API tools faq
paste
Advertisement
Guest User

Successful log.clientIP

a guest
Oct 29th, 2018
77
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 24.92 KB | None | 0 0
raw download clone embed print report
  1. [2018/10/29 15:29:32.327471, 3] ../source3/smbd/oplock.c:1340(init_oplocks)
  2. init_oplocks: initializing messages.
  3. [2018/10/29 15:29:32.327543, 3] ../source3/smbd/process.c:1959(process_smb)
  4. Transaction 0 of length 159 (0 toread)
  5. [2018/10/29 15:29:32.327612, 3] ../source3/smbd/process.c:1539(switch_message)
  6. switch message SMBnegprot (pid 18316) conn 0x0
  7. [2018/10/29 15:29:32.329471, 3] ../source3/smbd/negprot.c:612(reply_negprot)
  8. Requested protocol [PC NETWORK PROGRAM 1.0]
  9. [2018/10/29 15:29:32.329504, 3] ../source3/smbd/negprot.c:612(reply_negprot)
  10. Requested protocol [LANMAN1.0]
  11. [2018/10/29 15:29:32.329520, 3] ../source3/smbd/negprot.c:612(reply_negprot)
  12. Requested protocol [Windows for Workgroups 3.1a]
  13. [2018/10/29 15:29:32.329534, 3] ../source3/smbd/negprot.c:612(reply_negprot)
  14. Requested protocol [LM1.2X002]
  15. [2018/10/29 15:29:32.329548, 3] ../source3/smbd/negprot.c:612(reply_negprot)
  16. Requested protocol [LANMAN2.1]
  17. [2018/10/29 15:29:32.329562, 3] ../source3/smbd/negprot.c:612(reply_negprot)
  18. Requested protocol [NT LM 0.12]
  19. [2018/10/29 15:29:32.329576, 3] ../source3/smbd/negprot.c:612(reply_negprot)
  20. Requested protocol [SMB 2.002]
  21. [2018/10/29 15:29:32.329590, 3] ../source3/smbd/negprot.c:612(reply_negprot)
  22. Requested protocol [SMB 2.???]
  23. [2018/10/29 15:29:32.329701, 3] ../source3/smbd/smb2_negprot.c:290(smbd_smb2_request_process_negprot)
  24. Selected protocol SMB2_FF
  25. [2018/10/29 15:29:32.331359, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  26. GENSEC backend 'gssapi_spnego' registered
  27. [2018/10/29 15:29:32.331385, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  28. GENSEC backend 'gssapi_krb5' registered
  29. [2018/10/29 15:29:32.331401, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  30. GENSEC backend 'gssapi_krb5_sasl' registered
  31. [2018/10/29 15:29:32.331415, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  32. GENSEC backend 'spnego' registered
  33. [2018/10/29 15:29:32.331429, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  34. GENSEC backend 'schannel' registered
  35. [2018/10/29 15:29:32.331444, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  36. GENSEC backend 'naclrpc_as_system' registered
  37. [2018/10/29 15:29:32.331458, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  38. GENSEC backend 'sasl-EXTERNAL' registered
  39. [2018/10/29 15:29:32.331472, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  40. GENSEC backend 'ntlmssp' registered
  41. [2018/10/29 15:29:32.331487, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  42. GENSEC backend 'ntlmssp_resume_ccache' registered
  43. [2018/10/29 15:29:32.331502, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  44. GENSEC backend 'http_basic' registered
  45. [2018/10/29 15:29:32.331516, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  46. GENSEC backend 'http_ntlm' registered
  47. [2018/10/29 15:29:32.331530, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  48. GENSEC backend 'krb5' registered
  49. [2018/10/29 15:29:32.331545, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  50. GENSEC backend 'fake_gssapi_krb5' registered
  51. [2018/10/29 15:29:32.331679, 3] ../source3/smbd/negprot.c:753(reply_negprot)
  52. Selected protocol SMB 2.???
  53. [2018/10/29 15:29:32.332823, 3] ../source3/smbd/smb2_negprot.c:290(smbd_smb2_request_process_negprot)
  54. Selected protocol SMB2_10
  55. [2018/10/29 15:29:32.334594, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  56. Got NTLMSSP neg_flags=0xe2088297
  57. [2018/10/29 15:29:32.335902, 3] ../auth/ntlmssp/ntlmssp_server.c:454(ntlmssp_server_preauth)
  58. Got user=[user2] domain=[C09046344100] workstation=[C09046344100] len1=24 len2=274
  59. [2018/10/29 15:29:32.335943, 3] ../source3/param/loadparm.c:3860(lp_load_ex)
  60. lp_load_ex: refreshing parameters
  61. [2018/10/29 15:29:32.336005, 3] ../source3/param/loadparm.c:549(init_globals)
  62. Initialising global parameters
  63. [2018/10/29 15:29:32.336078, 3] ../source3/param/loadparm.c:2774(lp_do_section)
  64. Processing section "[global]"
  65. [2018/10/29 15:29:32.336137, 1] ../lib/param/loadparm.c:1823(lpcfg_do_global_parameter)
  66. WARNING: The "syslog" option is deprecated
  67. [2018/10/29 15:29:32.336249, 2] ../source3/param/loadparm.c:2791(lp_do_section)
  68. Processing section "[homes]"
  69. [2018/10/29 15:29:32.336322, 2] ../source3/param/loadparm.c:2791(lp_do_section)
  70. Processing section "[printers]"
  71. [2018/10/29 15:29:32.336368, 2] ../source3/param/loadparm.c:2791(lp_do_section)
  72. Processing section "[print$]"
  73. [2018/10/29 15:29:32.336417, 3] ../source3/param/loadparm.c:1609(lp_add_ipc)
  74. adding IPC service
  75. [2018/10/29 15:29:32.336452, 3] ../source3/auth/auth.c:189(auth_check_ntlm_password)
  76. check_ntlm_password: Checking password for unmapped user [C09046344100]\[user2]@[C09046344100] with the new password interface
  77. [2018/10/29 15:29:32.336469, 3] ../source3/auth/auth.c:192(auth_check_ntlm_password)
  78. check_ntlm_password: mapped user is: [C09046344100]\[user2]@[C09046344100]
  79. [2018/10/29 15:29:32.336529, 3] ../source3/auth/check_samsec.c:399(check_sam_security)
  80. check_sam_security: Couldn't find user 'user2' in passdb.
  81. [2018/10/29 15:29:32.336545, 2] ../source3/auth/auth.c:332(auth_check_ntlm_password)
  82. check_ntlm_password: Authentication for user [user2] -> [user2] FAILED with error NT_STATUS_NO_SUCH_USER, authoritative=1
  83. [2018/10/29 15:29:32.336587, 2] ../auth/auth_log.c:760(log_authentication_event_human_readable)
  84. Auth: [SMB2,(null)] user [C09046344100]\[user2] at [Mon, 29 Oct 2018 15:29:32.336576 CST] with [NTLMv2] status [NT_STATUS_NO_SUCH_USER] workstation [C09046344100] remote host [ipv4:10.17.9.22:61346] mapped to [C09046344100]\[user2]. local host [ipv4:10.21.1.148:445]
  85. [2018/10/29 15:29:32.336703, 2] ../auth/auth_log.c:220(log_json)
  86. JSON Authentication: {"timestamp": "2018-10-29T15:29:32.336638+0800", "type": "Authentication", "Authentication": {"version": {"major": 1, "minor": 0}, "status": "NT_STATUS_NO_SUCH_USER", "localAddress": "ipv4:10.21.1.148:445", "remoteAddress": "ipv4:10.17.9.22:61346", "serviceDescription": "SMB2", "authDescription": null, "clientDomain": "C09046344100", "clientAccount": "user2", "workstation": "C09046344100", "becameAccount": null, "becameDomain": null, "becameSid": "(NULL SID)", "mappedAccount": "user2", "mappedDomain": "C09046344100", "netlogonComputer": null, "netlogonTrustAccount": null, "netlogonNegotiateFlags": "0x00000000", "netlogonSecureChannelType": 0, "netlogonTrustAccountSid": "(NULL SID)", "passwordType": "NTLMv2"}}
  87. [2018/10/29 15:29:32.336730, 3] ../source3/auth/auth_util.c:1626(do_map_to_guest_server_info)
  88. No such user user2 [C09046344100] - using guest account
  89. [2018/10/29 15:29:32.345274, 3] ../source3/smbd/oplock.c:1340(init_oplocks)
  90. init_oplocks: initializing messages.
  91. [2018/10/29 15:29:32.345326, 3] ../source3/smbd/process.c:1959(process_smb)
  92. Transaction 0 of length 108 (0 toread)
  93. [2018/10/29 15:29:32.345555, 3] ../source3/smbd/smb2_negprot.c:290(smbd_smb2_request_process_negprot)
  94. Selected protocol SMB2_10
  95. [2018/10/29 15:29:32.347816, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  96. GENSEC backend 'gssapi_spnego' registered
  97. [2018/10/29 15:29:32.347844, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  98. GENSEC backend 'gssapi_krb5' registered
  99. [2018/10/29 15:29:32.348174, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  100. GENSEC backend 'gssapi_krb5_sasl' registered
  101. [2018/10/29 15:29:32.348194, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  102. GENSEC backend 'spnego' registered
  103. [2018/10/29 15:29:32.348210, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  104. GENSEC backend 'schannel' registered
  105. [2018/10/29 15:29:32.348224, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  106. GENSEC backend 'naclrpc_as_system' registered
  107. [2018/10/29 15:29:32.348239, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  108. GENSEC backend 'sasl-EXTERNAL' registered
  109. [2018/10/29 15:29:32.348253, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  110. GENSEC backend 'ntlmssp' registered
  111. [2018/10/29 15:29:32.348268, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  112. GENSEC backend 'ntlmssp_resume_ccache' registered
  113. [2018/10/29 15:29:32.348283, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  114. GENSEC backend 'http_basic' registered
  115. [2018/10/29 15:29:32.348306, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  116. GENSEC backend 'http_ntlm' registered
  117. [2018/10/29 15:29:32.348322, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  118. GENSEC backend 'krb5' registered
  119. [2018/10/29 15:29:32.348337, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  120. GENSEC backend 'fake_gssapi_krb5' registered
  121. [2018/10/29 15:29:32.349707, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  122. Got NTLMSSP neg_flags=0xe2088297
  123. [2018/10/29 15:29:32.351429, 3] ../auth/ntlmssp/ntlmssp_server.c:454(ntlmssp_server_preauth)
  124. Got user=[user2] domain=[C09046344100] workstation=[C09046344100] len1=24 len2=274
  125. [2018/10/29 15:29:32.351470, 3] ../source3/param/loadparm.c:3860(lp_load_ex)
  126. lp_load_ex: refreshing parameters
  127. [2018/10/29 15:29:32.351534, 3] ../source3/param/loadparm.c:549(init_globals)
  128. Initialising global parameters
  129. [2018/10/29 15:29:32.351605, 3] ../source3/param/loadparm.c:2774(lp_do_section)
  130. Processing section "[global]"
  131. [2018/10/29 15:29:32.351665, 1] ../lib/param/loadparm.c:1823(lpcfg_do_global_parameter)
  132. WARNING: The "syslog" option is deprecated
  133. [2018/10/29 15:29:32.351777, 2] ../source3/param/loadparm.c:2791(lp_do_section)
  134. Processing section "[homes]"
  135. [2018/10/29 15:29:32.351844, 2] ../source3/param/loadparm.c:2791(lp_do_section)
  136. Processing section "[printers]"
  137. [2018/10/29 15:29:32.351891, 2] ../source3/param/loadparm.c:2791(lp_do_section)
  138. Processing section "[print$]"
  139. [2018/10/29 15:29:32.351940, 3] ../source3/param/loadparm.c:1609(lp_add_ipc)
  140. adding IPC service
  141. [2018/10/29 15:29:32.351968, 3] ../source3/auth/auth.c:189(auth_check_ntlm_password)
  142. check_ntlm_password: Checking password for unmapped user [C09046344100]\[user2]@[C09046344100] with the new password interface
  143. [2018/10/29 15:29:32.351985, 3] ../source3/auth/auth.c:192(auth_check_ntlm_password)
  144. check_ntlm_password: mapped user is: [C09046344100]\[user2]@[C09046344100]
  145. [2018/10/29 15:29:32.352046, 3] ../source3/auth/check_samsec.c:399(check_sam_security)
  146. check_sam_security: Couldn't find user 'user2' in passdb.
  147. [2018/10/29 15:29:32.352063, 2] ../source3/auth/auth.c:332(auth_check_ntlm_password)
  148. check_ntlm_password: Authentication for user [user2] -> [user2] FAILED with error NT_STATUS_NO_SUCH_USER, authoritative=1
  149. [2018/10/29 15:29:32.352102, 2] ../auth/auth_log.c:760(log_authentication_event_human_readable)
  150. Auth: [SMB2,(null)] user [C09046344100]\[user2] at [Mon, 29 Oct 2018 15:29:32.352092 CST] with [NTLMv2] status [NT_STATUS_NO_SUCH_USER] workstation [C09046344100] remote host [ipv4:10.17.9.22:61347] mapped to [C09046344100]\[user2]. local host [ipv4:10.21.1.148:445]
  151. [2018/10/29 15:29:32.352196, 2] ../auth/auth_log.c:220(log_json)
  152. JSON Authentication: {"timestamp": "2018-10-29T15:29:32.352142+0800", "type": "Authentication", "Authentication": {"version": {"major": 1, "minor": 0}, "status": "NT_STATUS_NO_SUCH_USER", "localAddress": "ipv4:10.21.1.148:445", "remoteAddress": "ipv4:10.17.9.22:61347", "serviceDescription": "SMB2", "authDescription": null, "clientDomain": "C09046344100", "clientAccount": "user2", "workstation": "C09046344100", "becameAccount": null, "becameDomain": null, "becameSid": "(NULL SID)", "mappedAccount": "user2", "mappedDomain": "C09046344100", "netlogonComputer": null, "netlogonTrustAccount": null, "netlogonNegotiateFlags": "0x00000000", "netlogonSecureChannelType": 0, "netlogonTrustAccountSid": "(NULL SID)", "passwordType": "NTLMv2"}}
  153. [2018/10/29 15:29:32.352221, 3] ../source3/auth/auth_util.c:1626(do_map_to_guest_server_info)
  154. No such user user2 [C09046344100] - using guest account
  155. [2018/10/29 15:29:32.360753, 3] ../source3/smbd/oplock.c:1340(init_oplocks)
  156. init_oplocks: initializing messages.
  157. [2018/10/29 15:29:32.360851, 3] ../source3/smbd/process.c:1959(process_smb)
  158. Transaction 0 of length 108 (0 toread)
  159. [2018/10/29 15:29:32.361158, 3] ../source3/smbd/smb2_negprot.c:290(smbd_smb2_request_process_negprot)
  160. Selected protocol SMB2_10
  161. [2018/10/29 15:29:32.365516, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  162. GENSEC backend 'gssapi_spnego' registered
  163. [2018/10/29 15:29:32.365581, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  164. GENSEC backend 'gssapi_krb5' registered
  165. [2018/10/29 15:29:32.365615, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  166. GENSEC backend 'gssapi_krb5_sasl' registered
  167. [2018/10/29 15:29:32.365645, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  168. GENSEC backend 'spnego' registered
  169. [2018/10/29 15:29:32.365675, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  170. GENSEC backend 'schannel' registered
  171. [2018/10/29 15:29:32.365713, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  172. GENSEC backend 'naclrpc_as_system' registered
  173. [2018/10/29 15:29:32.365744, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  174. GENSEC backend 'sasl-EXTERNAL' registered
  175. [2018/10/29 15:29:32.365774, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  176. GENSEC backend 'ntlmssp' registered
  177. [2018/10/29 15:29:32.365804, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  178. GENSEC backend 'ntlmssp_resume_ccache' registered
  179. [2018/10/29 15:29:32.365835, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  180. GENSEC backend 'http_basic' registered
  181. [2018/10/29 15:29:32.365864, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  182. GENSEC backend 'http_ntlm' registered
  183. [2018/10/29 15:29:32.365894, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  184. GENSEC backend 'krb5' registered
  185. [2018/10/29 15:29:32.365925, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  186. GENSEC backend 'fake_gssapi_krb5' registered
  187. [2018/10/29 15:29:32.367798, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  188. Got NTLMSSP neg_flags=0xe2088297
  189. [2018/10/29 15:29:32.369150, 3] ../auth/ntlmssp/ntlmssp_server.c:454(ntlmssp_server_preauth)
  190. Got user=[user2] domain=[C09046344100] workstation=[C09046344100] len1=24 len2=274
  191. [2018/10/29 15:29:32.369189, 3] ../source3/param/loadparm.c:3860(lp_load_ex)
  192. lp_load_ex: refreshing parameters
  193. [2018/10/29 15:29:32.369246, 3] ../source3/param/loadparm.c:549(init_globals)
  194. Initialising global parameters
  195. [2018/10/29 15:29:32.369316, 3] ../source3/param/loadparm.c:2774(lp_do_section)
  196. Processing section "[global]"
  197. [2018/10/29 15:29:32.369374, 1] ../lib/param/loadparm.c:1823(lpcfg_do_global_parameter)
  198. WARNING: The "syslog" option is deprecated
  199. [2018/10/29 15:29:32.369486, 2] ../source3/param/loadparm.c:2791(lp_do_section)
  200. Processing section "[homes]"
  201. [2018/10/29 15:29:32.369552, 2] ../source3/param/loadparm.c:2791(lp_do_section)
  202. Processing section "[printers]"
  203. [2018/10/29 15:29:32.369598, 2] ../source3/param/loadparm.c:2791(lp_do_section)
  204. Processing section "[print$]"
  205. [2018/10/29 15:29:32.369645, 3] ../source3/param/loadparm.c:1609(lp_add_ipc)
  206. adding IPC service
  207. [2018/10/29 15:29:32.369672, 3] ../source3/auth/auth.c:189(auth_check_ntlm_password)
  208. check_ntlm_password: Checking password for unmapped user [C09046344100]\[user2]@[C09046344100] with the new password interface
  209. [2018/10/29 15:29:32.369688, 3] ../source3/auth/auth.c:192(auth_check_ntlm_password)
  210. check_ntlm_password: mapped user is: [C09046344100]\[user2]@[C09046344100]
  211. [2018/10/29 15:29:32.369744, 3] ../source3/auth/check_samsec.c:399(check_sam_security)
  212. check_sam_security: Couldn't find user 'user2' in passdb.
  213. [2018/10/29 15:29:32.369760, 2] ../source3/auth/auth.c:332(auth_check_ntlm_password)
  214. check_ntlm_password: Authentication for user [user2] -> [user2] FAILED with error NT_STATUS_NO_SUCH_USER, authoritative=1
  215. [2018/10/29 15:29:32.369797, 2] ../auth/auth_log.c:760(log_authentication_event_human_readable)
  216. Auth: [SMB2,(null)] user [C09046344100]\[user2] at [Mon, 29 Oct 2018 15:29:32.369787 CST] with [NTLMv2] status [NT_STATUS_NO_SUCH_USER] workstation [C09046344100] remote host [ipv4:10.17.9.22:61348] mapped to [C09046344100]\[user2]. local host [ipv4:10.21.1.148:445]
  217. [2018/10/29 15:29:32.369886, 2] ../auth/auth_log.c:220(log_json)
  218. JSON Authentication: {"timestamp": "2018-10-29T15:29:32.369833+0800", "type": "Authentication", "Authentication": {"version": {"major": 1, "minor": 0}, "status": "NT_STATUS_NO_SUCH_USER", "localAddress": "ipv4:10.21.1.148:445", "remoteAddress": "ipv4:10.17.9.22:61348", "serviceDescription": "SMB2", "authDescription": null, "clientDomain": "C09046344100", "clientAccount": "user2", "workstation": "C09046344100", "becameAccount": null, "becameDomain": null, "becameSid": "(NULL SID)", "mappedAccount": "user2", "mappedDomain": "C09046344100", "netlogonComputer": null, "netlogonTrustAccount": null, "netlogonNegotiateFlags": "0x00000000", "netlogonSecureChannelType": 0, "netlogonTrustAccountSid": "(NULL SID)", "passwordType": "NTLMv2"}}
  219. [2018/10/29 15:29:32.369917, 3] ../source3/auth/auth_util.c:1626(do_map_to_guest_server_info)
  220. No such user user2 [C09046344100] - using guest account
  221. [2018/10/29 15:29:39.945169, 3] ../source3/smbd/oplock.c:1340(init_oplocks)
  222. init_oplocks: initializing messages.
  223. [2018/10/29 15:29:39.945237, 3] ../source3/smbd/process.c:1959(process_smb)
  224. Transaction 0 of length 159 (0 toread)
  225. [2018/10/29 15:29:39.945287, 3] ../source3/smbd/process.c:1539(switch_message)
  226. switch message SMBnegprot (pid 18320) conn 0x0
  227. [2018/10/29 15:29:39.946319, 3] ../source3/smbd/negprot.c:612(reply_negprot)
  228. Requested protocol [PC NETWORK PROGRAM 1.0]
  229. [2018/10/29 15:29:39.946354, 3] ../source3/smbd/negprot.c:612(reply_negprot)
  230. Requested protocol [LANMAN1.0]
  231. [2018/10/29 15:29:39.946373, 3] ../source3/smbd/negprot.c:612(reply_negprot)
  232. Requested protocol [Windows for Workgroups 3.1a]
  233. [2018/10/29 15:29:39.946391, 3] ../source3/smbd/negprot.c:612(reply_negprot)
  234. Requested protocol [LM1.2X002]
  235. [2018/10/29 15:29:39.946408, 3] ../source3/smbd/negprot.c:612(reply_negprot)
  236. Requested protocol [LANMAN2.1]
  237. [2018/10/29 15:29:39.946425, 3] ../source3/smbd/negprot.c:612(reply_negprot)
  238. Requested protocol [NT LM 0.12]
  239. [2018/10/29 15:29:39.946442, 3] ../source3/smbd/negprot.c:612(reply_negprot)
  240. Requested protocol [SMB 2.002]
  241. [2018/10/29 15:29:39.946459, 3] ../source3/smbd/negprot.c:612(reply_negprot)
  242. Requested protocol [SMB 2.???]
  243. [2018/10/29 15:29:39.946590, 3] ../source3/smbd/smb2_negprot.c:290(smbd_smb2_request_process_negprot)
  244. Selected protocol SMB2_FF
  245. [2018/10/29 15:29:39.948442, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  246. GENSEC backend 'gssapi_spnego' registered
  247. [2018/10/29 15:29:39.948472, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  248. GENSEC backend 'gssapi_krb5' registered
  249. [2018/10/29 15:29:39.948491, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  250. GENSEC backend 'gssapi_krb5_sasl' registered
  251. [2018/10/29 15:29:39.948509, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  252. GENSEC backend 'spnego' registered
  253. [2018/10/29 15:29:39.948526, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  254. GENSEC backend 'schannel' registered
  255. [2018/10/29 15:29:39.948543, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  256. GENSEC backend 'naclrpc_as_system' registered
  257. [2018/10/29 15:29:39.948560, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  258. GENSEC backend 'sasl-EXTERNAL' registered
  259. [2018/10/29 15:29:39.948577, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  260. GENSEC backend 'ntlmssp' registered
  261. [2018/10/29 15:29:39.948595, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  262. GENSEC backend 'ntlmssp_resume_ccache' registered
  263. [2018/10/29 15:29:39.948612, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  264. GENSEC backend 'http_basic' registered
  265. [2018/10/29 15:29:39.948630, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  266. GENSEC backend 'http_ntlm' registered
  267. [2018/10/29 15:29:39.948647, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  268. GENSEC backend 'krb5' registered
  269. [2018/10/29 15:29:39.948665, 3] ../auth/gensec/gensec_start.c:977(gensec_register)
  270. GENSEC backend 'fake_gssapi_krb5' registered
  271. [2018/10/29 15:29:39.948813, 3] ../source3/smbd/negprot.c:753(reply_negprot)
  272. Selected protocol SMB 2.???
  273. [2018/10/29 15:29:39.949994, 3] ../source3/smbd/smb2_negprot.c:290(smbd_smb2_request_process_negprot)
  274. Selected protocol SMB2_10
  275. [2018/10/29 15:29:39.951711, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  276. Got NTLMSSP neg_flags=0xe2088297
  277. [2018/10/29 15:29:39.952881, 3] ../auth/ntlmssp/ntlmssp_server.c:454(ntlmssp_server_preauth)
  278. Got user=[u634410] domain=[C09046344100] workstation=[C09046344100] len1=24 len2=274
  279. [2018/10/29 15:29:39.952925, 3] ../source3/param/loadparm.c:3860(lp_load_ex)
  280. lp_load_ex: refreshing parameters
  281. [2018/10/29 15:29:39.952989, 3] ../source3/param/loadparm.c:549(init_globals)
  282. Initialising global parameters
  283. [2018/10/29 15:29:39.953065, 3] ../source3/param/loadparm.c:2774(lp_do_section)
  284. Processing section "[global]"
  285. [2018/10/29 15:29:39.953128, 1] ../lib/param/loadparm.c:1823(lpcfg_do_global_parameter)
  286. WARNING: The "syslog" option is deprecated
  287. [2018/10/29 15:29:39.953242, 2] ../source3/param/loadparm.c:2791(lp_do_section)
  288. Processing section "[homes]"
  289. [2018/10/29 15:29:39.953311, 2] ../source3/param/loadparm.c:2791(lp_do_section)
  290. Processing section "[printers]"
  291. [2018/10/29 15:29:39.953360, 2] ../source3/param/loadparm.c:2791(lp_do_section)
  292. Processing section "[print$]"
  293. [2018/10/29 15:29:39.953411, 3] ../source3/param/loadparm.c:1609(lp_add_ipc)
  294. adding IPC service
  295. [2018/10/29 15:29:39.953448, 3] ../source3/auth/auth.c:189(auth_check_ntlm_password)
  296. check_ntlm_password: Checking password for unmapped user [C09046344100]\[u634410]@[C09046344100] with the new password interface
  297. [2018/10/29 15:29:39.953468, 3] ../source3/auth/auth.c:192(auth_check_ntlm_password)
  298. check_ntlm_password: mapped user is: [C09046344100]\[u634410]@[C09046344100]
  299. [2018/10/29 15:29:39.953713, 3] ../source3/passdb/lookup_sid.c:1680(get_primary_group_sid)
  300. Forcing Primary Group to 'Domain Users' for u634410
  301. [2018/10/29 15:29:39.954140, 3] ../source3/auth/auth.c:256(auth_check_ntlm_password)
  302. auth_check_ntlm_password: sam_ignoredomain authentication for user [u634410] succeeded
  303. [2018/10/29 15:29:39.957256, 3] ../auth/auth_log.c:760(log_authentication_event_human_readable)
  304. Auth: [SMB2,(null)] user [C09046344100]\[u634410] at [Mon, 29 Oct 2018 15:29:39.957231 CST] with [NTLMv2] status [NT_STATUS_OK] workstation [C09046344100] remote host [ipv4:10.17.9.22:61349] became [RECRUIT-REG2]\[u634410] [S-1-5-21-1622245872-507635089-2772220737-1000]. local host [ipv4:10.21.1.148:445]
  305. [2018/10/29 15:29:39.957364, 3] ../auth/auth_log.c:220(log_json)
  306. JSON Authentication: {"timestamp": "2018-10-29T15:29:39.957317+0800", "type": "Authentication", "Authentication": {"version": {"major": 1, "minor": 0}, "status": "NT_STATUS_OK", "localAddress": "ipv4:10.21.1.148:445", "remoteAddress": "ipv4:10.17.9.22:61349", "serviceDescription": "SMB2", "authDescription": null, "clientDomain": "C09046344100", "clientAccount": "u634410", "workstation": "C09046344100", "becameAccount": "u634410", "becameDomain": "RECRUIT-REG2", "becameSid": "S-1-5-21-1622245872-507635089-2772220737-1000", "mappedAccount": "u634410", "mappedDomain": "C09046344100", "netlogonComputer": null, "netlogonTrustAccount": null, "netlogonNegotiateFlags": "0x00000000", "netlogonSecureChannelType": 0, "netlogonTrustAccountSid": "(NULL SID)", "passwordType": "NTLMv2"}}
  307. [2018/10/29 15:29:39.957390, 2] ../source3/auth/auth.c:314(auth_check_ntlm_password)
  308. check_ntlm_password: authentication for user [u634410] -> [u634410] -> [u634410] succeeded
  309. [2018/10/29 15:29:39.957578, 3] ../source3/auth/token_util.c:559(finalize_local_nt_token)
  310. Failed to fetch domain sid for WORKGROUP
  311. [2018/10/29 15:29:39.957640, 3] ../source3/auth/token_util.c:591(finalize_local_nt_token)
  312. Failed to fetch domain sid for WORKGROUP
  313. [2018/10/29 15:29:39.960331, 3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
  314. NTLMSSP Sign/Seal - Initialising with flags:
  315. [2018/10/29 15:29:39.960360, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  316. Got NTLMSSP neg_flags=0xe2088215
  317. [2018/10/29 15:29:39.960395, 3] ../auth/ntlmssp/ntlmssp_sign.c:509(ntlmssp_sign_reset)
  318. NTLMSSP Sign/Seal - Initialising with flags:
  319. [2018/10/29 15:29:39.960412, 3] ../auth/ntlmssp/ntlmssp_util.c:69(debug_ntlmssp_flags)
  320. Got NTLMSSP neg_flags=0xe2088215
  321. [2018/10/29 15:29:39.960629, 3] ../source3/auth/token_util.c:559(finalize_local_nt_token)
  322. Failed to fetch domain sid for WORKGROUP
  323. [2018/10/29 15:29:39.960690, 3] ../source3/auth/token_util.c:591(finalize_local_nt_token)
  324. Failed to fetch domain sid for WORKGROUP
  325. [2018/10/29 15:29:39.961027, 3] ../source3/smbd/password.c:144(register_homes_share)
  326. Adding homes service for user 'u634410' using home directory: '/home/u634410'
  327. [2018/10/29 15:29:39.961072, 3] ../source3/param/loadparm.c:1560(lp_add_home)
  328. adding home's share [u634410] for user 'u634410' at '/home/u634410'
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!