lsa_String
- length : 0x000c (12)
- size : 0x000c (12)
- string : *
- string : 'EDNT\*'
- sids : *
- sids: struct lsa_TransSidArray3
- count : 0x00000000 (0)
- sids : NULL
- level : LSA_LOOKUP_NAMES_ALL (1)
- count : *
- count : 0x00000000 (0)
- lookup_options : LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES (0)
- client_revision : LSA_CLIENT_REVISION_2 (2)
- [2017/04/25 22:48:47.361051, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
- &r: struct ncacn_packet
- rpc_vers : 0x05 (5)
- rpc_vers_minor : 0x00 (0)
- ptype : DCERPC_PKT_REQUEST (0)
- pfc_flags : 0x03 (3)
- 1: DCERPC_PFC_FLAG_FIRST
- 1: DCERPC_PFC_FLAG_LAST
- 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
- 0: DCERPC_PFC_FLAG_CONC_MPX
- 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
- 0: DCERPC_PFC_FLAG_MAYBE
- 0: DCERPC_PFC_FLAG_OBJECT_UUID
- drep: ARRAY(4)
- [0] : 0x10 (16)
- [1] : 0x00 (0)
- [2] : 0x00 (0)
- [3] : 0x00 (0)
- frag_length : 0x0018 (24)
- auth_length : 0x0038 (56)
- call_id : 0x00000012 (18)
- u : union dcerpc_payload(case 0)
- request: struct dcerpc_request
- alloc_hint : 0x00000040 (64)
- context_id : 0x0000 (0)
- opnum : 0x004d (77)
- object : union dcerpc_object(case 0)
- empty: struct dcerpc_empty
- _pad : DATA_BLOB length=0
- stub_and_verifier : DATA_BLOB length=0
- [2017/04/25 22:48:47.361269, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
- &r: struct dcerpc_auth
- auth_type : DCERPC_AUTH_TYPE_SCHANNEL (68)
- auth_level : DCERPC_AUTH_LEVEL_PRIVACY (6)
- auth_pad_length : 0x00 (0)
- auth_reserved : 0x00 (0)
- auth_context_id : 0x00000001 (1)
- credentials : DATA_BLOB length=0
- [2017/04/25 22:48:47.361369, 5, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:826(rpc_api_pipe_send)
- rpc_api_pipe: host SRV-DC01.ednt.de
- [2017/04/25 22:48:47.361390, 5, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:178(rpc_write_send)
- rpc_write_send: data_to_write: 152
- [2017/04/25 22:48:47.380033, 5, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:98(rpc_read_send)
- rpc_read_send: data_to_read: 200
- [2017/04/25 22:48:47.380086, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:402(ndr_print_debug)
- r: struct ncacn_packet
- rpc_vers : 0x05 (5)
- rpc_vers_minor : 0x00 (0)
- ptype : DCERPC_PKT_RESPONSE (2)
- pfc_flags : 0x03 (3)
- 1: DCERPC_PFC_FLAG_FIRST
- 1: DCERPC_PFC_FLAG_LAST
- 0: DCERPC_PFC_FLAG_PENDING_CANCEL_OR_HDR_SIGNING
- 0: DCERPC_PFC_FLAG_CONC_MPX
- 0: DCERPC_PFC_FLAG_DID_NOT_EXECUTE
- 0: DCERPC_PFC_FLAG_MAYBE
- 0: DCERPC_PFC_FLAG_OBJECT_UUID
- drep: ARRAY(4)
- [0] : 0x10 (16)
- [1] : 0x00 (0)
- [2] : 0x00 (0)
- [3] : 0x00 (0)
- frag_length : 0x00d8 (216)
- auth_length : 0x0038 (56)
- call_id : 0x00000012 (18)
- u : union dcerpc_payload(case 2)
- response: struct dcerpc_response
- alloc_hint : 0x00000074 (116)
- context_id : 0x0000 (0)
- cancel_count : 0x00 (0)
- _pad : DATA_BLOB length=1
- [0000] 00 .
- stub_and_verifier : DATA_BLOB length=192
- [0000] 0B 00 6F A8 ED 46 2E CF 0F A5 56 92 8B 5B 4E 1D ..o..F.. ..V..[N.
- [0010] B3 D7 2E 15 F6 F2 39 24 D0 96 3A A7 A3 4D EB 98 ......9$ ..:..M..
- [0020] 00 99 4F D7 AE C6 16 54 52 DE E5 AD CD B5 51 A8 ..O....T R.....Q.
- [0030] B4 28 88 7B 02 D8 03 93 6F 59 52 93 FB 09 AF B9 .(.{.... oYR.....
- [0040] 46 9D E9 E8 9C 56 84 B6 89 3C 6C 5F C3 A1 4F C4 F....V.. .<l_..O.
- [0050] 1E 6C EE A9 3F 19 2D 73 85 30 C4 43 6C CB DC A9 .l..?.-s .0.Cl...
- [0060] 09 3B 9A 34 6C 05 61 BF 86 B5 F9 07 0B C3 0B B5 .;.4l.a. ........
- [0070] C0 AE DA C1 10 9D 9A 6E DF 07 D3 C6 E2 73 04 86 .......n .....s..
- [0080] 44 06 0C 00 01 00 00 00 13 00 1A 00 FF FF 00 00 D....... ........
- [0090] 1F DF 7F 97 B2 4B 5C 12 1D 04 25 9D A4 09 DB AA .....K\. ..%.....
- [00A0] B7 C0 AB 5B C6 3D 14 18 43 A7 ED 14 B2 59 3B 82 ...[.=.. C....Y;.
- [00B0] 44 06 0C 00 01 00 00 00 13 00 1A 00 FF FF 00 00 D....... ........
- [2017/04/25 22:48:47.380663, 10, pid=3802, effective(0, 0), real(0, 0), class=rpc_parse] ../source3/librpc/rpc/dcerpc_helpers.c:473(dcerpc_check_auth)
- Requested Privacy.
- [2017/04/25 22:48:47.380683, 10, pid=3802, effective(0, 0), real(0, 0), class=rpc_parse] ../source3/librpc/rpc/dcerpc_helpers.c:533(dcerpc_check_auth)
- GENSEC auth
- [2017/04/25 22:48:47.380746, 10, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:525(cli_pipe_validate_current_pdu)
- Got pdu len 216, data_len 116
- [2017/04/25 22:48:47.380764, 10, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:975(rpc_api_pipe_got_pdu)
- rpc_api_pipe: got frag len of 216 at offset 0: NT_STATUS_OK
- [2017/04/25 22:48:47.380783, 10, pid=3802, effective(0, 0), real(0, 0), class=rpc_cli] ../source3/rpc_client/cli_pipe.c:1075(rpc_api_pipe_got_pdu)
- rpc_api_pipe: host SRV-DC01.ednt.de returned 116 bytes.
- [2017/04/25 22:48:47.380822, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
- lsa_LookupNames4: struct lsa_LookupNames4
- out: struct lsa_LookupNames4
- domains : *
- domains : *
- domains: struct lsa_RefDomainList
- count : 0x00000001 (1)
- domains : *
- domains: ARRAY(1)
- domains: struct lsa_DomainInfo
- name: struct lsa_StringLarge
- length : 0x0008 (8)
- size : 0x000a (10)
- string : *
- string : 'EDNT'
- sid : *
- sid : S-1-5-21-4001112740-1724199908-163113746
- max_size : 0x00000020 (32)
- sids : *
- sids: struct lsa_TransSidArray3
- count : 0x00000001 (1)
- sids : *
- sids: ARRAY(1)
- sids: struct lsa_TranslatedSid3
- sid_type : SID_NAME_UNKNOWN (8)
- sid : NULL
- sid_index : 0x00000000 (0)
- flags : 0x00000000 (0)
- count : *
- count : 0x00000000 (0)
- result : NT_STATUS_NONE_MAPPED
- [2017/04/25 22:48:47.381086, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:541(refresh_sequence_number)
- refresh_sequence_number: EDNT time ok
- [2017/04/25 22:48:47.381104, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:586(refresh_sequence_number)
- refresh_sequence_number: EDNT seq number is now 6043364
- [2017/04/25 22:48:47.381167, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:965(wcache_save_name_to_sid)
- wcache_save_name_to_sid: EDNT\* -> S-0-0 (NT_STATUS_NONE_MAPPED)
- [2017/04/25 22:48:47.381204, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_cache.c:995(wcache_save_sid_to_name)
- wcache_save_sid_to_name: S-0-0 -> EDNT\* (NT_STATUS_NONE_MAPPED)
- [2017/04/25 22:48:47.381223, 1, pid=3802, effective(0, 0), real(0, 0)] ../librpc/ndr/ndr.c:439(ndr_print_function_debug)
- wbint_LookupName: struct wbint_LookupName
- out: struct wbint_LookupName
- type : *
- type : SID_NAME_USE_NONE (0)
- sid : *
- sid : S-0-0
- result : NT_STATUS_NONE_MAPPED
- [2017/04/25 22:48:47.381289, 4, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_dual.c:1395(child_handler)
- Finished processing child request 59
- [2017/04/25 22:48:47.381306, 10, pid=3802, effective(0, 0), real(0, 0), class=winbind] ../source3/winbindd/winbindd_dual.c:102(child_write_response)
- Writing 3512 bytes to parent
- root@fs2:/var/log/samba#
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement