|
|
|
|
  samba 加入 NT 域的问题 - vivaz [ 2003-02-11 10:27 | 715 byte(s)]
Re: samba 加入 NT 域的问题 - scorpions [ 2003-03-10 14:38 | 56 byte(s)]
Re: samba 加入 NT 域的问题 - danry [ 2004-05-31 08:22 | 154 byte(s)]
Re: samba 加入 NT 域的问题 - NetSnake [ 2003-02-11 12:29 | 71 byte(s)]
Re: samba 加入 NT 域的问题 - vivaz [ 2003-02-11 12:59 | 51 byte(s)]
Re: samba 加入 NT 域的问题 - NetSnake [ 2003-02-12 08:47 | 98 byte(s)]
Re: samba 加入 NT 域的问题 - larryshao [ 2003-02-12 04:41 | 136 byte(s)]
Re: samba 加入 NT 域的问题 - vivaz [ 2003-02-13 10:36 | 205 byte(s)]
Re: samba 加入 NT 域的问题 - larryshao [ 2003-02-14 08:15 | 349 byte(s)]
Re: samba 加入 NT 域的问题 - vivaz [ 2003-02-14 09:51 | 65,535 byte(s)]
Re: samba 加入 NT 域的问题 - vivaz [ 2003-02-14 09:48 | 9,990 byte(s)]
Re: samba 加入 NT 域的问题 - larryshao [ 2003-02-14 11:34 | 341 byte(s)]
Re: samba 加入 NT 域的问题 - vivaz [ 2003-02-14 14:58 | 156 byte(s)]
Re: samba 加入 NT 域的问题 - larryshao [ 2003-02-25 09:36 | 161 byte(s)]
Re: samba 加入 NT 域的问题 - vivaz [ 2003-03-07 15:19 | 71 byte(s)]
Re: samba 加入 NT 域的问题 - larryshao [ 2003-02-15 02:35 | 882 byte(s)]
|
|
|
|
[Original]
[Print]
[Top]
|
smbpasswd -j MYDOMAIN -r MYPDC
cli_net_auth2: Error NT_STATUS_NO_TRUST_SAM_ACCOUNT
cli_nt_setup_creds: auth2 challenge failed
modify_trust_password: unable to setup the PDC credentials to machine MYPDC. Error was : NT_STATUS_NO_TRUST_SAM_ACCOUNT.
2003/02/11 09:57:17 : change_trust_account_password: Failed to change password for domain MYDOMAIN.
Unable to join domain MAIN.
smb.conf
----------------------------------------------------------------------------
workgroup = MYDOMAIN
security = domain
password server = MYPDC
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
|
|
|
[Original]
[Print]
[Top]
|
|
[Original]
[Print]
[Top]
|
You need a domain admin account to join an NT domain.
smbpasswd -j MYDOMAIN -r MYPDC -Uadmin%pass
|
|
[Original]
[Print]
[Top]
|
|
[Original]
[Print]
[Top]
|
谢谢两位的帮助,不过好像还是不行:(
smbpasswd -j MYDOMAIN -r MYPDC -Uadmin%pass
error setting trust account password: NT_STATUS_PASSWORD_RESTRICTION
Unable to join domain MYDOMAIN.
|
|
[Original]
[Print]
[Top]
|
|
[Original]
[Print]
[Top]
|
In order to join the domain, first stop all Samba daemons and run the command:
root# smbpasswd -j MYDOMAIN -r MYPDC -Uadmin%pass
If it still doesn't work, post your Samba version, smb.conf and the result of following command:
root# smbpasswd -D 100 -j MYDOMAIN -r MYPDC -Uadmin%pass
|
|
|
[Original]
[Print]
[Top]
|
|
[Original]
[Print]
[Top]
|
2.2.7a
# Global parameters
[global]
coding system =
client code page = 936
code page directory = /etc/samba/
workgroup = SHYL-3
netbios name = LINUX
netbios aliases =
netbios scope =
server string = Samba Server
interfaces = 10.107.2.101/16
bind interfaces only = No
security = DOMAIN
encrypt passwords = Yes
update encrypted = No
allow trusted domains = Yes
hosts equiv =
min passwd length = 5
map to guest = Never
null passwords = No
obey pam restrictions = No
password server = ylsvr
smb passwd file = /etc/samba/smbpasswd
root directory =
pam password change = No
passwd program = /usr/bin/passwd
passwd chat = *new*password* %n
*new*password* %n
*changed*
passwd chat debug = No
username map =
password level = 0
username level = 0
unix password sync = No
restrict anonymous = No
lanman auth = Yes
use rhosts = No
admin log = No
log level = 0
syslog = 1
syslog only = No
log file = /var/log/samba/%m.log
max log size = 0
timestamp logs = Yes
debug hires timestamp = No
debug pid = No
debug uid = No
protocol = NT1
large readwrite = Yes
max protocol = NT1
min protocol = CORE
read bmpx = No
read raw = Yes
write raw = Yes
nt smb support = Yes
nt pipe support = Yes
nt status support = Yes
announce version = 4.9
announce as = NT
max mux = 50
max xmit = 16644
name resolve order = lmhosts host wins bcast
max ttl = 259200
max wins ttl = 518400
min wins ttl = 21600
time server = No
unix extensions = No
change notify timeout = 60
deadtime = 0
getwd cache = Yes
keepalive = 300
lpq cache time = 10
max smbd processes = 0
max disk size = 0
max open files = 10000
name cache timeout = 660
read size = 16384
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
stat cache size = 50
use mmap = Yes
total print jobs = 0
load printers = Yes
printcap name = /etc/printcap
disable spoolss = No
enumports command =
addprinter command =
deleteprinter command =
show add printer wizard = Yes
os2 driver map =
strip dot = No
mangling method = hash
character set =
mangled stack = 50
stat cache = Yes
domain admin group =
domain guest group =
machine password timeout = 604800
add user script =
delete user script =
logon script =
logon path = \%N\%Uprofile
logon drive =
logon home = \%N\%U
domain logons = No
os level = 20
lm announce = Auto
lm interval = 60
preferred master = Auto
local master = Yes
domain master = Auto
browse list = Yes
enhanced browsing = Yes
dns proxy = No
wins proxy = No
wins server =
wins support = No
wins hook =
kernel oplocks = Yes
lock spin count = 3
lock spin time = 10
oplock break wait time = 0
add share command =
change share command =
delete share command =
config file =
preload =
lock dir = /etc/samba/
pid directory = /etc/samba/
default service =
message command =
dfree command =
valid chars =
remote announce =
remote browse sync =
socket address = 0.0.0.0
homedir map =
time offset = 0
NIS homedir = No
source environment =
panic action =
hide local users = No
winbind uid =
winbind gid =
template homedir = /home/%D/%U
template shell = /bin/false
winbind separator =
winbind cache time = 15
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = No
comment =
path =
alternate permissions = No
username =
guest account = nobody
invalid users =
valid users =
admin users =
read list =
write list =
printer admin =
force user =
force group =
read only = Yes
create mask = 0744
force create mode = 00
security mask = 0777
force security mode = 00
directory mask = 0755
force directory mode = 00
directory security mask = 0777
force directory security mode = 00
force unknown acl user = 00
inherit permissions = No
inherit acls = No
guest only = No
guest ok = No
only user = No
hosts allow = 10.107.26.16/255.255.255.248 10.107.2.0/255.255.255.0 127.0.0.1
hosts deny =
status = Yes
nt acl support = Yes
profile acls = No
block size = 1024
max connections = 0
min print space = 0
strict allocate = No
strict sync = No
sync always = No
write cache size = 0
max print jobs = 1000
printable = No
postscript = No
printing = bsd
print command = lpr -r -P%p %s
lpq command = lpq -P%p
lprm command = lprm -P%p %j
lppause command =
lpresume command =
queuepause command =
queueresume command =
printer name =
use client driver = No
default devmode = No
printer driver =
printer driver file = /etc/samba//printers.def
printer driver location =
default case = lower
case sensitive = No
preserve case = Yes
short preserve case = Yes
mangle case = No
mangling char = ~
hide dot files = Yes
hide unreadable = No
delete veto files = No
veto files =
hide files =
veto oplock files =
map system = No
map hidden = No
map archive = Yes
mangled names = Yes
mangled map =
browseable = Yes
blocking locks = Yes
csc policy = manual
fake oplocks = No
locking = Yes
oplocks = Yes
level2 oplocks = Yes
oplock contention limit = 2
posix locking = Yes
strict locking = No
share modes = Yes
copy =
include =
exec =
preexec close = No
postexec =
root preexec =
root preexec close = No
root postexec =
available = Yes
volume =
fstype = NTFS
set directory = No
wide links = Yes
follow symlinks = Yes
dont descend =
magic script =
magic output =
delete readonly = No
dos filemode = No
dos filetimes = No
dos filetime resolution = No
fake directory create times = No
vfs object =
vfs options =
[36G]
comment = 36G
path = /jail/glftpd/site/36G/
read only = No
guest ok = Yes
[24G]
comment = 24G
path = /jail/glftpd/site/24G/
read only = No
guest ok = Yes
|
|
|
[Original]
[Print]
[Top]
|
|
[Original]
[Print]
[Top]
|
Initialising global parameters
params.c:pm_process() - Processing configuration file "/etc/samba//smb.conf"
Processing section "[global]"
doing parameter workgroup = shyl-3
doing parameter server string = Samba Server
doing parameter netbios name = linux
handle_netbios_name: set global_myname to: LINUX
doing parameter client code page = 936
codepage_initialise: client code page = 936
load_client_codepage: loading codepage 936.
load_dos_unicode_map: 936
load_unicode_map: loading unicode map for codepage 936.
load_unix_unicode_map: ISO8859-1 (init_done=0, override=0)
load_unicode_map: loading unicode map for codepage ISO8859-1.
doing parameter hosts allow = 10.107.26.16/255.255.255.248 10.107.2.0/255.255.255.0 127.0.0.1
doing parameter log file = /var/log/samba/%m.log
doing parameter max log size = 0
doing parameter security = domain
doing parameter password server = ylsvr
doing parameter encrypt passwords = yes
doing parameter smb passwd file = /etc/samba/smbpasswd
doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
doing parameter interfaces = 10.107.2.101/16
doing parameter dns proxy = no
pm_process() returned Yes
lp_servicenumber: couldn't find homes
set_server_role: ROLE_DOMAIN_MEMBER
codepage_initialise: called twice - ignoring second client code page = 936
added interface ip=10.107.2.101 bcast=10.107.255.255 nmask=255.255.0.0
cli_init_creds: user guwq domain SHYL-3 flgs: 0
ntlmssp_cli_flgs:0
cli_establish_connection: LINUX<00> connecting to YLSVR<20> (0.0.0.0) - guwq [SHYL-3]
resolve_lmhosts: Attempting lmhosts lookup for name ylsvr<0x20>
getlmhostsent: lmhost entry: 127.0.0.1 localhost
resolve_hosts: Attempting host lookup for name ylsvr<0x20>
resolve_wins: Attempting wins lookup for name ylsvr<0x20>
wins_srv_count: WINS status: 0 servers.
resolve_wins: WINS server resolution selected and no WINS servers listed.
name_resolve_bcast: Attempting broadcast lookup for name ylsvr<0x20>
bind succeeded on port 0
socket option SO_KEEPALIVE = 0
socket option SO_REUSEADDR = 1
socket option SO_BROADCAST = 1
Could not test socket option TCP_NODELAY.
socket option IPTOS_LOWDELAY = 0
socket option IPTOS_THROUGHPUT = 0
socket option SO_SNDBUF = 65535
socket option SO_RCVBUF = 65535
socket option SO_SNDLOWAT = 1
socket option SO_RCVLOWAT = 1
socket option SO_SNDTIMEO = 0
socket option SO_RCVTIMEO = 0
Sending a packet of len 50 to (10.107.255.255) on port 137
read_udp_socket: lastip 10.107.2.1 lastport 137 read: 62
parse_nmb: packet id = 15055
Received a packet of len 62 from (10.107.2.1) port 137
nmb packet from 10.107.2.1(137) header: id=15055 opcode=Query(0) response=Yes
header: flags: bcast=No rec_avail=No rec_des=Yes trunc=No auth=Yes
header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
answers: nmb_name=YLSVR<20> rr_type=32 rr_class=1 ttl=300000
answers 0 char ...k.. hex 00000A6B0201
Got a positive name query response from 10.107.2.1 ( 10.107.2.1 )
internal_resolve_name: returning 1 addresses: 10.107.2.1
Connecting to 10.107.2.1 at port 445
error connecting to 10.107.2.1:445 (Connection refused)
Connecting to 10.107.2.1 at port 139
socket option SO_KEEPALIVE = 0
socket option SO_REUSEADDR = 0
socket option SO_BROADCAST = 0
socket option TCP_NODELAY = 1
socket option IPTOS_LOWDELAY = 0
socket option IPTOS_THROUGHPUT = 0
socket option SO_SNDBUF = 16384
socket option SO_RCVBUF = 16384
socket option SO_SNDLOWAT = 1
socket option SO_RCVLOWAT = 1
socket option SO_SNDTIMEO = 0
socket option SO_RCVTIMEO = 0
write_socket(4,72)
write_socket(4,72) wrote 72
Sent session request
got smb length of 0
size=0
smb_com=0x0
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=0
smb_flg2=0
smb_tid=0
smb_pid=0
smb_uid=0
smb_mid=0
smt_wct=0
smb_bcc=0
write_socket(4,168)
write_socket(4,168) wrote 168
got smb length of 91
size=91
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=1
smb_tid=0
smb_pid=5816
smb_uid=0
smb_mid=1
smt_wct=17
smb_vwv[0]=7 (0x7)
smb_vwv[1]=12803 (0x3203)
smb_vwv[2]=256 (0x100)
smb_vwv[3]=1024 (0x400)
smb_vwv[4]=17 (0x11)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=256 (0x100)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=64768 (0xFD00)
smb_vwv[10]=67 (0x43)
smb_vwv[11]=14336 (0x3800)
smb_vwv[12]=44886 (0xAF56)
smb_vwv[13]=51987 (0xCB13)
smb_vwv[14]=49875 (0xC2D3)
smb_vwv[15]=8193 (0x2001)
smb_vwv[16]=2302 (0x8FE)
smb_bcc=22
[000] AB FA 0E F2 5A 7F 1F 57 53 00 48 00 59 00 4C 00 ....Z..W S.H.Y.L.
[010] 2D 00 33 00 00 00 -.3...
size=91
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=1
smb_tid=0
smb_pid=5816
smb_uid=0
smb_mid=1
smt_wct=17
smb_vwv[0]=7 (0x7)
smb_vwv[1]=12803 (0x3203)
smb_vwv[2]=256 (0x100)
smb_vwv[3]=1024 (0x400)
smb_vwv[4]=17 (0x11)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=256 (0x100)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=64768 (0xFD00)
smb_vwv[10]=67 (0x43)
smb_vwv[11]=14336 (0x3800)
smb_vwv[12]=44886 (0xAF56)
smb_vwv[13]=51987 (0xCB13)
smb_vwv[14]=49875 (0xC2D3)
smb_vwv[15]=8193 (0x2001)
smb_vwv[16]=2302 (0x8FE)
smb_bcc=22
[000] AB FA 0E F2 5A 7F 1F 57 53 00 48 00 59 00 4C 00 ....Z..W S.H.Y.L.
[010] 2D 00 33 00 00 00 -.3...
write_socket(4,160)
write_socket(4,160) wrote 160
got smb length of 124
size=124
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=0
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=3
smb_vwv[0]=255 (0xFF)
smb_vwv[1]=124 (0x7C)
smb_vwv[2]=0 (0x0)
smb_bcc=83
[000] 00 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 20 .W.i.n.d .o.w.s.
[010] 00 4E 00 54 00 20 00 34 00 2E 00 30 00 00 00 4E .N.T. .4 ...0...N
[020] 00 54 00 20 00 4C 00 41 00 4E 00 20 00 4D 00 61 .T. .L.A .N. .M.a
[030] 00 6E 00 61 00 67 00 65 00 72 00 20 00 34 00 2E .n.a.g.e .r. .4..
[040] 00 30 00 00 00 53 00 48 00 59 00 4C 00 2D 00 33 .0...S.H .Y.L.-.3
[050] 00 00 00 ...
size=124
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=0
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=3
smb_vwv[0]=255 (0xFF)
smb_vwv[1]=124 (0x7C)
smb_vwv[2]=0 (0x0)
smb_bcc=83
[000] 00 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 20 .W.i.n.d .o.w.s.
[010] 00 4E 00 54 00 20 00 34 00 2E 00 30 00 00 00 4E .N.T. .4 ...0...N
[020] 00 54 00 20 00 4C 00 41 00 4E 00 20 00 4D 00 61 .T. .L.A .N. .M.a
[030] 00 6E 00 61 00 67 00 65 00 72 00 20 00 34 00 2E .n.a.g.e .r. .4..
[040] 00 30 00 00 00 53 00 48 00 59 00 4C 00 2D 00 33 .0...S.H .Y.L.-.3
[050] 00 00 00 ...
session setup ok
Domain=[SHYL-3] OS=[Windows NT 4.0] Server=[NT LAN Manager 4.0]
write_socket(4,78)
write_socket(4,78) wrote 78
got smb length of 48
size=48
smb_com=0x75
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=3
smb_vwv[0]=255 (0xFF)
smb_vwv[1]=48 (0x30)
smb_vwv[2]=1 (0x1)
smb_bcc=7
[000] 49 50 43 00 00 00 00 IPC....
write_socket(4,104)
write_socket(4,104) wrote 104
got smb length of 103
size=103
smb_com=0xa2
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=34
smb_vwv[0]=255 (0xFF)
smb_vwv[1]=103 (0x67)
smb_vwv[2]=1792 (0x700)
smb_vwv[3]=264 (0x108)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=0 (0x0)
smb_vwv[11]=0 (0x0)
smb_vwv[12]=0 (0x0)
smb_vwv[13]=0 (0x0)
smb_vwv[14]=0 (0x0)
smb_vwv[15]=0 (0x0)
smb_vwv[16]=0 (0x0)
smb_vwv[17]=0 (0x0)
smb_vwv[18]=0 (0x0)
smb_vwv[19]=0 (0x0)
smb_vwv[20]=0 (0x0)
smb_vwv[21]=32768 (0x8000)
smb_vwv[22]=0 (0x0)
smb_vwv[23]=0 (0x0)
smb_vwv[24]=16 (0x10)
smb_vwv[25]=0 (0x0)
smb_vwv[26]=0 (0x0)
smb_vwv[27]=0 (0x0)
smb_vwv[28]=0 (0x0)
smb_vwv[29]=0 (0x0)
smb_vwv[30]=0 (0x0)
smb_vwv[31]=512 (0x200)
smb_vwv[32]=65280 (0xFF00)
smb_vwv[33]=5 (0x5)
smb_bcc=0
Bind RPC Pipe[807]: PIPElsarpc
Bind Abstract Syntax: [000] 78 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 AB xW4.4... ...#Eg..
[010] 00 00 00 00 ....
Bind Transfer Syntax: [000] 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]...... ....+.H`
[010] 02 00 00 00 ....
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 0b
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0048
000a auth_len : 0000
000c call_id : 00000001
000010 smb_io_rpc_hdr_rb
000010 smb_io_rpc_hdr_bba
0010 max_tsize: 1630
0012 max_rsize: 1630
0014 assoc_gid: 00000000
0018 num_elements: 00000001
001c context_id : 0000
001e num_syntaxes: 01
00001f smb_io_rpc_iface
0020 data : 12345778
0024 data : 1234
0026 data : abcd
0028 data : ef 00 01 23 45 67 89 ab
0030 version: 00000000
000034 smb_io_rpc_iface
0034 data : 8a885d04
0038 data : 1ceb
003a data : 11c9
003c data : 9f e8 08 00 2b 10 48 60
0044 version: 00000002
rpc_api_pipe: cmd:26 fnum:807
size=154
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=16
smb_vwv[0]=0 (0x0)
smb_vwv[1]=72 (0x48)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=72 (0x48)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=82 (0x52)
smb_vwv[11]=72 (0x48)
smb_vwv[12]=82 (0x52)
smb_vwv[13]=2 (0x2)
smb_vwv[14]=38 (0x26)
smb_vwv[15]=2055 (0x807)
smb_bcc=87
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 ..P.I.P .E.....
[010] 00 0B 03 10 00 00 00 48 00 00 00 01 00 00 00 30 .......H .......0
[020] 16 30 16 00 00 00 00 01 00 00 00 00 00 01 00 78 .0...... .......x
[030] 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 AB 00 W4.4.... ..#Eg...
[040] 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B ....]... .......+
[050] 10 48 60 02 00 00 00 .H`....
write_socket(4,158)
write_socket(4,158) wrote 158
got smb length of 124
size=124
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=68 (0x44)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=68 (0x44)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=69
[000] 48 05 00 0C 03 10 00 00 00 44 00 00 00 01 00 00 H....... .D......
[010] 00 30 16 30 16 B3 59 06 00 0C 00 5C 50 49 50 45 .0.0..Y. ...PIPE
[020] 5C 6C 73 61 73 73 00 00 00 01 00 00 00 00 00 00 lsass.. ........
[030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H
[040] 60 02 00 00 00 `....
size=124
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=68 (0x44)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=68 (0x44)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=69
[000] 48 05 00 0C 03 10 00 00 00 44 00 00 00 01 00 00 H....... .D......
[010] 00 30 16 30 16 B3 59 06 00 0C 00 5C 50 49 50 45 .0.0..Y. ...PIPE
[020] 5C 6C 73 61 73 73 00 00 00 01 00 00 00 00 00 00 lsass.. ........
[030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H
[040] 60 02 00 00 00 `....
rpc_check_hdr: rdata->data_size = 68
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 0c
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0044
000a auth_len : 0000
000c call_id : 00000001
rpc_api_pipe: len left: 0 smbtrans read: 68
rpc_api_pipe: fragment first and last both set
rpc_pipe_bind: rpc_api_pipe returned OK.
000010 smb_io_rpc_hdr_ba
000010 smb_io_rpc_hdr_bba
0010 max_tsize: 1630
0012 max_rsize: 1630
0014 assoc_gid: 000659b3
000018 smb_io_rpc_addr_str
0018 len: 000c
001a str: PIPElsass.
000026 smb_io_rpc_results
0028 num_results: 01
002c result : 0000
002e reason : 0000
000030 smb_io_rpc_iface
0030 data : 8a885d04
0034 data : 1ceb
0036 data : 11c9
0038 data : 9f e8 08 00 2b 10 48 60
0040 version: 00000002
bind_rpc_pipe: server pipe_name found: PIPElsass
bind_rpc_pipe: accepted!
init_lsa_sec_qos
init_open_pol: attr:0 da:33554432
init_lsa_obj_attr
000000 lsa_io_q_open_pol
0000 ptr : 00000001
0004 system_name: 005c
000008 lsa_io_obj_attr
0008 len : 00000018
000c ptr_root_dir: 00000000
0010 ptr_obj_name: 00000000
0014 attributes : 00000000
0018 ptr_sec_desc: 00000000
001c ptr_sec_qos : 00000001
000020 lsa_io_obj_qos sec_qos
0020 len : 0000000c
0024 sec_imp_level : 0002
0026 sec_ctxt_mode : 01
0027 effective_only: 00
lsa_io_sec_qos: length c does not match size 8
0028 des_access: 02000000
rpc_api_pipe_req: Outgoing data not a multiple of 8 bytes....
create_rpc_request: opnum: 0x6 data_len: 0x44
create_rpc_request: data_len: 44 auth_len: 0 alloc_hint: 34
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0044
000a auth_len : 0000
000c call_id : 00000002
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 00000034
0014 context_id: 0000
0016 opnum : 0006
data_len: 44 data_calc_len: 44
rpc_api_pipe: cmd:26 fnum:807
size=150
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=16
smb_vwv[0]=0 (0x0)
smb_vwv[1]=68 (0x44)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=68 (0x44)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=82 (0x52)
smb_vwv[11]=68 (0x44)
smb_vwv[12]=82 (0x52)
smb_vwv[13]=2 (0x2)
smb_vwv[14]=38 (0x26)
smb_vwv[15]=2055 (0x807)
smb_bcc=83
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 ..P.I.P .E.....
[010] 00 00 03 10 00 00 00 44 00 00 00 02 00 00 00 34 .......D .......4
[020] 00 00 00 00 00 06 00 01 00 00 00 5C 00 00 00 18 ........ .......
[030] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[040] 00 00 00 01 00 00 00 0C 00 00 00 02 00 01 00 00 ........ ........
[050] 00 00 02 ...
write_socket(4,154)
write_socket(4,154) wrote 154
got smb length of 104
size=104
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=48 (0x30)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=48 (0x30)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=49
[000] 44 05 00 02 03 10 00 00 00 30 00 00 00 02 00 00 D....... .0......
[010] 00 18 00 00 00 00 00 00 00 00 00 00 00 F5 EF 94 ........ ........
[020] BC 87 3E D7 11 8A 9C CE 95 F5 E8 8A 7B 00 00 00 ..>..... ....{...
[030] 00 .
size=104
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=48 (0x30)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=48 (0x30)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=49
[000] 44 05 00 02 03 10 00 00 00 30 00 00 00 02 00 00 D....... .0......
[010] 00 18 00 00 00 00 00 00 00 00 00 00 00 F5 EF 94 ........ ........
[020] BC 87 3E D7 11 8A 9C CE 95 F5 E8 8A 7B 00 00 00 ..>..... ....{...
[030] 00 .
rpc_check_hdr: rdata->data_size = 48
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0030
000a auth_len : 0000
000c call_id : 00000002
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 00000018
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
rpc_api_pipe: len left: 0 smbtrans read: 48
rpc_api_pipe: fragment first and last both set
000018 lsa_io_r_open_pol
000018 smb_io_pol_hnd
0018 data1: 00000000
001c data2: bc94eff5
0020 data3: 3e87
0022 data4: 11d7
0024 data5: 8a 9c ce 95 f5 e8 8a 7b
002c status: NT_STATUS_OK
init_q_query
000000 lsa_io_q_query
000000 smb_io_pol_hnd
0000 data1: 00000000
0004 data2: bc94eff5
0008 data3: 3e87
000a data4: 11d7
000c data5: 8a 9c ce 95 f5 e8 8a 7b
0014 info_class: 0005
rpc_api_pipe_req: Outgoing data not a multiple of 8 bytes....
create_rpc_request: opnum: 0x7 data_len: 0x2e
create_rpc_request: data_len: 2e auth_len: 0 alloc_hint: 1e
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 002e
000a auth_len : 0000
000c call_id : 00000003
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 0000001e
0014 context_id: 0000
0016 opnum : 0007
data_len: 2e data_calc_len: 2e
rpc_api_pipe: cmd:26 fnum:807
size=128
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=16
smb_vwv[0]=0 (0x0)
smb_vwv[1]=46 (0x2E)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=46 (0x2E)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=82 (0x52)
smb_vwv[11]=46 (0x2E)
smb_vwv[12]=82 (0x52)
smb_vwv[13]=2 (0x2)
smb_vwv[14]=38 (0x26)
smb_vwv[15]=2055 (0x807)
smb_bcc=61
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 ..P.I.P .E.....
[010] 00 00 03 10 00 00 00 2E 00 00 00 03 00 00 00 1E ........ ........
[020] 00 00 00 00 00 07 00 00 00 00 00 F5 EF 94 BC 87 ........ ........
[030] 3E D7 11 8A 9C CE 95 F5 E8 8A 7B 05 00 >....... ..{..
write_socket(4,132)
write_socket(4,132) wrote 132
got smb length of 102
size=102
smb_com=0x25
smb_rcls=5
smb_reh=0
smb_err=32768
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=46 (0x2E)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=46 (0x2E)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=47
[000] 2E 05 00 02 03 10 00 00 00 64 00 00 00 03 00 00 ........ .d......
[010] 00 4C 00 00 00 00 00 00 00 28 4B 15 00 05 00 94 .L...... .(K.....
[020] BC 0C 00 0E 00 38 AF 1A 00 E8 6F 1A 00 07 00 .....8.. ..o....
size=102
smb_com=0x25
smb_rcls=5
smb_reh=0
smb_err=32768
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=46 (0x2E)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=46 (0x2E)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=47
[000] 2E 05 00 02 03 10 00 00 00 64 00 00 00 03 00 00 ........ .d......
[010] 00 4C 00 00 00 00 00 00 00 28 4B 15 00 05 00 94 .L...... .(K.....
[020] BC 0C 00 0E 00 38 AF 1A 00 E8 6F 1A 00 07 00 .....8.. ..o....
rpc_check_hdr: rdata->data_size = 46
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0064
000a auth_len : 0000
000c call_id : 00000003
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 0000004c
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
rpc_api_pipe: len left: 54 smbtrans read: 46
rpc_read: data_to_read: 54 rdata offset: 46 extra_data_size: 54
rpc_read: grew buffer by 54 bytes to 100
write_socket(4,59)
write_socket(4,59) wrote 59
got smb length of 114
size=114
smb_com=0x2e
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=12
smb_vwv[0]=255 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=54 (0x36)
smb_vwv[6]=60 (0x3C)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=0 (0x0)
smb_vwv[11]=0 (0x0)
smb_bcc=55
[000] 03 00 00 00 00 00 00 06 00 00 00 53 00 48 00 59 ........ ...S.H.Y
[010] 00 4C 00 2D 00 33 00 04 00 00 00 01 04 00 00 00 .L.-.3.. ........
[020] 00 00 05 15 00 00 00 A0 5E AA 0B 18 3B 49 55 E0 ........ ^...;IU.
[030] 27 63 00 00 00 00 00 'c.....
rpc_read: num_read = 54, read offset: 0, to read: 54
rpc_api_pipe: fragment first and last both set
000018 lsa_io_r_query
0018 undoc_buffer: 00154b28
001c info_class: 0005
000020 lsa_io_dom_query
0020 uni_dom_max_len: 000c
0022 uni_dom_str_len: 000e
0024 buffer_dom_name: 001aaf38
0028 buffer_dom_sid : 001a6fe8
00002c smb_io_unistr2 unistr2
002c uni_max_len: 00000007
0030 undoc : 00000000
0034 uni_str_len: 00000006
0038 buffer : S.H.Y.L.-.3.
000044 smb_io_dom_sid2
0044 num_auths: 00000004
000048 smb_io_dom_sid sid
0048 sid_rev_num: 01
0049 num_auths : 04
004a id_auth[0] : 00
004b id_auth[1] : 00
004c id_auth[2] : 00
004d id_auth[3] : 00
004e id_auth[4] : 00
004f id_auth[5] : 05
0050 sub_auths : 00000015 0baa5ea0 55493b18 006327e0
0060 status: NT_STATUS_OK
init_lsa_q_close
000000 lsa_io_q_close
000000 smb_io_pol_hnd
0000 data1: 00000000
0004 data2: bc94eff5
0008 data3: 3e87
000a data4: 11d7
000c data5: 8a 9c ce 95 f5 e8 8a 7b
rpc_api_pipe_req: Outgoing data not a multiple of 8 bytes....
create_rpc_request: opnum: 0x0 data_len: 0x2c
create_rpc_request: data_len: 2c auth_len: 0 alloc_hint: 1c
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 002c
000a auth_len : 0000
000c call_id : 00000004
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 0000001c
0014 context_id: 0000
0016 opnum : 0000
data_len: 2c data_calc_len: 2c
rpc_api_pipe: cmd:26 fnum:807
size=126
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=16
smb_vwv[0]=0 (0x0)
smb_vwv[1]=44 (0x2C)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=44 (0x2C)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=82 (0x52)
smb_vwv[11]=44 (0x2C)
smb_vwv[12]=82 (0x52)
smb_vwv[13]=2 (0x2)
smb_vwv[14]=38 (0x26)
smb_vwv[15]=2055 (0x807)
smb_bcc=59
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 ..P.I.P .E.....
[010] 00 00 03 10 00 00 00 2C 00 00 00 04 00 00 00 1C ......., ........
[020] 00 00 00 00 00 00 00 00 00 00 00 F5 EF 94 BC 87 ........ ........
[030] 3E D7 11 8A 9C CE 95 F5 E8 8A 7B >....... ..{
write_socket(4,130)
write_socket(4,130) wrote 130
got smb length of 100
size=100
smb_com=0x25
smb_rcls=5
smb_reh=0
smb_err=32768
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=44 (0x2C)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=44 (0x2C)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=45
[000] 2C 05 00 02 03 10 00 00 00 30 00 00 00 04 00 00 ,....... .0......
[010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[020] 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ .....
size=100
smb_com=0x25
smb_rcls=5
smb_reh=0
smb_err=32768
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=44 (0x2C)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=44 (0x2C)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=45
[000] 2C 05 00 02 03 10 00 00 00 30 00 00 00 04 00 00 ,....... .0......
[010] 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
[020] 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ .....
rpc_check_hdr: rdata->data_size = 44
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0030
000a auth_len : 0000
000c call_id : 00000004
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 00000018
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
rpc_api_pipe: len left: 4 smbtrans read: 44
rpc_read: data_to_read: 4 rdata offset: 44 extra_data_size: 4
rpc_read: grew buffer by 4 bytes to 48
write_socket(4,59)
write_socket(4,59) wrote 59
got smb length of 64
size=64
smb_com=0x2e
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=12
smb_vwv[0]=255 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=4 (0x4)
smb_vwv[6]=60 (0x3C)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=0 (0x0)
smb_vwv[11]=0 (0x0)
smb_bcc=5
[000] 03 00 00 00 00 .....
rpc_read: num_read = 4, read offset: 0, to read: 4
rpc_api_pipe: fragment first and last both set
000018 lsa_io_r_close
000018 smb_io_pol_hnd
0018 data1: 00000000
001c data2: 00000000
0020 data3: 0000
0022 data4: 0000
0024 data5: 00 00 00 00 00 00 00 00
002c status: NT_STATUS_OK
write_socket(4,45)
write_socket(4,45) wrote 45
got smb length of 35
size=35
smb_com=0x4
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=0
smb_bcc=0
write_socket(4,100)
write_socket(4,100) wrote 100
got smb length of 103
size=103
smb_com=0xa2
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=34
smb_vwv[0]=255 (0xFF)
smb_vwv[1]=103 (0x67)
smb_vwv[2]=2048 (0x800)
smb_vwv[3]=264 (0x108)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=0 (0x0)
smb_vwv[11]=0 (0x0)
smb_vwv[12]=0 (0x0)
smb_vwv[13]=0 (0x0)
smb_vwv[14]=0 (0x0)
smb_vwv[15]=0 (0x0)
smb_vwv[16]=0 (0x0)
smb_vwv[17]=0 (0x0)
smb_vwv[18]=0 (0x0)
smb_vwv[19]=0 (0x0)
smb_vwv[20]=0 (0x0)
smb_vwv[21]=32768 (0x8000)
smb_vwv[22]=0 (0x0)
smb_vwv[23]=0 (0x0)
smb_vwv[24]=16 (0x10)
smb_vwv[25]=0 (0x0)
smb_vwv[26]=0 (0x0)
smb_vwv[27]=0 (0x0)
smb_vwv[28]=0 (0x0)
smb_vwv[29]=0 (0x0)
smb_vwv[30]=0 (0x0)
smb_vwv[31]=512 (0x200)
smb_vwv[32]=65280 (0xFF00)
smb_vwv[33]=5 (0x5)
smb_bcc=0
Bind RPC Pipe[808]: PIPEsamr
Bind Abstract Syntax: [000] 78 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 AC xW4.4... ...#Eg..
[010] 01 00 00 00 ....
Bind Transfer Syntax: [000] 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 60 .]...... ....+.H`
[010] 02 00 00 00 ....
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 0b
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0048
000a auth_len : 0000
000c call_id : 00000005
000010 smb_io_rpc_hdr_rb
000010 smb_io_rpc_hdr_bba
0010 max_tsize: 1630
0012 max_rsize: 1630
0014 assoc_gid: 00000000
0018 num_elements: 00000001
001c context_id : 0000
001e num_syntaxes: 01
00001f smb_io_rpc_iface
0020 data : 12345778
0024 data : 1234
0026 data : abcd
0028 data : ef 00 01 23 45 67 89 ac
0030 version: 00000001
000034 smb_io_rpc_iface
0034 data : 8a885d04
0038 data : 1ceb
003a data : 11c9
003c data : 9f e8 08 00 2b 10 48 60
0044 version: 00000002
rpc_api_pipe: cmd:26 fnum:808
size=154
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=16
smb_vwv[0]=0 (0x0)
smb_vwv[1]=72 (0x48)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=72 (0x48)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=82 (0x52)
smb_vwv[11]=72 (0x48)
smb_vwv[12]=82 (0x52)
smb_vwv[13]=2 (0x2)
smb_vwv[14]=38 (0x26)
smb_vwv[15]=2056 (0x808)
smb_bcc=87
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 ..P.I.P .E.....
[010] 00 0B 03 10 00 00 00 48 00 00 00 05 00 00 00 30 .......H .......0
[020] 16 30 16 00 00 00 00 01 00 00 00 00 00 01 00 78 .0...... .......x
[030] 57 34 12 34 12 CD AB EF 00 01 23 45 67 89 AC 01 W4.4.... ..#Eg...
[040] 00 00 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B ....]... .......+
[050] 10 48 60 02 00 00 00 .H`....
write_socket(4,158)
write_socket(4,158) wrote 158
got smb length of 124
size=124
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=68 (0x44)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=68 (0x44)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=69
[000] 48 05 00 0C 03 10 00 00 00 44 00 00 00 05 00 00 H....... .D......
[010] 00 30 16 30 16 B4 59 06 00 0C 00 5C 50 49 50 45 .0.0..Y. ...PIPE
[020] 5C 6C 73 61 73 73 00 00 00 01 00 00 00 00 00 00 lsass.. ........
[030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H
[040] 60 02 00 00 00 `....
size=124
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=68 (0x44)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=68 (0x44)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=69
[000] 48 05 00 0C 03 10 00 00 00 44 00 00 00 05 00 00 H....... .D......
[010] 00 30 16 30 16 B4 59 06 00 0C 00 5C 50 49 50 45 .0.0..Y. ...PIPE
[020] 5C 6C 73 61 73 73 00 00 00 01 00 00 00 00 00 00 lsass.. ........
[030] 00 04 5D 88 8A EB 1C C9 11 9F E8 08 00 2B 10 48 ..]..... .....+.H
[040] 60 02 00 00 00 `....
rpc_check_hdr: rdata->data_size = 68
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 0c
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0044
000a auth_len : 0000
000c call_id : 00000005
rpc_api_pipe: len left: 0 smbtrans read: 68
rpc_api_pipe: fragment first and last both set
rpc_pipe_bind: rpc_api_pipe returned OK.
000010 smb_io_rpc_hdr_ba
000010 smb_io_rpc_hdr_bba
0010 max_tsize: 1630
0012 max_rsize: 1630
0014 assoc_gid: 000659b4
000018 smb_io_rpc_addr_str
0018 len: 000c
001a str: PIPElsass.
000026 smb_io_rpc_results
0028 num_results: 01
002c result : 0000
002e reason : 0000
000030 smb_io_rpc_iface
0030 data : 8a885d04
0034 data : 1ceb
0036 data : 11c9
0038 data : 9f e8 08 00 2b 10 48 60
0040 version: 00000002
bind_rpc_pipe: server pipe_name found: PIPElsass
bind_rpc_pipe: accepted!
init_samr_q_connect
000000 samr_io_q_connect
0000 ptr_srv_name: 00000001
000004 smb_io_unistr2
0004 uni_max_len: 00000006
0008 undoc : 00000000
000c uni_str_len: 00000006
0010 buffer : y.l.s.v.r...
001c access_mask: 02000000
create_rpc_request: opnum: 0x39 data_len: 0x38
create_rpc_request: data_len: 38 auth_len: 0 alloc_hint: 28
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0038
000a auth_len : 0000
000c call_id : 00000006
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 00000028
0014 context_id: 0000
0016 opnum : 0039
data_len: 38 data_calc_len: 38
rpc_api_pipe: cmd:26 fnum:808
size=138
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=16
smb_vwv[0]=0 (0x0)
smb_vwv[1]=56 (0x38)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=56 (0x38)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=82 (0x52)
smb_vwv[11]=56 (0x38)
smb_vwv[12]=82 (0x52)
smb_vwv[13]=2 (0x2)
smb_vwv[14]=38 (0x26)
smb_vwv[15]=2056 (0x808)
smb_bcc=71
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 ..P.I.P .E.....
[010] 00 00 03 10 00 00 00 38 00 00 00 06 00 00 00 28 .......8 .......(
[020] 00 00 00 00 00 39 00 01 00 00 00 06 00 00 00 00 .....9.. ........
[030] 00 00 00 06 00 00 00 79 00 6C 00 73 00 76 00 72 .......y .l.s.v.r
[040] 00 00 00 00 00 00 02 .......
write_socket(4,142)
write_socket(4,142) wrote 142
got smb length of 104
size=104
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=48 (0x30)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=48 (0x30)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=49
[000] 38 05 00 02 03 10 00 00 00 30 00 00 00 06 00 00 8....... .0......
[010] 00 18 00 00 00 00 00 00 00 00 00 00 00 F6 EF 94 ........ ........
[020] BC 87 3E D7 11 8A 9C CE 95 F5 E8 8A 7B 00 00 00 ..>..... ....{...
[030] 00 .
size=104
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=48 (0x30)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=48 (0x30)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=49
[000] 38 05 00 02 03 10 00 00 00 30 00 00 00 06 00 00 8....... .0......
[010] 00 18 00 00 00 00 00 00 00 00 00 00 00 F6 EF 94 ........ ........
[020] BC 87 3E D7 11 8A 9C CE 95 F5 E8 8A 7B 00 00 00 ..>..... ....{...
[030] 00 .
rpc_check_hdr: rdata->data_size = 48
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0030
000a auth_len : 0000
000c call_id : 00000006
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 00000018
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
rpc_api_pipe: len left: 0 smbtrans read: 48
rpc_api_pipe: fragment first and last both set
000018 samr_io_r_connect
000018 smb_io_pol_hnd connect_pol
0018 data1: 00000000
001c data2: bc94eff6
0020 data3: 3e87
0022 data4: 11d7
0024 data5: 8a 9c ce 95 f5 e8 8a 7b
002c status: NT_STATUS_OK
samr_init_samr_q_open_domain
000000 samr_io_q_open_domain
000000 smb_io_pol_hnd pol
0000 data1: 00000000
0004 data2: bc94eff6
0008 data3: 3e87
000a data4: 11d7
000c data5: 8a 9c ce 95 f5 e8 8a 7b
0014 flags: 02000000
000018 smb_io_dom_sid2 sid
0018 num_auths: 00000004
00001c smb_io_dom_sid sid
001c sid_rev_num: 01
001d num_auths : 04
001e id_auth[0] : 00
001f id_auth[1] : 00
0020 id_auth[2] : 00
0021 id_auth[3] : 00
0022 id_auth[4] : 00
0023 id_auth[5] : 05
0024 sub_auths : 00000015 0baa5ea0 55493b18 006327e0
rpc_api_pipe_req: Outgoing data not a multiple of 8 bytes....
create_rpc_request: opnum: 0x7 data_len: 0x4c
create_rpc_request: data_len: 4c auth_len: 0 alloc_hint: 3c
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 004c
000a auth_len : 0000
000c call_id : 00000007
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 0000003c
0014 context_id: 0000
0016 opnum : 0007
data_len: 4c data_calc_len: 4c
rpc_api_pipe: cmd:26 fnum:808
size=158
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=16
smb_vwv[0]=0 (0x0)
smb_vwv[1]=76 (0x4C)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=76 (0x4C)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=82 (0x52)
smb_vwv[11]=76 (0x4C)
smb_vwv[12]=82 (0x52)
smb_vwv[13]=2 (0x2)
smb_vwv[14]=38 (0x26)
smb_vwv[15]=2056 (0x808)
smb_bcc=91
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 ..P.I.P .E.....
[010] 00 00 03 10 00 00 00 4C 00 00 00 07 00 00 00 3C .......L .......<
[020] 00 00 00 00 00 07 00 00 00 00 00 F6 EF 94 BC 87 ........ ........
[030] 3E D7 11 8A 9C CE 95 F5 E8 8A 7B 00 00 00 02 04 >....... ..{.....
[040] 00 00 00 01 04 00 00 00 00 00 05 15 00 00 00 A0 ........ ........
[050] 5E AA 0B 18 3B 49 55 E0 27 63 00 ^...;IU. 'c.
write_socket(4,162)
write_socket(4,162) wrote 162
got smb length of 104
size=104
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=48 (0x30)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=48 (0x30)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=49
[000] 4C 05 00 02 03 10 00 00 00 30 00 00 00 07 00 00 L....... .0......
[010] 00 18 00 00 00 00 00 00 00 00 00 00 00 F7 EF 94 ........ ........
[020] BC 87 3E D7 11 8A 9C CE 95 F5 E8 8A 7B 00 00 00 ..>..... ....{...
[030] 00 .
size=104
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=48 (0x30)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=48 (0x30)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=49
[000] 4C 05 00 02 03 10 00 00 00 30 00 00 00 07 00 00 L....... .0......
[010] 00 18 00 00 00 00 00 00 00 00 00 00 00 F7 EF 94 ........ ........
[020] BC 87 3E D7 11 8A 9C CE 95 F5 E8 8A 7B 00 00 00 ..>..... ....{...
[030] 00 .
rpc_check_hdr: rdata->data_size = 48
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0030
000a auth_len : 0000
000c call_id : 00000007
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 00000018
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
rpc_api_pipe: len left: 0 smbtrans read: 48
rpc_api_pipe: fragment first and last both set
000018 samr_io_r_open_domain
000018 smb_io_pol_hnd domain_pol
0018 data1: 00000000
001c data2: bc94eff7
0020 data3: 3e87
0022 data4: 11d7
0024 data5: 8a 9c ce 95 f5 e8 8a 7b
002c status: NT_STATUS_OK
samr_init_samr_q_create_user
000000 samr_io_q_create_user
000000 smb_io_pol_hnd domain_pol
0000 data1: 00000000
0004 data2: bc94eff7
0008 data3: 3e87
000a data4: 11d7
000c data5: 8a 9c ce 95 f5 e8 8a 7b
000014 smb_io_unihdr hdr_name
0014 uni_str_len: 000c
0016 uni_max_len: 000c
0018 buffer : 00000001
00001c smb_io_unistr2 uni_name
001c uni_max_len: 00000006
0020 undoc : 00000000
0024 uni_str_len: 00000006
0028 buffer : l.i.n.u.x.$.
0034 acb_info : 00000080
0038 access_mask: e005000b
rpc_api_pipe_req: Outgoing data not a multiple of 8 bytes....
create_rpc_request: opnum: 0x32 data_len: 0x54
create_rpc_request: data_len: 54 auth_len: 0 alloc_hint: 44
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0054
000a auth_len : 0000
000c call_id : 00000008
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 00000044
0014 context_id: 0000
0016 opnum : 0032
data_len: 54 data_calc_len: 54
rpc_api_pipe: cmd:26 fnum:808
size=166
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=16
smb_vwv[0]=0 (0x0)
smb_vwv[1]=84 (0x54)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=84 (0x54)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=82 (0x52)
smb_vwv[11]=84 (0x54)
smb_vwv[12]=82 (0x52)
smb_vwv[13]=2 (0x2)
smb_vwv[14]=38 (0x26)
smb_vwv[15]=2056 (0x808)
smb_bcc=99
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 ..P.I.P .E.....
[010] 00 00 03 10 00 00 00 54 00 00 00 08 00 00 00 44 .......T .......D
[020] 00 00 00 00 00 32 00 00 00 00 00 F7 EF 94 BC 87 .....2.. ........
[030] 3E D7 11 8A 9C CE 95 F5 E8 8A 7B 0C 00 0C 00 01 >....... ..{.....
[040] 00 00 00 06 00 00 00 00 00 00 00 06 00 00 00 6C ........ .......l
[050] 00 69 00 6E 00 75 00 78 00 24 00 80 00 00 00 0B .i.n.u.x .$......
[060] 00 05 E0 ...
write_socket(4,170)
write_socket(4,170) wrote 170
got smb length of 112
size=112
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=56 (0x38)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=56 (0x38)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=57
[000] 54 05 00 02 03 10 00 00 00 38 00 00 00 08 00 00 T....... .8......
[010] 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 . ...... ........
[020] 00 00 00 00 00 00 00 00 00 00 00 00 00 30 00 00 ........ .....0..
[030] 00 00 00 00 00 63 00 00 C0 .....c.. .
size=112
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=56 (0x38)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=56 (0x38)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=57
[000] 54 05 00 02 03 10 00 00 00 38 00 00 00 08 00 00 T....... .8......
[010] 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 . ...... ........
[020] 00 00 00 00 00 00 00 00 00 00 00 00 00 30 00 00 ........ .....0..
[030] 00 00 00 00 00 63 00 00 C0 .....c.. .
rpc_check_hdr: rdata->data_size = 56
000000 smb_io_rpc_hdr rpc_hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 02
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 0038
000a auth_len : 0000
000c call_id : 00000008
000010 smb_io_rpc_hdr_resp rpc_hdr_resp
0010 alloc_hint: 00000020
0014 context_id: 0000
0016 cancel_ct : 00
0017 reserved : 00
rpc_api_pipe: len left: 0 smbtrans read: 56
rpc_api_pipe: fragment first and last both set
000018 samr_io_r_create_user
000018 smb_io_pol_hnd user_pol
0018 data1: 00000000
001c data2: 00000000
0020 data3: 0000
0022 data4: 0000
0024 data5: 00 00 00 00 00 00 00 00
002c unknown_0: 00000030
0030 user_rid : 00000000
0034 status: NT_STATUS_USER_EXISTS
init_samr_q_lookup_names
000000 samr_io_q_lookup_names
000000 smb_io_pol_hnd pol
0000 data1: 00000000
0004 data2: bc94eff7
0008 data3: 3e87
000a data4: 11d7
000c data5: 8a 9c ce 95 f5 e8 8a 7b
0014 num_names1: 00000001
0018 flags : 000003e8
001c ptr : 00000000
0020 num_names2: 00000001
000024 smb_io_unihdr
0024 uni_str_len: 000c
0026 uni_max_len: 000c
0028 buffer : 00000001
00002c smb_io_unistr2
002c uni_max_len: 00000006
0030 undoc : 00000000
0034 uni_str_len: 00000006
0038 buffer : l.i.n.u.x.$.
rpc_api_pipe_req: Outgoing data not a multiple of 8 bytes....
create_rpc_request: opnum: 0x11 data_len: 0x5c
create_rpc_request: data_len: 5c auth_len: 0 alloc_hint: 4c
000000 smb_io_rpc_hdr hdr
0000 major : 05
0001 minor : 00
0002 pkt_type : 00
0003 flags : 03
0004 pack_type0: 10
0005 pack_type1: 00
0006 pack_type2: 00
0007 pack_type3: 00
0008 frag_len : 005c
000a auth_len : 0000
000c call_id : 00000009
000010 smb_io_rpc_hdr_req hdr_req
0010 alloc_hint: 0000004c
0014 context_id: 0000
0016 opnum : 0011
data_len: 5c data_calc_len: 5c
rpc_api_pipe: cmd:26 fnum:808
size=174
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=8
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=16
smb_vwv[0]=0 (0x0)
smb_vwv[1]=92 (0x5C)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=92 (0x5C)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=82 (0x52)
smb_vwv[11]=92 (0x5C)
smb_vwv[12]=82 (0x52)
smb_vwv[13]=2 (0x2)
smb_vwv[14]=38 (0x26)
smb_vwv[15]=2056 (0x808)
smb_bcc=107
[000] 00 5C 00 50 00 49 00 50 00 45 00 5C 00 00 00 05 ..P.I.P .E.....
[010] 00 00 03 10 00 00 00 5C 00 00 00 09 00 00 00 4C ....... .......L
[020] 00 00 00 00 00 11 00 00 00 00 00 F7 EF 94 BC 87 ........ ........
[030] 3E D7 11 8A 9C CE 95 F5 E8 8A 7B 01 00 00 00 E8 >....... ..{.....
[040] 03 00 00 00 00 00 00 01 00 00 00 0C 00 0C 00 01 ........ ........
[050] 00 00 00 06 00 00 00 00 00 00 00 06 00 00 00 6C ........ .......l
[060] 00 69 00 6E 00 75 00 78 00 24 00 .i.n.u.x .$.
write_socket(4,178)
write_socket(4,178) wrote 178
got smb length of 116
size=116
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=60 (0x3C)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=60 (0x3C)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=61
[000] 5C 05 00 02 03 10 00 00 00 3C 00 00 00 09 00 00 ....... .<......
[010] 00 24 00 00 00 00 00 00 00 01 00 00 00 A0 48 1A .$...... ......H.
[020] 00 01 00 00 00 CE 0D 00 00 01 00 00 00 40 CF 15 ........ .....@..
[030] 00 01 00 00 00 01 00 00 00 00 00 00 00 ........ .....
size=116
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=136
smb_flg2=49153
smb_tid=4100
smb_pid=5816
smb_uid=8195
smb_mid=1
smt_wct=10
smb_vwv[0]=0 (0x0)
smb_vwv[1]=60 (0x3C)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=56 (0x38)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=60 (0x3C)
smb_vwv[7]=56 (0x38)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=61
[000] 5C 05 00 02 03 10 00 00 00 3C 00 00 00 09 00 00 ....... .<......
[010] 00 24 00
|
|
|
[Original]
[Print]
[Top]
|
|
[Original]
[Print]
[Top]
|
I didn't see anything suspicious in your log posted because it is incomplete. If the entire log is too long, just send it to me by email.
I noted the following in your smb.conf:
password server = ylsvr
Is 'YLSVR' your PDC? Remember you must use PDC not BDC to join a domain.
|
|
[Original]
[Print]
[Top]
|
|
[Original]
[Print]
[Top]
|
NT_STATUS_PASSWORD_RESTRICTION is the smoking gun.
First of all, joining domain with admin account uses Windows 'password change protocol'. Normally, you can change your password by typing in old and new passwords. NT_STATUS_PASSWORD_RESTRICTION is returned by NT server when the new password is either too short, too long, using an already recently one, or does not contain enough uppercase/lowercase characters, special chars, etc.
This protocol is very complicated. My suggestion for now is to try a few things to see if it's caused by your Windows machine or Samba:
1. make sure you don't have an expired domain admin password
2. try another account belonging to domain admin group
3. try another domain if you have one
If that still doesn't work, I'll dig into more detail next week.
|
|
|
[Original]
[Print]
[Top]
|
|
[Original]
[Print]
[Top]
|
Does it work now?
You ought to let the person who spent his time helping you know what is going on. Otherwise, he will not help you again :-)
|
|
[Original]
[Print]
[Top]
|
|
[Original]
[Print]
[Top]
|
|
我已经成功地加入到NT DOMAIN中,但如何将lnux也登陆到该domain中呢? 以及在linux中如何知道已经加入到该domain中,同时,linux中有否类似NT一样的登陆域的界面啊?
|
|
[Original]
[Print]
[Top]
|
|
|
声明: 本页内容为中国Linux论坛的内容镜像,文章的版权以及其他所有的相关权利属于中国Linux论坛和相应文章的作者,如果转载,请注明文章来源及相关版权信息。